Probleme shockware et script
Fermé
shanone04
Messages postés
6
Date d'inscription
mercredi 5 mars 2014
Statut
Membre
Dernière intervention
11 mars 2014
-
5 mars 2014 à 22:42
shanone04 Messages postés 6 Date d'inscription mercredi 5 mars 2014 Statut Membre Dernière intervention 11 mars 2014 - 11 mars 2014 à 13:47
shanone04 Messages postés 6 Date d'inscription mercredi 5 mars 2014 Statut Membre Dernière intervention 11 mars 2014 - 11 mars 2014 à 13:47
A voir également:
- Probleme shockware et script
- Script vidéo youtube - Guide
- Script bat - Guide
- Executeur de script - Télécharger - Édition & Programmation
- Ghost script - Télécharger - Polices de caractères
- Script bouger souris ✓ - Forum C++
2 réponses
shanone04
Messages postés
6
Date d'inscription
mercredi 5 mars 2014
Statut
Membre
Dernière intervention
11 mars 2014
6 mars 2014 à 16:52
6 mars 2014 à 16:52
s'il vous plait quelqu'un pour m'aider ?
shanone04
Messages postés
6
Date d'inscription
mercredi 5 mars 2014
Statut
Membre
Dernière intervention
11 mars 2014
11 mars 2014 à 13:47
11 mars 2014 à 13:47
apres avoir lu beaucoup de discussion sur le forum j'ai telechargé zhp diag by nicolas coolman et voici le rapport :
~ Rapport de ZHPDiag v2014.3.10.11 - Nicolas Coolman (10/03/2014)
~ Lancé par Administrateur (11/03/2014 13:27:37)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC):
---\\ Navigateurs Internet
MSIE: Internet Explorer v6.0.2900.2180 (Defaut)
MFIE: Mozilla Firefox 27.0.1
---\\ Informations sur les produits Windows
~ Langage: Français
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1506.0
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin
Adobe Reader 9.5.0 - Français
Java 7 Update 51
---\\ Informations sur le système
~ Processor: x86 Family 15 Model 127 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 895 MB (50% free)
System Restore: Activé (Enable)
System drive C: has 1 GB (0%) free of 114 GB
---\\ Mode de connexion au système
~ Computer Name: TITANIUM
~ User Name: Administrateur
~ All Users Names: SUPPORT_388945a0, HelpAssistant, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\Administrateur\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\Administrateur\Application Data\
~ %Desktop% : C:\Documents and Settings\Administrateur\Bureau\
~ %Favorites% : C:\Documents and Settings\Administrateur\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Administrateur\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Administrateur\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 1 Go of 114 Go)
D: CD-ROM drive (Not Inserted)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 42 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.723ECE72C35ED65D1758068B17B76D7C] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.16/04/2010 - 16:36:40.) -- C:\WINDOWS\system32\wininet.dll [666112]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 19:40:30.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 20:14:21.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 19:40:46.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 02:57:38.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 17:36:05.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.14/04/2008 - 03:00:52.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 19:40:58.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 19:57:15.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 20:19:42.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 20:21:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 20:15:53.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/04/2008 - 03:09:40.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 20:19:43.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 19:32:51.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.14/04/2008 - 02:57:34.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/04/2008 - 02:56:04.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/2527
~ Mes Videos (My Videos) : 1/11
~ Mes Favoris (My Favorites) : 1/11
~ Mes Documents (My Documents) : 2/2569
~ Mon Bureau (My Desktop) : 1/18
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 00mn 03s
---\\ Processus lancés
[MD5.E3BE7DAC6E46C2F1461996F29A09B6FA] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808] [PID.1744]
[MD5.B9436A665A8621073A12338B16D7BFD4] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [182696] [PID.2028]
[MD5.08AA0433420F6C435C0CC07F083746D7] - (.RaMMicHaeL - Unchecky Service.) -- C:\Program Files\Unchecky\bin\unchecky_svc.exe [107624] [PID.420]
[MD5.A8790C594F98EB4B9288F7CC6FD3E2C9] - (.RaMMicHaeL - Unchecky Background Process.) -- C:\Program Files\Unchecky\bin\unchecky_bg.exe [318056] [PID.524]
[MD5.D5E7E2BBFF0C29246F0DA3C6EFC7DEB2] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4858968] [PID.1544]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254336] [PID.1284]
[MD5.F6987FF6C6D683F79FDCE707B071A997] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe [955392] [PID.1728]
[MD5.D9184C5FF3FD526761D518A95ABA74A3] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [275568] [PID.3100]
[MD5.258A35DDA86873A152879CFCBA40BB60] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8352256] [PID.768]
~ Processes Running: Scanned in 00mn 02s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\9a5ew2rs.default-1392641227890\prefs.js
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\t6krgy5k.default\prefs.js
M0 - MFSP: prefs.js [Administrateur - 9a5ew2rs.default-1392641227890] https://portail.free.fr/
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFFICE.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.0".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.51.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.51.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.51.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com # win # 6.0.2.0.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20913.0.) -- C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.0".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 4.1.2f1.) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
~ Firefox Browser: 14 Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://free/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Unity Technologies ApS - Unity Player 4.1.2f1.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
~ IE Browser: 11 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 57
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
~ BHO: 12 Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! Online Security - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [AllUsers]: Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A95000000001}\SC_Reader.ico
O4 - GS\Program [AllUsers]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Administrateur]: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe =>.Microsoft Corporation
~ Global Startup: 3 Scanned in 00mn 00s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1757981266-113007714-682003330-500\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-21-1757981266-113007714-682003330-500\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} -- C:\Documents and Settings\Administrateur\Application Data\IMVUClient\imvu.ico (.not file.)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
~ Winsock: 3 Scanned in 00mn 00s
---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14)
O14 - IERESET.INF: START_PAGE_URL=START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
~ IE Paramètres WEB: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} ((no name)) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ((no name)) - http://www.ma-config.com/plugins/MaConfig_4_1_0_3.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1ED7F46A-AB6F-4617-A10F-7A5860A8E91F}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{1ED7F46A-AB6F-4617-A10F-7A5860A8E91F}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{B1A80936-CC53-4299-9EA1-D1316EC9D302}: DhcpNameServer = 212.27.54.252 212.27.53.252
O17 - HKLM\System\CS3\Services\Tcpip\..\{1ED7F46A-AB6F-4617-A10F-7A5860A8E91F}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Windows Genuine Advantage Notifications.) -- C:\WINDOWS\system32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files\movies~1\safety~1\safety~2.dll (.not file.)
