Sujet Précédent Sujet Suivant

Trojan.generic.6753450

Fermé
vietkong93 Messages postés 32 Date d'inscription mercredi 21 novembre 2012 Statut Membre Dernière intervention 23 novembre 2012 - 21 nov. 2012 à 13:27
 Utilisateur anonyme - 24 nov. 2012 à 02:46
Bonjour,

J'ai besoin de votre aide!!

Un virus est apparu sur mon Pc. Il m'est impossible d'installer un logiciel. A chaque fin d'installation, un trojan est détecté et éffacé par mon anti virus ( F Secure). Ce phénomène se produit à chaque tentative d'installation.

J'ai testé ts les antimalware du webn mais rien n'y fait...

Ci dessou le rapport ZHDPDiag si cela peut vous aider... Merci!


Rapport de ZHPDiag v1.31.49 par Nicolas Coolman, Update du 19/11/2012
Run by kl at 21/11/2012 13:08:41
State : Version à jour.
UAC : Not Found or deactivate by user


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)

---\\ Windows Product Information
~ Langage: Français
Windows 7 Enterprise Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, VOLUME_KMSCLIENT channel
Windows ID Activation : OK
~ Windows Partial Key : HVTHH
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8149 MB (72% free)
System Restore: Activé (Enable)
System drive C: has 71 GB (59%) free of 119 GB

---\\ Logged in mode
~ Computer Name: YFRW7E020
~ User Name: kl
~ All Users Names: Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\kl\AppData\Roaming\
~ %Desktop% : C:\Users\kl\Desktop\
~ %Favorites% : C:\Users\kl\Favorites\
~ %LocalAppData% : C:\Users\kl\AppData\Local\
~ %StartMenu% : C:\Users\kl\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 71 Go of 119 Go)
D:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
~ UAC deactivate by user
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.870ECFEBD41C7B8F9C6777748368D51F] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.18/05/2012 - 02:59:14.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:41:34.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 04:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes Favoris (My Favorites) : 1/9
~ Mes Documents (My Documents) : 1/5
~ Mon Bureau (My Desktop) : 1/2138
~ Menu demarrer (Programs) : 1/28
~ Scan Hidden Files in 00mn 00s



---\\ Processus lancés
[MD5.12E33DD823D74680DE6F33BFA359EFB3] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [766536] [PID.2928]
[MD5.8196DFA43EE314CD387C3F139A74A023] - (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.exe [718720] [PID.4128]
[MD5.390679F7A217A5E73D756276C40AE887] - (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480] [PID.4156]
[MD5.18B06B63AF2FB6C74C47E31B329BDA74] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\F-Secure\common\FSM32.exe [303808] [PID.4316]
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848] [PID.4536]
[MD5.6EA1BF3F6E6B0613351411A3EB6B85A2] - (.Ask - Ask Updater.) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1561768] [PID.4544]
[MD5.4AFFDCAADCB1DBBFFAF06C7F82E7F6FC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776] [PID.4580]
[MD5.0129BB16161C2FD9A6B19111AB047198] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [748664] [PID.5848]
[MD5.8709C95E4EC55378D5BF27F02B0ED5A5] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe [692152] [PID.5376]
[MD5.C4EE5433561063863AE9A37C67A9C56F] - (...) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [3771904] [PID.5048]
[MD5.11A52CF7B265631DEEB24C6149309EFF] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [64952] [PID.]
[MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.]
[MD5.01DF577B86B7EDE70277356444743AD5] - (.F-Secure Corporation - F-Secure Anti-Virus Scanning Service.) -- C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe [221888] [PID.]
[MD5.FCDEE5BC3CCFCE835EFF25DE13B17266] - (.F-Secure Corporation - F-Secure Gatekeeper Handler 32-bit.) -- C:\Program Files (x86)\F-Secure\Anti-Virus\FSGK32.exe [605752] [PID.]
[MD5.6A20234204C3D74D40414F535E0981D3] - (.F-Secure Corporation - F-Secure Management Agent.) -- C:\Program Files (x86)\F-Secure\Common\FSMA32.exe [189120] [PID.]
[MD5.63962285A0C3C9752CB15A62E0FE9E6A] - (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [77824] [PID.]
[MD5.39C201234F4B17FDFC58B31C0E2AEE54] - (.F-Secure Corporation - F-Secure DLL Hosting Plugin.) -- C:\Program Files (x86)\F-Secure\Common\FSHDLL32.exe [90816] [PID.]
[MD5.85B16A92B117A5A800032ECD904B86DB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [399432] [PID.]
[MD5.20E2469DB709FC675E655CEAA11BE312] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [676936] [PID.]
[MD5.4E37455DB16AEC75862B1D0BC35B589E] - (.O2Micro International - O2 Flash Memory Service.) -- C:\Windows\system32\DRIVERS\o2flash.exe [72296] [PID.]
[MD5.794D4B48DFB6E999537C7C3947863463] - (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368] [PID.]
[MD5.251A1AED2D4A26A47C0A4A3058AAE4A8] - (.Boxore OU. - Programme d'installation de Software.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [139576] [PID.]
[MD5.99257D56C06FB10D33B94C7D4FB7BA11] - (.F-Secure Corporation - F-Secure ORSP Service.) -- C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe [62144] [PID.]
[MD5.ABA044F98C5421FAD28DAB496CE937D6] - (.F-Secure Corporation - F-Secure Network Request Broker.) -- C:\Program Files (x86)\F-Secure\Common\FNRB32.exe [189120] [PID.]
[MD5.2427ABEAB549CBDC0352C33E14854AA2] - (.F-Secure Corporation - F-Secure Installation Launcher.) -- C:\Program Files (x86)\F-Secure\Common\FIH32.exe [131776] [PID.]
[MD5.B5E0B09CA41EF3904CABA7204D83FE3F] - (.F-Secure Corporation - F-Secure Scanner Manager 32-bit.) -- C:\Program Files (x86)\F-Secure\Anti-Virus\fssm32.exe [1011256] [PID.]
[MD5.9D39633D7F6383018DE6ADCD29558388] - (.F-Secure Corporation - FSAV Handler.) -- C:\Program Files (x86)\F-Secure\Anti-Virus\fsav32.exe [488128] [PID.]
[MD5.133F82B6391F3390BECFA429C23FB2BE] - (.CrypKey (Canada) Ltd. - CrypKey License Service.) -- C:\Windows\system32\crypserv.exe [122880] [PID.]
~ Scan Processes Running in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) [64Bits] - {00000000-6E41-4FD3-8538-502F5495E5FC} . (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 04s
~ Nombre de lignes (Lines number): 15323



