Virus sur mon ordinateur
Fermé
VSM
Messages postés
136
Date d'inscription
dimanche 16 novembre 2008
Statut
Membre
Dernière intervention
15 août 2012
-
19 juil. 2011 à 17:21
anthony5151 Messages postés 10573 Date d'inscription vendredi 27 juin 2008 Statut Contributeur sécurité Dernière intervention 2 mars 2015 - 19 juil. 2011 à 17:33
anthony5151 Messages postés 10573 Date d'inscription vendredi 27 juin 2008 Statut Contributeur sécurité Dernière intervention 2 mars 2015 - 19 juil. 2011 à 17:33
Bonjour,
salut à vous ; voici mon ordi à un serieux probleme car il m'affiche des raccourci de fichiers. on ma dit que c'est un virus qui est à l"origine de cela. aidez moi à resoudre ce probleme .
voici le rapport fait avec ZHPDiag
Rapport de ZHPDiag v1.27.2413 par Nicolas Coolman, Update du 18/07/2011
Run by v.s.m at 28/10/2003 23:04:51
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v6.0.2900.5512
MFIE: Mozilla Firefox v (Defaut)
---\\ System Information
Windows XP Professional Service Pack 3 (Build 2600)
~ Processor: x86 Family 15 Model 2 Stepping 9, GenuineIntel
~ Operating System: 32 Bits
~ Boot mode: ~ Normal (Normal boot)
Total RAM: 510 MB (12% free)
~ System Restore: Désactivé (Disabled)
System drive C: has 4 GB (20%) free of 20 GB
---\\ Logged in mode
~ Computer Name: VAYE
~ User Name: v.s.m
~ All Users Names: v.s.m, SUPPORT_388945a0, HelpAssistant, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O82
~ Logged in as Administrator
---\\ Environnement Variables
~ %AppData%=C:\Documents and Settings\v.s.m\Application Data\
~ %Desktop%=C:\Documents and Settings\v.s.m\Bureau\
~ %Favorites%=C:\Documents and Settings\v.s.m\Favoris\
~ %LocalAppData%=C:\Documents and Settings\v.s.m\Local Settings\Application Data\
~ %StartMenu%=C:\Documents and Settings\v.s.m\Menu Démarrer\
---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 4 Go of 20 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 18 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.28/10/2003 - 12:00:00.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.28/10/2003 - 12:00:00.) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.1B7EBDD150980FFA0597E94D4D6810A5] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.28/10/2003 - 16:07:58.) -- C:\WINDOWS\system32\wininet.dll [671232]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.28/10/2003 - 12:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.28/10/2003 - 12:00:00.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.28/10/2003 - 12:00:00.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 10/43
~ Mes musiques (My Musics) : 3/40
~ Mes Favoris (My Favorites) : 2/9
~ Mes Documents (My Documents) : 28/280
~ Mon Bureau (My Desktop) : 34/1541
~ Menu demarrer (Programs) : 5/50
---\\ Processus lancés
[MD5.F20629FF9ED48EFA98FDC5D99919E8C0] - (.Broadcom Corporation. - Bluetooth Support Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [342624]
[MD5.4B5AE15E5C73EB4DC8DBEC2788230D41] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672]
[MD5.1834C96FB1F9280BCF6DDFA6DE8338BF] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [322120]
[MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [248040]
[MD5.21293443961A4E2597453EE7A9347F22] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840]
[MD5.3D5D73B3E89A2AEA63C5A1164BCCD228] - (.D-Link - D-Link Wireless LAN Monitor.) -- C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe [1662976]
[MD5.07313211319C7B21268DAA456D8C1148] - (.Wireless Service - ANIWZCS2 launcher for Windows..) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [122880]
[MD5.613447884E12AB77F20F61E711D69F8B] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [184320]
[MD5.303557C7F562E667B66FA406B7FA07BD] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [77824]
[MD5.819892199645F33A680E50F1D5271879] - (.Apple Inc. - iTunesHelper Module.) -- C:\Program Files\iTunes\iTunesHelper.exe [305440]
[MD5.CEA8F7E45B7B098F5FB085BB6A6A4432] - (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\system32\wscript.exe [155648]
[MD5.B8DA797CEA896C42F5BAD9E08E21AF9F] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe [1052672]
[MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232]
[MD5.9313A53E603F97F43E16E6F9B2A49E32] - (.Microsoft - Pas de description.) -- C:\Documents and Settings\v.s.m\vmfop.exe [81920]
[MD5.7AC36A27A7513C5EAF672894B9F1EAEF] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [596584]
[MD5.91C9F6FB02169142EB4F514E87756EC1] - (.Pas de propriétaire - ADIMON MFC Application.) -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [1205840]
[MD5.EBA4349AC7ABB414BC875B02F71DCA62] - (.ArcSoft, Inc. - BBMonitor.) -- C:\Program Files\ArcSoft\TotalMedia Backup & Record\uBBMonitor.exe [270336]
[MD5.708BEC2CAF30278A97EEEC84F32CE4A7] - (.Yahoo! Inc. - Yahoo! Messenger Tray.) -- C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe [103664]
[MD5.DC434081FBFD27C719473CB0CCE8DECA] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [545568]
[MD5.3D3C316BD1E112F3B9C532D8B9939BDC] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE [93184]
[MD5.4C3100E1D510827F507D504BA2ABE2C0] - (...) -- C:\DOCUME~1\VS2244~1.M\LOCALS~1\Temp\winidwjg.exe [17920]
[MD5.03AC910150409D6DDBB663EC78530A89] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [988120]
[MD5.E959CCDFCCA98541B923FE1192E2788B] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [14808]
[MD5.474C4819EEC595978D183C807FB58334] - (...) -- C:\Documents and Settings\v.s.m\Bureau\virus tools\ZHPDiag_silent.exe [704238]
[MD5.B43B089D60BA6EF7705FBE72885A4E11] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [656896]
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\v.s.m\Local Settings\Application Data\Mozilla\Firefox\Profiles\gpweuifp.default\prefs.js
M3 - MFPP: Plugins - [v.s.m] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [v.s.m] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [v.s.m] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [v.s.m] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [v.s.m] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [v.s.m] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3] - (.Yahoo! Inc. - Yahoo Application State Plugin.) -- C:\Program Files\Yahoo!\Shared\npYState.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50524.0.) -- C:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKUS\S-1-5-21-796845957-725345543-1417001333-1004\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKUS\S-1-5-21-796845957-725345543-1417001333-1004\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Bibliothèque d'objets et de contrôles de do.) (No version) -- %SystemRoot%\system32\shdocvw.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Yahoo! Inc. - Yahoo! Toolbar.) (2007, 12, 18, 1) -- C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Tonec Inc. - IDM BHO Module.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} . (.Ask.com - Ask.com Toolbar.) -- C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} . (.Pas de propriétaire - PDFCreator Toolbar.) -- C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} . (.Ask.com - Ask.com Toolbar.) -- C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} . (.Pas de propriétaire - PDFCreator Toolbar.) -- C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-110] . (.D-Link - D-Link Wireless LAN Monitor.) -- C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] . (.Wireless Service - ANIWZCS2 launcher for Windows..) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [MSPY2002] . (...) -- C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper Module.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [regdiit] . (...) -- C:\WINDOWS\system32\winxp.exe
O4 - HKLM\..\Run: [CTFMON] . (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\system32\wscript.exe
O4 - HKLM\..\Run: [KernelFaultCheck] Clé orpheline
O4 - HKLM\..\Run: [ac32] . (...) -- C:\WINDOWS\system32\ac32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [vmfop] . (.Microsoft - Pas de description.) -- C:\Documents and Settings\v.s.m\vmfop.exe
O4 - HKCU\..\Run: [12CFG214-K641-12SF-N85P] . (...) -- C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe
O4 - HKCU\..\Run: [12CFG214-K641-12SF-N85P] . (...) -- C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-796845957-725345543-1417001333-1004\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-796845957-725345543-1417001333-1004\..\Run: [Yahoo! Pager] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O4 - HKUS\S-1-5-21-796845957-725345543-1417001333-1004\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-21-796845957-725345543-1417001333-1004\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-21-796845957-725345543-1417001333-1004\..\Run: [vmfop] . (.Microsoft - Pas de description.) -- C:\Documents and Settings\v.s.m\vmfop.exe
O4 - HKUS\S-1-5-21-796845957-725345543-1417001333-1004\..\Run: [12CFG214-K641-12SF-N85P] . (...) -- C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe
O4 - HKUS\S-1-5-21-796845957-725345543-1417001333-1004\..\Run: [12CFG214-K641-12SF-N85P] . (...) -- C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk . (.Adobe Systems, Inc..) -- C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk . (.Broadcom Corporation..) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk . (...) -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\TotalMedia Backup Monitor.lnk . (.ArcSoft, Inc..) -- C:\Program Files\ArcSoft\TotalMedia Backup & Record\uBBMonitor.exe
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Audition 1.5.lnk . (.Adobe Systems®, Incorporated.) -- C:\Program Files\Adobe\Audition 1.5\Audition.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe InDesign CS.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\InDesign CS\InDesign.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Favoris Bluetooth.lnk - Clé orpheline
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\v.s.m\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\v.s.m\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
O4 - Global Startup: C:\Documents And Settings\v.s.m\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Documents And Settings\v.s.m\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à Bluetooth . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
O9 - Extra button: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1066611799937
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{43A258C5-8047-4E9A-9054-6F7905EB4A23}: NameServer = 41.223.209.60,41.223.208.60
O17 - HKLM\System\CCS\Services\Tcpip\..\{5E0959F0-152C-4ECB-AB68-68061C248B06}: NameServer = 213.136.96.2 213.136.96.37
O17 - HKLM\System\CS1\Services\Tcpip\..\{43A258C5-8047-4E9A-9054-6F7905EB4A23}: NameServer = 41.223.209.60,41.223.208.60
O17 - HKLM\System\CS1\Services\Tcpip\..\{5E0959F0-152C-4ECB-AB68-68061C248B06}: NameServer = 213.136.96.2 213.136.96.37
O17 - HKLM\System\CS2\Services\Tcpip\..\{43A258C5-8047-4E9A-9054-6F7905EB4A23}: NameServer = 41.223.209.60,41.223.208.60
O17 - HKLM\System\CS2\Services\Tcpip\..\{43A258C5-8047-4E9A-9054-6F7905EB4A23}: DhcpNameServer = 192.168.1.1
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\Windows\System32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - c:\progra~1\wi9130~1\datamngr\datamngr.dll (.not file.)