~ AppInit DLL: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
~ SSODL: 5 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation - Java Quick Starter Service.) - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Unchecky (Unchecky) . (.RaMMicHaeL - Unchecky Service.) - C:\Program Files\Unchecky\bin\unchecky_svc.exe
~ Services: 3 Scanned in 00mn 04s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\At1.job [416]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\avast! Emergency Update.job [318]
[MD5.F7AB315A4D400CA876381D1E188A2E20] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [257928]
[MD5.00000000000000000000000000000000] [APT] [At1] (...) -- C:\DOCUME~1\Administrateur\APPLIC~1\MYSEAR~1\UPDATE~1\UPDATE~1.exe (.not file.) [0]
[MD5.29ED58780F9AF9381817ABCA5C002E18] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [251784]
~ Scheduled Task: 7 Scanned in 00mn 00s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Mise à jour de la version d'Internet Explorer - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} . (.Microsoft Corporation - IE Per User Active Setup Uninstall Utility.) -- C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Lecteur Windows Media - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d'installation du Lecteur Windows Media Microsoft.) -- C:\WINDOWS\inf\unregmp2.exe =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} . (.Microsoft Corporation - DirectX Media -- DirectAnimation.) -- C:\WINDOWS\system32\danim.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Améliorations pour la navigation - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\WINDOWS\system32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- C:\WINDOWS\INF\wmp.inf =>.Microsoft Corporation
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O40 - ASIC: Internet Explorer 6 - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'installation individualisée de Internet Explorer.) -- C:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- c:\WINDOWS\system32\mscories.dll
~ Active Setup: 17 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (AmdK8) . (.Advanced Micro Devices - AMD Processor Driver.) - C:\WINDOWS\system32\DRIVERS\AmdK8.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Drivers: 83 Scanned in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: AMD Processor Driver - (.AMD.) [HKLM] -- {C151CE54-E7EA-4804-854B-F515368B0798}
O42 - Logiciel: Adobe Flash Player 12 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.5.0 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A95000000001}
O42 - Logiciel: CameraHelperMsi - (.Logitech.) [HKLM] -- {15634701-BACE-4449-8B25-1567DA8C9FD3}
O42 - Logiciel: FindRight - (.FindRight.) [HKLM] -- FindRight =>Hijacker.FindrToolbar
O42 - Logiciel: High Definition Audio Driver Package - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: Java 7 Update 51 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217051FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}
O42 - Logiciel: LWS Facebook - (.Logitech.) [HKLM] -- {FF167195-9EE4-46C0-8CD7-FBA3457E88AB}
O42 - Logiciel: LWS Gallery - (.Logitech.) [HKLM] -- {6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}
O42 - Logiciel: LWS Help_main - (.Logitech.) [HKLM] -- {1651216E-E7AD-4250-92A1-FB8ED61391C9}
O42 - Logiciel: LWS Launcher - (.Logitech.) [HKLM] -- {83C8FA3C-F4EA-46C4-8392-D3CE353738D6}
O42 - Logiciel: LWS Motion Detection - (.Logitech.) [HKLM] -- {71E66D3F-A009-44AB-8784-75E2819BA4BA}
O42 - Logiciel: LWS Pictures And Video - (.Logitech.) [HKLM] -- {08610298-29AE-445B-B37D-EFBE05802967}
O42 - Logiciel: LWS Twitter - (.Logitech.) [HKLM] -- {174A3B31-4C43-43DD-866F-73C9DB887B48}
O42 - Logiciel: LWS Video Mask Maker - (.Logitech.) [HKLM] -- {EED027B7-0DB6-404B-8F45-6DFEE34A0441}
O42 - Logiciel: LWS VideoEffects - (.Logitech.) [HKLM] -- {138A4072-9E64-46BD-B5F9-DB2BB395391F}
O42 - Logiciel: LWS WLM Plugin - (.Logitech.) [HKLM] -- {9DAEA76B-E50F-4272-A595-0124E826553D}
O42 - Logiciel: LWS Webcam Software - (.Logitech.) [HKLM] -- {8937D274-C281-42E4-8CDB-A0B2DF979189}
O42 - Logiciel: LWS YouTube Plugin - (.Logitech.) [HKLM] -- {21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}
O42 - Logiciel: Logitech Vid HD - (.Logitech Inc...) [HKLM] -- Logitech Vid
O42 - Logiciel: Logitech Webcam Software - (.Logitech Inc..) [HKLM] -- {D40EB009-0499-459c-A8AF-C9C110766215} =>.Logitech Inc
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {3BE0CF3B-A329-4C46-8272-2E64ECA66CA4}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 - (.Microsoft Corporation.) [HKLM] -- Wdf01005
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000
O42 - Logiciel: Mozilla Firefox 27.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 27.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA nView Desktop Manager - (.NVIDIA Corporation.) [HKLM] -- NVIDIA nView Desktop Manager
O42 - Logiciel: OpenOffice 4.0.0 - (.Apache Software Foundation.) [HKLM] -- {4F8C9861-DDCF-4EE8-978C-35B691C406B3}
O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {AC599724-5755-48C1-ABE7-ABB857652930}
O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0 - (.MobileTop.) [HKLM] -- 6194C28A8F62DD817EA1B918E6E46E806A21B452
O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0) - (.MobileTop.) [HKLM] -- 65B6FE5418CE28F4D72543FB2D964C3CEC83F161
O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0) - (.Nokia.) [HKLM] -- 3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F
O42 - Logiciel: PaperPort Image Printer - (.Nuance Communications, Inc..) [HKLM] -- {332CC6BF-E6C7-48EE-BA3D-435E576AD67F}
O42 - Logiciel: SAMSUNG Mobile Composite Device Software - (...) [HKLM] -- SAMSUNG Mobile Composite Device
O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (...) [HKLM] -- SAMSUNG Mobile Modem
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (...) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (...) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: SAMSUNG USB Mobile Device Software - (...) [HKLM] -- SAMSUNG USB Mobile Device
O42 - Logiciel: Samsung Mobile Modem Device Software - (...) [HKLM] -- Samsung Mobile Modem Device
O42 - Logiciel: Samsung Mobile phone USB driver Software - (...) [HKLM] -- Samsung Mobile phone USB driver
O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}
O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- {F193FC0E-9E18-40FC-A974-509A1BDD240A}
O42 - Logiciel: SamsungConnectivityCableDriver - (.Samsung.) [HKLM] -- {7E84FAC8-C518-40F9-9807-7455301D6D25}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: Sony PC Companion 2.10.188 - (.Sony.) [HKLM] -- {F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}
O42 - Logiciel: SuperCopier2 - (...) [HKLM] -- SuperCopier2
O42 - Logiciel: Unchecky v0.2.10 - (.RaMMicHaeL.) [HKLM] -- Unchecky
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU] -- UnityWebPlayer
O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify
O42 - Logiciel: Windows Media Format 11 runtime - (...) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP
O42 - Logiciel: avast! Free Antivirus v8.0.1506.0 - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: erLT - (.Logitech, Inc..) [HKLM] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
~ Logic: 67 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\AMSHomeStudio]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow]
[HKCU\Software\BVRP Software]
[HKCU\Software\Brother]
[HKCU\Software\ClassSofta71]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DT Soft]
[HKCU\Software\DVDVideoSoft]
[HKCU\Software\Etiam]
[HKCU\Software\EuroSoft Software Development]
[HKCU\Software\Facebook]
[HKCU\Software\FindRight] =>Hijacker.FindrToolbar
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\IncrediMail]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Leadertech]
[HKCU\Software\LogiShrd]
[HKCU\Software\Logitech]
[HKCU\Software\MAGIX AG]
[HKCU\Software\Macromedia]
[HKCU\Software\Magix]
[HKCU\Software\Marseillesoft]
[HKCU\Software\Mobileleader]
[HKCU\Software\Monitored]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\Nuance]
[HKCU\Software\ODBC]
[HKCU\Software\OpenOffice]
[HKCU\Software\PhotoFiltre]
[HKCU\Software\Policies]
[HKCU\Software\SFX TEAM]
[HKCU\Software\SOFT32]
[HKCU\Software\Samsung]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\Sony]
[HKCU\Software\TeleCharger]