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} Clé orpheline
O2 - BHO: (no name) [64Bits] - {53707962-6F74-2D53-2644-206D7942484F} Clé orpheline
O2 - BHO: (no name) [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} Clé orpheline
O2 - BHO: (no name) [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Clé orpheline
O2 - BHO: (no name) [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} Clé orpheline
O2 - BHO: (no name) [64Bits] - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} Clé orpheline
O2 - BHO: (no name) [64Bits] - {D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
O2 - BHO: (no name) [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} Clé orpheline
O2 - BHO: (no name) [64Bits] - {fa63398e-322b-4833-9af3-15837ad12138} Clé orpheline
~ Scan BHO in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [NVHotkey] . (.NVIDIA Corporation - NVIDIA Hotkey Service, Version 268.83.) -- C:\Windows\system32\nvHotkey.dll
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Manager] . (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\F-Secure\Common\FSM32.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure TNB] . (.F-Secure Corporation - TNBUtil.) -- C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe
O4 - HKLM\..\Wow6432Node\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [ApnUpdater] . (.Ask - Ask Updater.) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-2079806146-1267936396-25523724-18734\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.exe
O4 - HKUS\S-1-5-21-2079806146-1267936396-25523724-18734\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Administrateur\Desktop\Freecom Network Storage Assistant.lnk . (.Freecom.) -- C:\Program Files (x86)\Freecom Network Storage Assistant\FNSA.exe
O4 - Global Startup: C:\Users\Administrateur\Desktop\HijackThis.lnk . (.Trend Micro Inc..) -- C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
~ Scan Global Startup in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{947955F7-5927-482D-876D-5913BC4F0760}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{AAB277EC-6F28-4D22-B57D-71A496DF54BD}: DhcpNameServer = 193.253.141.132 193.253.141.133
O17 - HKLM\System\CCS\Services\Tcpip\..\{DFC52D7C-6F22-4E93-848C-7511E261DCC1}: DhcpNameServer = 193.253.141.133 193.253.141.132
O17 - HKLM\System\CS1\Services\Tcpip\..\{947955F7-5927-482D-876D-5913BC4F0760}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{AAB277EC-6F28-4D22-B57D-71A496DF54BD}: DhcpNameServer = 193.253.141.132 193.253.141.133
O17 - HKLM\System\CS1\Services\Tcpip\..\{DFC52D7C-6F22-4E93-848C-7511E261DCC1}: DhcpNameServer = 193.253.141.133 193.253.141.132
O17 - HKLM\System\CS2\Services\Tcpip\..\{947955F7-5927-482D-876D-5913BC4F0760}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{AAB277EC-6F28-4D22-B57D-71A496DF54BD}: DhcpNameServer = 193.253.141.132 193.253.141.133
O17 - HKLM\System\CS2\Services\Tcpip\..\{DFC52D7C-6F22-4E93-848C-7511E261DCC1}: DhcpNameServer = 193.253.141.133 193.253.141.132
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll
~ Scan Protocole Additionnel in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Crypkey License (Crypkey License) . (.CrypKey (Canada) Ltd. - CrypKey License Service.) - C:\Windows\System32\crypserv.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) . (.F-Secure Corporation - F-Secure Anti-Virus Scanning Service.) - C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Device Control Daemon (fsdevcon) . (.F-Secure Corporation - F-Secure Client Security Device Control Dae.) - C:\Program Files (x86)\F-Secure\Device Control\fsdevcon64.exe
O23 - Service: F-Secure Management Agent (FSMA) . (.F-Secure Corporation - F-Secure Management Agent.) - C:\Program Files (x86)\F-Secure\Common\FSMA32.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) . (.France Telecom SA - Pas de description.) - C:\Program Files (x86)\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 268.8.) - C:\Windows\System32\nvvsvc.exe
O23 - Service: O2FLASH (O2FLASH) . (.O2Micro International - O2 Flash Memory Service.) - C:\Windows\System32\DRIVERS\o2flash.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: C:\Windows\System32\stlang64.dll (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Software Update Service (supdate) (supdate) . (.Boxore OU. - Programme d'installation de Software.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
~ Scan Services in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job
[MD5.44C00A385CA9DBC1D5CF3781F8C26AEA] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.013414E136AC76598B19552DC31DE718] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe
[MD5.251A1AED2D4A26A47C0A4A3058AAE4A8] [APT] [SoftwareUpdateTaskMachineCore] (.Boxore OU..) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
[MD5.251A1AED2D4A26A47C0A4A3058AAE4A8] [APT] [SoftwareUpdateTaskMachineUA] (.Boxore OU..) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 00s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Scan Active Setup in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (F-Secure HIPS) . (.F-Secure Corporation - HIPS 64-bit kernel module.) - C:\Program Files (x86)\F-Secure\HIPS\drivers\fshs.sys
O41 - Driver: (FSES) . (.F-Secure Corporation - F-Secure Email Scanning Driver (64 bit).) - C:\Windows\System32\drivers\fses.sys
O41 - Driver: (FSFW) . (.F-Secure Corporation - F-Secure Internet Shield Driver (64 bit).) - C:\Windows\System32\drivers\fsdfw.sys
O41 - Driver: (fsvista) . (...) - C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (NetworkX) . (...) - C:\Windows\system32\ckldrv.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 64 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM][64Bits] -- {5737101A-27C4-408A-8A57-D1DC78DF84B4}
O42 - Logiciel: 7-Zip 9.20 - (.Pas de propriétaire.) [HKLM][64Bits] -- 7-Zip
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {FE23D063-934D-4829-A0D8-00634CE79B4A}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader X (10.1.0) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {D34598D1-07B8-4EB6-AD9A-DBDF58FFC19F}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {63EC2120-1742-4625-AA47-C6A8AEC9C64C}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM][64Bits] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE}
