Comment désinstaller searchqu toolbar s.v.p ?
Fermé
ranzy2003
Messages postés
8
Date d'inscription
dimanche 7 août 2011
Statut
Membre
Dernière intervention
8 août 2011
-
7 août 2011 à 17:43
ranzy2003 Messages postés 8 Date d'inscription dimanche 7 août 2011 Statut Membre Dernière intervention 8 août 2011 - 8 août 2011 à 20:06
ranzy2003 Messages postés 8 Date d'inscription dimanche 7 août 2011 Statut Membre Dernière intervention 8 août 2011 - 8 août 2011 à 20:06
A voir également:
- Comment désinstaller searchqu toolbar s.v.p ?
- Desinstaller edge - Guide
- Désinstaller bing - Guide
- Désinstaller onedrive - Guide
- Toolbar - Télécharger - Navigateurs
- Comment desinstaller une appli sur pc - Guide
12 réponses
NicoVA
Messages postés
1058
Date d'inscription
dimanche 6 décembre 2009
Statut
Contributeur sécurité
Dernière intervention
16 novembre 2011
71
Modifié par NicoVA le 7/08/2011 à 17:58
Modifié par NicoVA le 7/08/2011 à 17:58
Salut
Relance Ad-Remover puis clique sur Suppression enfin poste sont rapport.
=/=/=/=/=/=
Télécharge ZhpDiag de Nicolas Coolman .
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Une fois le téléchargement achevé, double clique sur ZHPDiag.exe(clic droit ,"éxécuter en tant qu'administrateur" pour Vista/7).
Clique sur la loupe pour lancer l'analyse.
A la fin de l'analyse, clique sur la "disquette" (enregistrer sous..) .
Rend toi sur ce site : http://www.cijoint.fr/index.php ou celui-ci : http://pjjoint.malekal.com/
Clique sur parcourir et sélectionne le fichier ZhpDiag.txt
Un lien va etre créer ,poste ce lien dans ta prochaine réponse.
A+
Relance Ad-Remover puis clique sur Suppression enfin poste sont rapport.
=/=/=/=/=/=
Télécharge ZhpDiag de Nicolas Coolman .
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Une fois le téléchargement achevé, double clique sur ZHPDiag.exe(clic droit ,"éxécuter en tant qu'administrateur" pour Vista/7).
Clique sur la loupe pour lancer l'analyse.
A la fin de l'analyse, clique sur la "disquette" (enregistrer sous..) .
Rend toi sur ce site : http://www.cijoint.fr/index.php ou celui-ci : http://pjjoint.malekal.com/
Clique sur parcourir et sélectionne le fichier ZhpDiag.txt
Un lien va etre créer ,poste ce lien dans ta prochaine réponse.
A+
Utilisateur anonyme
Modifié par Electricien 69 le 7/08/2011 à 17:58
Modifié par Electricien 69 le 7/08/2011 à 17:58
bonjour,
Edit :
hello nico, bonne chasse ;)
/!\ Absent du 13 au 27/08/2011
O.o°*??? Membre, Contributeur sécurité CCMo°.Oø¤º°'°º¤ø
O.o°* ??? Réspire à fond, Rédige ton message en bon français et de manière claire.Ca va bien se passer, tu verras, enfin on essaie !!! o°.Oø¤º°'°º¤ø
Edit :
hello nico, bonne chasse ;)
/!\ Absent du 13 au 27/08/2011
O.o°*??? Membre, Contributeur sécurité CCMo°.Oø¤º°'°º¤ø
O.o°* ??? Réspire à fond, Rédige ton message en bon français et de manière claire.Ca va bien se passer, tu verras, enfin on essaie !!! o°.Oø¤º°'°º¤ø
NicoVA
Messages postés
1058
Date d'inscription
dimanche 6 décembre 2009
Statut
Contributeur sécurité
Dernière intervention
16 novembre 2011
71
Modifié par NicoVA le 7/08/2011 à 17:58
Modifié par NicoVA le 7/08/2011 à 17:58
Hello :-)
ranzy2003
Messages postés
8
Date d'inscription
dimanche 7 août 2011
Statut
Membre
Dernière intervention
8 août 2011
7 août 2011 à 18:45
7 août 2011 à 18:45
bonjour tout le monde merci pour votre aide
pour le rapport de ad remove le voila
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 16:18:53 le 07/08/2011, Mode normal
Microsoft Windows XP Professionnel Service Pack 3 (X86)
Poste@MAISON-9E64A447 ( )
============== ACTION(S) ==============
Dossier supprimé: C:\Documents and Settings\Poste\Application Data\Mozilla\FireFox\Profiles\z3h4p5nu.default\extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Dossier supprimé: C:\Documents and Settings\Poste\Application Data\OpenCandy
Dossier supprimé: C:\Documents and Settings\Poste\Local Settings\Application Data\OpenCandy
Dossier supprimé: C:\Documents and Settings\Poste\Application Data\Toolbar4
Dossier supprimé: C:\Documents and Settings\Poste\Application Data\VMNTOOLBAR
(!) -- Fichiers temporaires supprimés.
Clé supprimée: HKLM\Software\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé supprimée: HKLM\Software\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
Clé supprimée: HKLM\Software\Classes\Interface\{384FE458-A963-450D-9187-EEFF81913FD0}
Clé supprimée: HKLM\Software\Classes\Conduit.Engine
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2542115
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKLM\Software\DataMngr
Clé supprimée: HKLM\Software\SearchquMediabarTb
Clé supprimée: HKCU\Software\Conduit
Clé supprimée: HKCU\Software\DataMngr
Clé supprimée: HKCU\Software\vmntoolbar
Clé supprimée: HKLM\Software\Orbit\OpenCandy
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|DataMngr
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [4.0.1 (fr)] ****
HKLM_MozillaPlugins\Adobe Reader (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=102&systemid=406&q={searchTerms}/)
Components\browsercomps.dll (Mozilla Foundation)
Components\XPBrowsealoudPlugin.dll (Texthelp Systems Ltd)
HKLM_Extensions|searchpredict@speedbit.com - C:\Program Files\SearchPredict\PRFireFox (x)
HKLM_Extensions|{0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\SPFireFox (x)
-- C:\Documents and Settings\Poste\Application Data\Mozilla\FireFox\Profiles\z3h4p5nu.default --
Extensions\anttoolbar@ant.com (Ant Video Downloader)
Extensions\ar@dictionaries.addons.mozilla.org (Arabic spell-checking dictionary)
Extensions\trash (?)
Extensions\{02450954-cdd9-410f-b1da-db804e18c671} (Screengrab)
Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=102&systemid=406&q={searchTerms}/)
Prefs.js - browser.search.defaultenginename, Search Results
Prefs.js - browser.search.selectedEngine, Search Results
Prefs.js - browser.startup.homepage, hxxp://www.google.com
Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1
Prefs.js - keyword.URL, hxxp://dts.search-results.com/sr?src=ffb&appid=102&systemid=406&q=
========================================
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - "Search Results" (hxxp://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&q={searchTerms})
HKLM_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - "Search Results" (hxxp://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&q={searchTerms})
HKCU_Toolbar\WebBrowser|{A057A204-BACC-4D26-8287-79A187E26987} (x)
HKCU_Toolbar\WebBrowser|{C55BBCD6-41AD-48AD-9953-3609C48EACC7} (C:\Program Files\Orbitdownloader\GrabPro.dll)
HKLM_Toolbar|{C55BBCD6-41AD-48AD-9953-3609C48EACC7} (C:\Program Files\Orbitdownloader\GrabPro.dll)
HKLM_Toolbar|{99079a25-328f-4bd4-be04-00955acaa0a7} (x)
HKCU_ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953} - C:\Program Files\SpeedBit Video Downloader\Converter.exe (x)
HKLM_ElevationPolicy\{09B74B5E-2912-48de-9167-D80158E2A379} - C:\Program Files\CA VMN Anti-Spyware\CA_VMN_antispyware.exe (x)
HKLM_ElevationPolicy\{0C5365B7-358F-402d-A440-F1270AEF1175} - C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifier.exe (x)
HKLM_ElevationPolicy\{28A36D69-07EA-44CE-B298-1A8B3E8B6FE1} - C:\Program Files\Skype\Phone\Skype.exe (x)
HKLM_ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2} - C:\Program Files\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
HKLM_ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953} - C:\Program Files\SpeedBit Video Downloader\Converter.exe (x)
HKLM_ElevationPolicy\{C39A83E5-31D7-493F-BB93-40244DDAEBEF} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\dtUser.exe (Visicom Media Inc.)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{000123B4-9B42-4900-B3F7-F4B073EFC214} - "Octh Class" (C:\Program Files\Orbitdownloader\orbitcth.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
========================================
C:\Program Files\Ad-Remover\Quarantine: 255 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 16 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 07/08/2011 16:19:01 (6129 Octet(s))
C:\Ad-Report-SCAN[1].txt - 06/08/2011 22:54:27 (6682 Octet(s))
C:\Ad-Report-SCAN[2].txt - 07/08/2011 15:23:02 (6769 Octet(s))
C:\Ad-Report-SCAN[3].txt - 07/08/2011 16:09:00 (6834 Octet(s))
Fin à: 16:20:31, 07/08/2011
============== E.O.F ==============
lors de redemarrage de mon pc ce message apparut
https://pjjoint.malekal.com/files.php?id=b7a9ea72e9h12g5t13u7s5u8f12r15w9n8h9l13o9e12h6109i1214y8
je vais utilisé le ZhpDiag et poster son rapport dans quelques minute
merci
pour le rapport de ad remove le voila
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 16:18:53 le 07/08/2011, Mode normal
Microsoft Windows XP Professionnel Service Pack 3 (X86)
Poste@MAISON-9E64A447 ( )
============== ACTION(S) ==============
Dossier supprimé: C:\Documents and Settings\Poste\Application Data\Mozilla\FireFox\Profiles\z3h4p5nu.default\extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Dossier supprimé: C:\Documents and Settings\Poste\Application Data\OpenCandy
Dossier supprimé: C:\Documents and Settings\Poste\Local Settings\Application Data\OpenCandy
Dossier supprimé: C:\Documents and Settings\Poste\Application Data\Toolbar4
Dossier supprimé: C:\Documents and Settings\Poste\Application Data\VMNTOOLBAR
(!) -- Fichiers temporaires supprimés.