[HKCU\Software\TeleCharger_v2]
[HKCU\Software\Trolltech]
[HKCU\Software\Unchecky]
[HKCU\Software\Unity]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Vodafone]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Xara]
[HKCU\Software\cybelsoft]
[HKCU\Software\ej-technologies]
[HKCU\Software\settings]
[HKCU\Software\temp]
[HKLM\Software\ALWIL Software]
[HKLM\Software\AMD]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\AppDataLow]
[HKLM\Software\Brother]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Bunndle]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DT Soft]
[HKLM\Software\DVDVideoSoft]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Khronos]
[HKLM\Software\Licenses]
[HKLM\Software\Logitech]
[HKLM\Software\MAGIX]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\MarkAny]
[HKLM\Software\McAfee.com]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\Nuance]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice]
[HKLM\Software\PC Connectivity Solution]
[HKLM\Software\PCSuite]
[HKLM\Software\PoINT]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Samsung]
[HKLM\Software\ScanSoft]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Sensible Vision]
[HKLM\Software\Skype]
[HKLM\Software\Software]
[HKLM\Software\Sony]
[HKLM\Software\Symantec]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Windows]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Xara]
[HKLM\Software\Zeon]
[HKLM\Software\ahead]
[HKLM\Software\cybelsoft]
[HKLM\Software\ej-technologies]
[HKLM\Software\logishrd]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\mozilla.org]
~ Key Software: 267 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 16/03/2013 - 11:39:09 - [0] ----D C:\Program Files\7-Zip
O43 - CFD: 28/02/2014 - 18:22:10 - [109,793] ----D C:\Program Files\Adobe
O43 - CFD: 22/06/2010 - 14:06:16 - [579,632] ----D C:\Program Files\Alwil Software
O43 - CFD: 22/06/2010 - 14:01:30 - [2,997] ----D C:\Program Files\AMD
O43 - CFD: 27/01/2014 - 18:00:44 - [0,071] ----D C:\Program Files\AppsHat Mobile Apps =>Adware.MegaSearch
O43 - CFD: 26/05/2012 - 17:27:21 - [10,396] ----D C:\Program Files\Brother
O43 - CFD: 03/06/2013 - 18:00:09 - [1,863] ----D C:\Program Files\Common Files
O43 - CFD: 22/06/2010 - 13:34:19 - [0] ----D C:\Program Files\ComPlus Applications
O43 - CFD: 22/04/2011 - 11:51:45 - [3,539] ----D C:\Program Files\DIFX
O43 - CFD: 15/04/2013 - 13:24:57 - [158,488] ----D C:\Program Files\Euro Truck Simulator
O43 - CFD: 07/03/2014 - 18:53:16 - [222,576] ----D C:\Program Files\Fichiers communs
O43 - CFD: 02/03/2014 - 20:08:46 - [0] ----D C:\Program Files\Google
O43 - CFD: 28/02/2014 - 13:04:22 - [8,636] ----D C:\Program Files\GUM29.tmp
O43 - CFD: 22/05/2011 - 20:49:42 - [8,979] ----D C:\Program Files\Home Photo Studio
O43 - CFD: 15/01/2014 - 13:35:17 - [24,696] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 09/03/2014 - 12:14:43 - [1,378] ----D C:\Program Files\Internet Explorer
O43 - CFD: 09/07/2012 - 17:36:44 - [121,437] ----D C:\Program Files\Java
O43 - CFD: 03/06/2013 - 18:09:26 - [123,524] ----D C:\Program Files\Logitech
O43 - CFD: 19/09/2012 - 20:05:34 - [7,326] ----D C:\Program Files\ma-config.com
O43 - CFD: 22/05/2011 - 20:51:05 - [0,002] ----D C:\Program Files\MAGIX
O43 - CFD: 22/04/2011 - 11:50:21 - [0,211] ----D C:\Program Files\MarkAny
O43 - CFD: 23/06/2010 - 22:13:29 - [2,048] ----D C:\Program Files\Messenger
O43 - CFD: 19/09/2012 - 21:19:29 - [0,718] ----D C:\Program Files\Microsoft
O43 - CFD: 22/06/2010 - 13:37:29 - [0] ----D C:\Program Files\microsoft frontpage
O43 - CFD: 19/09/2012 - 21:16:08 - [247,051] ----D C:\Program Files\Microsoft Office
O43 - CFD: 11/10/2013 - 21:37:30 - [40,851] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 10/08/2010 - 17:17:56 - [1,745] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 10/08/2010 - 21:15:38 - [2,087] ----D C:\Program Files\Microsoft Sync Framework
O43 - CFD: 08/11/2012 - 10:04:02 - [0,191] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 22/06/2010 - 19:49:29 - [5,750] ----D C:\Program Files\movie maker
O43 - CFD: 18/02/2014 - 16:08:11 - [52,262] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 19/02/2014 - 10:22:28 - [0,216] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 10/08/2010 - 17:46:32 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 22/06/2010 - 19:49:29 - [18,385] ----D C:\Program Files\msn
O43 - CFD: 22/06/2010 - 13:37:29 - [0] ----D C:\Program Files\msn gaming zone
O43 - CFD: 24/06/2010 - 14:45:55 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 22/06/2010 - 14:15:36 - [2,820] ----D C:\Program Files\Nero
O43 - CFD: 22/06/2010 - 19:47:30 - [3,133] ----D C:\Program Files\NetMeeting
O43 - CFD: 23/06/2010 - 13:20:15 - [0,388] ----D C:\Program Files\Nuance
O43 - CFD: 14/04/2013 - 21:59:15 - [180,819] ----D C:\Program Files\NVIDIA Corporation
O43 - CFD: 17/09/2013 - 18:22:27 - [314,326] ----D C:\Program Files\OpenOffice 4
O43 - CFD: 16/12/2010 - 23:06:55 - [4,176] ----D C:\Program Files\Outlook Express =>.Microsoft Corporation
O43 - CFD: 22/04/2011 - 11:51:39 - [9,319] ----D C:\Program Files\PC Connectivity Solution
O43 - CFD: 10/08/2010 - 17:46:26 - [36,207] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 22/04/2011 - 11:51:49 - [165,247] ----D C:\Program Files\Samsung
O43 - CFD: 23/06/2010 - 13:19:15 - [0] ----D C:\Program Files\ScanSoft
O43 - CFD: 22/06/2010 - 13:35:56 - [0,001] ----D C:\Program Files\Services en ligne
O43 - CFD: 28/06/2013 - 12:23:57 - [159,174] ----D C:\Program Files\Sony
O43 - CFD: 22/06/2010 - 13:50:36 - [1,169] ----D C:\Program Files\SuperCopier2
O43 - CFD: 28/02/2014 - 13:31:13 - [2,331] ----D C:\Program Files\Unchecky
O43 - CFD: 22/06/2010 - 13:41:36 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 19/11/2013 - 19:02:36 - [89,113] ----D C:\Program Files\Windows Live
O43 - CFD: 22/06/2010 - 21:05:02 - [0,234] ----D C:\Program Files\Windows Live SkyDrive
O43 - CFD: 18/09/2010 - 12:54:18 - [0] ----D C:\Program Files\Windows Media Connect 2
O43 - CFD: 18/09/2010 - 12:55:44 - [4,963] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 10/03/2014 - 20:11:27 - [0] ----D C:\Program Files\Windows NT
O43 - CFD: 22/06/2010 - 13:36:00 - [0] --H-D C:\Program Files\WindowsUpdate
O43 - CFD: 19/09/2012 - 20:10:04 - [3,898] ----D C:\Program Files\WinRAR
O43 - CFD: 22/06/2010 - 13:37:30 - [0] ----D C:\Program Files\xerox
O43 - CFD: 11/03/2014 - 13:26:26 - [23,823] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 04/03/2014 - 12:36:16 - [6,247] ----D C:\Program Files\Fichiers communs\Adobe
O43 - CFD: 09/05/2012 - 21:00:36 - [5,607] ----D C:\Program Files\Fichiers communs\Ahead
O43 - CFD: 22/06/2010 - 13:54:55 - [0,082] ----D C:\Program Files\Fichiers communs\DESIGNER
O43 - CFD: 09/05/2012 - 20:53:37 - [0] ----D C:\Program Files\Fichiers communs\DVDVideoSoft
O43 - CFD: 09/05/2012 - 20:54:39 - [7,408] ----D C:\Program Files\Fichiers communs\InstallShield
O43 - CFD: 07/03/2014 - 18:53:16 - [1,191] ----D C:\Program Files\Fichiers communs\Java
O43 - CFD: 03/06/2013 - 18:06:07 - [66,203] ----D C:\Program Files\Fichiers communs\LogiShrd
O43 - CFD: 03/06/2013 - 18:00:36 - [4,999] ----D C:\Program Files\Fichiers communs\LWS
O43 - CFD: 14/07/2010 - 15:34:36 - [114,102] ----D C:\Program Files\Fichiers communs\Microsoft Shared
O43 - CFD: 22/06/2010 - 13:35:15 - [0,271] ----D C:\Program Files\Fichiers communs\MSSoap
O43 - CFD: 22/06/2010 - 15:30:01 - [0] ----D C:\Program Files\Fichiers communs\ODBC
O43 - CFD: 09/05/2012 - 20:50:39 - [0,001] ----D C:\Program Files\Fichiers communs\PC Tools
O43 - CFD: 22/06/2010 - 13:35:19 - [0,008] ----D C:\Program Files\Fichiers communs\Services
O43 - CFD: 22/06/2010 - 15:29:58 - [3,612] ----D C:\Program Files\Fichiers communs\SpeechEngines
O43 - CFD: 09/05/2012 - 20:49:35 - [0] ----D C:\Program Files\Fichiers communs\Symantec Shared
O43 - CFD: 22/06/2010 - 19:47:24 - [12,845] ----D C:\Program Files\Fichiers communs\System
O43 - CFD: 22/06/2010 - 21:02:21 - [0] ----D C:\Program Files\Fichiers communs\Windows Live
O43 - CFD: 04/03/2014 - 12:36:15 - [336,932] ----D C:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 22/06/2010 - 14:06:16 - [65,054] ----D C:\Documents and Settings\All Users\Application Data\Alwil Software
O43 - CFD: 30/01/2014 - 21:49:17 - [0,056] ----D C:\Documents and Settings\All Users\Application Data\AVAST Software