O42 - Logiciel: Ask Toolbar Updater - (.Ask.com.) [HKCU][64Bits] -- {79A765E1-C399-405B-85AF-466F52E918B0}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {EF8FC2FA-BE02-444B-8355-08C75A6D7E3A}
O42 - Logiciel: Business Everywhere - (.Pas de propriétaire.) [HKLM][64Bits] -- {BEWINTERNET-FR-DME}.UninstallSuite
O42 - Logiciel: Card Detector for Option Icon 505 - (.Pas de propriétaire.) [HKLM][64Bits] -- CardDetectorICON505
O42 - Logiciel: Dell Touchpad - (.ALPS ELECTRIC CO., LTD..) [HKLM][64Bits] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}
O42 - Logiciel: Docklight V2.0 - (.Flachmann und Heggelbacher GbR.) [HKLM][64Bits] -- FuH_Docklight_V1_9_200_is1
O42 - Logiciel: DriveWizard Plus - (.Yaskawa Electric Corporation.) [HKLM][64Bits] -- InstallShield_{D19C75E5-B8F4-48F0-870B-47061E91B3C3}
O42 - Logiciel: DriveWizard Plus - (.Yaskawa Electric Corporation.) [HKLM][64Bits] -- {D19C75E5-B8F4-48F0-870B-47061E91B3C3}
O42 - Logiciel: F-Secure Browsing Protection - (.Pas de propriétaire.) [HKLM][64Bits] -- F-Secure ExploitShield
O42 - Logiciel: F-Secure Client Security - DeepGuard - (.Pas de propriétaire.) [HKLM][64Bits] -- F-Secure HIPS
O42 - Logiciel: F-Secure Client Security - Device Control - (.Pas de propriétaire.) [HKLM][64Bits] -- F-Secure Device Control
O42 - Logiciel: F-Secure Client Security - E-Mail Scanning - (.Pas de propriétaire.) [HKLM][64Bits] -- F-Secure E-mail Scanning
O42 - Logiciel: F-Secure Client Security - Internet Shield - (.Pas de propriétaire.) [HKLM][64Bits] -- F-Secure Internet Shield
O42 - Logiciel: F-Secure Client Security - Microsoft NAP plug-in - (.Pas de propriétaire.) [HKLM][64Bits] -- F-Secure NAP Support
O42 - Logiciel: F-Secure Client Security - Virus & Spy Protection - (.Pas de propriétaire.) [HKLM][64Bits] -- F-Secure Anti-Virus
O42 - Logiciel: F-Secure Client Security - Web Traffic Scanning - (.Pas de propriétaire.) [HKLM][64Bits] -- F-Secure Protocol Scanner
O42 - Logiciel: F-Secure Client Security 9.31 - (.F-Secure Corporation.) [HKLM][64Bits] -- {8F7D4AFD-02E0-4516-8D64-9CDD1BACF4B6}
O42 - Logiciel: FreeTorrentViewer - (.Free Torrent Viewer.) [HKLM][64Bits] -- FreeTorrentViewer
O42 - Logiciel: Freecom Network Storage Assistant 1.50 - (.Freecom.) [HKLM][64Bits] -- Freecom Network Storage Assistant_is1
O42 - Logiciel: Java 7 Update 7 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217007FF}
O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM][64Bits] -- {196467F1-C11F-4F76-858B-5812ADC83B94}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.65.1.1000 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft .NET Framework 4 Extended
O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM][64Bits] -- {8E34682C-8118-31F1-BC4C-98CD9675E1C2}
O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}
O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}
O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}
O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}
O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}
O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}
O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}
O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}
O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}
O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}
O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}
O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}
O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}
O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}
O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}
O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}
O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}
O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}
O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}
O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}
O42 - Logiciel: Microsoft Office Access MUI (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0015-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Access MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Access Setup Metadata MUI (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0117-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0016-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Groove MUI (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-00BA-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Groove MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-00BA-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0044-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0044-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Language Pack 2010 - French/Français - (.Microsoft Corporation.) [HKLM][64Bits] -- Office14.OMUI.fr-fr
O42 - Logiciel: Microsoft Office O MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0100-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Office 64-bit Components 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-002A-0000-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-00A1-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001A-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0018-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Professional Plus 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- Office14.PROPLUS