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ANIWZCSd Service (ANIWZCSdService) . (.Wireless Service - ANIWZCS2 Service Launcher.) - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop Component 0: (no name) - file:file:///C:/DOCUME~1/VS2244~1.M/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[MD5.7B43567B4C32AD7ADED537CD3B1342B9] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\System32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\System32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\System32\DRIVERS\ipsec.sys
O41 - Driver: (ISODrive) . (.EZB Systems, Inc. - ISO DVD/CD-ROM Device Driver.) - C:\Program Files\UltraISO\drivers\ISODrive.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\System32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\System32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\System32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\System32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\System32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\System32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (WS2IFSL) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\WINDOWS\system32\drivers\ws2ifsl.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}
O42 - Logiciel: ANIO Service - (.Pas de propriétaire.) [HKLM] -- {7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}
O42 - Logiciel: ANIWZCS2 Service - (.Pas de propriétaire.) [HKLM] -- {4C590030-7469-453E-8589-D15DA9D03F52}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe InDesign CS - (.Adobe Systems Incorporated.) [HKLM] -- {416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {0C34B801-6AEC-4667-B053-03A67E2D0415}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM] -- Ask Toolbar_is1
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Cisco Networking Academy curriculum 4.0.0.0 - (.Cisco Systems, Inc..) [HKLM] -- Cisco Networking Academy curriculum_is1
O42 - Logiciel: D-Link Wireless G DWA-110 - (.D-Link.) [HKLM] -- {5F753314-628E-4C13-B8AE-BFA7FD514CBE}
O42 - Logiciel: Driver Genius Professional Edition - (.Driver-Soft Inc..) [HKLM] -- Driver Genius Professional Edition_is1
O42 - Logiciel: FindyKill - (.Pas de propriétaire.) [HKLM] -- FindyKill
O42 - Logiciel: Foxit Reader - (.Pas de propriétaire.) [HKLM] -- Foxit Reader
O42 - Logiciel: HP Deskjet F2200 All-In-One Driver 10.0 Rel .3 - (.HP.) [HKLM] -- {4E8444C5-766E-4f4d-82F8-BB83E2FBB42A}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {7059BDA7-E1DB-442C-B7A1-6144596720A4}
O42 - Logiciel: HTML Executable Viewer 1.1.0 - (.The G.D.G. Software Team.) [HKLM] -- HeViewUns110
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Intel(R) Extreme Graphics 2 Driver - (.Pas de propriétaire.) [HKLM] -- {8A708DD8-A5E6-11D4-A706-000629E95E20}
O42 - Logiciel: Intel(R) PRO Network Connections Drivers - (.Pas de propriétaire.) [HKLM] -- PROSet
O42 - Logiciel: Internet Download Manager - (.Pas de propriétaire.) [HKLM] -- Internet Download Manager
O42 - Logiciel: Java(TM) 6 Update 20 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216014FF}
O42 - Logiciel: LimeWire 5.5.9 - (.Lime Wire, LLC.) [HKLM] -- LimeWire
O42 - Logiciel: MGI VideoWave III (Remove Only) - (.Pas de propriétaire.) [HKLM] -- MGI_VideoWave_V1_0
O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MTN Mobile Partner - (.Huawei Technologies Co.,Ltd.) [HKLM] -- MTN Mobile Partner
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Media Wizard - (.CDH Productions.) [HKLM] -- Media Wizard
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Mozilla Firefox (3.6.9) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.9)
O42 - Logiciel: NOD32 FiX v1.9 - (.Pas de propriétaire.) [HKLM] -- {DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: PDFCreator Toolbar - (.Pas de propriétaire.) [HKLM] -- PDFCreator Toolbar
O42 - Logiciel: Packet Tracer 5.0 - (.Cisco Systems, Inc..) [HKLM] -- Packet Tracer 5.0_is1
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
O42 - Logiciel: Revo Uninstaller 1.89 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller
O42 - Logiciel: SAGEM F@st 800-840 - (.SAGEM.) [HKLM] -- {4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}
O42 - Logiciel: SAMSUNG CDMA Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG CDMA Modem
O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver
O42 - Logiciel: SuperCopier2 - (.Pas de propriétaire.) [HKLM] -- SuperCopier2
O42 - Logiciel: Total Video Converter 3.01 - (.EffectMatrix Inc..) [HKLM] -- Total Video Converter 3.01_is1
O42 - Logiciel: TotalMedia Backup & Record - (.Pas de propriétaire.) [HKLM] -- {EF6F70D0-C242-4047-946B-98EA8208481A}
O42 - Logiciel: UltraISO Premium V8.63 - (.Pas de propriétaire.) [HKLM] -- UltraISO_is1
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WIDCOMM Bluetooth Software - (.WIDCOMM, Inc..) [HKLM] -- {84814E6B-2581-46EC-926A-823BD1C670F6}
O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify
O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}
O42 - Logiciel: Xilisoft DVD Ripper Platinum - (.Xilisoft.) [HKLM] -- Xilisoft DVD Ripper Platinum
O42 - Logiciel: Xilisoft Video Converter - (.Xilisoft.) [HKLM] -- Xilisoft Video Converter
O42 - Logiciel: Yahoo! Messenger - (.Pas de propriétaire.) [HKLM] -- Yahoo! Messenger
O42 - Logiciel: Yahoo! Toolbar - (.Pas de propriétaire.) [HKLM] -- Yahoo! Companion
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {EC2A8F27-4FBF-4E41-B27B-FE822511B761}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\?? ?? ???? ????? ??? ?? ????]
[HKCU\Software\ALWIL Software]
[HKCU\Software\Adaptec]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\AskBarDis]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\ArcSoft]
[HKCU\Software\Avfnl]
[HKCU\Software\Brother]
[HKCU\Software\CDDB]
[HKCU\Software\CDH Productions]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DownloadManager]
[HKCU\Software\Foxit Software]
[HKCU\Software\Gabest]
[HKCU\Software\GameHouse]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Ligos]
[HKCU\Software\MGI]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MarineCat]
[HKCU\Software\MimarSinan]
[HKCU\Software\Netscape]
[HKCU\Software\PDFCreator]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\SFX TEAM]
[HKCU\Software\Samsung]
[HKCU\Software\SharewareGuide.net]
[HKCU\Software\Shortcut]
[HKCU\Software\TVP]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\Widcomm]
[HKCU\Software\WinRAR]
[HKCU\Software\Winamp]
[HKCU\Software\Xilisoft]
[HKCU\Software\Yahoo]
[HKCU\Software\pdfforge.org]
[HKLM\Software\125f]
[HKLM\Software\781]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ANI]
[HKLM\Software\APPC]
[HKLM\Software\Adaptec]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\Alpha Networks]
[HKLM\Software\Analog Devices]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\AskBarDis]
[HKLM\Software\BSProductManage]
[HKLM\Software\BcmSetup]
[HKLM\Software\Brother]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\CDH Productions]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\D-Link]
[HKLM\Software\Debug]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\Driver-Soft]
[HKLM\Software\ESET]
[HKLM\Software\EasyBoot Systems]
[HKLM\Software\Foxit Software]
[HKLM\Software\FunPause]
[HKLM\Software\GEAR Software]
[HKLM\Software\GameHouse]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HTMLExe]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\Huawei technologies]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\LEAD Technologies, Inc.]