Clé supprimée: HKLM\Software\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé supprimée: HKLM\Software\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
Clé supprimée: HKLM\Software\Classes\Interface\{384FE458-A963-450D-9187-EEFF81913FD0}
Clé supprimée: HKLM\Software\Classes\Conduit.Engine
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2542115
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKLM\Software\DataMngr
Clé supprimée: HKLM\Software\SearchquMediabarTb
Clé supprimée: HKCU\Software\Conduit
Clé supprimée: HKCU\Software\DataMngr
Clé supprimée: HKCU\Software\vmntoolbar
Clé supprimée: HKLM\Software\Orbit\OpenCandy
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|DataMngr
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [4.0.1 (fr)] ****
HKLM_MozillaPlugins\Adobe Reader (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=102&systemid=406&q={searchTerms}/)
Components\browsercomps.dll (Mozilla Foundation)
Components\XPBrowsealoudPlugin.dll (Texthelp Systems Ltd)
HKLM_Extensions|searchpredict@speedbit.com - C:\Program Files\SearchPredict\PRFireFox (x)
HKLM_Extensions|{0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\SPFireFox (x)
-- C:\Documents and Settings\Poste\Application Data\Mozilla\FireFox\Profiles\z3h4p5nu.default --
Extensions\anttoolbar@ant.com (Ant Video Downloader)
Extensions\ar@dictionaries.addons.mozilla.org (Arabic spell-checking dictionary)
Extensions\trash (?)
Extensions\{02450954-cdd9-410f-b1da-db804e18c671} (Screengrab)
Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=102&systemid=406&q={searchTerms}/)
Prefs.js - browser.search.defaultenginename, Search Results
Prefs.js - browser.search.selectedEngine, Search Results
Prefs.js - browser.startup.homepage, hxxp://www.google.com
Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1
Prefs.js - keyword.URL, hxxp://dts.search-results.com/sr?src=ffb&appid=102&systemid=406&q=
========================================
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - "Search Results" (hxxp://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&q={searchTerms})
HKLM_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - "Search Results" (hxxp://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&q={searchTerms})
HKCU_Toolbar\WebBrowser|{A057A204-BACC-4D26-8287-79A187E26987} (x)
HKCU_Toolbar\WebBrowser|{C55BBCD6-41AD-48AD-9953-3609C48EACC7} (C:\Program Files\Orbitdownloader\GrabPro.dll)
HKLM_Toolbar|{C55BBCD6-41AD-48AD-9953-3609C48EACC7} (C:\Program Files\Orbitdownloader\GrabPro.dll)
HKLM_Toolbar|{99079a25-328f-4bd4-be04-00955acaa0a7} (x)
HKCU_ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953} - C:\Program Files\SpeedBit Video Downloader\Converter.exe (x)
HKLM_ElevationPolicy\{09B74B5E-2912-48de-9167-D80158E2A379} - C:\Program Files\CA VMN Anti-Spyware\CA_VMN_antispyware.exe (x)
HKLM_ElevationPolicy\{0C5365B7-358F-402d-A440-F1270AEF1175} - C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifier.exe (x)
HKLM_ElevationPolicy\{28A36D69-07EA-44CE-B298-1A8B3E8B6FE1} - C:\Program Files\Skype\Phone\Skype.exe (x)
HKLM_ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2} - C:\Program Files\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
HKLM_ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953} - C:\Program Files\SpeedBit Video Downloader\Converter.exe (x)
HKLM_ElevationPolicy\{C39A83E5-31D7-493F-BB93-40244DDAEBEF} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\dtUser.exe (Visicom Media Inc.)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{000123B4-9B42-4900-B3F7-F4B073EFC214} - "Octh Class" (C:\Program Files\Orbitdownloader\orbitcth.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
========================================
C:\Program Files\Ad-Remover\Quarantine: 255 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 16 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 07/08/2011 16:19:01 (6129 Octet(s))
C:\Ad-Report-SCAN[1].txt - 06/08/2011 22:54:27 (6682 Octet(s))
C:\Ad-Report-SCAN[2].txt - 07/08/2011 15:23:02 (6769 Octet(s))
C:\Ad-Report-SCAN[3].txt - 07/08/2011 16:09:00 (6834 Octet(s))
Fin à: 16:20:31, 07/08/2011
============== E.O.F ==============
lors de redemarrage de mon pc ce message apparut
https://pjjoint.malekal.com/files.php?id=b7a9ea72e9h12g5t13u7s5u8f12r15w9n8h9l13o9e12h6109i1214y8
je vais utilisé le ZhpDiag et poster son rapport dans quelques minute
merci
ranzy2003
Messages postés
8
Date d'inscription
dimanche 7 août 2011
Statut
Membre
Dernière intervention
8 août 2011
7 août 2011 à 19:10
7 août 2011 à 19:10
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ranzy2003
Messages postés
8
Date d'inscription
dimanche 7 août 2011
Statut
Membre
Dernière intervention
8 août 2011
7 août 2011 à 19:43
7 août 2011 à 19:43
hi
jai trouvé windows ilivid toolbar dans la panel des programe
qui ce que je dois faire
merci
jai trouvé windows ilivid toolbar dans la panel des programe
qui ce que je dois faire
merci
NicoVA
Messages postés
1058
Date d'inscription
dimanche 6 décembre 2009
Statut
Contributeur sécurité
Dernière intervention
16 novembre 2011
71
7 août 2011 à 21:16
7 août 2011 à 21:16
Salut
Re-héberge ton rapport zhpdiag stp le lien ne fonctionne pas ;-)
Re-héberge ton rapport zhpdiag stp le lien ne fonctionne pas ;-)
ranzy2003
Messages postés
8
Date d'inscription
dimanche 7 août 2011
Statut
Membre
Dernière intervention
8 août 2011
7 août 2011 à 22:10
7 août 2011 à 22:10
Rapport de ZHPDiag v1.28.1313 par Nicolas Coolman, Update du 05/08/2011
Run by Poste at 07/08/2011 16:48:28
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 4.0.1 v (Defaut)
GCIE: Google Chrome
---\\ Windows Product Information
Windows XP Professional Service Pack 3 (Build 2600)
Windows Automatic Updates : KO
---\\ System Information
~ Processor: x86 Family 15 Model 4 Stepping 1, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 447 MB (44% free)
System Restore: Activé (Enable)
System drive C: has 53 GB (70%) free of 75 GB
---\\ Logged in mode
~ Computer Name: MAISON-9E64A447
~ User Name: Poste
~ All Users Names: SUPPORT_388945a0, Poste, HelpAssistant, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\Poste\Application Data\
~ %Desktop% : C:\Documents and Settings\Poste\Bureau\
~ %Favorites% : C:\Documents and Settings\Poste\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Poste\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Poste\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 53 Go of 75 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ CD-ROM drive (Not Inserted)
F:\ Hard drive, Flash drive, Thumb drive (Free 10 Go of 20 Go)
G:\ Hard drive, Flash drive, Thumb drive (Free 3 Go of 20 Go)
H:\ Hard drive, Flash drive, Thumb drive (Free 26 Go of 35 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : Modified
~ Scan Security Center in 00mn 00s
---\\ Search Generic System Files
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.07/08/2011 - 19:30:00.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.07/08/2011 - 19:30:00.) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.6CE32F7778061CCC5814D5E0F282D369] - (.Microsoft Corporation - Internet Extensions for Win32.) (.07/08/2011 - 05:34:58.) -- C:\WINDOWS\system32\wininet.dll [914944]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.07/08/2011 - 19:30:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.07/08/2011 - 19:30:00.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.07/08/2011 - 19:30:00.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
~ Scan Generic Processes in 00mn 00s
---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 2/3
~ Mes musiques (My Musics) : 44/89
~ Mes Videos (My Videos) : 2/9
~ Mes Favoris (My Favorites) : 7/101
~ Mes Documents (My Documents) : 82/1023
~ Mon Bureau (My Desktop) : 63/518
~ Menu demarrer (Programs) : 0/8
~ Scan Hidden Files in 00mn 12s
---\\ Running Processes
[MD5.D16C826F375A44802BF317982E81A7E2] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [42184]
[MD5.E7CF222185411C6A3E68273C452B3283] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe [3493720]
[MD5.2E5212A0BFB98FE0167C92C76C87AFE3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [249064]
[MD5.0CFBE2D135A73CA98381FC8CC8BC5A03] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160]
[MD5.B114DB354D13A21C1AC2B1807EE2F500] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\program files\real\realplayer\update\realsched.exe [273544]
[MD5.7AF5A466CF4AECA28E3DCBCF5B6FD220] - (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152]
[MD5.6A2FC790CD507336E05B7FAE29D79432] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe [1057280]
[MD5.7DFCCC67990B6DE7F30F553A4E4612A4] - (...) -- C:\Program Files\RocketDock\RocketDock.exe [495616]
[MD5.FD8AA90A78160E4374EE44D892E0DE3A] - (.Panicware, Inc. - Pop-Up Stopper Free Edition.) -- C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe [536576]
[MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232]
[MD5.77114F11B60E3E6CC7811306FB327383] - (.Unknown owner - ADIMON MFC Application.) -- C:\Program Files\Menara\dslmon.exe [966756]
[MD5.F14219FC767F1383526AB423F278A8E3] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [210520]
[MD5.20F6F19FE9E753F2780DC2FA083AD597] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [37664]
[MD5.F832F1505AD8B83474BD9A5B1B985E01] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376]
[MD5.5E06A9D23727DAF96FAA796F1135FDCD] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [322120]
[MD5.2AF094B1CE4725E4551F38FDA2348637] - (.Unknown owner - RichVideo Module.) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe [171040]
[MD5.9033D67B7112D23EDED6789BACDED128] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [820520]
[MD5.FEDDD3579FEE51A9873D856DF3933C68] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [151552]
[MD5.1EEA7DD2F1EA6EFEF380B99A90228D2F] - (.Microsoft Corporation - Microsoft Office Word.) -- C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE [12037688]
[MD5.12FDBDA5759C7A19F57799F91F9F97A4] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [664064]
~ Scan Processes Running in 00mn 03s
---\\ Opera, Plugins,Start,Search (P1,B0,B1)
P1 - OPN:Opera Plugin Navigator . (.Unknown owner - NPOrbit.) -- C:\Program Files\Opera\Program\Plugins\nporbit.dll
~ Scan Opera Browser in 00mn 00s
---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Documents and Settings\Poste\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
~ Scan Google Browser in 00mn 00s
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\Poste\Local Settings\Application Data\Mozilla\Firefox\Profiles\z3h4p5nu.default\prefs.js
M3 - MFPP: Plugins - [Poste] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Poste] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Poste] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Poste] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Poste] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Poste] -- C:\Program Files\Mozilla FireFox\searchplugins\SearchResults.xml
M3 - MFPP: Plugins - [Poste] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Poste] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFFICE.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 12.0.1.647.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.9.615.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX® Web Player.) -- C:\Program Files\DivX\DivX Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=12.0.1.647] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- c:\program files\real\realplayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=12.0.1.647] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- c:\program files\real\realplayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprpchromebrowserrecordext;version=12.0.1.652] - (.RealNetworks, Inc. - RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlu
P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=12.0.1.652] - (.RealNetworks, Inc. - RealPlayer(tm) HTML5VideoShim Plug-In.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videos
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=12.0.1.647] - (.RealNetworks, Inc. - 12.0.1.647.) -- c:\program files\real\realplayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@adobe.com/Acrobat,version=5.1] - (.Adobe Systems Inc. - Adobe Acrobat Plug-In Version 5.10 for Netscape.) -- C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll
~ Scan Firefox Browser in 00mn 01s
---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKUS\S-1-5-21-854245398-412668190-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\WINDOWS\system32\ieframe.dll
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Changed inifile Value, Mapped to Registry (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s
---\\ Hosts file redirection (O1)
~ Scan Hosts File in 00mn 00s
---\\ Browser Helper Objects (O2)
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} . (.Orbitdownloader.com - Orbitcth.) -- C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordP
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Orphean Key
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
~ Scan BHO in 00mn 00s
---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} . (.Unknown owner - Grab Pro.) -- C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} . (...) -- (.not file.)