O43 - CFD: 23/06/2010 - 13:18:23 - [1,207] ----D C:\Documents and Settings\All Users\Application Data\Brother
O43 - CFD: 17/04/2012 - 10:33:01 - [0] --H-D C:\Documents and Settings\All Users\Application Data\Common Files
O43 - CFD: 17/04/2012 - 17:21:43 - [0,001] ----D C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 22/06/2010 - 21:12:47 - [0] ----D C:\Documents and Settings\All Users\Application Data\IM
O43 - CFD: 22/06/2010 - 21:12:07 - [0,009] ----D C:\Documents and Settings\All Users\Application Data\IncrediMail
O43 - CFD: 23/06/2010 - 13:19:51 - [0] ----D C:\Documents and Settings\All Users\Application Data\InstallShield
O43 - CFD: 03/06/2013 - 18:17:16 - [0] ----D C:\Documents and Settings\All Users\Application Data\LogiShrd
O43 - CFD: 03/06/2013 - 18:00:44 - [20,162] ----D C:\Documents and Settings\All Users\Application Data\Logitech
O43 - CFD: 19/09/2012 - 20:05:33 - [6,339] ----D C:\Documents and Settings\All Users\Application Data\ma-config.com
O43 - CFD: 22/05/2011 - 20:50:45 - [5,249] ----D C:\Documents and Settings\All Users\Application Data\MAGIX
O43 - CFD: 31/12/2011 - 14:00:17 - [0,284] ----D C:\Documents and Settings\All Users\Application Data\McAfee
O43 - CFD: 19/12/2013 - 23:28:47 - [5,289] -S--D C:\Documents and Settings\All Users\Application Data\Microsoft
O43 - CFD: 02/05/2012 - 17:07:51 - [0] ----D C:\Documents and Settings\All Users\Application Data\Mozilla
O43 - CFD: 09/05/2012 - 20:49:38 - [0] ----D C:\Documents and Settings\All Users\Application Data\Norton
O43 - CFD: 26/03/2012 - 18:23:39 - [2,060] ----D C:\Documents and Settings\All Users\Application Data\NortonInstaller
O43 - CFD: 22/06/2010 - 14:22:24 - [0,172] ----D C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
O43 - CFD: 22/04/2011 - 11:57:06 - [0] ----D C:\Documents and Settings\All Users\Application Data\PC Suite
O43 - CFD: 19/09/2012 - 20:51:48 - [0,973] ----D C:\Documents and Settings\All Users\Application Data\ScanSoft
O43 - CFD: 02/03/2014 - 20:11:04 - [30,846] ----D C:\Documents and Settings\All Users\Application Data\Skype
O43 - CFD: 15/04/2012 - 20:00:22 - [0] ----D C:\Documents and Settings\All Users\Application Data\Software =>Adware.Boxore
O43 - CFD: 28/06/2013 - 12:23:58 - [5,422] ----D C:\Documents and Settings\All Users\Application Data\Sony
O43 - CFD: 10/07/2010 - 20:42:55 - [0] ----D C:\Documents and Settings\All Users\Application Data\Sun
O43 - CFD: 09/05/2012 - 20:50:43 - [0] ---AD C:\Documents and Settings\All Users\Application Data\TEMP
O43 - CFD: 05/09/2010 - 17:10:17 - [0] ----D C:\Documents and Settings\All Users\Application Data\Vodafone
O43 - CFD: 22/06/2010 - 19:05:44 - [0,003] ----D C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
O43 - CFD: 05/03/2013 - 21:29:57 - [87,208] ----D C:\Documents and Settings\Administrateur\Application Data\.minecraft
O43 - CFD: 09/05/2012 - 20:47:11 - [2,465] ----D C:\Documents and Settings\Administrateur\Application Data\Adobe
O43 - CFD: 04/09/2010 - 20:37:37 - [0,054] ----D C:\Documents and Settings\Administrateur\Application Data\Ahead
O43 - CFD: 09/08/2010 - 14:10:19 - [0] R---D C:\Documents and Settings\Administrateur\Application Data\Brother
O43 - CFD: 17/04/2012 - 17:24:29 - [0,836] ----D C:\Documents and Settings\Administrateur\Application Data\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 19/11/2012 - 20:24:36 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\DriverFinder
O43 - CFD: 10/08/2010 - 21:01:37 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\DVDVideoSoft
O43 - CFD: 15/04/2012 - 10:00:49 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\GetRightToGo
O43 - CFD: 28/02/2013 - 20:46:21 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\Help
O43 - CFD: 10/08/2010 - 17:31:39 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\Identities
O43 - CFD: 22/06/2010 - 13:56:44 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\InstallShield
O43 - CFD: 03/06/2013 - 18:07:20 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\Leadertech
O43 - CFD: 22/06/2010 - 21:26:45 - [6,077] ----D C:\Documents and Settings\Administrateur\Application Data\Macromedia
O43 - CFD: 11/08/2010 - 16:04:55 - [1,454] ----D C:\Documents and Settings\Administrateur\Application Data\MAGIX
O43 - CFD: 22/06/2010 - 19:37:16 - [0,001] ----D C:\Documents and Settings\Administrateur\Application Data\Media Player Classic
O43 - CFD: 01/01/2012 - 18:01:02 - [16,083] -S--D C:\Documents and Settings\Administrateur\Application Data\Microsoft
O43 - CFD: 22/06/2010 - 20:52:26 - [72,132] ----D C:\Documents and Settings\Administrateur\Application Data\Mozilla
O43 - CFD: 17/09/2013 - 18:30:59 - [7,864] ----D C:\Documents and Settings\Administrateur\Application Data\OpenOffice
O43 - CFD: 22/04/2011 - 11:57:04 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\PC Suite
O43 - CFD: 10/08/2010 - 21:30:32 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\PhotoFiltre
O43 - CFD: 22/04/2011 - 11:50:48 - [48,185] ----D C:\Documents and Settings\Administrateur\Application Data\Samsung
O43 - CFD: 01/10/2013 - 20:41:01 - [4,882] ----D C:\Documents and Settings\Administrateur\Application Data\Skype
O43 - CFD: 10/07/2010 - 20:39:19 - [39,114] ----D C:\Documents and Settings\Administrateur\Application Data\Sun
O43 - CFD: 22/03/2012 - 19:09:22 - [0,061] ----D C:\Documents and Settings\Administrateur\Application Data\Unity
O43 - CFD: 18/04/2012 - 10:39:08 - [1,437] ----D C:\Documents and Settings\Administrateur\Application Data\uTorrent =>P2P.µTorrent
O43 - CFD: 13/10/2010 - 12:46:48 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\Vivox
O43 - CFD: 05/09/2010 - 17:10:46 - [0,766] ----D C:\Documents and Settings\Administrateur\Application Data\Vodafone
O43 - CFD: 19/09/2012 - 20:10:18 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\WinRAR
O43 - CFD: 11/03/2014 - 13:28:02 - [0,034] ----D C:\Documents and Settings\Administrateur\Application Data\ZHP =>.Nicolas Coolman
O43 - CFD: 07/03/2014 - 18:21:35 - [31,768] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Adobe
O43 - CFD: 12/08/2010 - 17:20:58 - [10,166] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Ahead
O43 - CFD: 06/09/2013 - 20:54:00 - [0,078] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\AppsHat Mobile Apps =>Adware.MegaSearch
O43 - CFD: 15/09/2013 - 09:36:49 - [0,200] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\avgchrome
O43 - CFD: 22/04/2011 - 11:48:31 - [93,440] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Downloaded Installations
O43 - CFD: 16/02/2014 - 12:41:45 - [0,589] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Facebook
O43 - CFD: 02/03/2014 - 20:08:11 - [0] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google
O43 - CFD: 12/06/2011 - 16:23:36 - [0] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Help
O43 - CFD: 21/08/2011 - 11:43:41 - [0,425] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Identities
O43 - CFD: 23/06/2010 - 14:43:46 - [173,978] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\IM
O43 - CFD: 03/06/2013 - 18:15:24 - [2,916] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\LogiShrd
O43 - CFD: 28/02/2014 - 13:22:50 - [430,767] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft
O43 - CFD: 22/06/2010 - 20:52:05 - [9,009] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla
O43 - CFD: 13/04/2012 - 09:47:31 - [0] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\PCHealth
O43 - CFD: 23/06/2010 - 13:27:18 - [0] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Scansoft
O43 - CFD: 15/04/2012 - 19:58:43 - [0] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Software =>Adware.Boxore
O43 - CFD: 07/07/2013 - 14:04:26 - [0] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Sony
O43 - CFD: 09/07/2012 - 20:00:57 - [0,039] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Sun
O43 - CFD: 23/02/2014 - 11:02:10 - [1,932] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Temp
O43 - CFD: 09/06/2013 - 16:57:53 - [256,355] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Unity
O43 - CFD: 11/08/2010 - 16:01:29 - [0] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Xara
O43 - CFD: 05/09/2010 - 17:09:44 - [10,588] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\{BAD7C248-517D-4CE1-B65A-829C01BEFDB1}