[HKLM\Software\Licenses]
[HKLM\Software\MCCI]
[HKLM\Software\MGI]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\Netscape]
[HKLM\Software\ODBC]
[HKLM\Software\Ontrack]
[HKLM\Software\Opera Software]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\S3R521]
[HKLM\Software\SAGEM]
[HKLM\Software\SCC]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\The Silicon Realms Toolworks]
[HKLM\Software\TrendMicro]
[HKLM\Software\VideoLAN]
[HKLM\Software\WIDCOMM]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Windows]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Yahoo]
[HKLM\Software\ffffffff]
[HKLM\Software\iTinySoft]
[HKLM\Software\mozilla.org]
[HKLM\Software\pdfforge.org]
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 23/10/2003 - 23:53:04 - [1252] ----D- C:\Program Files\3D Flash Animator 4 Release 5
O43 - CFD: 20/10/2003 - 10:04:50 - [232537619] ----D- C:\Program Files\Adobe
O43 - CFD: 20/10/2003 - 00:37:32 - [411] ----D- C:\Program Files\Ahead
O43 - CFD: 21/10/2003 - 21:38:34 - [0] ----D- C:\Program Files\Alwil Software
O43 - CFD: 25/05/2010 - 22:52:26 - [286720] ----D- C:\Program Files\Analog Devices
O43 - CFD: 20/10/2003 - 00:06:42 - [1363968] ----D- C:\Program Files\ANI
O43 - CFD: 20/10/2003 - 03:36:12 - [2221118] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 21/10/2003 - 09:55:06 - [41869196] ----D- C:\Program Files\ArcSoft
O43 - CFD: 20/10/2003 - 22:59:40 - [1213346] ----D- C:\Program Files\AskBarDis
O43 - CFD: 20/10/2003 - 06:39:48 - [0] ----D- C:\Program Files\bobyte
O43 - CFD: 20/10/2003 - 07:53:20 - [4206552] ----D- C:\Program Files\Brother
O43 - CFD: 28/02/2011 - 18:56:52 - [3094640] ----D- C:\Program Files\CCleaner
O43 - CFD: 21/10/2003 - 09:41:18 - [709952] ----D- C:\Program Files\CCP Server 4
O43 - CFD: 20/10/2003 - 00:46:26 - [8179712] ----D- C:\Program Files\CDH Productions
O43 - CFD: 21/10/2003 - 09:38:00 - [561179] ----D- C:\Program Files\Common Files
O43 - CFD: 25/05/2010 - 22:31:08 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 20/10/2003 - 06:33:22 - [0] ----D- C:\Program Files\CounterPath
O43 - CFD: 20/10/2003 - 00:05:04 - [8835593] ----D- C:\Program Files\D-Link
O43 - CFD: 25/10/2003 - 04:46:34 - [946497] ----D- C:\Program Files\DivX
O43 - CFD: 20/10/2003 - 00:55:32 - [15875374] ----D- C:\Program Files\Driver-Soft
O43 - CFD: 21/10/2003 - 10:08:44 - [748811] ----D- C:\Program Files\ESET
O43 - CFD: 20/10/2003 - 20:01:04 - [0] ----D- C:\Program Files\FDRLab
O43 - CFD: 21/10/2003 - 09:55:06 - [585555945] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 21/10/2003 - 13:26:16 - [722746] ----D- C:\Program Files\FindyKill
O43 - CFD: 20/10/2003 - 22:59:32 - [7969042] ----D- C:\Program Files\Foxit Software
O43 - CFD: 28/07/2010 - 14:09:34 - [22688769] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 21/10/2003 - 00:21:32 - [23824748] ----D- C:\Program Files\HP
O43 - CFD: 21/10/2003 - 09:55:04 - [18157232] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 20/10/2003 - 05:10:50 - [6160080] ----D- C:\Program Files\Internet Download Manager
O43 - CFD: 20/10/2003 - 03:38:02 - [2306607] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 20/10/2003 - 03:39:26 - [1582699] ----D- C:\Program Files\iPod
O43 - CFD: 20/10/2003 - 03:40:28 - [112206776] ----D- C:\Program Files\iTunes
O43 - CFD: 29/05/2010 - 23:26:24 - [88830765] ----D- C:\Program Files\Java
O43 - CFD: 31/05/2010 - 01:56:12 - [90376163] ----D- C:\Program Files\LimeWire
O43 - CFD: 21/10/2003 - 12:01:24 - [4359231] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 03/11/2003 - 14:07:40 - [0] ----D- C:\Program Files\Marvell
O43 - CFD: 28/07/2010 - 14:06:02 - [2174045] ----D- C:\Program Files\Messenger
O43 - CFD: 21/10/2003 - 09:13:10 - [49399063] ----D- C:\Program Files\MGI
O43 - CFD: 25/05/2010 - 22:35:44 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 21/10/2003 - 01:21:46 - [365990542] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 25/10/2003 - 20:15:42 - [38274027] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 21/10/2003 - 01:21:20 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 20/10/2003 - 02:46:30 - [4368271] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 21/10/2003 - 01:15:40 - [315392] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 28/07/2010 - 00:19:14 - [10374874] ----D- C:\Program Files\Movie Maker
O43 - CFD: 20/10/2003 - 19:39:08 - [31110570] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 20/10/2003 - 11:50:08 - [39944647] ----D- C:\Program Files\MSECache
O43 - CFD: 25/10/2003 - 20:14:58 - [21471559] ----D- C:\Program Files\MSN
O43 - CFD: 25/05/2010 - 22:30:40 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 29/05/2010 - 13:55:40 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 13/05/2011 - 02:49:50 - [25083875] ----D- C:\Program Files\MTN Mobile Partner
O43 - CFD: 25/05/2010 - 22:33:06 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 25/05/2010 - 22:30:54 - [1804] ----D- C:\Program Files\Online Services
O43 - CFD: 20/10/2003 - 00:35:44 - [866410] ----D- C:\Program Files\Ontrack
O43 - CFD: 28/07/2010 - 00:16:28 - [4379833] ----D- C:\Program Files\Outlook Express
O43 - CFD: 21/10/2003 - 03:23:34 - [155298336] ----D- C:\Program Files\Packet Tracer 5.0
O43 - CFD: 22/10/2003 - 17:59:56 - [0] ----D- C:\Program Files\ParetoLogic
O43 - CFD: 20/10/2003 - 00:30:00 - [26969727] ----D- C:\Program Files\PDFCreator
O43 - CFD: 20/10/2003 - 00:29:54 - [813482] ----D- C:\Program Files\PDFCreator Toolbar
O43 - CFD: 20/10/2003 - 03:38:00 - [79638121] ----D- C:\Program Files\QuickTime
O43 - CFD: 29/05/2010 - 21:55:02 - [36400897] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 20/10/2003 - 15:21:32 - [12815559] ----D- C:\Program Files\SAGEM
O43 - CFD: 22/10/2003 - 02:18:12 - [5228544] ----D- C:\Program Files\SAMSUNG
O43 - CFD: 25/05/2010 - 22:33:44 - [1025] ----D- C:\Program Files\Services en ligne
O43 - CFD: 25/05/2010 - 23:22:36 - [1233769] ----D- C:\Program Files\SuperCopier2
O43 - CFD: 20/10/2003 - 04:43:28 - [185253239] ----D- C:\Program Files\Total Video Converter
O43 - CFD: 21/10/2003 - 11:56:18 - [466609] ----D- C:\Program Files\Trend Micro
O43 - CFD: 02/06/2010 - 21:44:16 - [5431879] ----D- C:\Program Files\UltraISO
O43 - CFD: 21/10/2003 - 09:38:06 - [24] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 20/10/2003 - 00:05:52 - [328568] ----D- C:\Program Files\uTorrent
O43 - CFD: 21/10/2003 - 18:26:10 - [83445721] ----D- C:\Program Files\VideoLAN
O43 - CFD: 25/10/2003 - 10:21:40 - [0] ----D- C:\Program Files\VoipDiscount.com
O43 - CFD: 25/05/2010 - 23:23:20 - [6539571] ----D- C:\Program Files\VS Revo Group
O43 - CFD: 20/10/2003 - 10:22:16 - [7864207] ----D- C:\Program Files\WIDCOMM
O43 - CFD: 28/07/2010 - 17:47:26 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 21/10/2003 - 09:13:28 - [3239277] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 25/05/2010 - 22:30:30 - [3940095] ----D- C:\Program Files\Windows NT
O43 - CFD: 25/05/2010 - 22:33:48 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 25/05/2010 - 23:11:44 - [3532539] ----D- C:\Program Files\WinRAR
O43 - CFD: 25/05/2010 - 22:35:44 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 20/10/2003 - 01:15:16 - [55015219] ----D- C:\Program Files\Xilisoft
O43 - CFD: 20/10/2003 - 01:40:38 - [27514934] ----D- C:\Program Files\Yahoo!
O43 - CFD: 28/10/2003 - 23:05:22 - [3925633] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 21/10/2003 - 09:38:00 - [561179] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 20/10/2003 - 10:09:20 - [5535979] ----D- C:\Documents and Settings\v.s.m\Application Data\Adobe
O43 - CFD: 20/10/2003 - 10:09:20 - [0] ----D- C:\Documents and Settings\v.s.m\Application Data\AdobeUM
O43 - CFD: 20/10/2003 - 15:41:56 - [4537296] ----D- C:\Documents and Settings\v.s.m\Application Data\Apple Computer
O43 - CFD: 21/10/2003 - 10:18:18 - [29940] ----D- C:\Documents and Settings\v.s.m\Application Data\ArcSoft
O43 - CFD: 21/10/2003 - 19:27:50 - [0] R---D- C:\Documents and Settings\v.s.m\Application Data\Brother
O43 - CFD: 09/05/2011 - 19:11:46 - [199] ----D- C:\Documents and Settings\v.s.m\Application Data\dvdcss
O43 - CFD: 21/10/2003 - 05:25:54 - [0] ----D- C:\Documents and Settings\v.s.m\Application Data\Identities
O43 - CFD: 02/01/2011 - 18:50:58 - [495] ----D- C:\Documents and Settings\v.s.m\Application Data\Macromedia
O43 - CFD: 21/10/2003 - 12:01:26 - [6052] ----D- C:\Documents and Settings\v.s.m\Application Data\Malwarebytes
O43 - CFD: 28/10/2003 - 22:32:34 - [4797268] -S--D- C:\Documents and Settings\v.s.m\Application Data\Microsoft
O43 - CFD: 06/01/2011 - 14:38:40 - [1197577] ----D- C:\Documents and Settings\v.s.m\Application Data\Mozilla
O43 - CFD: 21/10/2003 - 09:19:30 - [0] ----D- C:\Documents and Settings\v.s.m\Application Data\Samsung
O43 - CFD: 20/10/2003 - 00:45:24 - [239616] ----D- C:\Documents and Settings\v.s.m\Application Data\Seven Zip
O43 - CFD: 21/10/2003 - 19:15:28 - [709] ----D- C:\Documents and Settings\v.s.m\Application Data\Sun
O43 - CFD: 20/10/2003 - 21:50:14 - [3604480] ----D- C:\Documents and Settings\v.s.m\Application Data\U3
O43 - CFD: 20/10/2003 - 09:39:02 - [4252118] ----D- C:\Documents and Settings\v.s.m\Application Data\vlc
O43 - CFD: 23/10/2003 - 19:15:10 - [0] ----D- C:\Documents and Settings\v.s.m\Application Data\WinRAR
O43 - CFD: 24/10/2003 - 20:55:52 - [0] ----D- C:\Documents and Settings\v.s.m\Application Data\Yahoo!