~ Scan Toolbar in 00mn 00s
---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [KernelFaultCheck] Orphean Key
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\program files\real\realplayer\update\realsched.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [RocketDock] . (...) -- C:\Program Files\RocketDock\RocketDock.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] . (.Panicware, Inc. - Pop-Up Stopper Free Edition.) -- C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [VirtualBrowseAloud] C:\Documents and Settings\Poste\Bureau\Browsealoud.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-854245398-412668190-1606980848-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-854245398-412668190-1606980848-1003\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-21-854245398-412668190-1606980848-1003\..\Run: [RocketDock] . (...) -- C:\Program Files\RocketDock\RocketDock.exe
O4 - HKUS\S-1-5-21-854245398-412668190-1606980848-1003\..\Run: [PopUpStopperFreeEdition] . (.Panicware, Inc. - Pop-Up Stopper Free Edition.) -- C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
O4 - HKUS\S-1-5-21-854245398-412668190-1606980848-1003\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-21-854245398-412668190-1606980848-1003\..\Run: [VirtualBrowseAloud] C:\Documents and Settings\Poste\Bureau\Browsealoud.exe (.not file.)
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] Orphean Key
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] Orphean Key
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] Orphean Key
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] Orphean Key
~ Scan Application in 00mn 00s
---\\ Other User Links (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Acrobat Reader 5.1.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Enregistrement OCR I.R.I.S..lnk . (.I.R.I.S. SA.) -- C:\Program Files\HP\Digital Imaging\DocProc\regipe.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Inkscape.lnk . (.inkscape.org.) -- C:\Program Files\Inkscape\inkscape.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Prism Video File Converter.lnk . (.NCH Software.) -- C:\Program Files\NCH Software\Prism\prism.exe
~ Scan Global Startup in 00mn 01s
---\\ Extra items in the IE right-click menu (O8)
O8 - Extra context menu item: &Download by Orbit . (.Orbitdownloader.com - Orbitmxt.) -- C:\Program Files\Orbitdownloader\orbitmxt.dll
O8 - Extra context menu item: &Grab video by Orbit . (.Orbitdownloader.com - Orbitmxt.) -- C:\Program Files\Orbitdownloader\orbitmxt.dll
O8 - Extra context menu item: Do&wnload selected by Orbit . (.Orbitdownloader.com - Orbitmxt.) -- C:\Program Files\Orbitdownloader\orbitmxt.dll
O8 - Extra context menu item: Down&load all by Orbit . (.Orbitdownloader.com - Orbitmxt.) -- C:\Program Files\Orbitdownloader\orbitmxt.dll
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.exe
~ Scan IE Menu Contextuel in 00mn 00s
---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Skype Plug-In - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~3\OFFICE11\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\PROGRA~1\MICROS~3\OFFICE11\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s
---\\ Internet Explorer Plugins (O12)
O12 - Plugin for .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
~ Scan IE Extra Buttons in 00mn 00s
---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Scan Objets ActiveX in 00mn 00s
---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{98140B30-3B74-44D3-8952-03952015AEA4}: NameServer = 62.251.229.241 62.251.229.237
O17 - HKLM\System\CS1\Services\Tcpip\..\{98140B30-3B74-44D3-8952-03952015AEA4}: NameServer = 62.251.229.241 62.251.229.237
O17 - HKLM\System\CS2\Services\Tcpip\..\{98140B30-3B74-44D3-8952-03952015AEA4}: NameServer = 62.251.229.241 62.251.229.237
~ Scan Domain in 00mn 00s
---\\ Extra protocols (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} . (.Microsoft Corporation - Microsoft Office XP Web Components.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 01s
---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn 00s
---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
~ Scan SSODL in 00mn 00s
---\\ SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s
---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Unknown owner - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
~ Scan Services in 00mn 01s
---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe
~ Scan Desktop Component in 00mn 00s
---\\ Task Planned Automatically(039)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\prismShakeIcon.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-854245398-412668190-1606980848-1003.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-854245398-412668190-1606980848-1003.job
[MD5.00000000000000000000000000000000] [APT] [AppleSoftwareUpdate] (...) -- C:\Program âiles\Apple Soâtware Update\SoâtwareUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [prismShakeIcon] (...) -- C:\Program âiles\NCH Soâtware\Prism\prism.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [RealUpgradeLogonTaskS-1-5-21-854245398-412668190-1606980848-1003] (...) -- C:\Program âiles\Real\RealUpgrade\realupgrade.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [RealUpgradeScheduledTaskS-1-5-21-854245398-412668190-1606980848-1003] (...) -- C:\Program âiles\Real\RealUpgrade\realupgrade.exe (.not file.)
~ Scan Scheduled Task in 00mn 01s
---\\ Drivers launched at startup (O41)
O41 - Driver: (05116991) . (.Kaspersky Lab - Kaspersky Unified Driver.) - C:\WINDOWS\system32\DRIVERS\05116991.sys
O41 - Driver: (05891031) . (.Kaspersky Lab - Kaspersky Unified Driver.) - C:\WINDOWS\system32\DRIVERS\05891031.sys
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: setup_9.0.0.722_09.11.2010_14-11drv (setup_9.0.0.722_09.11.2010_14-11drv) . (.Kaspersky Lab - Klif Mini-Filter [fre_wnet_x86].) - C:\WINDOWS\system32\DRIVERS\0511699.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: (klif) . (. - .) - C:\WINDOWS\system32\drivers\klif.sys (.not file.)
~ Scan Drivers in 00mn 04s
---\\ Software installed (O42)
O42 - Logiciel: Adobe Acrobat 5.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Acrobat 5.0
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Applian FLV Player - (.Applian Technologies Inc..) [HKLM] -- Applian FLV Player2.0.24
O42 - Logiciel: Ares 2.1.1 - (.Ares Development Group.) [HKLM] -- Ares
O42 - Logiciel: CutePDF Writer 2.8 - (.Unknown owner.) [HKLM] -- CutePDF Writer Installation
O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2}
O42 - Logiciel: DivX Player - (.DivXNetworks, Inc..) [HKLM] -- {8ADFC4160D694100B5B8A22DE9DCABD9}
O42 - Logiciel: DivX Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29}
O42 - Logiciel: Efficient WMA MP3 Converter v0.99.7 - (.Unknown owner.) [HKLM] -- Efficient WMA MP3 Converter_is1
O42 - Logiciel: HP Customer Participation Program 9.0 - (.HP.) [HKLM] -- HPExtendedCapabilities
O42 - Logiciel: HP Imaging Device Functions 9.0 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP OCR Software 9.0 - (.HP.) [HKLM] -- HPOCR
O42 - Logiciel: HP Photosmart All-In-One Software 9.0 - (.HP.) [HKLM] -- {B22C19AE-6A67-4f28-B541-5AE72FB17A25}
O42 - Logiciel: HP Photosmart Essential 2.01 - (.HP.) [HKLM] -- HP Photosmart Essential
O42 - Logiciel: HP Solution Center 9.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Kit de Connexion MENARA - (.Unknown owner.) [HKLM] -- {AB25E068-C7A2-482F-A3BC-588A5869844D}
O42 - Logiciel: Kodak One-Touch Printing Solution SDK - (.Unknown owner.) [HKLM] -- Kodak One-Touch Printing Solution SDK
O42 - Logiciel: Lecteur Windows Media 11 - (.Unknown owner.) [HKLM] -- Windows Media Player
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Unknown owner.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 2.0 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 2.0
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000
O42 - Logiciel: Module d'enregistrement 1.5.1.2 - (.YDP SA.) [HKLM] -- FlashComponents
O42 - Logiciel: Mozilla Firefox 4.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0.1 (x86 fr)
O42 - Logiciel: Nero OEM - (.Unknown owner.) [HKLM] -- Nero - Burning Rom!UninstallKey
O42 - Logiciel: Off Road Arena - (.Unknown owner.) [HKLM] -- Off Road Arena_is1
O42 - Logiciel: Orbit Downloader - (.www.orbitdownloader.com.) [HKLM] -- Orbit_is1
O42 - Logiciel: PhotoFiltre - (.Unknown owner.) [HKCU] -- PhotoFiltre
O42 - Logiciel: Pop-Up Stopper Free Edition - (.Panicware, Inc..) [HKLM] -- Pop-Up Stopper Free Edition
O42 - Logiciel: PowerDVD - (.CyberLink.) [HKLM] -- InstallShield_{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
O42 - Logiciel: Prism Video File Converter - (.NCH Software.) [HKLM] -- Prism
O42 - Logiciel: QuickTime for Windows (32-bit) - (.Unknown owner.) [HKLM] -- QuickTime32
O42 - Logiciel: Real Alternative 1.9.0 - (.Unknown owner.) [HKLM] -- RealAlt_is1
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0
O42 - Logiciel: Realtek AC'97 Audio - (.Unknown owner.) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}
O42 - Logiciel: Replay Media Catcher 4 (4.2.8) - (.Applian Technologies.) [HKLM] -- Replay Media Catcher 4
O42 - Logiciel: RocketDock 1.3.5 - (.Punk Software.) [HKLM] -- RocketDock_is1
O42 - Logiciel: SWF Opener - (.UnH Solutions.) [HKLM] -- {01386D1F-ADE7-43B4-A4E9-312FC5BC726F}_is1
O42 - Logiciel: Sog Video Converter Platium 5.0 - (.FreetimeSoft, Inc..) [HKLM] -- Sog Video Converter Platium_is1
O42 - Logiciel: Sony Vegas Pro 10.0 - (.Unknown owner.) [HKLM] -- Sony Vegas Pro 10.0
O42 - Logiciel: SuperCopier2 - (.Unknown owner.) [HKLM] -- SuperCopier2
O42 - Logiciel: VSO Image Resizer 4.0.2.5 - (.VSO-Software.) [HKLM] -- {8969CD6F-5B75-40B9-8701-86ECA4C1F263}_is1
O42 - Logiciel: WinASO Registry Optimizer 3.2 - (.X.M.Y International LLC.) [HKLM] -- WinASO Registry Optimizer 3.2_is1
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows Media Format 11 runtime - (.Unknown owner.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11
O42 - Logiciel: Windows iLivid Toolbar - (.Bandoo Media, Inc.) [HKLM] -- Searchqu 406 MediaBar
O42 - Logiciel: YDP Speech Recognition Support 4.0.001 - (.YDP.) [HKLM] -- YDP Speech Recognition Support
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: ffdshow [rev 2975] [2009-05-28] - (.Unknown owner.) [HKLM] -- ffdshow_is1
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\AVAST Software]
[HKCU\Software\Acro Software Inc]
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\RealNetworks]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Ares]
[HKCU\Software\Binary Noise]
[HKCU\Software\CDDB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Cyberlink]
[HKCU\Software\DataMngr_Toolbar]
[HKCU\Software\DeskShare]
[HKCU\Software\DirectShow]
[HKCU\Software\DivXNetworks]
[HKCU\Software\Electronic Arts]
[HKCU\Software\FileServe]
[HKCU\Software\FreeDownloadManager.ORG]
[HKCU\Software\GNU]
[HKCU\Software\Gik]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\InterTrust]