O42 - Logiciel: Microsoft Office Professional Plus 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0011-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-002C-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Publisher MUI (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0019-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office SharePoint Designer MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0017-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared 64-bit MUI (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-002A-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-002A-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0116-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-006E-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared Setup Metadata MUI (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0115-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001B-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office X MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0101-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2008 R2 Native Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {2180B33F-3225-423E-BBC1-7798CFD3CD1F}
O42 - Logiciel: Microsoft SQL Server Compact 3.5 SP2 ENU - (.Microsoft Corporation.) [HKLM][64Bits] -- {3A9FC03D-C685-4831-94CF-4EDFD3749497}
O42 - Logiciel: Microsoft SQL Server Compact 3.5 SP2 x64 ENU - (.Microsoft Corporation.) [HKLM][64Bits] -- {D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1D8E6291-B0D5-35EC-8441-6616F567A0F7}
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM][64Bits] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: Search Results Toolbar - (.Pas de propriétaire.) [HKLM][64Bits] -- searchresults
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2604121
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2633870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368v2
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656405
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2686827
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2487367) - (.Microsoft Corporation.) [HKLM][64Bits] -- {8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2487367
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2656351) - (.Microsoft Corporation.) [HKLM][64Bits] -- {8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2656351
O42 - Logiciel: Specops Deploy Client Side Extension (x64) - (.Specops Software.) [HKLM][64Bits] -- {AB90B880-E125-4FA9-9A62-5319C0388E73}
O42 - Logiciel: Specops Inventory Client Side Extension (x64) - (.Specops Software.) [HKLM][64Bits] -- {5E20AD38-A15F-48D3-AC09-61F28B5B9132}
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2600217) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217
O42 - Logiciel: Update for Microsoft .NET Framework 4 Extended (KB2468871) - (.Microsoft Corporation.) [HKLM][64Bits] -- {8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Extended (KB2533523) - (.Microsoft Corporation.) [HKLM][64Bits] -- {8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523
O42 - Logiciel: Update for Microsoft .NET Framework 4 Extended (KB2600217) - (.Microsoft Corporation.) [HKLM][64Bits] -- {8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217
O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: YASKAWA MotionWorks IEC 2 Express - (.Yaskawa.) [HKLM][64Bits] -- {56A992F3-261A-43F7-9C80-1BA1B0EFB311}
O42 - Logiciel: YASKAWA SigmaWin+ English Edition Ver.5.56 - (.Yaskawa electric corp..) [HKLM][64Bits] -- {C6264FF0-97DE-11D6-A6F2-00B0D069DE56}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\APN DTX]
[HKCU\Software\APN]
[HKCU\Software\Adobe]
[HKCU\Software\Alps]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\AskToolbar]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Ask.com]
[HKCU\Software\Classes]
[HKCU\Software\Data Dynamics]
[HKCU\Software\InstallCore]
[HKCU\Software\JavaSoft]
[HKCU\Software\KW-Software]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\PDFCreator]
[HKCU\Software\Policies]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\TeamViewer]
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\YASKAWA Electric Corp.]
[HKCU\Software\Yaskawa]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\searchresults]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Alps]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\CBSTEST]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\GEAR Software]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IDT]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Sonic]
[HKLM\Software\SpecopsSoft]
[HKLM\Software\Wow6432Node\APN]
[HKLM\Software\Wow6432Node\Ade]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\AskToolbar]
[HKLM\Software\Wow6432Node\Avg]
[HKLM\Software\Wow6432Node\Business Objects]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Data Fellows]
[HKLM\Software\Wow6432Node\FRANCE TELECOM]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\PDFCreator]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Safer Networking Limited]
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\TrendMicro]
[HKLM\Software\Wow6432Node\WinRAR]
[HKLM\Software\Wow6432Node\YASKAWA ELECTRIC CORP.]
[HKLM\Software\Wow6432Node\Yaskawa]
[HKLM\Software\Wow6432Node]
~ Scan Softwares in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 01/10/2012 - 15:58:25 - [3,348] ----D C:\Program Files (x86)\7-Zip
O43 - CFD: 24/09/2012 - 10:35:56 - [233,961] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 24/10/2012 - 18:01:28 - [2,316] ----D C:\Program Files (x86)\Apple Software Update
O43 - CFD: 05/10/2012 - 14:35:22 - [3,428] ----D C:\Program Files (x86)\Ask.com
O43 - CFD: 24/10/2012 - 18:01:07 - [0,602] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 21/11/2012 - 11:48:10 - [0] ----D C:\Program Files (x86)\Boxore
O43 - CFD: 01/10/2012 - 15:34:41 - [32,316] ----D C:\Program Files (x86)\CardDetector
O43 - CFD: 21/11/2012 - 10:20:13 - [451,279] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 24/09/2012 - 10:16:14 - [720,817] ----D C:\Program Files (x86)\F-Secure
O43 - CFD: 05/10/2012 - 11:31:23 - [1,061] ----D C:\Program Files (x86)\Freecom Network Storage Assistant
O43 - CFD: 24/10/2012 - 16:12:21 - [3,970] ----D C:\Program Files (x86)\FreeTorrentViewer
O43 - CFD: 01/10/2012 - 15:17:57 - [3,312] ----D C:\Program Files (x86)\FuH
O43 - CFD: 21/11/2012 - 12:44:50 - [9,563] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 01/10/2012 - 08:55:30 - [4,917] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 24/10/2012 - 18:01:53 - [142,398] ----D C:\Program Files (x86)\iTunes
O43 -