O43 - CFD: 10/08/2010 - 21:30:11 - [0,016] R---D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 29/07/2013 - 14:32:39 - [0] R---D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 02/03/2014 - 12:27:37 - [0] R---D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Outils d'administration
O43 - CFD: 22/06/2010 - 13:50:37 - [0,006] ----D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\SuperCopier2
O43 - CFD: 19/09/2012 - 20:10:07 - [0,002] ----D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\WinRAR
~ Program Folder: 161 Scanned in 00mn 32s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.0676A76038BC8B2958C719C81D0F6730] - 02/03/2014 - 12:12:11 ---A- . (...) -- C:\WINDOWS\setupact.log [191641]
O44 - LFC
~ Rapport de ZHPDiag v2014.3.10.11 - Nicolas Coolman (10/03/2014)
~ Lancé par Administrateur (11/03/2014 13:27:37)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC):
---\\ Navigateurs Internet
MSIE: Internet Explorer v6.0.2900.2180 (Defaut)
MFIE: Mozilla Firefox 27.0.1
---\\ Informations sur les produits Windows
~ Langage: Français
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1506.0
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin
Adobe Reader 9.5.0 - Français
Java 7 Update 51
---\\ Informations sur le système
~ Processor: x86 Family 15 Model 127 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 895 MB (50% free)
System Restore: Activé (Enable)
System drive C: has 1 GB (0%) free of 114 GB
---\\ Mode de connexion au système
~ Computer Name: TITANIUM
~ User Name: Administrateur
~ All Users Names: SUPPORT_388945a0, HelpAssistant, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\Administrateur\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\Administrateur\Application Data\
~ %Desktop% : C:\Documents and Settings\Administrateur\Bureau\
~ %Favorites% : C:\Documents and Settings\Administrateur\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Administrateur\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Administrateur\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 1 Go of 114 Go)
D: CD-ROM drive (Not Inserted)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 42 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.723ECE72C35ED65D1758068B17B76D7C] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.16/04/2010 - 16:36:40.) -- C:\WINDOWS\system32\wininet.dll [666112]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 19:40:30.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 20:14:21.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 19:40:46.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 02:57:38.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 17:36:05.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.14/04/2008 - 03:00:52.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 19:40:58.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 19:57:15.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 20:19:42.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 20:21:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 20:15:53.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/04/2008 - 03:09:40.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 20:19:43.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 19:32:51.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.14/04/2008 - 02:57:34.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/04/2008 - 02:56:04.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/2527
~ Mes Videos (My Videos) : 1/11
~ Mes Favoris (My Favorites) : 1/11
~ Mes Documents (My Documents) : 2/2569
~ Mon Bureau (My Desktop) : 1/18
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 00mn 03s
---\\ Processus lancés
[MD5.E3BE7DAC6E46C2F1461996F29A09B6FA] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808] [PID.1744]
[MD5.B9436A665A8621073A12338B16D7BFD4] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [182696] [PID.2028]
[MD5.08AA0433420F6C435C0CC07F083746D7] - (.RaMMicHaeL - Unchecky Service.) -- C:\Program Files\Unchecky\bin\unchecky_svc.exe [107624] [PID.420]
[MD5.A8790C594F98EB4B9288F7CC6FD3E2C9] - (.RaMMicHaeL - Unchecky Background Process.) -- C:\Program Files\Unchecky\bin\unchecky_bg.exe [318056] [PID.524]
[MD5.D5E7E2BBFF0C29246F0DA3C6EFC7DEB2] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4858968] [PID.1544]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254336] [PID.1284]
[MD5.F6987FF6C6D683F79FDCE707B071A997] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe [955392] [PID.1728]
[MD5.D9184C5FF3FD526761D518A95ABA74A3] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [275568] [PID.3100]
[MD5.258A35DDA86873A152879CFCBA40BB60] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8352256] [PID.768]
~ Processes Running: Scanned in 00mn 02s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\9a5ew2rs.default-1392641227890\prefs.js
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\t6krgy5k.default\prefs.js
M0 - MFSP: prefs.js [Administrateur - 9a5ew2rs.default-1392641227890] https://portail.free.fr/
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFFICE.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.0".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.51.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.51.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.51.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com # win # 6.0.2.0.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20913.0.) -- C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.0".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 4.1.2f1.) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
~ Firefox Browser: 14 Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://free/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Unity Technologies ApS - Unity Player 4.1.2f1.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
~ IE Browser: 11 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 57
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
~ BHO: 12 Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! Online Security - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [AllUsers]: Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A95000000001}\SC_Reader.ico
O4 - GS\Program [AllUsers]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Administrateur]: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe =>.Microsoft Corporation
~ Global Startup: 3 Scanned in 00mn 00s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1757981266-113007714-682003330-500\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-21-1757981266-113007714-682003330-500\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} -- C:\Documents and Settings\Administrateur\Application Data\IMVUClient\imvu.ico (.not file.)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
~ Winsock: 3 Scanned in 00mn 00s
---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14)
O14 - IERESET.INF: START_PAGE_URL=START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
~ IE Paramètres WEB: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} ((no name)) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ((no name)) - http://www.ma-config.com/plugins/MaConfig_4_1_0_3.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1ED7F46A-AB6F-4617-A10F-7A5860A8E91F}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{1ED7F46A-AB6F-4617-A10F-7A5860A8E91F}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{B1A80936-CC53-4299-9EA1-D1316EC9D302}: DhcpNameServer = 212.27.54.252 212.27.53.252
O17 - HKLM\System\CS3\Services\Tcpip\..\{1ED7F46A-AB6F-4617-A10F-7A5860A8E91F}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Windows Genuine Advantage Notifications.) -- C:\WINDOWS\system32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files\movies~1\safety~1\safety~2.dll (.not file.)
~ AppInit DLL: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
~ SSODL: 5 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation - Java Quick Starter Service.) - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Unchecky (Unchecky) . (.RaMMicHaeL - Unchecky Service.) - C:\Program Files\Unchecky\bin\unchecky_svc.exe
~ Services: 3 Scanned in 00mn 04s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\At1.job [416]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\avast! Emergency Update.job [318]