[HKCU\Software\JavaSoft]
[HKCU\Software\KasperskyLab]
[HKCU\Software\Kastor]
[HKCU\Software\Lake]
[HKCU\Software\LitexMedia]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NCH Software]
[HKCU\Software\NCH Swift Sound]
[HKCU\Software\Netscape]
[HKCU\Software\Nuclear Coffee]
[HKCU\Software\ODBC]
[HKCU\Software\Opera Software]
[HKCU\Software\Orbit]
[HKCU\Software\Panicware]
[HKCU\Software\Policies]
[HKCU\Software\ProgSense]
[HKCU\Software\RealNetworks]
[HKCU\Software\RocketDock]
[HKCU\Software\SBCONVERT]
[HKCU\Software\SFX TEAM]
[HKCU\Software\Screenshot Studio for Firefox]
[HKCU\Software\Skype]
[HKCU\Software\SoftVTU]
[HKCU\Software\Softonic]
[HKCU\Software\Softonic_France]
[HKCU\Software\Sony Creative Software]
[HKCU\Software\SpeedBit]
[HKCU\Software\SynergeticSoft]
[HKCU\Software\Tennyson Maxwell]
[HKCU\Software\UnH Solutions]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VSO]
[HKCU\Software\VicMan Software]
[HKCU\Software\WMA-MP3-Converter.org]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Xenocode]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\dskMetrics]
[HKCU\Software\eSellerate]
[HKLM\Software\1043]
[HKLM\Software\1516]
[HKLM\Software\58f]
[HKLM\Software\781]
[HKLM\Software\ALWIL Software]
[HKLM\Software\AVAST Software]
[HKLM\Software\AVConverter]
[HKLM\Software\Acro Software Inc]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\Analog Devices]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Apple]
[HKLM\Software\Applian Technologies]
[HKLM\Software\Applian]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Common Toolkit Suite]
[HKLM\Software\CyberLink]
[HKLM\Software\DeskShare]
[HKLM\Software\DivXNetworks]
[HKLM\Software\EA SPORTS]
[HKLM\Software\FileServe]
[HKLM\Software\FireShot for IE]
[HKLM\Software\FreeDownloadManager.ORG]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\GPL Ghostscript]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\ICE]
[HKLM\Software\IE5Tools]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Kodak]
[HKLM\Software\Lake]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Menara]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NCH Software]
[HKLM\Software\NCH Swift Sound]
[HKLM\Software\Netscape]
[HKLM\Software\Nuclear Coffee]
[HKLM\Software\ODBC]
[HKLM\Software\Opera Software]
[HKLM\Software\Orbit]
[HKLM\Software\Panicware]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Rabbit]
[HKLM\Software\RealAlternative]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek]
[HKLM\Software\ReflexiveArcade]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\S3]
[HKLM\Software\ScanSoft]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Skype]
[HKLM\Software\SogVideoConverterPlatinum]
[HKLM\Software\Sony Creative Software]
[HKLM\Software\SpeedBit]
[HKLM\Software\SynergeticSoft]
[HKLM\Software\TechCity]
[HKLM\Software\Texthelp Systems]
[HKLM\Software\The Silicon Realms Toolworks]
[HKLM\Software\TrendMicro]
[HKLM\Software\VSO]
[HKLM\Software\VicMan Software]
[HKLM\Software\Visicom Media]
[HKLM\Software\WinASO]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Windows]
[HKLM\Software\Wise Solutions]
[HKLM\Software\XenoBrowsealoud]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\eSellerate]
[HKLM\Software\ffffffff]
[HKLM\Software\magnet]
[HKLM\Software\mozilla.org]
[HKLM\Software\sagem]
~ Scan Softwares in 00mn 02s
---\\ Contents of the Common Files folders (O43)
O43 - CFD: 07/08/2011 - 16:46:52 - [4002672] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 07/01/2011 - 13:48:56 - [299586] ----D- C:\Program Files\Acro Software
O43 - CFD: 06/08/2011 - 22:54:16 - [75045022] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 22/05/2011 - 19:36:06 - [132415232] ----D- C:\Program Files\Adobe
O43 - CFD: 05/11/2010 - 13:59:20 - [75185519] ----D- C:\Program Files\Ahead
O43 - CFD: 01/12/2010 - 17:05:02 - [158447472] ----D- C:\Program Files\Alwil Software
O43 - CFD: 14/04/2011 - 23:30:36 - [2306366] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 30/06/2011 - 18:06:36 - [30808780] ----D- C:\Program Files\Applian Technologies
O43 - CFD: 11/11/2010 - 20:16:12 - [4243850] ----D- C:\Program Files\Ares
O43 - CFD: 01/02/2011 - 18:09:26 - [549769] ----D- C:\Program Files\Asymetrix
O43 - CFD: 28/02/2011 - 22:10:22 - [0] ----D- C:\Program Files\Biography Software
O43 - CFD: 14/04/2011 - 23:28:54 - [616871] ----D- C:\Program Files\Bonjour
O43 - CFD: 22/05/2011 - 19:35:58 - [0] ----D- C:\Program Files\Common Files
O43 - CFD: 05/11/2010 - 13:16:26 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 05/11/2010 - 14:00:56 - [94739755] ----D- C:\Program Files\CyberLink
O43 - CFD: 05/11/2010 - 13:46:54 - [17393776] ----D- C:\Program Files\DivX
O43 - CFD: 08/12/2010 - 16:23:48 - [24652710] ----D- C:\Program Files\Efficient WMA MP3 Converter
O43 - CFD: 30/06/2011 - 00:40:44 - [613103112] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 10/07/2011 - 16:18:50 - [937] ----D- C:\Program Files\FileServe Manager
O43 - CFD: 04/02/2011 - 15:59:30 - [0] ----D- C:\Program Files\FireShot for IE
O43 - CFD: 05/11/2010 - 14:11:16 - [2061054] ----D- C:\Program Files\FLV Player
O43 - CFD: 02/12/2010 - 13:03:38 - [0] ----D- C:\Program Files\Google
O43 - CFD: 07/01/2011 - 13:58:10 - [8075602] ----D- C:\Program Files\GPLGS
O43 - CFD: 02/07/2011 - 21:52:08 - [0] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 02/07/2011 - 21:55:18 - [202963034] ----D- C:\Program Files\HP
O43 - CFD: 15/01/2011 - 19:57:26 - [165051150] ----D- C:\Program Files\Inkscape
O43 - CFD: 28/02/2011 - 22:10:24 - [9372718] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 31/12/2010 - 13:25:52 - [5887592] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 14/04/2011 - 23:32:20 - [1856627] ----D- C:\Program Files\iPod
O43 - CFD: 14/04/2011 - 23:34:44 - [127660511] ----D- C:\Program Files\iTunes
O43 - CFD: 20/02/2011 - 21:27:34 - [89389607] ----D- C:\Program Files\Java
O43 - CFD: 05/11/2010 - 13:27:30 - [218376] ----D- C:\Program Files\Kaspersky Lab
O43 - CFD: 06/08/2011 - 22:26:46 - [6953472] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 05/11/2010 - 22:36:20 - [6085573] ----D- C:\Program Files\Menara
O43 - CFD: 05/11/2010 - 13:16:06 - [2174045] ----D- C:\Program Files\Messenger
O43 - CFD: 05/11/2010 - 13:49:50 - [226432] ----D- C:\Program Files\Microsoft
O43 - CFD: 05/11/2010 - 13:20:38 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 05/11/2010 - 15:14:00 - [389528261] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 05/11/2010 - 14:22:04 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 05/11/2010 - 14:22:20 - [4368271] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 05/11/2010 - 14:23:10 - [184320] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 05/11/2010 - 13:17:48 - [10374874] ----D- C:\Program Files\Movie Maker
O43 - CFD: 07/08/2011 - 01:15:08 - [35529702] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 05/11/2010 - 15:13:22 - [29643597] ----D- C:\Program Files\MSECache
O43 - CFD: 05/11/2010 - 13:15:30 - [19278399] ----D- C:\Program Files\MSN
O43 - CFD: 05/11/2010 - 13:16:02 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 21/07/2011 - 21:51:04 - [15695860] ----D- C:\Program Files\NCH Software
O43 - CFD: 05/11/2010 - 13:18:00 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 15/03/2011 - 18:01:36 - [0] ----D- C:\Program Files\NirSoft
O43 - CFD: 11/11/2010 - 19:46:08 - [144129860] ----D- C:\Program Files\Off Road Arena
O43 - CFD: 05/11/2010 - 13:16:12 - [1804] ----D- C:\Program Files\Online Services
O43 - CFD: 13/05/2011 - 17:10:34 - [69861] ----D- C:\Program Files\Opera
O43 - CFD: 05/07/2011 - 15:38:54 - [14456974] ----D- C:\Program Files\Orbitdownloader
O43 - CFD: 05/11/2010 - 13:17:58 - [4379833] ----D- C:\Program Files\Outlook Express
O43 - CFD: 28/11/2010 - 13:45:16 - [1128273] ----D- C:\Program Files\Panicware
O43 - CFD: 31/05/2011 - 17:01:34 - [159] ----D- C:\Program Files\Participatory Culture Foundation
O43 - CFD: 18/04/2011 - 23:13:18 - [3769063] ----D- C:\Program Files\PhotoFiltre
O43 - CFD: 04/02/2011 - 15:57:58 - [76322555] ----D- C:\Program Files\QuickTime
O43 - CFD: 07/01/2011 - 19:32:56 - [96530286] ----D- C:\Program Files\Real
O43 - CFD: 11/11/2010 - 19:44:36 - [20077] ----D- C:\Program Files\ReflexiveArcade
O43 - CFD: 05/11/2010 - 15:08:48 - [11615272] ----D- C:\Program Files\RocketDock
O43 - CFD: 05/11/2010 - 13:18:32 - [1025] ----D- C:\Program Files\Services en ligne
O43 - CFD: 28/02/2011 - 23:09:12 - [9148140] R---D- C:\Program Files\Skype
O43 - CFD: 18/03/2011 - 21:30:10 - [22178963] ----D- C:\Program Files\Sog_Video_Converter_Platium
O43 - CFD: 30/12/2010 - 22:36:32 - [394509273] ----D- C:\Program Files\Sony
O43 - CFD: 05/11/2010 - 14:14:28 - [1209395] ----D- C:\Program Files\SuperCopier2
O43 - CFD: 20/01/2011 - 23:36:16 - [1567877] ----D- C:\Program Files\UnH Solutions
O43 - CFD: 05/11/2010 - 13:25:22 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 27/03/2011 - 00:02:38 - [898761] ----D- C:\Program Files\VideoLAN
O43 - CFD: 09/11/2010 - 13:39:12 - [10935992] ----D- C:\Program Files\WinASO
O43 - CFD: 03/08/2011 - 00:47:08 - [8489081] ----D- C:\Program Files\Windows iLivid Toolbar
O43 - CFD: 05/11/2010 - 13:49:44 - [45806173] ----D- C:\Program Files\Windows Live
O43 - CFD: 05/11/2010 - 13:49:32 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 05/11/2010 - 14:07:26 - [3581070] ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 05/11/2010 - 14:07:22 - [8278281] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 05/11/2010 - 13:15:52 - [3939071] ----D- C:\Program Files\Windows NT
O43 - CFD: 05/11/2010 - 13:18:38 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 13/11/2010 - 14:41:08 - [3975376] ----D- C:\Program Files\WinRAR
O43 - CFD: 22/05/2011 - 19:35:58 - [0] ----D- C:\Program Files\Xenocode
O43 - CFD: 05/11/2010 - 13:20:38 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 03/07/2011 - 15:42:28 - [3820744] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 05/11/2010 - 13:59:18 - [26515903] ----D- C:\Program Files\Fichiers Communs\Ahead
O43 - CFD: 14/04/2011 - 23:32:12 - [91350844] ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD: 05/11/2010 - 14:22:24 - [86016] ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD: 07/12/2010 - 20:21:18 - [457237] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard
O43 - CFD: 07/12/2010 - 20:22:10 - [4999856] ----D- C:\Program Files\Fichiers Communs\HP
O43 - CFD: 05/11/2010 - 22:05:30 - [1368053] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 20/02/2011 - 21:28:22 - [1247175] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 31/01/2011 - 15:00:42 - [294973072] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 05/11/2010 - 13:17:56 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 05/11/2010 - 13:06:54 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 07/01/2011 - 19:31:06 - [0] ----D- C:\Program Files\Fichiers Communs\Real