8 réponses

Réponse 1 / 8
SlyK Messages postés 854 Date d'inscription vendredi 11 mars 2011 Statut Contributeur sécurité Dernière intervention 6 octobre 2014 147
Modifié par SlyK le 21/11/2012 à 13:29
Bonjour vietkong93,

Je t'invite à faire ceci : AdwCleaner : Mode suppression
Puis : OTL : Générer un rapport


@+
0
Réponse 2 / 8
vietkong93 Messages postés 32 Date d'inscription mercredi 21 novembre 2012 Statut Membre Dernière intervention 23 novembre 2012
21 nov. 2012 à 13:45
Bonjour Slyk,

Merci pour ta réponse rapide
J'ai réalisé la procédure, ci dessous le rapport généré par OTL..


OTL logfile created on: 21/11/2012 13:41:09 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\kl\Downloads
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

7,96 Gb Total Physical Memory | 5,84 Gb Available Physical Memory | 73,45% Memory free
15,91 Gb Paging File | 13,61 Gb Available in Paging File | 85,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 71,00 Gb Free Space | 59,54% Space Free | Partition Type: NTFS

Computer Name: YFRW7E020 | User Name: kl | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2012/11/21 13:41:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kl\Downloads\OTL.exe
PRC - [2012/11/01 04:29:06 | 001,011,256 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\Anti-Virus\fssm32.exe
PRC - [2012/11/01 04:29:06 | 000,605,752 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32.exe
PRC - [2012/10/08 20:54:50 | 000,692,152 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe
PRC - [2012/09/29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/02/06 16:47:14 | 000,062,144 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe
PRC - [2012/02/06 16:47:00 | 000,189,120 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\common\FNRB32.exe
PRC - [2012/02/06 16:47:00 | 000,131,776 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\common\FIH32.exe
PRC - [2012/02/06 16:46:52 | 000,303,808 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\common\FSM32.EXE
PRC - [2012/02/06 16:46:52 | 000,189,120 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\common\FSMA32.EXE
PRC - [2012/02/06 16:46:52 | 000,090,816 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\common\FSHDLL32.EXE
PRC - [2012/02/06 16:46:06 | 000,488,128 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\Anti-Virus\fsav32.exe
PRC - [2012/02/06 16:46:06 | 000,221,888 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2009/08/28 20:22:56 | 000,077,824 | ---- | M] (France Telecom SA) -- C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012/08/27 20:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/08/27 20:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/02/06 16:46:18 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\F-Secure\FSGUI\strres.eng
MOD - [2012/02/06 16:46:16 | 000,553,664 | ---- | M] () -- C:\Program Files (x86)\F-Secure\FSGUI\gres.dll
MOD - [2012/02/06 16:46:14 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\F-Secure\FSGUI\flyerres.eng
MOD - [2012/02/06 16:46:14 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\F-Secure\FSGUI\fsavures.eng
MOD - [2012/02/06 16:46:12 | 000,443,072 | ---- | M] () -- C:\Program Files (x86)\F-Secure\FSGUI\about.dll
MOD - [2012/02/06 16:46:12 | 000,090,816 | ---- | M] () -- C:\Program Files (x86)\F-Secure\FSGUI\aboutres.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2012/01/06 17:20:46 | 000,296,448 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\STacSV64.exe -- (STacSV)
SRV:[b]64bit:[/b] - [2012/01/06 17:20:44 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:[b]64bit:[/b] - [2011/09/13 10:04:20 | 000,072,296 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\SysNative\drivers\o2flash.exe -- (O2FLASH)
SRV:[b]64bit:[/b] - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:[b]64bit:[/b] - [2008/05/08 00:29:37 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Running] -- C:\Windows\SysNative\Crypserv.exe -- (Crypkey License)
SRV - [2012/10/08 20:54:51 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/02/06 16:47:14 | 000,062,144 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe -- (FSORSPClient)
SRV - [2012/02/06 16:47:00 | 000,189,120 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\F-Secure\common\FNRB32.exe -- (F-Secure Network Request Broker)
SRV - [2012/02/06 16:46:52 | 000,189,120 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\F-Secure\common\FSMA32.EXE -- (FSMA)
SRV - [2012/02/06 16:46:32 | 000,855,232 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\F-Secure\FWES\program\fsdfwd.exe -- (FSDFWD)
SRV - [2012/02/06 16:46:26 | 000,517,824 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\F-Secure\Device Control\\fsdevcon64.exe -- (fsdevcon)
SRV - [2012/02/06 16:46:06 | 000,221,888 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/28 20:22:56 | 000,077,824 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012/09/29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2012/09/24 10:16:14 | 000,056,016 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fsbts.sys -- (fsbts)
DRV:[b]64bit:[/b] - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/07/09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2012/06/07 16:52:02 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2012/06/07 16:52:00 | 000,358,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:[b]64bit:[/b] - [2012/05/25 17:44:06 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012/05/25 17:44:06 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:[b]64bit:[/b] - [2012/04/12 17:29:44 | 000,100,728 | ---- | M] (SUNIX Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snxppamd.sys -- (SNXPPAMD)
DRV:[b]64bit:[/b] - [2012/04/12 17:29:44 | 000,097,144 | ---- | M] (SUNIX Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snxpsamd.sys -- (SNXPSAMD)
DRV:[b]64bit:[/b] - [2012/04/12 17:29:04 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:[b]64bit:[/b] - [2012/04/12 17:29:04 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:[b]64bit:[/b] - [2012/04/12 17:29:04 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/02/06 16:46:32 | 000,095,136 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\fsdfw.sys -- (FSFW)
DRV:[b]64bit:[/b] - [2012/02/06 16:46:28 | 000,046,848 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\fses.sys -- (FSES)
DRV:[b]64bit:[/b] - [2012/01/06 17:21:14 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2012/01/06 17:20:48 | 000,430,664 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mbm3DevMt.sys -- (Mbm3DevMt)
DRV:[b]64bit:[/b] - [2012/01/06 17:20:48 | 000,419,400 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mbm3CBus.sys -- (Mbm3CBus)
DRV:[b]64bit:[/b] - [2012/01/06 17:20:48 | 000,368,464 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:[b]64bit:[/b] - [2012/01/06 17:20:48 | 000,102,440 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\d554gps64.sys -- (d554gps)
DRV:[b]64bit:[/b] - [2012/01/06 17:20:48 | 000,029,736 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wwussf64.sys -- (ecnssndisfltr)
DRV:[b]64bit:[/b] - [2012/01/06 17:20:48 | 000,026,664 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wwuss64.sys -- (ecnssndis)
DRV:[b]64bit:[/b] - [2012/01/06 17:20:46 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:[b]64bit:[/b] - [2011/09/13 10:04:26 | 000,045,672 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV:[b]64bit:[/b] - [2011/09/13 10:04:22 | 000,234,112 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nwdelserial.sys -- (nwdelserial)
DRV:[b]64bit:[/b] - [2011/09/13 10:04:22 | 000,034,304 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nwdelgobi3kfilter.sys -- (nwdelgobi3kfilter)
DRV:[b]64bit:[/b] - [2011/09/13 10:04:20 | 000,083,560 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdjw7x64.sys -- (O2SDJRDR)
DRV:[b]64bit:[/b] - [2011/09/13 10:04:20 | 000,074,984 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\O2MDRw7x64.sys -- (O2MDRRDR)
DRV:[b]64bit:[/b] - [2011/09/13 10:04:20 | 000,072,808 | ---- | M] (O2Micro ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\o2mdfw7x64.sys -- (O2MDFRDR)
DRV:[b]64bit:[/b] - [2011/09/13 10:04:18 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\accelern.sys -- (Acceler)
DRV:[b]64bit:[/b] - [2011/07/16 05:31:22 | 000,022,128 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:[b]64bit:[/b] - [2011/06/07 16:06:44 | 000,019,968 | ---- | M] (YASKAWA ELECTRIC CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CpUSB.sys -- (CpUSB)