O43 - CFD: 21/10/2003 - 07:02:04 - [914639] ----D- C:\Documents and Settings\v.s.m\Local Settings\Application Data\Adobe
O43 - CFD: 01/03/2011 - 08:35:26 - [1950597] ----D- C:\Documents and Settings\v.s.m\Local Settings\Application Data\Ahead
O43 - CFD: 20/10/2003 - 03:36:16 - [0] ----D- C:\Documents and Settings\v.s.m\Local Settings\Application Data\Apple
O43 - CFD: 20/10/2003 - 03:59:56 - [390297] ----D- C:\Documents and Settings\v.s.m\Local Settings\Application Data\Apple Computer
O43 - CFD: 21/10/2003 - 00:08:04 - [804444] ----D- C:\Documents and Settings\v.s.m\Local Settings\Application Data\Identities
O43 - CFD: 20/10/2003 - 06:34:50 - [7287922] ----D- C:\Documents and Settings\v.s.m\Local Settings\Application Data\Microsoft
O43 - CFD: 20/10/2003 - 09:28:02 - [0] ----D- C:\Documents and Settings\v.s.m\Local Settings\Application Data\Microsoft Help
O43 - CFD: 06/01/2011 - 14:38:16 - [13822048] ----D- C:\Documents and Settings\v.s.m\Local Settings\Application Data\Mozilla
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.C0315073CF94A46DDC3C6E272E6125E5] - 13/05/2011 - 02:51:29 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.INI [1102384]
O44 - LFC:[MD5.6BA42DF603F6CC19293F85C9781F95E0] - 28/07/2010 - 14:05:57 ---A- . (...) -- C:\WINDOWS\hpoins27.dat [155934]
O44 - LFC:[MD5.CBCB5D8671AA0EC4ECC820685B89D12E] - 25/05/2010 - 22:38:27 ---A- . (...) -- C:\WINDOWS\System32\$winnt$.inf [261]
O44 - LFC:[MD5.2B9C717D21A1331BA3731886E3EE87BB] - 25/05/2010 - 22:34:59 ---A- . (...) -- C:\WINDOWS\ODBCINST.INI [4205]
O44 - LFC:[MD5.775E188DD15C9AC9E735A556FB95578E] - 25/05/2010 - 22:28:36 -SH-- . (...) -- C:\boot.ini [212]
O44 - LFC:[MD5.F08DBD8C48A168818A3DFC28929EE6B5] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\AUTOEXEC.NT [1896]
O44 - LFC:[MD5.5D038EEABA8EA438F6B5ABD5E91BC851] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\C_28594.NLS [66082]
O44 - LFC:[MD5.E22D1B9AC7854C0A654E4C4232074E49] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\C_28595.NLS [66082]
O44 - LFC:[MD5.B537ACFAB9E70F0EF48DB696A08ADC81] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\C_28597.NLS [66082]
O44 - LFC:[MD5.0A206B5CACD3CA70D2044DA691304765] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_10006.nls [66082]
O44 - LFC:[MD5.AF4A866226BD04ACF06135088D75BB63] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_10007.nls [66082]
O44 - LFC:[MD5.6F8A509550FE8C92D07EE0143BF29BA1] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_10010.nls [66082]
O44 - LFC:[MD5.314E85390BEBDAE5D1E11DB2D8CBC6E9] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_10017.nls [66082]
O44 - LFC:[MD5.D2CA471D36A69D17F82D5C1B64FAEE39] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_10029.nls [66082]
O44 - LFC:[MD5.EFFDFF60A38CF648811BBCDD722ECF5E] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_10081.nls [66082]
O44 - LFC:[MD5.9CA501D2A8E6909C5B2E8C9274682BF1] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_10082.nls [66082]
O44 - LFC:[MD5.6CB26848BCDAA361B6EE21264FB362C3] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_20127.nls [66082]
O44 - LFC:[MD5.C37A21EE1ADFDC13FC707D97073148ED] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_28599.nls [66082]
O44 - LFC:[MD5.35448F3A71EBBECF8E997FAD3A99327D] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_28603.nls [66082]
O44 - LFC:[MD5.BAC7072B365F9648CA318154BA7E03EC] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_737.nls [66594]
O44 - LFC:[MD5.21E928C8E6ED8EEAB0D1AAEE82ACDD76] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_852.nls [66594]
O44 - LFC:[MD5.3E969213F35127D83DAB48FF1283E8E4] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_855.nls [66594]
O44 - LFC:[MD5.A8764750B22B528D85A691A52CB21856] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_857.nls [66594]
O44 - LFC:[MD5.5CD475CA7B87844DE1E0483B536F9AAE] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_866.nls [66594]
O44 - LFC:[MD5.780C444EB16B65E6DE96F794A732DA12] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_869.nls [66594]
O44 - LFC:[MD5.8BE0D77A873730B4EB1DAB7C6622CD46] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_875.nls [66082]
O44 - LFC:[MD5.1D3C74827B5B5F7873B7914466E3343A] - 21/08/1996 - 19:36:16 ---A- . (...) -- C:\WINDOWS\System32\BUTTON.MID [6117]
O44 - LFC:[MD5.65F6433F76887AB17828E02B42E3A13B] - 29/03/2007 - 15:59:40 ---A- . (...) -- C:\WINDOWS\System32\drivers\cmv4p.txt [318]
O44 - LFC:[MD5.3B1BA5B4CCE3A31856F54E4AE50815E6] - 11/02/1997 - 12:06:24 ---A- . (...) -- C:\WINDOWS\System32\RSXCONFG.HLP [243102]
O44 - LFC:[MD5.E2ADE0E5E33FC6811F790DA803788FF6] - 16/02/2007 - 23:37:38 ---A- . (...) -- C:\WINDOWS\System32\drivers\e4usbawx64.cat [13981]
O44 - LFC:[MD5.0B4A90E6BF3375C9759CB3D7688E06CA] - 16/02/2007 - 23:37:34 ---A- . (...) -- C:\WINDOWS\System32\drivers\e4ldr.cat [11399]
O44 - LFC:[MD5.06A88B50FD038459B20696D8599FCC76] - 16/02/2007 - 23:37:34 ---A- . (...) -- C:\WINDOWS\System32\drivers\e4ldrx64.cat [11399]
O44 - LFC:[MD5.B4A2C49CABCFB7F80AFAB13D62ACE0C4] - 16/02/2007 - 23:37:34 ---A- . (...) -- C:\WINDOWS\System32\drivers\e4usbaw.cat [13981]
O44 - LFC:[MD5.1B4B00C3B890E6B203815E1A4660A4A4] - 16/02/2007 - 23:19:22 ---A- . (...) -- C:\WINDOWS\System32\drivers\adiusbaw.cat [16254]
O44 - LFC:[MD5.D43F8AD843DB794033653BCCE162A302] - 16/02/2007 - 23:19:22 ---A- . (...) -- C:\WINDOWS\System32\drivers\adiusbawx64.cat [16254]
O44 - LFC:[MD5.662FD05887FEE64CC1C49141D350AB98] - 16/02/2007 - 23:19:20 ---A- . (...) -- C:\WINDOWS\System32\drivers\adildr.cat [12403]
O44 - LFC:[MD5.392C51882E70266AF2EC63B5C9C5D380] - 16/02/2007 - 23:19:20 ---A- . (...) -- C:\WINDOWS\System32\drivers\adildrx64.cat [12403]
O44 - LFC:[MD5.F816F0D823030447EF68A0CB39BE983A] - 28/02/1997 - 21:34:16 ---A- . (...) -- C:\WINDOWS\System32\RSXTOOL.HLP [28159]
O44 - LFC:[MD5.5748274F1DA780F4E44E749AECC4EE35] - 15/11/2006 - 14:38:30 ---A- . (...) -- C:\WINDOWS\System32\coclassfast.dll [200704]
O44 - LFC:[MD5.281E0DE017B2D6A0F0C7DD30C1B69CA9] - 16/10/1997 - 13:42:04 ---A- . (...) -- C:\WINDOWS\System32\rdxcom.tlb [29820]
O44 - LFC:[MD5.CAC080FD4982BA0DA7311FCC51418713] - 16/10/1997 - 13:43:40 ---A- . (...) -- C:\WINDOWS\System32\ActiveRDX.tlb [3571]
O44 - LFC:[MD5.A2F01886C89D8EFDB89AEC43C5C073C3] - 17/05/2006 - 14:01:38 ---A- . (...) -- C:\WINDOWS\System32\drivers\cmv4i.txt [217]
O44 - LFC:[MD5.E1678B3FF4FDB4310D8487073E0FECDD] - 12/05/2006 - 00:21:28 ---A- . (...) -- C:\WINDOWS\System32\drivers\L1E4I0.BIN [152306]
O44 - LFC:[MD5.F5B1C44022FFCA9098C4712B1C620AB8] - 12/05/2006 - 00:21:28 ---A- . (...) -- C:\WINDOWS\System32\drivers\L1E4I1.BIN [152306]
O44 - LFC:[MD5.291E7A010E585C45C431B2D7EADE60A3] - 12/05/2006 - 00:21:28 ---A- . (...) -- C:\WINDOWS\System32\drivers\L1E4I2.BIN [152308]
O44 - LFC:[MD5.6C5F979E6C04084C47F183DAF050E576] - 11/05/2006 - 11:14:52 ---A- . (...) -- C:\WINDOWS\System32\drivers\L1E4P0.BIN [152145]
O44 - LFC:[MD5.8F97042D2E75C59E264957B34
salut à vous ; voici mon ordi à un serieux probleme car il m'affiche des raccourci de fichiers. on ma dit que c'est un virus qui est à l"origine de cela. aidez moi à resoudre ce probleme .