O43 - CFD: 05/11/2010 - 13:18:00 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 05/11/2010 - 13:06:52 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 05/11/2010 - 14:21:52 - [20467751] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 05/11/2010 - 13:48:02 - [144764947] ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD: 07/01/2011 - 19:32:50 - [352256] ----D- C:\Program Files\Fichiers Communs\xing shared
O43 - CFD: 27/05/2011 - 21:42:58 - [18619763] ----D- C:\Program Files\Fichiers Communs\YDP
O43 - CFD: 15/04/2011 - 18:00:06 - [5213152] ----D- C:\Documents and Settings\Poste\Application Data\Adobe
O43 - CFD: 17/01/2011 - 20:14:14 - [88] ----D- C:\Documents and Settings\Poste\Application Data\AdobeUM
O43 - CFD: 14/04/2011 - 23:58:26 - [6788689] ----D- C:\Documents and Settings\Poste\Application Data\Apple Computer
O43 - CFD: 11/11/2010 - 18:51:34 - [0] ----D- C:\Documents and Settings\Poste\Application Data\Boost Windows
O43 - CFD: 12/11/2010 - 23:22:36 - [3850] ----D- C:\Documents and Settings\Poste\Application Data\DivX
O43 - CFD: 18/11/2010 - 23:04:54 - [0] ----D- C:\Documents and Settings\Poste\Application Data\EmailNotifier
O43 - CFD: 01/07/2011 - 21:48:00 - [204] ----D- C:\Documents and Settings\Poste\Application Data\FreeVideoCatcher
O43 - CFD: 14/05/2011 - 19:27:36 - [201] ----D- C:\Documents and Settings\Poste\Application Data\GrabPro
O43 - CFD: 18/11/2010 - 23:15:40 - [0] ----D- C:\Documents and Settings\Poste\Application Data\Help
O43 - CFD: 07/07/2011 - 17:01:50 - [47756] ----D- C:\Documents and Settings\Poste\Application Data\HP
O43 - CFD: 08/04/2011 - 21:22:32 - [627] ----D- C:\Documents and Settings\Poste\Application Data\HpUpdate
O43 - CFD: 05/11/2010 - 13:25:24 - [0] ----D- C:\Documents and Settings\Poste\Application Data\Identities
O43 - CFD: 15/01/2011 - 19:57:56 - [31651] ----D- C:\Documents and Settings\Poste\Application Data\inkscape
O43 - CFD: 01/02/2011 - 17:54:00 - [0] ----D- C:\Documents and Settings\Poste\Application Data\InterTrust
O43 - CFD: 03/07/2011 - 15:48:24 - [203] ----D- C:\Documents and Settings\Poste\Application Data\KastorFreeVideoCatcher
O43 - CFD: 09/11/2010 - 14:11:10 - [2828427] ----D- C:\Documents and Settings\Poste\Application Data\Macromedia
O43 - CFD: 09/11/2010 - 14:21:04 - [161991] ----D- C:\Documents and Settings\Poste\Application Data\Malwarebytes
O43 - CFD: 15/04/2011 - 18:00:06 - [4638606] -S--D- C:\Documents and Settings\Poste\Application Data\Microsoft
O43 - CFD: 09/11/2010 - 14:09:58 - [124874784] ----D- C:\Documents and Settings\Poste\Application Data\Mozilla
O43 - CFD: 24/05/2011 - 20:01:36 - [29004] ----D- C:\Documents and Settings\Poste\Application Data\NCH Software
O43 - CFD: 13/05/2011 - 17:10:08 - [0] ----D- C:\Documents and Settings\Poste\Application Data\Opera
O43 - CFD: 07/08/2011 - 16:38:06 - [5162240] ----D- C:\Documents and Settings\Poste\Application Data\Orbit
O43 - CFD: 31/05/2011 - 17:03:02 - [5973017] ----D- C:\Documents and Settings\Poste\Application Data\Participatory Culture Foundation
O43 - CFD: 31/05/2011 - 17:13:36 - [419817] ----D- C:\Documents and Settings\Poste\Application Data\PCF-VLC
O43 - CFD: 11/11/2010 - 19:41:14 - [986] ----D- C:\Documents and Settings\Poste\Applicatio
Run by Poste at 07/08/2011 16:48:28
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 4.0.1 v (Defaut)
GCIE: Google Chrome
---\\ Windows Product Information
Windows XP Professional Service Pack 3 (Build 2600)
Windows Automatic Updates : KO
---\\ System Information
~ Processor: x86 Family 15 Model 4 Stepping 1, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 447 MB (44% free)
System Restore: Activé (Enable)
System drive C: has 53 GB (70%) free of 75 GB
---\\ Logged in mode
~ Computer Name: MAISON-9E64A447
~ User Name: Poste
~ All Users Names: SUPPORT_388945a0, Poste, HelpAssistant, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\Poste\Application Data\
~ %Desktop% : C:\Documents and Settings\Poste\Bureau\
~ %Favorites% : C:\Documents and Settings\Poste\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Poste\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Poste\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 53 Go of 75 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ CD-ROM drive (Not Inserted)
F:\ Hard drive, Flash drive, Thumb drive (Free 10 Go of 20 Go)
G:\ Hard drive, Flash drive, Thumb drive (Free 3 Go of 20 Go)
H:\ Hard drive, Flash drive, Thumb drive (Free 26 Go of 35 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : Modified
~ Scan Security Center in 00mn 00s
---\\ Search Generic System Files
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.07/08/2011 - 19:30:00.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.07/08/2011 - 19:30:00.) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.6CE32F7778061CCC5814D5E0F282D369] - (.Microsoft Corporation - Internet Extensions for Win32.) (.07/08/2011 - 05:34:58.) -- C:\WINDOWS\system32\wininet.dll [914944]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.07/08/2011 - 19:30:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.07/08/2011 - 19:30:00.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.07/08/2011 - 19:30:00.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
~ Scan Generic Processes in 00mn 00s
---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 2/3
~ Mes musiques (My Musics) : 44/89
~ Mes Videos (My Videos) : 2/9
~ Mes Favoris (My Favorites) : 7/101
~ Mes Documents (My Documents) : 82/1023
~ Mon Bureau (My Desktop) : 63/518
~ Menu demarrer (Programs) : 0/8
~ Scan Hidden Files in 00mn 12s
---\\ Running Processes
[MD5.D16C826F375A44802BF317982E81A7E2] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [42184]
[MD5.E7CF222185411C6A3E68273C452B3283] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe [3493720]
[MD5.2E5212A0BFB98FE0167C92C76C87AFE3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [249064]
[MD5.0CFBE2D135A73CA98381FC8CC8BC5A03] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160]
[MD5.B114DB354D13A21C1AC2B1807EE2F500] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\program files\real\realplayer\update\realsched.exe [273544]
[MD5.7AF5A466CF4AECA28E3DCBCF5B6FD220] - (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152]
[MD5.6A2FC790CD507336E05B7FAE29D79432] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe [1057280]
[MD5.7DFCCC67990B6DE7F30F553A4E4612A4] - (...) -- C:\Program Files\RocketDock\RocketDock.exe [495616]
[MD5.FD8AA90A78160E4374EE44D892E0DE3A] - (.Panicware, Inc. - Pop-Up Stopper Free Edition.) -- C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe [536576]
[MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232]
[MD5.77114F11B60E3E6CC7811306FB327383] - (.Unknown owner - ADIMON MFC Application.) -- C:\Program Files\Menara\dslmon.exe [966756]
[MD5.F14219FC767F1383526AB423F278A8E3] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [210520]
[MD5.20F6F19FE9E753F2780DC2FA083AD597] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [37664]
[MD5.F832F1505AD8B83474BD9A5B1B985E01] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376]
[MD5.5E06A9D23727DAF96FAA796F1135FDCD] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [322120]
[MD5.2AF094B1CE4725E4551F38FDA2348637] - (.Unknown owner - RichVideo Module.) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe [171040]
[MD5.9033D67B7112D23EDED6789BACDED128] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [820520]
[MD5.FEDDD3579FEE51A9873D856DF3933C68] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [151552]
[MD5.1EEA7DD2F1EA6EFEF380B99A90228D2F] - (.Microsoft Corporation - Microsoft Office Word.) -- C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE [12037688]
[MD5.12FDBDA5759C7A19F57799F91F9F97A4] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [664064]
~ Scan Processes Running in 00mn 03s
---\\ Opera, Plugins,Start,Search (P1,B0,B1)
P1 - OPN:Opera Plugin Navigator . (.Unknown owner - NPOrbit.) -- C:\Program Files\Opera\Program\Plugins\nporbit.dll
~ Scan Opera Browser in 00mn 00s
---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Documents and Settings\Poste\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
~ Scan Google Browser in 00mn 00s
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\Poste\Local Settings\Application Data\Mozilla\Firefox\Profiles\z3h4p5nu.default\prefs.js
M3 - MFPP: Plugins - [Poste] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Poste] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Poste] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Poste] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Poste] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Poste] -- C:\Program Files\Mozilla FireFox\searchplugins\SearchResults.xml
M3 - MFPP: Plugins - [Poste] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Poste] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFFICE.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 12.0.1.647.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.9.615.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX® Web Player.) -- C:\Program Files\DivX\DivX Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=12.0.1.647] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- c:\program files\real\realplayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=12.0.1.647] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- c:\program files\real\realplayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprpchromebrowserrecordext;version=12.0.1.652] - (.RealNetworks, Inc. - RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlu
P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=12.0.1.652] - (.RealNetworks, Inc. - RealPlayer(tm) HTML5VideoShim Plug-In.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videos
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=12.0.1.647] - (.RealNetworks, Inc. - 12.0.1.647.) -- c:\program files\real\realplayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@adobe.com/Acrobat,version=5.1] - (.Adobe Systems Inc. - Adobe Acrobat Plug-In Version 5.10 for Netscape.) -- C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll
~ Scan Firefox Browser in 00mn 01s
---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKUS\S-1-5-21-854245398-412668190-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\WINDOWS\system32\ieframe.dll
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Changed inifile Value, Mapped to Registry (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s
---\\ Hosts file redirection (O1)
~ Scan Hosts File in 00mn 00s
---\\ Browser Helper Objects (O2)
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} . (.Orbitdownloader.com - Orbitcth.) -- C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordP
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Orphean Key
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
~ Scan BHO in 00mn 00s
---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} . (.Unknown owner - Grab Pro.) -- C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} . (...) -- (.not file.)