[MD5.F7AB315A4D400CA876381D1E188A2E20] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [257928]
[MD5.00000000000000000000000000000000] [APT] [At1] (...) -- C:\DOCUME~1\Administrateur\APPLIC~1\MYSEAR~1\UPDATE~1\UPDATE~1.exe (.not file.) [0]
[MD5.29ED58780F9AF9381817ABCA5C002E18] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [251784]
~ Scheduled Task: 7 Scanned in 00mn 00s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Mise à jour de la version d'Internet Explorer - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} . (.Microsoft Corporation - IE Per User Active Setup Uninstall Utility.) -- C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Lecteur Windows Media - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d'installation du Lecteur Windows Media Microsoft.) -- C:\WINDOWS\inf\unregmp2.exe =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} . (.Microsoft Corporation - DirectX Media -- DirectAnimation.) -- C:\WINDOWS\system32\danim.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Améliorations pour la navigation - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\WINDOWS\system32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- C:\WINDOWS\INF\wmp.inf =>.Microsoft Corporation
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O40 - ASIC: Internet Explorer 6 - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'installation individualisée de Internet Explorer.) -- C:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- c:\WINDOWS\system32\mscories.dll
~ Active Setup: 17 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (AmdK8) . (.Advanced Micro Devices - AMD Processor Driver.) - C:\WINDOWS\system32\DRIVERS\AmdK8.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Drivers: 83 Scanned in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: AMD Processor Driver - (.AMD.) [HKLM] -- {C151CE54-E7EA-4804-854B-F515368B0798}
O42 - Logiciel: Adobe Flash Player 12 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.5.0 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A95000000001}
O42 - Logiciel: CameraHelperMsi - (.Logitech.) [HKLM] -- {15634701-BACE-4449-8B25-1567DA8C9FD3}
O42 - Logiciel: FindRight - (.FindRight.) [HKLM] -- FindRight =>Hijacker.FindrToolbar
O42 - Logiciel: High Definition Audio Driver Package - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: Java 7 Update 51 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217051FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}
O42 - Logiciel: LWS Facebook - (.Logitech.) [HKLM] -- {FF167195-9EE4-46C0-8CD7-FBA3457E88AB}
O42 - Logiciel: LWS Gallery - (.Logitech.) [HKLM] -- {6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}
O42 - Logiciel: LWS Help_main - (.Logitech.) [HKLM] -- {1651216E-E7AD-4250-92A1-FB8ED61391C9}
O42 - Logiciel: LWS Launcher - (.Logitech.) [HKLM] -- {83C8FA3C-F4EA-46C4-8392-D3CE353738D6}
O42 - Logiciel: LWS Motion Detection - (.Logitech.) [HKLM] -- {71E66D3F-A009-44AB-8784-75E2819BA4BA}
O42 - Logiciel: LWS Pictures And Video - (.Logitech.) [HKLM] -- {08610298-29AE-445B-B37D-EFBE05802967}
O42 - Logiciel: LWS Twitter - (.Logitech.) [HKLM] -- {174A3B31-4C43-43DD-866F-73C9DB887B48}
O42 - Logiciel: LWS Video Mask Maker - (.Logitech.) [HKLM] -- {EED027B7-0DB6-404B-8F45-6DFEE34A0441}
O42 - Logiciel: LWS VideoEffects - (.Logitech.) [HKLM] -- {138A4072-9E64-46BD-B5F9-DB2BB395391F}
O42 - Logiciel: LWS WLM Plugin - (.Logitech.) [HKLM] -- {9DAEA76B-E50F-4272-A595-0124E826553D}
O42 - Logiciel: LWS Webcam Software - (.Logitech.) [HKLM] -- {8937D274-C281-42E4-8CDB-A0B2DF979189}
O42 - Logiciel: LWS YouTube Plugin - (.Logitech.) [HKLM] -- {21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}
O42 - Logiciel: Logitech Vid HD - (.Logitech Inc...) [HKLM] -- Logitech Vid
O42 - Logiciel: Logitech Webcam Software - (.Logitech Inc..) [HKLM] -- {D40EB009-0499-459c-A8AF-C9C110766215} =>.Logitech Inc
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {3BE0CF3B-A329-4C46-8272-2E64ECA66CA4}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 - (.Microsoft Corporation.) [HKLM] -- Wdf01005
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000
O42 - Logiciel: Mozilla Firefox 27.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 27.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA nView Desktop Manager - (.NVIDIA Corporation.) [HKLM] -- NVIDIA nView Desktop Manager
O42 - Logiciel: OpenOffice 4.0.0 - (.Apache Software Foundation.) [HKLM] -- {4F8C9861-DDCF-4EE8-978C-35B691C406B3}
O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {AC599724-5755-48C1-ABE7-ABB857652930}
O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0 - (.MobileTop.) [HKLM] -- 6194C28A8F62DD817EA1B918E6E46E806A21B452
O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0) - (.MobileTop.) [HKLM] -- 65B6FE5418CE28F4D72543FB2D964C3CEC83F161
O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0) - (.Nokia.) [HKLM] -- 3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F
O42 - Logiciel: PaperPort Image Printer - (.Nuance Communications, Inc..) [HKLM] -- {332CC6BF-E6C7-48EE-BA3D-435E576AD67F}
O42 - Logiciel: SAMSUNG Mobile Composite Device Software - (...) [HKLM] -- SAMSUNG Mobile Composite Device
O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (...) [HKLM] -- SAMSUNG Mobile Modem
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (...) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (...) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: SAMSUNG USB Mobile Device Software - (...) [HKLM] -- SAMSUNG USB Mobile Device
O42 - Logiciel: Samsung Mobile Modem Device Software - (...) [HKLM] -- Samsung Mobile Modem Device
O42 - Logiciel: Samsung Mobile phone USB driver Software - (...) [HKLM] -- Samsung Mobile phone USB driver
O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}
O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- {F193FC0E-9E18-40FC-A974-509A1BDD240A}
O42 - Logiciel: SamsungConnectivityCableDriver - (.Samsung.) [HKLM] -- {7E84FAC8-C518-40F9-9807-7455301D6D25}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: Sony PC Companion 2.10.188 - (.Sony.) [HKLM] -- {F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}
O42 - Logiciel: SuperCopier2 - (...) [HKLM] -- SuperCopier2
O42 - Logiciel: Unchecky v0.2.10 - (.RaMMicHaeL.) [HKLM] -- Unchecky
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU] -- UnityWebPlayer
O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify
O42 - Logiciel: Windows Media Format 11 runtime - (...) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP
O42 - Logiciel: avast! Free Antivirus v8.0.1506.0 - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: erLT - (.Logitech, Inc..) [HKLM] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
~ Logic: 67 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\AMSHomeStudio]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow]
[HKCU\Software\BVRP Software]
[HKCU\Software\Brother]
[HKCU\Software\ClassSofta71]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DT Soft]
[HKCU\Software\DVDVideoSoft]
[HKCU\Software\Etiam]
[HKCU\Software\EuroSoft Software Development]
[HKCU\Software\Facebook]
[HKCU\Software\FindRight] =>Hijacker.FindrToolbar
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\IncrediMail]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Leadertech]
[HKCU\Software\LogiShrd]
[HKCU\Software\Logitech]
[HKCU\Software\MAGIX AG]
[HKCU\Software\Macromedia]
[HKCU\Software\Magix]
[HKCU\Software\Marseillesoft]
[HKCU\Software\Mobileleader]
[HKCU\Software\Monitored]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\Nuance]
[HKCU\Software\ODBC]
[HKCU\Software\OpenOffice]
[HKCU\Software\PhotoFiltre]
[HKCU\Software\Policies]
[HKCU\Software\SFX TEAM]
[HKCU\Software\SOFT32]
[HKCU\Software\Samsung]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\Sony]
[HKCU\Software\TeleCharger]
[HKCU\Software\TeleCharger_v2]
[HKCU\Software\Trolltech]
[HKCU\Software\Unchecky]
[HKCU\Software\Unity]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Vodafone]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Xara]
[HKCU\Software\cybelsoft]
[HKCU\Software\ej-technologies]
[HKCU\Software\settings]
[HKCU\Software\temp]
[HKLM\Software\ALWIL Software]
[HKLM\Software\AMD]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\AppDataLow]
[HKLM\Software\Brother]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Bunndle]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DT Soft]