voici le rapport fait avec ZHPDiag
Rapport de ZHPDiag v1.27.2413 par Nicolas Coolman, Update du 18/07/2011
Run by v.s.m at 28/10/2003 23:04:51
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v6.0.2900.5512
MFIE: Mozilla Firefox v (Defaut)
---\\ System Information
Windows XP Professional Service Pack 3 (Build 2600)
~ Processor: x86 Family 15 Model 2 Stepping 9, GenuineIntel
~ Operating System: 32 Bits
~ Boot mode: ~ Normal (Normal boot)
Total RAM: 510 MB (12% free)
~ System Restore: Désactivé (Disabled)
System drive C: has 4 GB (20%) free of 20 GB
---\\ Logged in mode
~ Computer Name: VAYE
~ User Name: v.s.m
~ All Users Names: v.s.m, SUPPORT_388945a0, HelpAssistant, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O82
~ Logged in as Administrator
---\\ Environnement Variables
~ %AppData%=C:\Documents and Settings\v.s.m\Application Data\
~ %Desktop%=C:\Documents and Settings\v.s.m\Bureau\
~ %Favorites%=C:\Documents and Settings\v.s.m\Favoris\
~ %LocalAppData%=C:\Documents and Settings\v.s.m\Local Settings\Application Data\
~ %StartMenu%=C:\Documents and Settings\v.s.m\Menu Démarrer\
---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 4 Go of 20 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 18 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.28/10/2003 - 12:00:00.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.28/10/2003 - 12:00:00.) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.1B7EBDD150980FFA0597E94D4D6810A5] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.28/10/2003 - 16:07:58.) -- C:\WINDOWS\system32\wininet.dll [671232]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.28/10/2003 - 12:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.28/10/2003 - 12:00:00.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.28/10/2003 - 12:00:00.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 10/43
~ Mes musiques (My Musics) : 3/40
~ Mes Favoris (My Favorites) : 2/9
~ Mes Documents (My Documents) : 28/280
~ Mon Bureau (My Desktop) : 34/1541
~ Menu demarrer (Programs) : 5/50
---\\ Processus lancés
[MD5.F20629FF9ED48EFA98FDC5D99919E8C0] - (.Broadcom Corporation. - Bluetooth Support Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [342624]
[MD5.4B5AE15E5C73EB4DC8DBEC2788230D41] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672]
[MD5.1834C96FB1F9280BCF6DDFA6DE8338BF] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [322120]
[MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [248040]
[MD5.21293443961A4E2597453EE7A9347F22] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840]
[MD5.3D5D73B3E89A2AEA63C5A1164BCCD228] - (.D-Link - D-Link Wireless LAN Monitor.) -- C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe [1662976]
[MD5.07313211319C7B21268DAA456D8C1148] - (.Wireless Service - ANIWZCS2 launcher for Windows..) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [122880]
[MD5.613447884E12AB77F20F61E711D69F8B] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [184320]
[MD5.303557C7F562E667B66FA406B7FA07BD] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [77824]
[MD5.819892199645F33A680E50F1D5271879] - (.Apple Inc. - iTunesHelper Module.) -- C:\Program Files\iTunes\iTunesHelper.exe [305440]
[MD5.CEA8F7E45B7B098F5FB085BB6A6A4432] - (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\system32\wscript.exe [155648]
[MD5.B8DA797CEA896C42F5BAD9E08E21AF9F] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe [1052672]
[MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232]
[MD5.9313A53E603F97F43E16E6F9B2A49E32] - (.Microsoft - Pas de description.) -- C:\Documents and Settings\v.s.m\vmfop.exe [81920]
[MD5.7AC36A27A7513C5EAF672894B9F1EAEF] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [596584]
[MD5.91C9F6FB02169142EB4F514E87756EC1] - (.Pas de propriétaire - ADIMON MFC Application.) -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [1205840]
[MD5.EBA4349AC7ABB414BC875B02F71DCA62] - (.ArcSoft, Inc. - BBMonitor.) -- C:\Program Files\ArcSoft\TotalMedia Backup & Record\uBBMonitor.exe [270336]
[MD5.708BEC2CAF30278A97EEEC84F32CE4A7] - (.Yahoo! Inc. - Yahoo! Messenger Tray.) -- C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe [103664]
[MD5.DC434081FBFD27C719473CB0CCE8DECA] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [545568]
[MD5.3D3C316BD1E112F3B9C532D8B9939BDC] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE [93184]
[MD5.4C3100E1D510827F507D504BA2ABE2C0] - (...) -- C:\DOCUME~1\VS2244~1.M\LOCALS~1\Temp\winidwjg.exe [17920]
[MD5.03AC910150409D6DDBB663EC78530A89] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [988120]
[MD5.E959CCDFCCA98541B923FE1192E2788B] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [14808]
[MD5.474C4819EEC595978D183C807FB58334] - (...) -- C:\Documents and Settings\v.s.m\Bureau\virus tools\ZHPDiag_silent.exe [704238]
[MD5.B43B089D60BA6EF7705FBE72885A4E11] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [656896]
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\v.s.m\Local Settings\Application Data\Mozilla\Firefox\Profiles\gpweuifp.default\prefs.js
M3 - MFPP: Plugins - [v.s.m] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [v.s.m] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [v.s.m] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [v.s.m] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [v.s.m] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [v.s.m] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3] - (.Yahoo! Inc. - Yahoo Application State Plugin.) -- C:\Program Files\Yahoo!\Shared\npYState.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50524.0.) -- C:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKUS\S-1-5-21-796845957-725345543-1417001333-1004\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKUS\S-1-5-21-796845957-725345543-1417001333-1004\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Bibliothèque d'objets et de contrôles de do.) (No version) -- %SystemRoot%\system32\shdocvw.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Yahoo! Inc. - Yahoo! Toolbar.) (2007, 12, 18, 1) -- C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Tonec Inc. - IDM BHO Module.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} . (.Ask.com - Ask.com Toolbar.) -- C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} . (.Pas de propriétaire - PDFCreator Toolbar.) -- C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} . (.Ask.com - Ask.com Toolbar.) -- C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} . (.Pas de propriétaire - PDFCreator Toolbar.) -- C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-110] . (.D-Link - D-Link Wireless LAN Monitor.) -- C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] . (.Wireless Service - ANIWZCS2 launcher for Windows..) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [MSPY2002] . (...) -- C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper Module.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [regdiit] . (...) -- C:\WINDOWS\system32\winxp.exe
O4 - HKLM\..\Run: [CTFMON] . (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\system32\wscript.exe
O4 - HKLM\..\Run: [KernelFaultCheck] Clé orpheline
O4 - HKLM\..\Run: [ac32] . (...) -- C:\WINDOWS\system32\ac32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [vmfop] . (.Microsoft - Pas de description.) -- C:\Documents and Settings\v.s.m\vmfop.exe
O4 - HKCU\..\Run: [12CFG214-K641-12SF-N85P] . (...) -- C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe
O4 - HKCU\..\Run: [12CFG214-K641-12SF-N85P] . (...) -- C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-796845957-725345543-1417001333-1004\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-796845957-725345543-1417001333-1004\..\Run: [Yahoo! Pager] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O4 - HKUS\S-1-5-21-796845957-725345543-1417001333-1004\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-21-796845957-725345543-1417001333-1004\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-21-796845957-725345543-1417001333-1004\..\Run: [vmfop] . (.Microsoft - Pas de description.) -- C:\Documents and Settings\v.s.m\vmfop.exe
O4 - HKUS\S-1-5-21-796845957-725345543-1417001333-1004\..\Run: [12CFG214-K641-12SF-N85P] . (...) -- C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe
O4 - HKUS\S-1-5-21-796845957-725345543-1417001333-1004\..\Run: [12CFG214-K641-12SF-N85P] . (...) -- C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk . (.Adobe Systems, Inc..) -- C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk . (.Broadcom Corporation..) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk . (...) -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\TotalMedia Backup Monitor.lnk . (.ArcSoft, Inc..) -- C:\Program Files\ArcSoft\TotalMedia Backup & Record\uBBMonitor.exe
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Audition 1.5.lnk . (.Adobe Systems®, Incorporated.) -- C:\Program Files\Adobe\Audition 1.5\Audition.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe InDesign CS.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\InDesign CS\InDesign.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Favoris Bluetooth.lnk - Clé orpheline
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\v.s.m\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\v.s.m\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
O4 - Global Startup: C:\Documents And Settings\v.s.m\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Documents And Settings\v.s.m\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à Bluetooth . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
O9 - Extra button: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1066611799937
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{43A258C5-8047-4E9A-9054-6F7905EB4A23}: NameServer = 41.223.209.60,41.223.208.60
O17 - HKLM\System\CCS\Services\Tcpip\..\{5E0959F0-152C-4ECB-AB68-68061C248B06}: NameServer = 213.136.96.2 213.136.96.37
O17 - HKLM\System\CS1\Services\Tcpip\..\{43A258C5-8047-4E9A-9054-6F7905EB4A23}: NameServer = 41.223.209.60,41.223.208.60
O17 - HKLM\System\CS1\Services\Tcpip\..\{5E0959F0-152C-4ECB-AB68-68061C248B06}: NameServer = 213.136.96.2 213.136.96.37
O17 - HKLM\System\CS2\Services\Tcpip\..\{43A258C5-8047-4E9A-9054-6F7905EB4A23}: NameServer = 41.223.209.60,41.223.208.60
O17 - HKLM\System\CS2\Services\Tcpip\..\{43A258C5-8047-4E9A-9054-6F7905EB4A23}: DhcpNameServer = 192.168.1.1
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\Windows\System32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - c:\progra~1\wi9130~1\datamngr\datamngr.dll (.not file.)
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ANIWZCSd Service (ANIWZCSdService) . (.Wireless Service - ANIWZCS2 Service Launcher.) - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop Component 0: (no name) - file:file:///C:/DOCUME~1/VS2244~1.M/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[MD5.7B43567B4C32AD7ADED537CD3B1342B9] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\System32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\System32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\System32\DRIVERS\ipsec.sys
O41 - Driver: (ISODrive) . (.EZB Systems, Inc. - ISO DVD/CD-ROM Device Driver.) - C:\Program Files\UltraISO\drivers\ISODrive.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\System32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\System32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\System32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\System32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\System32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\System32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (WS2IFSL) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\WINDOWS\system32\drivers\ws2ifsl.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}
O42 - Logiciel: ANIO Service - (.Pas de propriétaire.) [HKLM] -- {7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}
O42 - Logiciel: ANIWZCS2 Service - (.Pas de propriétaire.) [HKLM] -- {4C590030-7469-453E-8589-D15DA9D03F52}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe InDesign CS - (.Adobe Systems Incorporated.) [HKLM] -- {416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {0C34B801-6AEC-4667-B053-03A67E2D0415}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM] -- Ask Toolbar_is1
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Cisco Networking Academy curriculum 4.0.0.0 - (.Cisco Systems, Inc..) [HKLM] -- Cisco Networking Academy curriculum_is1
O42 - Logiciel: D-Link Wireless G DWA-110 - (.D-Link.) [HKLM] -- {5F753314-628E-4C13-B8AE-BFA7FD514CBE}
O42 - Logiciel: Driver Genius Professional Edition - (.Driver-Soft Inc..) [HKLM] -- Driver Genius Professional Edition_is1
O42 - Logiciel: FindyKill - (.Pas de propriétaire.) [HKLM] -- FindyKill
O42 - Logiciel: Foxit Reader - (.Pas de propriétaire.) [HKLM] -- Foxit Reader
O42 - Logiciel: HP Deskjet F2200 All-In-One Driver 10.0 Rel .3 - (.HP.) [HKLM] -- {4E8444C5-766E-4f4d-82F8-BB83E2FBB42A}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {7059BDA7-E1DB-442C-B7A1-6144596720A4}
O42 - Logiciel: HTML Executable Viewer 1.1.0 - (.The G.D.G. Software Team.) [HKLM] -- HeViewUns110
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Intel(R) Extreme Graphics 2 Driver - (.Pas de propriétaire.) [HKLM] -- {8A708DD8-A5E6-11D4-A706-000629E95E20}
O42 - Logiciel: Intel(R) PRO Network Connections Drivers - (.Pas de propriétaire.) [HKLM] -- PROSet
O42 - Logiciel: Internet Download Manager - (.Pas de propriétaire.) [HKLM] -- Internet Download Manager
O42 - Logiciel: Java(TM) 6 Update 20 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216014FF}
O42 - Logiciel: LimeWire 5.5.9 - (.Lime Wire, LLC.) [HKLM] -- LimeWire
O42 - Logiciel: MGI VideoWave III (Remove Only) - (.Pas de propriétaire.) [HKLM] -- MGI_VideoWave_V1_0
O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MTN Mobile Partner - (.Huawei Technologies Co.,Ltd.) [HKLM] -- MTN Mobile Partner
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Media Wizard - (.CDH Productions.) [HKLM] -- Media Wizard
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Mozilla Firefox (3.6.9) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.9)
O42 - Logiciel: NOD32 FiX v1.9 - (.Pas de propriétaire.) [HKLM] -- {DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: PDFCreator Toolbar - (.Pas de propriétaire.) [HKLM] -- PDFCreator Toolbar
O42 - Logiciel: Packet Tracer 5.0 - (.Cisco Systems, Inc..) [HKLM] -- Packet Tracer 5.0_is1
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
O42 - Logiciel: Revo Uninstaller 1.89 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller
O42 - Logiciel: SAGEM F@st 800-840 - (.SAGEM.) [HKLM] -- {4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}
O42 - Logiciel: SAMSUNG CDMA Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG CDMA Modem
O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver
O42 - Logiciel: SuperCopier2 - (.Pas de propriétaire.) [HKLM] -- SuperCopier2
O42 - Logiciel: Total Video Converter 3.01 - (.EffectMatrix Inc..) [HKLM] -- Total Video Converter 3.01_is1
O42 - Logiciel: TotalMedia Backup & Record - (.Pas de propriétaire.) [HKLM] -- {EF6F70D0-C242-4047-946B-98EA8208481A}
O42 - Logiciel: UltraISO Premium V8.63 - (.Pas de propriétaire.) [HKLM] -- UltraISO_is1
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WIDCOMM Bluetooth Software - (.WIDCOMM, Inc..) [HKLM] -- {84814E6B-2581-46EC-926A-823BD1C670F6}
O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify
O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}
O42 - Logiciel: Xilisoft DVD Ripper Platinum - (.Xilisoft.) [HKLM] -- Xilisoft DVD Ripper Platinum
O42 - Logiciel: Xilisoft Video Converter - (.Xilisoft.) [HKLM] -- Xilisoft Video Converter
O42 - Logiciel: Yahoo! Messenger - (.Pas de propriétaire.) [HKLM] -- Yahoo! Messenger
O42 - Logiciel: Yahoo! Toolbar - (.Pas de propriétaire.) [HKLM] -- Yahoo! Companion
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {EC2A8F27-4FBF-4E41-B27B-FE822511B761}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\?? ?? ???? ????? ??? ?? ????]