~ Scan Toolbar in 00mn 00s
---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [KernelFaultCheck] Orphean Key
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\program files\real\realplayer\update\realsched.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [RocketDock] . (...) -- C:\Program Files\RocketDock\RocketDock.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] . (.Panicware, Inc. - Pop-Up Stopper Free Edition.) -- C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [VirtualBrowseAloud] C:\Documents and Settings\Poste\Bureau\Browsealoud.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-854245398-412668190-1606980848-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-854245398-412668190-1606980848-1003\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-21-854245398-412668190-1606980848-1003\..\Run: [RocketDock] . (...) -- C:\Program Files\RocketDock\RocketDock.exe
O4 - HKUS\S-1-5-21-854245398-412668190-1606980848-1003\..\Run: [PopUpStopperFreeEdition] . (.Panicware, Inc. - Pop-Up Stopper Free Edition.) -- C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
O4 - HKUS\S-1-5-21-854245398-412668190-1606980848-1003\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-21-854245398-412668190-1606980848-1003\..\Run: [VirtualBrowseAloud] C:\Documents and Settings\Poste\Bureau\Browsealoud.exe (.not file.)
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] Orphean Key
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] Orphean Key
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] Orphean Key
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] Orphean Key
~ Scan Application in 00mn 00s
---\\ Other User Links (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Acrobat Reader 5.1.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Enregistrement OCR I.R.I.S..lnk . (.I.R.I.S. SA.) -- C:\Program Files\HP\Digital Imaging\DocProc\regipe.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Inkscape.lnk . (.inkscape.org.) -- C:\Program Files\Inkscape\inkscape.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Prism Video File Converter.lnk . (.NCH Software.) -- C:\Program Files\NCH Software\Prism\prism.exe
~ Scan Global Startup in 00mn 01s
---\\ Extra items in the IE right-click menu (O8)
O8 - Extra context menu item: &Download by Orbit . (.Orbitdownloader.com - Orbitmxt.) -- C:\Program Files\Orbitdownloader\orbitmxt.dll
O8 - Extra context menu item: &Grab video by Orbit . (.Orbitdownloader.com - Orbitmxt.) -- C:\Program Files\Orbitdownloader\orbitmxt.dll
O8 - Extra context menu item: Do&wnload selected by Orbit . (.Orbitdownloader.com - Orbitmxt.) -- C:\Program Files\Orbitdownloader\orbitmxt.dll
O8 - Extra context menu item: Down&load all by Orbit . (.Orbitdownloader.com - Orbitmxt.) -- C:\Program Files\Orbitdownloader\orbitmxt.dll
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.exe
~ Scan IE Menu Contextuel in 00mn 00s
---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Skype Plug-In - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~3\OFFICE11\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\PROGRA~1\MICROS~3\OFFICE11\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s
---\\ Internet Explorer Plugins (O12)
O12 - Plugin for .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
~ Scan IE Extra Buttons in 00mn 00s
---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Scan Objets ActiveX in 00mn 00s
---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{98140B30-3B74-44D3-8952-03952015AEA4}: NameServer = 62.251.229.241 62.251.229.237
O17 - HKLM\System\CS1\Services\Tcpip\..\{98140B30-3B74-44D3-8952-03952015AEA4}: NameServer = 62.251.229.241 62.251.229.237
O17 - HKLM\System\CS2\Services\Tcpip\..\{98140B30-3B74-44D3-8952-03952015AEA4}: NameServer = 62.251.229.241 62.251.229.237
~ Scan Domain in 00mn 00s
---\\ Extra protocols (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} . (.Microsoft Corporation - Microsoft Office XP Web Components.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 01s
---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn 00s
---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
~ Scan SSODL in 00mn 00s
---\\ SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s
---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Unknown owner - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
~ Scan Services in 00mn 01s
---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe
~ Scan Desktop Component in 00mn 00s
---\\ Task Planned Automatically(039)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\prismShakeIcon.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-854245398-412668190-1606980848-1003.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-854245398-412668190-1606980848-1003.job
[MD5.00000000000000000000000000000000] [APT] [AppleSoftwareUpdate] (...) -- C:\Program âiles\Apple Soâtware Update\SoâtwareUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [prismShakeIcon] (...) -- C:\Program âiles\NCH Soâtware\Prism\prism.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [RealUpgradeLogonTaskS-1-5-21-854245398-412668190-1606980848-1003] (...) -- C:\Program âiles\Real\RealUpgrade\realupgrade.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [RealUpgradeScheduledTaskS-1-5-21-854245398-412668190-1606980848-1003] (...) -- C:\Program âiles\Real\RealUpgrade\realupgrade.exe (.not file.)
~ Scan Scheduled Task in 00mn 01s
---\\ Drivers launched at startup (O41)
O41 - Driver: (05116991) . (.Kaspersky Lab - Kaspersky Unified Driver.) - C:\WINDOWS\system32\DRIVERS\05116991.sys
O41 - Driver: (05891031) . (.Kaspersky Lab - Kaspersky Unified Driver.) - C:\WINDOWS\system32\DRIVERS\05891031.sys
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: setup_9.0.0.722_09.11.2010_14-11drv (setup_9.0.0.722_09.11.2010_14-11drv) . (.Kaspersky Lab - Klif Mini-Filter [fre_wnet_x86].) - C:\WINDOWS\system32\DRIVERS\0511699.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: (klif) . (. - .) - C:\WINDOWS\system32\drivers\klif.sys (.not file.)