[HKLM\Software\DVDVideoSoft]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Khronos]
[HKLM\Software\Licenses]
[HKLM\Software\Logitech]
[HKLM\Software\MAGIX]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\MarkAny]
[HKLM\Software\McAfee.com]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\Nuance]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice]
[HKLM\Software\PC Connectivity Solution]
[HKLM\Software\PCSuite]
[HKLM\Software\PoINT]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Samsung]
[HKLM\Software\ScanSoft]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Sensible Vision]
[HKLM\Software\Skype]
[HKLM\Software\Software]
[HKLM\Software\Sony]
[HKLM\Software\Symantec]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Windows]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Xara]
[HKLM\Software\Zeon]
[HKLM\Software\ahead]
[HKLM\Software\cybelsoft]
[HKLM\Software\ej-technologies]
[HKLM\Software\logishrd]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\mozilla.org]
~ Key Software: 267 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 16/03/2013 - 11:39:09 - [0] ----D C:\Program Files\7-Zip
O43 - CFD: 28/02/2014 - 18:22:10 - [109,793] ----D C:\Program Files\Adobe
O43 - CFD: 22/06/2010 - 14:06:16 - [579,632] ----D C:\Program Files\Alwil Software
O43 - CFD: 22/06/2010 - 14:01:30 - [2,997] ----D C:\Program Files\AMD
O43 - CFD: 27/01/2014 - 18:00:44 - [0,071] ----D C:\Program Files\AppsHat Mobile Apps =>Adware.MegaSearch
O43 - CFD: 26/05/2012 - 17:27:21 - [10,396] ----D C:\Program Files\Brother
O43 - CFD: 03/06/2013 - 18:00:09 - [1,863] ----D C:\Program Files\Common Files
O43 - CFD: 22/06/2010 - 13:34:19 - [0] ----D C:\Program Files\ComPlus Applications
O43 - CFD: 22/04/2011 - 11:51:45 - [3,539] ----D C:\Program Files\DIFX
O43 - CFD: 15/04/2013 - 13:24:57 - [158,488] ----D C:\Program Files\Euro Truck Simulator
O43 - CFD: 07/03/2014 - 18:53:16 - [222,576] ----D C:\Program Files\Fichiers communs
O43 - CFD: 02/03/2014 - 20:08:46 - [0] ----D C:\Program Files\Google
O43 - CFD: 28/02/2014 - 13:04:22 - [8,636] ----D C:\Program Files\GUM29.tmp
O43 - CFD: 22/05/2011 - 20:49:42 - [8,979] ----D C:\Program Files\Home Photo Studio
O43 - CFD: 15/01/2014 - 13:35:17 - [24,696] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 09/03/2014 - 12:14:43 - [1,378] ----D C:\Program Files\Internet Explorer
O43 - CFD: 09/07/2012 - 17:36:44 - [121,437] ----D C:\Program Files\Java
O43 - CFD: 03/06/2013 - 18:09:26 - [123,524] ----D C:\Program Files\Logitech
O43 - CFD: 19/09/2012 - 20:05:34 - [7,326] ----D C:\Program Files\ma-config.com
O43 - CFD: 22/05/2011 - 20:51:05 - [0,002] ----D C:\Program Files\MAGIX
O43 - CFD: 22/04/2011 - 11:50:21 - [0,211] ----D C:\Program Files\MarkAny
O43 - CFD: 23/06/2010 - 22:13:29 - [2,048] ----D C:\Program Files\Messenger
O43 - CFD: 19/09/2012 - 21:19:29 - [0,718] ----D C:\Program Files\Microsoft
O43 - CFD: 22/06/2010 - 13:37:29 - [0] ----D C:\Program Files\microsoft frontpage
O43 - CFD: 19/09/2012 - 21:16:08 - [247,051] ----D C:\Program Files\Microsoft Office
O43 - CFD: 11/10/2013 - 21:37:30 - [40,851] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 10/08/2010 - 17:17:56 - [1,745] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 10/08/2010 - 21:15:38 - [2,087] ----D C:\Program Files\Microsoft Sync Framework
O43 - CFD: 08/11/2012 - 10:04:02 - [0,191] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 22/06/2010 - 19:49:29 - [5,750] ----D C:\Program Files\movie maker
O43 - CFD: 18/02/2014 - 16:08:11 - [52,262] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 19/02/2014 - 10:22:28 - [0,216] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 10/08/2010 - 17:46:32 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 22/06/2010 - 19:49:29 - [18,385] ----D C:\Program Files\msn
O43 - CFD: 22/06/2010 - 13:37:29 - [0] ----D C:\Program Files\msn gaming zone
O43 - CFD: 24/06/2010 - 14:45:55 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 22/06/2010 - 14:15:36 - [2,820] ----D C:\Program Files\Nero
O43 - CFD: 22/06/2010 - 19:47:30 - [3,133] ----D C:\Program Files\NetMeeting
O43 - CFD: 23/06/2010 - 13:20:15 - [0,388] ----D C:\Program Files\Nuance
O43 - CFD: 14/04/2013 - 21:59:15 - [180,819] ----D C:\Program Files\NVIDIA Corporation
O43 - CFD: 17/09/2013 - 18:22:27 - [314,326] ----D C:\Program Files\OpenOffice 4
O43 - CFD: 16/12/2010 - 23:06:55 - [4,176] ----D C:\Program Files\Outlook Express =>.Microsoft Corporation
O43 - CFD: 22/04/2011 - 11:51:39 - [9,319] ----D C:\Program Files\PC Connectivity Solution
O43 - CFD: 10/08/2010 - 17:46:26 - [36,207] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 22/04/2011 - 11:51:49 - [165,247] ----D C:\Program Files\Samsung
O43 - CFD: 23/06/2010 - 13:19:15 - [0] ----D C:\Program Files\ScanSoft
O43 - CFD: 22/06/2010 - 13:35:56 - [0,001] ----D C:\Program Files\Services en ligne
O43 - CFD: 28/06/2013 - 12:23:57 - [159,174] ----D C:\Program Files\Sony
O43 - CFD: 22/06/2010 - 13:50:36 - [1,169] ----D C:\Program Files\SuperCopier2
O43 - CFD: 28/02/2014 - 13:31:13 - [2,331] ----D C:\Program Files\Unchecky
O43 - CFD: 22/06/2010 - 13:41:36 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 19/11/2013 - 19:02:36 - [89,113] ----D C:\Program Files\Windows Live
O43 - CFD: 22/06/2010 - 21:05:02 - [0,234] ----D C:\Program Files\Windows Live SkyDrive
O43 - CFD: 18/09/2010 - 12:54:18 - [0] ----D C:\Program Files\Windows Media Connect 2
O43 - CFD: 18/09/2010 - 12:55:44 - [4,963] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 10/03/2014 - 20:11:27 - [0] ----D C:\Program Files\Windows NT
O43 - CFD: 22/06/2010 - 13:36:00 - [0] --H-D C:\Program Files\WindowsUpdate
O43 - CFD: 19/09/2012 - 20:10:04 - [3,898] ----D C:\Program Files\WinRAR
O43 - CFD: 22/06/2010 - 13:37:30 - [0] ----D C:\Program Files\xerox
O43 - CFD: 11/03/2014 - 13:26:26 - [23,823] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 04/03/2014 - 12:36:16 - [6,247] ----D C:\Program Files\Fichiers communs\Adobe
O43 - CFD: 09/05/2012 - 21:00:36 - [5,607] ----D C:\Program Files\Fichiers communs\Ahead
O43 - CFD: 22/06/2010 - 13:54:55 - [0,082] ----D C:\Program Files\Fichiers communs\DESIGNER
O43 - CFD: 09/05/2012 - 20:53:37 - [0] ----D C:\Program Files\Fichiers communs\DVDVideoSoft
O43 - CFD: 09/05/2012 - 20:54:39 - [7,408] ----D C:\Program Files\Fichiers communs\InstallShield
O43 - CFD: 07/03/2014 - 18:53:16 - [1,191] ----D C:\Program Files\Fichiers communs\Java
O43 - CFD: 03/06/2013 - 18:06:07 - [66,203] ----D C:\Program Files\Fichiers communs\LogiShrd
O43 - CFD: 03/06/2013 - 18:00:36 - [4,999] ----D C:\Program Files\Fichiers communs\LWS
O43 - CFD: 14/07/2010 - 15:34:36 - [114,102] ----D C:\Program Files\Fichiers communs\Microsoft Shared
O43 - CFD: 22/06/2010 - 13:35:15 - [0,271] ----D C:\Program Files\Fichiers communs\MSSoap
O43 - CFD: 22/06/2010 - 15:30:01 - [0] ----D C:\Program Files\Fichiers communs\ODBC
O43 - CFD: 09/05/2012 - 20:50:39 - [0,001] ----D C:\Program Files\Fichiers communs\PC Tools
O43 - CFD: 22/06/2010 - 13:35:19 - [0,008] ----D C:\Program Files\Fichiers communs\Services
O43 - CFD: 22/06/2010 - 15:29:58 - [3,612] ----D C:\Program Files\Fichiers communs\SpeechEngines
O43 - CFD: 09/05/2012 - 20:49:35 - [0] ----D C:\Program Files\Fichiers communs\Symantec Shared
O43 - CFD: 22/06/2010 - 19:47:24 - [12,845] ----D C:\Program Files\Fichiers communs\System
O43 - CFD: 22/06/2010 - 21:02:21 - [0] ----D C:\Program Files\Fichiers communs\Windows Live
O43 - CFD: 04/03/2014 - 12:36:15 - [336,932] ----D C:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 22/06/2010 - 14:06:16 - [65,054] ----D C:\Documents and Settings\All Users\Application Data\Alwil Software
O43 - CFD: 30/01/2014 - 21:49:17 - [0,056] ----D C:\Documents and Settings\All Users\Application Data\AVAST Software
O43 - CFD: 23/06/2010 - 13:18:23 - [1,207] ----D C:\Documents and Settings\All Users\Application Data\Brother
O43 - CFD: 17/04/2012 - 10:33:01 - [0] --H-D C:\Documents and Settings\All Users\Application Data\Common Files
O43 - CFD: 17/04/2012 - 17:21:43 - [0,001] ----D C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 22/06/2010 - 21:12:47 - [0] ----D C:\Documents and Settings\All Users\Application Data\IM
O43 - CFD: 22/06/2010 - 21:12:07 - [0,009] ----D C:\Documents and Settings\All Users\Application Data\IncrediMail