[HKCU\Software\ALWIL Software]
[HKCU\Software\Adaptec]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\AskBarDis]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\ArcSoft]
[HKCU\Software\Avfnl]
[HKCU\Software\Brother]
[HKCU\Software\CDDB]
[HKCU\Software\CDH Productions]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DownloadManager]
[HKCU\Software\Foxit Software]
[HKCU\Software\Gabest]
[HKCU\Software\GameHouse]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Ligos]
[HKCU\Software\MGI]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MarineCat]
[HKCU\Software\MimarSinan]
[HKCU\Software\Netscape]
[HKCU\Software\PDFCreator]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\SFX TEAM]
[HKCU\Software\Samsung]
[HKCU\Software\SharewareGuide.net]
[HKCU\Software\Shortcut]
[HKCU\Software\TVP]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\Widcomm]
[HKCU\Software\WinRAR]
[HKCU\Software\Winamp]
[HKCU\Software\Xilisoft]
[HKCU\Software\Yahoo]
[HKCU\Software\pdfforge.org]
[HKLM\Software\125f]
[HKLM\Software\781]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ANI]
[HKLM\Software\APPC]
[HKLM\Software\Adaptec]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\Alpha Networks]
[HKLM\Software\Analog Devices]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\AskBarDis]
[HKLM\Software\BSProductManage]
[HKLM\Software\BcmSetup]
[HKLM\Software\Brother]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\CDH Productions]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\D-Link]
[HKLM\Software\Debug]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\Driver-Soft]
[HKLM\Software\ESET]
[HKLM\Software\EasyBoot Systems]
[HKLM\Software\Foxit Software]
[HKLM\Software\FunPause]
[HKLM\Software\GEAR Software]
[HKLM\Software\GameHouse]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HTMLExe]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\Huawei technologies]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\LEAD Technologies, Inc.]
[HKLM\Software\Licenses]
[HKLM\Software\MCCI]
[HKLM\Software\MGI]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\Netscape]
[HKLM\Software\ODBC]
[HKLM\Software\Ontrack]
[HKLM\Software\Opera Software]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\S3R521]
[HKLM\Software\SAGEM]
[HKLM\Software\SCC]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\The Silicon Realms Toolworks]
[HKLM\Software\TrendMicro]
[HKLM\Software\VideoLAN]
[HKLM\Software\WIDCOMM]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Windows]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Yahoo]
[HKLM\Software\ffffffff]
[HKLM\Software\iTinySoft]
[HKLM\Software\mozilla.org]
[HKLM\Software\pdfforge.org]
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 23/10/2003 - 23:53:04 - [1252] ----D- C:\Program Files\3D Flash Animator 4 Release 5
O43 - CFD: 20/10/2003 - 10:04:50 - [232537619] ----D- C:\Program Files\Adobe
O43 - CFD: 20/10/2003 - 00:37:32 - [411] ----D- C:\Program Files\Ahead
O43 - CFD: 21/10/2003 - 21:38:34 - [0] ----D- C:\Program Files\Alwil Software
O43 - CFD: 25/05/2010 - 22:52:26 - [286720] ----D- C:\Program Files\Analog Devices
O43 - CFD: 20/10/2003 - 00:06:42 - [1363968] ----D- C:\Program Files\ANI
O43 - CFD: 20/10/2003 - 03:36:12 - [2221118] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 21/10/2003 - 09:55:06 - [41869196] ----D- C:\Program Files\ArcSoft
O43 - CFD: 20/10/2003 - 22:59:40 - [1213346] ----D- C:\Program Files\AskBarDis
O43 - CFD: 20/10/2003 - 06:39:48 - [0] ----D- C:\Program Files\bobyte
O43 - CFD: 20/10/2003 - 07:53:20 - [4206552] ----D- C:\Program Files\Brother
O43 - CFD: 28/02/2011 - 18:56:52 - [3094640] ----D- C:\Program Files\CCleaner
O43 - CFD: 21/10/2003 - 09:41:18 - [709952] ----D- C:\Program Files\CCP Server 4
O43 - CFD: 20/10/2003 - 00:46:26 - [8179712] ----D- C:\Program Files\CDH Productions
O43 - CFD: 21/10/2003 - 09:38:00 - [561179] ----D- C:\Program Files\Common Files
O43 - CFD: 25/05/2010 - 22:31:08 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 20/10/2003 - 06:33:22 - [0] ----D- C:\Program Files\CounterPath
O43 - CFD: 20/10/2003 - 00:05:04 - [8835593] ----D- C:\Program Files\D-Link
O43 - CFD: 25/10/2003 - 04:46:34 - [946497] ----D- C:\Program Files\DivX
O43 - CFD: 20/10/2003 - 00:55:32 - [15875374] ----D- C:\Program Files\Driver-Soft
O43 - CFD: 21/10/2003 - 10:08:44 - [748811] ----D- C:\Program Files\ESET
O43 - CFD: 20/10/2003 - 20:01:04 - [0] ----D- C:\Program Files\FDRLab
O43 - CFD: 21/10/2003 - 09:55:06 - [585555945] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 21/10/2003 - 13:26:16 - [722746] ----D- C:\Program Files\FindyKill
O43 - CFD: 20/10/2003 - 22:59:32 - [7969042] ----D- C:\Program Files\Foxit Software
O43 - CFD: 28/07/2010 - 14:09:34 - [22688769] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 21/10/2003 - 00:21:32 - [23824748] ----D- C:\Program Files\HP
O43 - CFD: 21/10/2003 - 09:55:04 - [18157232] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 20/10/2003 - 05:10:50 - [6160080] ----D- C:\Program Files\Internet Download Manager
O43 - CFD: 20/10/2003 - 03:38:02 - [2306607] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 20/10/2003 - 03:39:26 - [1582699] ----D- C:\Program Files\iPod
O43 - CFD: 20/10/2003 - 03:40:28 - [112206776] ----D- C:\Program Files\iTunes
O43 - CFD: 29/05/2010 - 23:26:24 - [88830765] ----D- C:\Program Files\Java
O43 - CFD: 31/05/2010 - 01:56:12 - [90376163] ----D- C:\Program Files\LimeWire
O43 - CFD: 21/10/2003 - 12:01:24 - [4359231] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 03/11/2003 - 14:07:40 - [0] ----D- C:\Program Files\Marvell
O43 - CFD: 28/07/2010 - 14:06:02 - [2174045] ----D- C:\Program Files\Messenger
O43 - CFD: 21/10/2003 - 09:13:10 - [49399063] ----D- C:\Program Files\MGI
O43 - CFD: 25/05/2010 - 22:35:44 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 21/10/2003 - 01:21:46 - [365990542] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 25/10/2003 - 20:15:42 - [38274027] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 21/10/2003 - 01:21:20 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 20/10/2003 - 02:46:30 - [4368271] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 21/10/2003 - 01:15:40 - [315392] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 28/07/2010 - 00:19:14 - [10374874] ----D- C:\Program Files\Movie Maker
O43 - CFD: 20/10/2003 - 19:39:08 - [31110570] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 20/10/2003 - 11:50:08 - [39944647] ----D- C:\Program Files\MSECache
O43 - CFD: 25/10/2003 - 20:14:58 - [21471559] ----D- C:\Program Files\MSN
O43 - CFD: 25/05/2010 - 22:30:40 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 29/05/2010 - 13:55:40 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 13/05/2011 - 02:49:50 - [25083875] ----D- C:\Program Files\MTN Mobile Partner
O43 - CFD: 25/05/2010 - 22:33:06 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 25/05/2010 - 22:30:54 - [1804] ----D- C:\Program Files\Online Services
O43 - CFD: 20/10/2003 - 00:35:44 - [866410] ----D- C:\Program Files\Ontrack
O43 - CFD: 28/07/2010 - 00:16:28 - [4379833] ----D- C:\Program Files\Outlook Express
O43 - CFD: 21/10/2003 - 03:23:34 - [155298336] ----D- C:\Program Files\Packet Tracer 5.0
O43 - CFD: 22/10/2003 - 17:59:56 - [0] ----D- C:\Program Files\ParetoLogic
O43 - CFD: 20/10/2003 - 00:30:00 - [26969727] ----D- C:\Program Files\PDFCreator
O43 - CFD: 20/10/2003 - 00:29:54 - [813482] ----D- C:\Program Files\PDFCreator Toolbar
O43 - CFD: 20/10/2003 - 03:38:00 - [79638121] ----D- C:\Program Files\QuickTime
O43 - CFD: 29/05/2010 - 21:55:02 - [36400897] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 20/10/2003 - 15:21:32 - [12815559] ----D- C:\Program Files\SAGEM
O43 - CFD: 22/10/2003 - 02:18:12 - [5228544] ----D- C:\Program Files\SAMSUNG
O43 - CFD: 25/05/2010 - 22:33:44 - [1025] ----D- C:\Program Files\Services en ligne
O43 - CFD: 25/05/2010 - 23:22:36 - [1233769] ----D- C:\Program Files\SuperCopier2
O43 - CFD: 20/10/2003 - 04:43:28 - [185253239] ----D- C:\Program Files\Total Video Converter
O43 - CFD: 21/10/2003 - 11:56:18 - [466609] ----D- C:\Program Files\Trend Micro
O43 - CFD: 02/06/2010 - 21:44:16 - [5431879] ----D- C:\Program Files\UltraISO
O43 - CFD: 21/10/2003 - 09:38:06 - [24] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 20/10/2003 - 00:05:52 - [328568] ----D- C:\Program Files\uTorrent
O43 - CFD: 21/10/2003 - 18:26:10 - [83445721] ----D- C:\Program Files\VideoLAN
O43 - CFD: 25/10/2003 - 10:21:40 - [0] ----D- C:\Program Files\VoipDiscount.com
O43 - CFD: 25/05/2010 - 23:23:20 - [6539571] ----D- C:\Program Files\VS Revo Group
O43 - CFD: 20/10/2003 - 10:22:16 - [7864207] ----D- C:\Program Files\WIDCOMM
O43 - CFD: 28/07/2010 - 17:47:26 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 21/10/2003 - 09:13:28 - [3239277] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 25/05/2010 - 22:30:30 - [3940095] ----D- C:\Program Files\Windows NT
O43 - CFD: 25/05/2010 - 22:33:48 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 25/05/2010 - 23:11:44 - [3532539] ----D- C:\Program Files\WinRAR
O43 - CFD: 25/05/2010 - 22:35:44 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 20/10/2003 - 01:15:16 - [55015219] ----D- C:\Program Files\Xilisoft
O43 - CFD: 20/10/2003 - 01:40:38 - [27514934] ----D- C:\Program Files\Yahoo!