~ Scan Drivers in 00mn 04s
---\\ Software installed (O42)
O42 - Logiciel: Adobe Acrobat 5.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Acrobat 5.0
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Applian FLV Player - (.Applian Technologies Inc..) [HKLM] -- Applian FLV Player2.0.24
O42 - Logiciel: Ares 2.1.1 - (.Ares Development Group.) [HKLM] -- Ares
O42 - Logiciel: CutePDF Writer 2.8 - (.Unknown owner.) [HKLM] -- CutePDF Writer Installation
O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2}
O42 - Logiciel: DivX Player - (.DivXNetworks, Inc..) [HKLM] -- {8ADFC4160D694100B5B8A22DE9DCABD9}
O42 - Logiciel: DivX Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29}
O42 - Logiciel: Efficient WMA MP3 Converter v0.99.7 - (.Unknown owner.) [HKLM] -- Efficient WMA MP3 Converter_is1
O42 - Logiciel: HP Customer Participation Program 9.0 - (.HP.) [HKLM] -- HPExtendedCapabilities
O42 - Logiciel: HP Imaging Device Functions 9.0 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP OCR Software 9.0 - (.HP.) [HKLM] -- HPOCR
O42 - Logiciel: HP Photosmart All-In-One Software 9.0 - (.HP.) [HKLM] -- {B22C19AE-6A67-4f28-B541-5AE72FB17A25}
O42 - Logiciel: HP Photosmart Essential 2.01 - (.HP.) [HKLM] -- HP Photosmart Essential
O42 - Logiciel: HP Solution Center 9.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Kit de Connexion MENARA - (.Unknown owner.) [HKLM] -- {AB25E068-C7A2-482F-A3BC-588A5869844D}
O42 - Logiciel: Kodak One-Touch Printing Solution SDK - (.Unknown owner.) [HKLM] -- Kodak One-Touch Printing Solution SDK
O42 - Logiciel: Lecteur Windows Media 11 - (.Unknown owner.) [HKLM] -- Windows Media Player
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Unknown owner.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 2.0 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 2.0
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000
O42 - Logiciel: Module d'enregistrement 1.5.1.2 - (.YDP SA.) [HKLM] -- FlashComponents
O42 - Logiciel: Mozilla Firefox 4.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0.1 (x86 fr)
O42 - Logiciel: Nero OEM - (.Unknown owner.) [HKLM] -- Nero - Burning Rom!UninstallKey
O42 - Logiciel: Off Road Arena - (.Unknown owner.) [HKLM] -- Off Road Arena_is1
O42 - Logiciel: Orbit Downloader - (.www.orbitdownloader.com.) [HKLM] -- Orbit_is1
O42 - Logiciel: PhotoFiltre - (.Unknown owner.) [HKCU] -- PhotoFiltre
O42 - Logiciel: Pop-Up Stopper Free Edition - (.Panicware, Inc..) [HKLM] -- Pop-Up Stopper Free Edition
O42 - Logiciel: PowerDVD - (.CyberLink.) [HKLM] -- InstallShield_{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
O42 - Logiciel: Prism Video File Converter - (.NCH Software.) [HKLM] -- Prism
O42 - Logiciel: QuickTime for Windows (32-bit) - (.Unknown owner.) [HKLM] -- QuickTime32
O42 - Logiciel: Real Alternative 1.9.0 - (.Unknown owner.) [HKLM] -- RealAlt_is1
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0
O42 - Logiciel: Realtek AC'97 Audio - (.Unknown owner.) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}
O42 - Logiciel: Replay Media Catcher 4 (4.2.8) - (.Applian Technologies.) [HKLM] -- Replay Media Catcher 4
O42 - Logiciel: RocketDock 1.3.5 - (.Punk Software.) [HKLM] -- RocketDock_is1
O42 - Logiciel: SWF Opener - (.UnH Solutions.) [HKLM] -- {01386D1F-ADE7-43B4-A4E9-312FC5BC726F}_is1
O42 - Logiciel: Sog Video Converter Platium 5.0 - (.FreetimeSoft, Inc..) [HKLM] -- Sog Video Converter Platium_is1
O42 - Logiciel: Sony Vegas Pro 10.0 - (.Unknown owner.) [HKLM] -- Sony Vegas Pro 10.0
O42 - Logiciel: SuperCopier2 - (.Unknown owner.) [HKLM] -- SuperCopier2
O42 - Logiciel: VSO Image Resizer 4.0.2.5 - (.VSO-Software.) [HKLM] -- {8969CD6F-5B75-40B9-8701-86ECA4C1F263}_is1
O42 - Logiciel: WinASO Registry Optimizer 3.2 - (.X.M.Y International LLC.) [HKLM] -- WinASO Registry Optimizer 3.2_is1
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows Media Format 11 runtime - (.Unknown owner.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11
O42 - Logiciel: Windows iLivid Toolbar - (.Bandoo Media, Inc.) [HKLM] -- Searchqu 406 MediaBar
O42 - Logiciel: YDP Speech Recognition Support 4.0.001 - (.YDP.) [HKLM] -- YDP Speech Recognition Support
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: ffdshow [rev 2975] [2009-05-28] - (.Unknown owner.) [HKLM] -- ffdshow_is1
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\AVAST Software]
[HKCU\Software\Acro Software Inc]
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\RealNetworks]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Ares]
[HKCU\Software\Binary Noise]
[HKCU\Software\CDDB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Cyberlink]
[HKCU\Software\DataMngr_Toolbar]
[HKCU\Software\DeskShare]
[HKCU\Software\DirectShow]
[HKCU\Software\DivXNetworks]
[HKCU\Software\Electronic Arts]
[HKCU\Software\FileServe]
[HKCU\Software\FreeDownloadManager.ORG]
[HKCU\Software\GNU]
[HKCU\Software\Gik]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\InterTrust]
[HKCU\Software\JavaSoft]
[HKCU\Software\KasperskyLab]
[HKCU\Software\Kastor]
[HKCU\Software\Lake]
[HKCU\Software\LitexMedia]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NCH Software]
[HKCU\Software\NCH Swift Sound]
[HKCU\Software\Netscape]
[HKCU\Software\Nuclear Coffee]
[HKCU\Software\ODBC]
[HKCU\Software\Opera Software]
[HKCU\Software\Orbit]
[HKCU\Software\Panicware]
[HKCU\Software\Policies]
[HKCU\Software\ProgSense]
[HKCU\Software\RealNetworks]
[HKCU\Software\RocketDock]
[HKCU\Software\SBCONVERT]
[HKCU\Software\SFX TEAM]
[HKCU\Software\Screenshot Studio for Firefox]
[HKCU\Software\Skype]
[HKCU\Software\SoftVTU]
[HKCU\Software\Softonic]
[HKCU\Software\Softonic_France]
[HKCU\Software\Sony Creative Software]
[HKCU\Software\SpeedBit]
[HKCU\Software\SynergeticSoft]
[HKCU\Software\Tennyson Maxwell]
[HKCU\Software\UnH Solutions]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VSO]
[HKCU\Software\VicMan Software]
[HKCU\Software\WMA-MP3-Converter.org]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Xenocode]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\dskMetrics]
[HKCU\Software\eSellerate]
[HKLM\Software\1043]
[HKLM\Software\1516]
[HKLM\Software\58f]
[HKLM\Software\781]
[HKLM\Software\ALWIL Software]
[HKLM\Software\AVAST Software]
[HKLM\Software\AVConverter]
[HKLM\Software\Acro Software Inc]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\Analog Devices]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Apple]
[HKLM\Software\Applian Technologies]
[HKLM\Software\Applian]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Common Toolkit Suite]
[HKLM\Software\CyberLink]
[HKLM\Software\DeskShare]
[HKLM\Software\DivXNetworks]
[HKLM\Software\EA SPORTS]
[HKLM\Software\FileServe]
[HKLM\Software\FireShot for IE]
[HKLM\Software\FreeDownloadManager.ORG]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\GPL Ghostscript]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\ICE]
[HKLM\Software\IE5Tools]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Kodak]
[HKLM\Software\Lake]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Menara]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NCH Software]
[HKLM\Software\NCH Swift Sound]
[HKLM\Software\Netscape]
[HKLM\Software\Nuclear Coffee]
[HKLM\Software\ODBC]
[HKLM\Software\Opera Software]
[HKLM\Software\Orbit]
[HKLM\Software\Panicware]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Rabbit]
[HKLM\Software\RealAlternative]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek]
[HKLM\Software\ReflexiveArcade]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\S3]
[HKLM\Software\ScanSoft]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Skype]
[HKLM\Software\SogVideoConverterPlatinum]
[HKLM\Software\Sony Creative Software]
[HKLM\Software\SpeedBit]
[HKLM\Software\SynergeticSoft]
[HKLM\Software\TechCity]
[HKLM\Software\Texthelp Systems]
[HKLM\Software\The Silicon Realms Toolworks]
[HKLM\Software\TrendMicro]
[HKLM\Software\VSO]
[HKLM\Software\VicMan Software]
[HKLM\Software\Visicom Media]
[HKLM\Software\WinASO]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Windows]
[HKLM\Software\Wise Solutions]
[HKLM\Software\XenoBrowsealoud]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\eSellerate]
[HKLM\Software\ffffffff]
[HKLM\Software\magnet]
[HKLM\Software\mozilla.org]
[HKLM\Software\sagem]
~ Scan Softwares in 00mn 02s
---\\ Contents of the Common Files folders (O43)
O43 - CFD: 07/08/2011 - 16:46:52 - [4002672] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 07/01/2011 - 13:48:56 - [299586] ----D- C:\Program Files\Acro Software
O43 - CFD: 06/08/2011 - 22:54:16 - [75045022] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 22/05/2011 - 19:36:06 - [132415232] ----D- C:\Program Files\Adobe
O43 - CFD: 05/11/2010 - 13:59:20 - [75185519] ----D- C:\Program Files\Ahead
O43 - CFD: 01/12/2010 - 17:05:02 - [158447472] ----D- C:\Program Files\Alwil Software
O43 - CFD: 14/04/2011 - 23:30:36 - [2306366] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 30/06/2011 - 18:06:36 - [30808780] ----D- C:\Program Files\Applian Technologies
O43 - CFD: 11/11/2010 - 20:16:12 - [4243850] ----D- C:\Program Files\Ares
O43 - CFD: 01/02/2011 - 18:09:26 - [549769] ----D- C:\Program Files\Asymetrix
O43 - CFD: 28/02/2011 - 22:10:22 - [0] ----D- C:\Program Files\Biography Software
O43 - CFD: 14/04/2011 - 23:28:54 - [616871] ----D- C:\Program Files\Bonjour
O43 - CFD: 22/05/2011 - 19:35:58 - [0] ----D- C:\Program Files\Common Files
O43 - CFD: 05/11/2010 - 13:16:26 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 05/11/2010 - 14:00:56 - [94739755] ----D- C:\Program Files\CyberLink
O43 - CFD: 05/11/2010 - 13:46:54 - [17393776] ----D- C:\Program Files\DivX
O43 - CFD: 08/12/2010 - 16:23:48 - [24652710] ----D- C:\Program Files\Efficient WMA MP3 Converter
O43 - CFD: 30/06/2011 - 00:40:44 - [613103112] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 10/07/2011 - 16:18:50 - [937] ----D- C:\Program Files\FileServe Manager
O43 - CFD: 04/02/2011 - 15:59:30 - [0] ----D- C:\Program Files\FireShot for IE
O43 - CFD: 05/11/2010 - 14:11:16 - [2061054] ----D- C:\Program Files\FLV Player
O43 - CFD: 02/12/2010 - 13:03:38 - [0] ----D- C:\Program Files\Google
O43 - CFD: 07/01/2011 - 13:58:10 - [8075602] ----D- C:\Program Files\GPLGS
O43 - CFD: 02/07/2011 - 21:52:08 - [0] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 02/07/2011 - 21:55:18 - [202963034] ----D- C:\Program Files\HP
O43 - CFD: 15/01/2011 - 19:57:26 - [165051150] ----D- C:\Program Files\Inkscape