DRV:[b]64bit:[/b] - [2011/04/15 01:32:50 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011/02/21 20:14:16 | 000,017,048 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tcm.sys -- (tcm)
DRV:[b]64bit:[/b] - [2011/02/21 20:14:02 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:[b]64bit:[/b] - [2011/02/21 20:14:02 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:[b]64bit:[/b] - [2010/12/20 07:08:08 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:[b]64bit:[/b] - [2010/11/21 04:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/05/29 23:31:22 | 000,129,536 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gtuhs51.sys -- (GTUHSNDISIPXP)
DRV:[b]64bit:[/b] - [2009/05/29 23:31:22 | 000,088,576 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gtuhsbus.sys -- (GTUHSBUS)
DRV:[b]64bit:[/b] - [2009/05/29 23:31:22 | 000,010,496 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gtuhsser.sys -- (GTUHSSER)
DRV:[b]64bit:[/b] - [2008/03/17 18:12:28 | 000,028,664 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Ckldrv.sys -- (NetworkX)
DRV - [2012/11/01 04:29:33 | 000,199,736 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2012/09/24 10:10:54 | 000,033,408 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\fsbts.sys -- (fsbts)
DRV - [2012/02/06 16:46:46 | 000,062,016 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\F-Secure\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2012/02/06 16:46:06 | 000,042,048 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files (x86)\F-Secure\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter)
DRV - [2012/02/06 16:46:06 | 000,027,328 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files (x86)\F-Secure\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer)
DRV - [2012/02/06 16:46:06 | 000,015,040 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope =
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{A3DA7B87-3856-4B9C-AE13-C4428BDDEB7F}: "URL" = http://www.search.ask.com/?l=dis{searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=E86011FD-1461-450A-BCB3-C847A9A83A75&apn_sauid=4221B152-ACCD-4713-9CEC-5A8A27BF6365
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files (x86)\F-Secure\NRS\litmus-ff@f-secure.com [2012/11/21 09:23:44 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2012/11/21 11:16:13 | 000,444,833 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 15276 more lines...
O2:[b]64bit:[/b] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Search Results Toolbar) - {fa63398e-322b-4833-9af3-15837ad12138} - C:\Program Files (x86)\searchresults\searchresultsDx.dll (Ask.com)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (Search Results Toolbar) - {fa63398e-322b-4833-9af3-15837ad12138} - C:\Program Files (x86)\searchresults\searchresultsDx.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\F-Secure\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogOff = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000021 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp.dll (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp.dll (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp.dll (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp.dll (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp.dll (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp.dll (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp.dll (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp.dll (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp.dll (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp.dll (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp.dll (F-Secure Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = motoman.se
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{947955F7-5927-482D-876D-5913BC4F0760}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AAB277EC-6F28-4D22-B57D-71A496DF54BD}: DhcpNameServer = 193.253.141.132 193.253.141.133
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DFC52D7C-6F22-4E93-848C-7511E261DCC1}: DhcpNameServer = 193.253.141.133 193.253.141.132
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{821a4357-0b9f-11e2-a400-d067e5571e28}\Shell - "" = AutoRun
O33 - MountPoints2\{821a4357-0b9f-11e2-a400-d067e5571e28}\Shell\AutoRun\command - "" = E:\AutoRunCardDetector.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012/11/21 13:39:06 | 000,165,888 | ---- | C] (Kenonic Controls) -- C:\Windows\Ckconfig.exe
[2012/11/21 13:39:06 | 000,122,880 | ---- | C] (CrypKey (Canada) Ltd.) -- C:\Windows\SysNative\Crypserv.exe
[2012/11/21 13:07:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
[2012/11/21 13:07:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag
[2012/11/21 13:07:41 | 000,000,000 | ---D | C] -- C:\ZHP
[2012/11/21 12:53:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis
[2012/11/21 12:53:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012/11/21 12:18:22 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2012/11/21 12:18:04 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\capicom.dll
[2012/11/21 12:13:10 | 000,000,000 | ---D | C] -- C:\Users\kl\AppData\Roaming\QuickScan
[2012/11/21 12:11:58 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2012/11/21 12:11:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2012/11/21 11:45:46 | 000,000,000 | ---D | C] -- C:\Users\kl\AppData\Roaming\Malwarebytes
[2012/11/21 11:45:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/11/21 11:45:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/11/21 11:45:37 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/11/21 11:45:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/11/21 11:19:59 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/11/21 11:19:59 | 000,000,000 | ---D | C] -- C:\Users\kl\AppData\Local\MFAData
[2012/11/21 11:19:59 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/11/21 11:19:59 | 000,000,000 | ---D | C] -- C:\Users\kl\AppData\Local\Avg2013
[2012/11/21 11:08:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/11/21 11:08:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/11/21 11:08:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012/11/21 10:27:36 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\MotionWorks IEC 2
[2012/11/21 10:23:20 | 000,000,000 | ---D | C] -- C:\Documents
[2012/11/21 10:20:25 | 000,000,000 | ---D | C] -- C:\ProgramData\ADE
[2012/11/21 10:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ADE
[2012/11/21 10:20:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yaskawa
[2012/11/14 09:37:18 | 000,000,000 | ---D | C] -- C:\Users\kl\Desktop\Intervention_Amada_14112012
[2012/11/07 11:05:07 | 000,000,000 | ---D | C] -- C:\Users\kl\Desktop\Otech_client
[2012/10/24 18:01:56 | 000,000,000 | ---D | C] -- C:\Users\kl\AppData\Roaming\Apple Computer
[2012/10/24 18:01:56 | 000,000,000 | ---D | C] -- C:\Users\kl\AppData\Local\Apple Computer
[2012/10/24 18:01:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/10/24 18:01:54 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012/10/24 18:01:44 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/10/24 18:01:43 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/10/24 18:01:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/10/24 18:01:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/10/24 18:01:43 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012/10/24 18:01:28 | 000,000,000 | ---D | C] -- C:\Users\kl\AppData\Local\Apple
[2012/10/24 18:01:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/10/24 18:01:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/10/24 18:01:07 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/10/24 18:01:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012/10/24 18:01:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/10/24 18:01:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/10/24 16:12:22 | 000,000,000 | ---D | C] -- C:\Users\kl\AppData\Roaming\FreeTorrentViewer
[2012/10/24 16:12:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\searchresults
[2012/10/24 16:12:13 | 000,000,000 | ---D | C] -- C:\Users\kl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeTorrentViewer
[2012/10/24 16:12:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTorrentViewer

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012/11/21 13:39:10 | 000,000,073 | ---- | M] () -- C:\Windows\Crypkey.ini
[2012/11/21 13:38:11 | 000,001,932 | ---- | M] () -- C:\Users\Public\Desktop\MotionWorks IEC 2 Express.lnk
[2012/11/21 13:36:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/21 13:36:52 | 2113,679,359 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/21 13:18:44 | 000,024,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/21 13:18:44 | 000,024,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/21 13:07:43 | 000,001,004 | ---- | M] () -- C:\Users\Public\Desktop\MBRCheck.lnk
[2012/11/21 13:07:43 | 000,000,997 | ---- | M] () -- C:\Users\Public\Desktop\ZHPDiag.lnk
[2012/11/21 13:07:43 | 000,000,992 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk
[2012/11/21 12:53:44 | 000,002,099 | ---- | M] () -- C:\Users\kl\Desktop\HijackThis.lnk
[2012/11/21 12:53:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/11/21 12:45:20 | 001,683,898 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/11/21 12:45:20 | 000,752,538 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2012/11/21 12:45:20 | 000,659,380 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/11/21 12:45:20 | 000,152,140 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2012/11/21 12:45:20 | 000,124,428 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/11/21 12:33:25 | 000,227,187 | ---- | M] () -- C:\ProgramData\1353497573.bdinstall.bin
[2012/11/21 12:18:47 | 000,662,373 | ---- | M] () -- C:\ProgramData\1353496295.bdinstall.bin
[2012/11/21 12:18:41 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2012/11/21 11:16:13 | 000,444,833 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/11/21 11:08:51 | 000,001,288 | ---- | M] () -- C:\Users\kl\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2012/11/21 10:35:52 | 000,004,096 | ---- | M] () -- C:\Users\kl\Desktop\Otech_client.mwt
[2012/11/15 21:00:01 | 000,025,198 | ---- | M] () -- C:\Users\kl\Desktop\D.2012.11.15.CDingenierie.V1000.KL.pdf
[2012/11/14 21:35:59 | 000,609,257 | ---- | M] () -- C:\Users\kl\Desktop\TN.MCD.11.pdf
[2012/11/14 12:11:00 | 000,232,951 | ---- | M] () -- C:\Users\kl\Desktop\Axe X1_150ms.pdf
[2012/11/13 19:05:36 | 002,602,359 | ---- | M] () -- C:\Users\kl\Desktop\(Company_presentation_2012_french [Mode de compatibilité]).pdf
[2012/11/09 08:39:04 | 004,557,947 | ---- | M] () -- C:\Users\kl\Desktop\YEA-SIA-IEC-2.pdf
[2012/11/07 11:22:51 | 000,002,240 | ---- | M] () -- C:\Windows\SysNative\esnecil.ind
[2012/11/07 11:22:50 | 000,000,004 | ---- | M] () -- C:\Windows\vx86036.dat
[2012/10/24 17:43:22 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/10/24 13:46:27 | 000,000,350 | ---- | M] () -- C:\Users\kl\Documents\20121024144622.dwp