O43 - CFD: 28/10/2003 - 23:05:22 - [3925633] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 21/10/2003 - 09:38:00 - [561179] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 20/10/2003 - 10:09:20 - [5535979] ----D- C:\Documents and Settings\v.s.m\Application Data\Adobe
O43 - CFD: 20/10/2003 - 10:09:20 - [0] ----D- C:\Documents and Settings\v.s.m\Application Data\AdobeUM
O43 - CFD: 20/10/2003 - 15:41:56 - [4537296] ----D- C:\Documents and Settings\v.s.m\Application Data\Apple Computer
O43 - CFD: 21/10/2003 - 10:18:18 - [29940] ----D- C:\Documents and Settings\v.s.m\Application Data\ArcSoft
O43 - CFD: 21/10/2003 - 19:27:50 - [0] R---D- C:\Documents and Settings\v.s.m\Application Data\Brother
O43 - CFD: 09/05/2011 - 19:11:46 - [199] ----D- C:\Documents and Settings\v.s.m\Application Data\dvdcss
O43 - CFD: 21/10/2003 - 05:25:54 - [0] ----D- C:\Documents and Settings\v.s.m\Application Data\Identities
O43 - CFD: 02/01/2011 - 18:50:58 - [495] ----D- C:\Documents and Settings\v.s.m\Application Data\Macromedia
O43 - CFD: 21/10/2003 - 12:01:26 - [6052] ----D- C:\Documents and Settings\v.s.m\Application Data\Malwarebytes
O43 - CFD: 28/10/2003 - 22:32:34 - [4797268] -S--D- C:\Documents and Settings\v.s.m\Application Data\Microsoft
O43 - CFD: 06/01/2011 - 14:38:40 - [1197577] ----D- C:\Documents and Settings\v.s.m\Application Data\Mozilla
O43 - CFD: 21/10/2003 - 09:19:30 - [0] ----D- C:\Documents and Settings\v.s.m\Application Data\Samsung
O43 - CFD: 20/10/2003 - 00:45:24 - [239616] ----D- C:\Documents and Settings\v.s.m\Application Data\Seven Zip
O43 - CFD: 21/10/2003 - 19:15:28 - [709] ----D- C:\Documents and Settings\v.s.m\Application Data\Sun
O43 - CFD: 20/10/2003 - 21:50:14 - [3604480] ----D- C:\Documents and Settings\v.s.m\Application Data\U3
O43 - CFD: 20/10/2003 - 09:39:02 - [4252118] ----D- C:\Documents and Settings\v.s.m\Application Data\vlc
O43 - CFD: 23/10/2003 - 19:15:10 - [0] ----D- C:\Documents and Settings\v.s.m\Application Data\WinRAR
O43 - CFD: 24/10/2003 - 20:55:52 - [0] ----D- C:\Documents and Settings\v.s.m\Application Data\Yahoo!
O43 - CFD: 21/10/2003 - 07:02:04 - [914639] ----D- C:\Documents and Settings\v.s.m\Local Settings\Application Data\Adobe
O43 - CFD: 01/03/2011 - 08:35:26 - [1950597] ----D- C:\Documents and Settings\v.s.m\Local Settings\Application Data\Ahead
O43 - CFD: 20/10/2003 - 03:36:16 - [0] ----D- C:\Documents and Settings\v.s.m\Local Settings\Application Data\Apple
O43 - CFD: 20/10/2003 - 03:59:56 - [390297] ----D- C:\Documents and Settings\v.s.m\Local Settings\Application Data\Apple Computer
O43 - CFD: 21/10/2003 - 00:08:04 - [804444] ----D- C:\Documents and Settings\v.s.m\Local Settings\Application Data\Identities
O43 - CFD: 20/10/2003 - 06:34:50 - [7287922] ----D- C:\Documents and Settings\v.s.m\Local Settings\Application Data\Microsoft
O43 - CFD: 20/10/2003 - 09:28:02 - [0] ----D- C:\Documents and Settings\v.s.m\Local Settings\Application Data\Microsoft Help
O43 - CFD: 06/01/2011 - 14:38:16 - [13822048] ----D- C:\Documents and Settings\v.s.m\Local Settings\Application Data\Mozilla
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.C0315073CF94A46DDC3C6E272E6125E5] - 13/05/2011 - 02:51:29 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.INI [1102384]
O44 - LFC:[MD5.6BA42DF603F6CC19293F85C9781F95E0] - 28/07/2010 - 14:05:57 ---A- . (...) -- C:\WINDOWS\hpoins27.dat [155934]
O44 - LFC:[MD5.CBCB5D8671AA0EC4ECC820685B89D12E] - 25/05/2010 - 22:38:27 ---A- . (...) -- C:\WINDOWS\System32\$winnt$.inf [261]
O44 - LFC:[MD5.2B9C717D21A1331BA3731886E3EE87BB] - 25/05/2010 - 22:34:59 ---A- . (...) -- C:\WINDOWS\ODBCINST.INI [4205]
O44 - LFC:[MD5.775E188DD15C9AC9E735A556FB95578E] - 25/05/2010 - 22:28:36 -SH-- . (...) -- C:\boot.ini [212]
O44 - LFC:[MD5.F08DBD8C48A168818A3DFC28929EE6B5] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\AUTOEXEC.NT [1896]
O44 - LFC:[MD5.5D038EEABA8EA438F6B5ABD5E91BC851] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\C_28594.NLS [66082]
O44 - LFC:[MD5.E22D1B9AC7854C0A654E4C4232074E49] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\C_28595.NLS [66082]
O44 - LFC:[MD5.B537ACFAB9E70F0EF48DB696A08ADC81] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\C_28597.NLS [66082]
O44 - LFC:[MD5.0A206B5CACD3CA70D2044DA691304765] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_10006.nls [66082]
O44 - LFC:[MD5.AF4A866226BD04ACF06135088D75BB63] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_10007.nls [66082]
O44 - LFC:[MD5.6F8A509550FE8C92D07EE0143BF29BA1] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_10010.nls [66082]
O44 - LFC:[MD5.314E85390BEBDAE5D1E11DB2D8CBC6E9] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_10017.nls [66082]
O44 - LFC:[MD5.D2CA471D36A69D17F82D5C1B64FAEE39] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_10029.nls [66082]
O44 - LFC:[MD5.EFFDFF60A38CF648811BBCDD722ECF5E] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_10081.nls [66082]
O44 - LFC:[MD5.9CA501D2A8E6909C5B2E8C9274682BF1] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_10082.nls [66082]
O44 - LFC:[MD5.6CB26848BCDAA361B6EE21264FB362C3] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_20127.nls [66082]
O44 - LFC:[MD5.C37A21EE1ADFDC13FC707D97073148ED] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_28599.nls [66082]
O44 - LFC:[MD5.35448F3A71EBBECF8E997FAD3A99327D] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_28603.nls [66082]
O44 - LFC:[MD5.BAC7072B365F9648CA318154BA7E03EC] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_737.nls [66594]
O44 - LFC:[MD5.21E928C8E6ED8EEAB0D1AAEE82ACDD76] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_852.nls [66594]
O44 - LFC:[MD5.3E969213F35127D83DAB48FF1283E8E4] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_855.nls [66594]
O44 - LFC:[MD5.A8764750B22B528D85A691A52CB21856] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_857.nls [66594]
O44 - LFC:[MD5.5CD475CA7B87844DE1E0483B536F9AAE] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_866.nls [66594]
O44 - LFC:[MD5.780C444EB16B65E6DE96F794A732DA12] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_869.nls [66594]
O44 - LFC:[MD5.8BE0D77A873730B4EB1DAB7C6622CD46] - 14/04/2008 - 12:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_875.nls [66082]
O44 - LFC:[MD5.1D3C74827B5B5F7873B7914466E3343A] - 21/08/1996 - 19:36:16 ---A- . (...) -- C:\WINDOWS\System32\BUTTON.MID [6117]
O44 - LFC:[MD5.65F6433F76887AB17828E02B42E3A13B] - 29/03/2007 - 15:59:40 ---A- . (...) -- C:\WINDOWS\System32\drivers\cmv4p.txt [318]
O44 - LFC:[MD5.3B1BA5B4CCE3A31856F54E4AE50815E6] - 11/02/1997 - 12:06:24 ---A- . (...) -- C:\WINDOWS\System32\RSXCONFG.HLP [243102]
O44 - LFC:[MD5.E2ADE0E5E33FC6811F790DA803788FF6] - 16/02/2007 - 23:37:38 ---A- . (...) -- C:\WINDOWS\System32\drivers\e4usbawx64.cat [13981]
O44 - LFC:[MD5.0B4A90E6BF3375C9759CB3D7688E06CA] - 16/02/2007 - 23:37:34 ---A- . (...) -- C:\WINDOWS\System32\drivers\e4ldr.cat [11399]
O44 - LFC:[MD5.06A88B50FD038459B20696D8599FCC76] - 16/02/2007 - 23:37:34 ---A- . (...) -- C:\WINDOWS\System32\drivers\e4ldrx64.cat [11399]
O44 - LFC:[MD5.B4A2C49CABCFB7F80AFAB13D62ACE0C4] - 16/02/2007 - 23:37:34 ---A- . (...) -- C:\WINDOWS\System32\drivers\e4usbaw.cat [13981]
O44 - LFC:[MD5.1B4B00C3B890E6B203815E1A4660A4A4] - 16/02/2007 - 23:19:22 ---A- . (...) -- C:\WINDOWS\System32\drivers\adiusbaw.cat [16254]
O44 - LFC:[MD5.D43F8AD843DB794033653BCCE162A302] - 16/02/2007 - 23:19:22 ---A- . (...) -- C:\WINDOWS\System32\drivers\adiusbawx64.cat [16254]