O43 - CFD: 28/02/2011 - 22:10:24 - [9372718] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 31/12/2010 - 13:25:52 - [5887592] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 14/04/2011 - 23:32:20 - [1856627] ----D- C:\Program Files\iPod
O43 - CFD: 14/04/2011 - 23:34:44 - [127660511] ----D- C:\Program Files\iTunes
O43 - CFD: 20/02/2011 - 21:27:34 - [89389607] ----D- C:\Program Files\Java
O43 - CFD: 05/11/2010 - 13:27:30 - [218376] ----D- C:\Program Files\Kaspersky Lab
O43 - CFD: 06/08/2011 - 22:26:46 - [6953472] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 05/11/2010 - 22:36:20 - [6085573] ----D- C:\Program Files\Menara
O43 - CFD: 05/11/2010 - 13:16:06 - [2174045] ----D- C:\Program Files\Messenger
O43 - CFD: 05/11/2010 - 13:49:50 - [226432] ----D- C:\Program Files\Microsoft
O43 - CFD: 05/11/2010 - 13:20:38 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 05/11/2010 - 15:14:00 - [389528261] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 05/11/2010 - 14:22:04 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 05/11/2010 - 14:22:20 - [4368271] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 05/11/2010 - 14:23:10 - [184320] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 05/11/2010 - 13:17:48 - [10374874] ----D- C:\Program Files\Movie Maker
O43 - CFD: 07/08/2011 - 01:15:08 - [35529702] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 05/11/2010 - 15:13:22 - [29643597] ----D- C:\Program Files\MSECache
O43 - CFD: 05/11/2010 - 13:15:30 - [19278399] ----D- C:\Program Files\MSN
O43 - CFD: 05/11/2010 - 13:16:02 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 21/07/2011 - 21:51:04 - [15695860] ----D- C:\Program Files\NCH Software
O43 - CFD: 05/11/2010 - 13:18:00 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 15/03/2011 - 18:01:36 - [0] ----D- C:\Program Files\NirSoft
O43 - CFD: 11/11/2010 - 19:46:08 - [144129860] ----D- C:\Program Files\Off Road Arena
O43 - CFD: 05/11/2010 - 13:16:12 - [1804] ----D- C:\Program Files\Online Services
O43 - CFD: 13/05/2011 - 17:10:34 - [69861] ----D- C:\Program Files\Opera
O43 - CFD: 05/07/2011 - 15:38:54 - [14456974] ----D- C:\Program Files\Orbitdownloader
O43 - CFD: 05/11/2010 - 13:17:58 - [4379833] ----D- C:\Program Files\Outlook Express
O43 - CFD: 28/11/2010 - 13:45:16 - [1128273] ----D- C:\Program Files\Panicware
O43 - CFD: 31/05/2011 - 17:01:34 - [159] ----D- C:\Program Files\Participatory Culture Foundation
O43 - CFD: 18/04/2011 - 23:13:18 - [3769063] ----D- C:\Program Files\PhotoFiltre
O43 - CFD: 04/02/2011 - 15:57:58 - [76322555] ----D- C:\Program Files\QuickTime
O43 - CFD: 07/01/2011 - 19:32:56 - [96530286] ----D- C:\Program Files\Real
O43 - CFD: 11/11/2010 - 19:44:36 - [20077] ----D- C:\Program Files\ReflexiveArcade
O43 - CFD: 05/11/2010 - 15:08:48 - [11615272] ----D- C:\Program Files\RocketDock
O43 - CFD: 05/11/2010 - 13:18:32 - [1025] ----D- C:\Program Files\Services en ligne
O43 - CFD: 28/02/2011 - 23:09:12 - [9148140] R---D- C:\Program Files\Skype
O43 - CFD: 18/03/2011 - 21:30:10 - [22178963] ----D- C:\Program Files\Sog_Video_Converter_Platium
O43 - CFD: 30/12/2010 - 22:36:32 - [394509273] ----D- C:\Program Files\Sony
O43 - CFD: 05/11/2010 - 14:14:28 - [1209395] ----D- C:\Program Files\SuperCopier2
O43 - CFD: 20/01/2011 - 23:36:16 - [1567877] ----D- C:\Program Files\UnH Solutions
O43 - CFD: 05/11/2010 - 13:25:22 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 27/03/2011 - 00:02:38 - [898761] ----D- C:\Program Files\VideoLAN
O43 - CFD: 09/11/2010 - 13:39:12 - [10935992] ----D- C:\Program Files\WinASO
O43 - CFD: 03/08/2011 - 00:47:08 - [8489081] ----D- C:\Program Files\Windows iLivid Toolbar
O43 - CFD: 05/11/2010 - 13:49:44 - [45806173] ----D- C:\Program Files\Windows Live
O43 - CFD: 05/11/2010 - 13:49:32 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 05/11/2010 - 14:07:26 - [3581070] ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 05/11/2010 - 14:07:22 - [8278281] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 05/11/2010 - 13:15:52 - [3939071] ----D- C:\Program Files\Windows NT
O43 - CFD: 05/11/2010 - 13:18:38 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 13/11/2010 - 14:41:08 - [3975376] ----D- C:\Program Files\WinRAR
O43 - CFD: 22/05/2011 - 19:35:58 - [0] ----D- C:\Program Files\Xenocode
O43 - CFD: 05/11/2010 - 13:20:38 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 03/07/2011 - 15:42:28 - [3820744] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 05/11/2010 - 13:59:18 - [26515903] ----D- C:\Program Files\Fichiers Communs\Ahead
O43 - CFD: 14/04/2011 - 23:32:12 - [91350844] ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD: 05/11/2010 - 14:22:24 - [86016] ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD: 07/12/2010 - 20:21:18 - [457237] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard
O43 - CFD: 07/12/2010 - 20:22:10 - [4999856] ----D- C:\Program Files\Fichiers Communs\HP
O43 - CFD: 05/11/2010 - 22:05:30 - [1368053] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 20/02/2011 - 21:28:22 - [1247175] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 31/01/2011 - 15:00:42 - [294973072] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 05/11/2010 - 13:17:56 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 05/11/2010 - 13:06:54 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 07/01/2011 - 19:31:06 - [0] ----D- C:\Program Files\Fichiers Communs\Real
O43 - CFD: 05/11/2010 - 13:18:00 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 05/11/2010 - 13:06:52 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 05/11/2010 - 14:21:52 - [20467751] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 05/11/2010 - 13:48:02 - [144764947] ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD: 07/01/2011 - 19:32:50 - [352256] ----D- C:\Program Files\Fichiers Communs\xing shared
O43 - CFD: 27/05/2011 - 21:42:58 - [18619763] ----D- C:\Program Files\Fichiers Communs\YDP
O43 - CFD: 15/04/2011 - 18:00:06 - [5213152] ----D- C:\Documents and Settings\Poste\Application Data\Adobe
O43 - CFD: 17/01/2011 - 20:14:14 - [88] ----D- C:\Documents and Settings\Poste\Application Data\AdobeUM
O43 - CFD: 14/04/2011 - 23:58:26 - [6788689] ----D- C:\Documents and Settings\Poste\Application Data\Apple Computer
O43 - CFD: 11/11/2010 - 18:51:34 - [0] ----D- C:\Documents and Settings\Poste\Application Data\Boost Windows
O43 - CFD: 12/11/2010 - 23:22:36 - [3850] ----D- C:\Documents and Settings\Poste\Application Data\DivX
O43 - CFD: 18/11/2010 - 23:04:54 - [0] ----D- C:\Documents and Settings\Poste\Application Data\EmailNotifier
O43 - CFD: 01/07/2011 - 21:48:00 - [204] ----D- C:\Documents and Settings\Poste\Application Data\FreeVideoCatcher
O43 - CFD: 14/05/2011 - 19:27:36 - [201] ----D- C:\Documents and Settings\Poste\Application Data\GrabPro
O43 - CFD: 18/11/2010 - 23:15:40 - [0] ----D- C:\Documents and Settings\Poste\Application Data\Help
O43 - CFD: 07/07/2011 - 17:01:50 - [47756] ----D- C:\Documents and Settings\Poste\Application Data\HP
O43 - CFD: 08/04/2011 - 21:22:32 - [627] ----D- C:\Documents and Settings\Poste\Application Data\HpUpdate
O43 - CFD: 05/11/2010 - 13:25:24 - [0] ----D- C:\Documents and Settings\Poste\Application Data\Identities
O43 - CFD: 15/01/2011 - 19:57:56 - [31651] ----D- C:\Documents and Settings\Poste\Application Data\inkscape
O43 - CFD: 01/02/2011 - 17:54:00 - [0] ----D- C:\Documents and Settings\Poste\Application Data\InterTrust
O43 - CFD: 03/07/2011 - 15:48:24 - [203] ----D- C:\Documents and Settings\Poste\Application Data\KastorFreeVideoCatcher
O43 - CFD: 09/11/2010 - 14:11:10 - [2828427] ----D- C:\Documents and Settings\Poste\Application Data\Macromedia
O43 - CFD: 09/11/2010 - 14:21:04 - [161991] ----D- C:\Documents and Settings\Poste\Application Data\Malwarebytes
O43 - CFD: 15/04/2011 - 18:00:06 - [4638606] -S--D- C:\Documents and Settings\Poste\Application Data\Microsoft
O43 - CFD: 09/11/2010 - 14:09:58 - [124874784] ----D- C:\Documents and Settings\Poste\Application Data\Mozilla
O43 - CFD: 24/05/2011 - 20:01:36 - [29004] ----D- C:\Documents and Settings\Poste\Application Data\NCH Software
O43 - CFD: 13/05/2011 - 17:10:08 - [0] ----D- C:\Documents and Settings\Poste\Application Data\Opera
O43 - CFD: 07/08/2011 - 16:38:06 - [5162240] ----D- C:\Documents and Settings\Poste\Application Data\Orbit
O43 - CFD: 31/05/2011 - 17:03:02 - [5973017] ----D- C:\Documents and Settings\Poste\Application Data\Participatory Culture Foundation
O43 - CFD: 31/05/2011 - 17:13:36 - [419817] ----D- C:\Documents and Settings\Poste\Application Data\PCF-VLC
O43 - CFD: 11/11/2010 - 19:41:14 - [986] ----D- C:\Documents and Settings\Poste\Applicatio
NicoVA
Messages postés
1058
Date d'inscription
dimanche 6 décembre 2009
Statut
Contributeur sécurité
Dernière intervention
16 novembre 2011
71
7 août 2011 à 22:43
7 août 2011 à 22:43
Salut
Poste ton rapport ZHPdiag sur ci-joint par exemple ;-)
++
Poste ton rapport ZHPdiag sur ci-joint par exemple ;-)
++
ranzy2003
Messages postés
8
Date d'inscription
dimanche 7 août 2011
Statut
Membre
Dernière intervention
8 août 2011
Modifié par ranzy2003 le 8/08/2011 à 02:55
Modifié par ranzy2003 le 8/08/2011 à 02:55
salut voila le rapport
https://www.cjoint.com/?AHhxF5k46Hi
https://www.cjoint.com/?AHhxF5k46Hi
NicoVA
Messages postés
1058
Date d'inscription
dimanche 6 décembre 2009
Statut
Contributeur sécurité
Dernière intervention
16 novembre 2011
71
8 août 2011 à 09:43
8 août 2011 à 09:43
Salut
Ton Windows est légitime ou c'est une version crackée ?
A+
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] Orphean Key O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] Orphean Key O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] Orphean Key O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] Orphean Key
Ton Windows est légitime ou c'est une version crackée ?
A+
ranzy2003
Messages postés
8
Date d'inscription
dimanche 7 août 2011
Statut
Membre
Dernière intervention
8 août 2011
Modifié par ranzy2003 le 8/08/2011 à 19:11
Modifié par ranzy2003 le 8/08/2011 à 19:11
bonjour
malheureusement c'est une version crackée .
malheureusement c'est une version crackée .
ranzy2003
Messages postés
8
Date d'inscription
dimanche 7 août 2011
Statut
Membre
Dernière intervention
8 août 2011
8 août 2011 à 20:06
8 août 2011 à 20:06
hi nicova s.v.p pour windows ilivid toolbar est ce que je dois le désinstaller car je ne l'ai pas installer