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012/11/21 13:39:06 | 000,028,664 | ---- | C] () -- C:\Windows\SysNative\Ckldrv.sys
[2012/11/21 13:39:06 | 000,027,648 | R--- | C] () -- C:\Windows\Setup_ck.exe
[2012/11/21 13:39:06 | 000,018,432 | ---- | C] () -- C:\Windows\Setup_ck.dll
[2012/11/21 13:39:06 | 000,011,776 | ---- | C] () -- C:\Windows\Ckrfresh.exe
[2012/11/21 13:38:11 | 000,001,932 | ---- | C] () -- C:\Users\Public\Desktop\MotionWorks IEC 2 Express.lnk
[2012/11/21 13:07:43 | 000,001,004 | ---- | C] () -- C:\Users\Public\Desktop\MBRCheck.lnk
[2012/11/21 13:07:43 | 000,000,997 | ---- | C] () -- C:\Users\Public\Desktop\ZHPDiag.lnk
[2012/11/21 13:07:43 | 000,000,992 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk
[2012/11/21 12:53:44 | 000,002,099 | ---- | C] () -- C:\Users\kl\Desktop\HijackThis.lnk
[2012/11/21 12:33:24 | 000,227,187 | ---- | C] () -- C:\ProgramData\1353497573.bdinstall.bin
[2012/11/21 12:18:47 | 000,662,373 | ---- | C] () -- C:\ProgramData\1353496295.bdinstall.bin
[2012/11/21 12:18:41 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2012/11/21 11:08:51 | 000,001,288 | ---- | C] () -- C:\Users\kl\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2012/11/15 21:00:00 | 000,025,198 | ---- | C] () -- C:\Users\kl\Desktop\D.2012.11.15.CDingenierie.V1000.KL.pdf
[2012/11/14 21:35:59 | 000,609,257 | ---- | C] () -- C:\Users\kl\Desktop\TN.MCD.11.pdf
[2012/11/14 12:10:59 | 000,232,951 | ---- | C] () -- C:\Users\kl\Desktop\Axe X1_150ms.pdf
[2012/11/13 19:05:23 | 002,602,359 | ---- | C] () -- C:\Users\kl\Desktop\(Company_presentation_2012_french [Mode de compatibilité]).pdf
[2012/11/09 08:39:00 | 004,557,947 | ---- | C] () -- C:\Users\kl\Desktop\YEA-SIA-IEC-2.pdf
[2012/11/07 11:05:06 | 000,004,096 | ---- | C] () -- C:\Users\kl\Desktop\Otech_client.mwt
[2012/10/24 18:01:28 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/10/24 17:43:22 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/10/24 13:46:26 | 000,000,350 | ---- | C] () -- C:\Users\kl\Documents\20121024144622.dwp
[2012/10/08 09:43:19 | 000,000,004 | ---- | C] () -- C:\Windows\vx86036.dat
[2012/10/01 13:59:30 | 000,000,073 | ---- | C] () -- C:\Windows\Crypkey.ini
[2012/10/01 13:55:11 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\Tvl20ita.dll
[2012/10/01 13:55:11 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\Tvl20frn.dll
[2012/10/01 13:55:11 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\Tvl20esp.dll
[2012/10/01 13:55:11 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\Tvl20ger.dll
[2012/10/01 13:55:11 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\Tvl20eng.dll
[2012/09/24 14:21:56 | 000,013,782 | RHS- | C] () -- C:\Users\kl\ntuser.pol
[2012/09/24 10:10:54 | 000,033,408 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2012/04/16 09:22:19 | 000,024,022 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/02/07 12:43:59 | 001,695,962 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/02/07 12:21:27 | 000,000,051 | ---- | C] () -- C:\Windows\smsts.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/01/04 11:44:25 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/01/04 09:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
0
Réponse 3 / 8
SlyK Messages postés 854 Date d'inscription vendredi 11 mars 2011 Statut Contributeur sécurité Dernière intervention 6 octobre 2014 147
21 nov. 2012 à 14:20
Re !

Tu as oublié de faire la démarche avec AdwCleaner, de plus il manque un rapport pour OTL (extrat.txt).

PS : N'oublie pas d'héberger les rapports au lieu de les copier/coller comme indiqué dans la démarche.


@+
0
Réponse 4 / 8
vietkong93 Messages postés 32 Date d'inscription mercredi 21 novembre 2012 Statut Membre Dernière intervention 23 novembre 2012
21 nov. 2012 à 15:15
Re!

Ci joint le rapport Adwcleaner: https://www.cjoint.com/?BKvpnLkuYn7

Par contre je n'obtiens qu'un seul rapport OTL, je n'ai pas l'extrat...

ci joint le rapport OTL: https://www.cjoint.com/?BKvpoZ2GQy1

Merci!
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 8
SlyK Messages postés 854 Date d'inscription vendredi 11 mars 2011 Statut Contributeur sécurité Dernière intervention 6 octobre 2014 147
21 nov. 2012 à 21:05
Re !

Possible d'avoir ce rapport ?
- AdwCleaner[S1].txt 

Par contre je n'obtiens qu'un seul rapport OTL, je n'ai pas l'extrat...
As-tu vérifié sur le bureau ?


@+
0
Réponse 6 / 8
vietkong93 Messages postés 32 Date d'inscription mercredi 21 novembre 2012 Statut Membre Dernière intervention 23 novembre 2012
23 nov. 2012 à 09:13
Hello,

Je n'arrive pas à mettre la main sur le S1.

Ci joint, le fichier extrat: https://www.cjoint.com/?BKxjnaVJXRs

Merci pour ton aide!
0
Réponse 7 / 8
vietkong93 Messages postés 32 Date d'inscription mercredi 21 novembre 2012 Statut Membre Dernière intervention 23 novembre 2012
23 nov. 2012 à 13:15
Re!

J'ai retrouvé le S1... Ci dessous!

https://www.cjoint.com/?BKxnoSLG4pf

Merci
0
Réponse 8 / 8
Utilisateur anonyme
24 nov. 2012 à 02:46
alors ca c'est enorme !!!!!!
0

Discussions similaires

infecté par trojan.generic
blocage -
billmaxime -

29 réponses
Trojan Generic : impossible à m'en débarasser
mumu31 -
loicdu54 -

20 réponses
pb Adware.Navipromo.GO-Trojan.Generic.220150
mowgly -
Utilisateur anonyme -

84 réponses
Virus Trojan.Generic Impossible à SUPPRIMER
krys95580 -
archet9 -

57 réponses