O44 - LFC:[MD5.662FD05887FEE64CC1C49141D350AB98] - 16/02/2007 - 23:19:20 ---A- . (...) -- C:\WINDOWS\System32\drivers\adildr.cat [12403]
O44 - LFC:[MD5.392C51882E70266AF2EC63B5C9C5D380] - 16/02/2007 - 23:19:20 ---A- . (...) -- C:\WINDOWS\System32\drivers\adildrx64.cat [12403]
O44 - LFC:[MD5.F816F0D823030447EF68A0CB39BE983A] - 28/02/1997 - 21:34:16 ---A- . (...) -- C:\WINDOWS\System32\RSXTOOL.HLP [28159]
O44 - LFC:[MD5.5748274F1DA780F4E44E749AECC4EE35] - 15/11/2006 - 14:38:30 ---A- . (...) -- C:\WINDOWS\System32\coclassfast.dll [200704]
O44 - LFC:[MD5.281E0DE017B2D6A0F0C7DD30C1B69CA9] - 16/10/1997 - 13:42:04 ---A- . (...) -- C:\WINDOWS\System32\rdxcom.tlb [29820]
O44 - LFC:[MD5.CAC080FD4982BA0DA7311FCC51418713] - 16/10/1997 - 13:43:40 ---A- . (...) -- C:\WINDOWS\System32\ActiveRDX.tlb [3571]
O44 - LFC:[MD5.A2F01886C89D8EFDB89AEC43C5C073C3] - 17/05/2006 - 14:01:38 ---A- . (...) -- C:\WINDOWS\System32\drivers\cmv4i.txt [217]
O44 - LFC:[MD5.E1678B3FF4FDB4310D8487073E0FECDD] - 12/05/2006 - 00:21:28 ---A- . (...) -- C:\WINDOWS\System32\drivers\L1E4I0.BIN [152306]
O44 - LFC:[MD5.F5B1C44022FFCA9098C4712B1C620AB8] - 12/05/2006 - 00:21:28 ---A- . (...) -- C:\WINDOWS\System32\drivers\L1E4I1.BIN [152306]
O44 - LFC:[MD5.291E7A010E585C45C431B2D7EADE60A3] - 12/05/2006 - 00:21:28 ---A- . (...) -- C:\WINDOWS\System32\drivers\L1E4I2.BIN [152308]
O44 - LFC:[MD5.6C5F979E6C04084C47F183DAF050E576] - 11/05/2006 - 11:14:52 ---A- . (...) -- C:\WINDOWS\System32\drivers\L1E4P0.BIN [152145]
O44 - LFC:[MD5.8F97042D2E75C59E264957B34
A voir également:
- Virus sur mon ordinateur
- Mon ordinateur rame - Guide
- Réinitialiser ordinateur - Guide
- Ordinateur ecran noir - Guide
- Mon ordinateur s'allume mais ne demarre pas windows - Guide
- Pad ordinateur - Guide
1 réponse
anthony5151
Messages postés
10573
Date d'inscription
vendredi 27 juin 2008
Statut
Contributeur sécurité
Dernière intervention
2 mars 2015
790
Modifié par anthony5151 le 19/07/2011 à 17:34
Modifié par anthony5151 le 19/07/2011 à 17:34
Bonjour,
Nous allons essayer de régler ton problème ensemble. D'abord, quelques rappels :
- N'ouvre pas d'autres sujets pour le même problème (que ce soit sur ce forum ou sur un autre)
- N'hésite pas à poser des questions en cas de besoin ;)
- Sois patient(e) quand tu postes un message, je ne réponds pas instantanément : je suis bénévole et je ne suis pas en permanence devant mon ordinateur. Mais rassure toi, je ne laisse jamais tomber personne ;)
- La désinfection (si nécessaire) va se dérouler en plusieurs étapes. Même si les symptômes de l'infection disparaissent, la désinfection ne sera terminée que quand je te le confirmerai --> Merci de revenir jusqu'au bout, sinon ce qu'on a fait n'aura servi à rien.
Le rapport ZHPDiag que tu as posté n'est pas complet : il est trop long pour être posté directement sur le forum, il faut l'héberger sur un site tel que celui-ci et poster uniquement le lien vers le rapport.
Néanmoins, à partir de l'extrait de rapport que tu as posté, je peux déjà te dire que ton ordinateur est infecté :
1) Les barres d'outils sont inutiles, elles ralentissent le navigateur et peuvent le rendre instable : je te conseille de les désinstaller. Pour ça, ouvre le menu démarrer --> panneau de configuration --> Ajout/suppression de programmes --> Sélectionne les programmes suivants et désinstalle les :
- Yahoo! Toolbar
- Ask Toolbar
- PDFCreator Toolbar
2) Il y a une infection de disques amovibles :
* Télécharge USBFix (de El desaparecido et C_XX) sur ton Bureau
* Branche tes sources de données externes à ton PC (clé USB, disque dur externe, lecteur mp3 etc...) sans les ouvrir
* Double clique sur le programme USBFix sur ton Bureau.
* Au menu principal, clique sur "Suppression"
* Ton Bureau va disparaitre, puis l'ordinateur va redémarrer : c'est normal
* Laisse travailler l'outil jusqu'au bout
* A la fin, le rapport va s'afficher : poste le dans ta prochaine réponse stp
3) Utilise ce logiciel de désinfection généraliste stp :
* Télécharge et installe Malwarebytes' Anti-Malware
* A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
* Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
* Puis va dans l'onglet "Recherche", coche "Exécuter un examen rapide" puis "Rechercher"
* A la fin de l'analyse, clique sur Afficher les résultats
* Coche tous les éléments détectés puis clique sur Supprimer la sélection
* Enregistre le rapport
* S'il t'est demandé de redémarrer l'ordinateur, clique sur Yes
* Poste dans ta prochaine réponse le rapport apparaissant après la suppression stp
4) Fais redémarrer ton ordinateur et poste un nouveau rapport ZHPDiag (pense à l'héberger).
L'habit ne fait pas le moine.
Le savoir n'est utile que s'il est transmis
Nous allons essayer de régler ton problème ensemble. D'abord, quelques rappels :
- N'ouvre pas d'autres sujets pour le même problème (que ce soit sur ce forum ou sur un autre)
- N'hésite pas à poser des questions en cas de besoin ;)
- Sois patient(e) quand tu postes un message, je ne réponds pas instantanément : je suis bénévole et je ne suis pas en permanence devant mon ordinateur. Mais rassure toi, je ne laisse jamais tomber personne ;)
- La désinfection (si nécessaire) va se dérouler en plusieurs étapes. Même si les symptômes de l'infection disparaissent, la désinfection ne sera terminée que quand je te le confirmerai --> Merci de revenir jusqu'au bout, sinon ce qu'on a fait n'aura servi à rien.
Le rapport ZHPDiag que tu as posté n'est pas complet : il est trop long pour être posté directement sur le forum, il faut l'héberger sur un site tel que celui-ci et poster uniquement le lien vers le rapport.
Néanmoins, à partir de l'extrait de rapport que tu as posté, je peux déjà te dire que ton ordinateur est infecté :
1) Les barres d'outils sont inutiles, elles ralentissent le navigateur et peuvent le rendre instable : je te conseille de les désinstaller. Pour ça, ouvre le menu démarrer --> panneau de configuration --> Ajout/suppression de programmes --> Sélectionne les programmes suivants et désinstalle les :
- Yahoo! Toolbar
- Ask Toolbar
- PDFCreator Toolbar
2) Il y a une infection de disques amovibles :
* Télécharge USBFix (de El desaparecido et C_XX) sur ton Bureau
* Branche tes sources de données externes à ton PC (clé USB, disque dur externe, lecteur mp3 etc...) sans les ouvrir
* Double clique sur le programme USBFix sur ton Bureau.
* Au menu principal, clique sur "Suppression"
* Ton Bureau va disparaitre, puis l'ordinateur va redémarrer : c'est normal
* Laisse travailler l'outil jusqu'au bout
* A la fin, le rapport va s'afficher : poste le dans ta prochaine réponse stp
3) Utilise ce logiciel de désinfection généraliste stp :
* Télécharge et installe Malwarebytes' Anti-Malware
* A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
* Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
* Puis va dans l'onglet "Recherche", coche "Exécuter un examen rapide" puis "Rechercher"
* A la fin de l'analyse, clique sur Afficher les résultats
* Coche tous les éléments détectés puis clique sur Supprimer la sélection
* Enregistre le rapport
* S'il t'est demandé de redémarrer l'ordinateur, clique sur Yes
* Poste dans ta prochaine réponse le rapport apparaissant après la suppression stp
4) Fais redémarrer ton ordinateur et poste un nouveau rapport ZHPDiag (pense à l'héberger).
L'habit ne fait pas le moine.
Le savoir n'est utile que s'il est transmis