O43 - CFD: 23/06/2010 - 13:19:51 - [0] ----D C:\Documents and Settings\All Users\Application Data\InstallShield
O43 - CFD: 03/06/2013 - 18:17:16 - [0] ----D C:\Documents and Settings\All Users\Application Data\LogiShrd
O43 - CFD: 03/06/2013 - 18:00:44 - [20,162] ----D C:\Documents and Settings\All Users\Application Data\Logitech
O43 - CFD: 19/09/2012 - 20:05:33 - [6,339] ----D C:\Documents and Settings\All Users\Application Data\ma-config.com
O43 - CFD: 22/05/2011 - 20:50:45 - [5,249] ----D C:\Documents and Settings\All Users\Application Data\MAGIX
O43 - CFD: 31/12/2011 - 14:00:17 - [0,284] ----D C:\Documents and Settings\All Users\Application Data\McAfee
O43 - CFD: 19/12/2013 - 23:28:47 - [5,289] -S--D C:\Documents and Settings\All Users\Application Data\Microsoft
O43 - CFD: 02/05/2012 - 17:07:51 - [0] ----D C:\Documents and Settings\All Users\Application Data\Mozilla
O43 - CFD: 09/05/2012 - 20:49:38 - [0] ----D C:\Documents and Settings\All Users\Application Data\Norton
O43 - CFD: 26/03/2012 - 18:23:39 - [2,060] ----D C:\Documents and Settings\All Users\Application Data\NortonInstaller
O43 - CFD: 22/06/2010 - 14:22:24 - [0,172] ----D C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
O43 - CFD: 22/04/2011 - 11:57:06 - [0] ----D C:\Documents and Settings\All Users\Application Data\PC Suite
O43 - CFD: 19/09/2012 - 20:51:48 - [0,973] ----D C:\Documents and Settings\All Users\Application Data\ScanSoft
O43 - CFD: 02/03/2014 - 20:11:04 - [30,846] ----D C:\Documents and Settings\All Users\Application Data\Skype
O43 - CFD: 15/04/2012 - 20:00:22 - [0] ----D C:\Documents and Settings\All Users\Application Data\Software =>Adware.Boxore
O43 - CFD: 28/06/2013 - 12:23:58 - [5,422] ----D C:\Documents and Settings\All Users\Application Data\Sony
O43 - CFD: 10/07/2010 - 20:42:55 - [0] ----D C:\Documents and Settings\All Users\Application Data\Sun
O43 - CFD: 09/05/2012 - 20:50:43 - [0] ---AD C:\Documents and Settings\All Users\Application Data\TEMP
O43 - CFD: 05/09/2010 - 17:10:17 - [0] ----D C:\Documents and Settings\All Users\Application Data\Vodafone
O43 - CFD: 22/06/2010 - 19:05:44 - [0,003] ----D C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
O43 - CFD: 05/03/2013 - 21:29:57 - [87,208] ----D C:\Documents and Settings\Administrateur\Application Data\.minecraft
O43 - CFD: 09/05/2012 - 20:47:11 - [2,465] ----D C:\Documents and Settings\Administrateur\Application Data\Adobe
O43 - CFD: 04/09/2010 - 20:37:37 - [0,054] ----D C:\Documents and Settings\Administrateur\Application Data\Ahead
O43 - CFD: 09/08/2010 - 14:10:19 - [0] R---D C:\Documents and Settings\Administrateur\Application Data\Brother
O43 - CFD: 17/04/2012 - 17:24:29 - [0,836] ----D C:\Documents and Settings\Administrateur\Application Data\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 19/11/2012 - 20:24:36 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\DriverFinder
O43 - CFD: 10/08/2010 - 21:01:37 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\DVDVideoSoft
O43 - CFD: 15/04/2012 - 10:00:49 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\GetRightToGo
O43 - CFD: 28/02/2013 - 20:46:21 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\Help
O43 - CFD: 10/08/2010 - 17:31:39 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\Identities
O43 - CFD: 22/06/2010 - 13:56:44 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\InstallShield
O43 - CFD: 03/06/2013 - 18:07:20 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\Leadertech
O43 - CFD: 22/06/2010 - 21:26:45 - [6,077] ----D C:\Documents and Settings\Administrateur\Application Data\Macromedia
O43 - CFD: 11/08/2010 - 16:04:55 - [1,454] ----D C:\Documents and Settings\Administrateur\Application Data\MAGIX
O43 - CFD: 22/06/2010 - 19:37:16 - [0,001] ----D C:\Documents and Settings\Administrateur\Application Data\Media Player Classic
O43 - CFD: 01/01/2012 - 18:01:02 - [16,083] -S--D C:\Documents and Settings\Administrateur\Application Data\Microsoft
O43 - CFD: 22/06/2010 - 20:52:26 - [72,132] ----D C:\Documents and Settings\Administrateur\Application Data\Mozilla
O43 - CFD: 17/09/2013 - 18:30:59 - [7,864] ----D C:\Documents and Settings\Administrateur\Application Data\OpenOffice
O43 - CFD: 22/04/2011 - 11:57:04 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\PC Suite
O43 - CFD: 10/08/2010 - 21:30:32 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\PhotoFiltre
O43 - CFD: 22/04/2011 - 11:50:48 - [48,185] ----D C:\Documents and Settings\Administrateur\Application Data\Samsung
O43 - CFD: 01/10/2013 - 20:41:01 - [4,882] ----D C:\Documents and Settings\Administrateur\Application Data\Skype
O43 - CFD: 10/07/2010 - 20:39:19 - [39,114] ----D C:\Documents and Settings\Administrateur\Application Data\Sun
O43 - CFD: 22/03/2012 - 19:09:22 - [0,061] ----D C:\Documents and Settings\Administrateur\Application Data\Unity
O43 - CFD: 18/04/2012 - 10:39:08 - [1,437] ----D C:\Documents and Settings\Administrateur\Application Data\uTorrent =>P2P.µTorrent
O43 - CFD: 13/10/2010 - 12:46:48 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\Vivox
O43 - CFD: 05/09/2010 - 17:10:46 - [0,766] ----D C:\Documents and Settings\Administrateur\Application Data\Vodafone
O43 - CFD: 19/09/2012 - 20:10:18 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\WinRAR
O43 - CFD: 11/03/2014 - 13:28:02 - [0,034] ----D C:\Documents and Settings\Administrateur\Application Data\ZHP =>.Nicolas Coolman
O43 - CFD: 07/03/2014 - 18:21:35 - [31,768] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Adobe
O43 - CFD: 12/08/2010 - 17:20:58 - [10,166] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Ahead
O43 - CFD: 06/09/2013 - 20:54:00 - [0,078] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\AppsHat Mobile Apps =>Adware.MegaSearch
O43 - CFD: 15/09/2013 - 09:36:49 - [0,200] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\avgchrome
O43 - CFD: 22/04/2011 - 11:48:31 - [93,440] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Downloaded Installations
O43 - CFD: 16/02/2014 - 12:41:45 - [0,589] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Facebook
O43 - CFD: 02/03/2014 - 20:08:11 - [0] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google
O43 - CFD: 12/06/2011 - 16:23:36 - [0] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Help
O43 - CFD: 21/08/2011 - 11:43:41 - [0,425] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Identities
O43 - CFD: 23/06/2010 - 14:43:46 - [173,978] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\IM
O43 - CFD: 03/06/2013 - 18:15:24 - [2,916] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\LogiShrd
O43 - CFD: 28/02/2014 - 13:22:50 - [430,767] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft
O43 - CFD: 22/06/2010 - 20:52:05 - [9,009] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla
O43 - CFD: 13/04/2012 - 09:47:31 - [0] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\PCHealth
O43 - CFD: 23/06/2010 - 13:27:18 - [0] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Scansoft
O43 - CFD: 15/04/2012 - 19:58:43 - [0] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Software =>Adware.Boxore
O43 - CFD: 07/07/2013 - 14:04:26 - [0] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Sony
O43 - CFD: 09/07/2012 - 20:00:57 - [0,039] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Sun
O43 - CFD: 23/02/2014 - 11:02:10 - [1,932] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Temp
O43 - CFD: 09/06/2013 - 16:57:53 - [256,355] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Unity
O43 - CFD: 11/08/2010 - 16:01:29 - [0] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Xara
O43 - CFD: 05/09/2010 - 17:09:44 - [10,588] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\{BAD7C248-517D-4CE1-B65A-829C01BEFDB1}
O43 - CFD: 10/08/2010 - 21:30:11 - [0,016] R---D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 29/07/2013 - 14:32:39 - [0] R---D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 02/03/2014 - 12:27:37 - [0] R---D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Outils d'administration
O43 - CFD: 22/06/2010 - 13:50:37 - [0,006] ----D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\SuperCopier2
O43 - CFD: 19/09/2012 - 20:10:07 - [0,002] ----D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\WinRAR
~ Program Folder: 161 Scanned in 00mn 32s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.0676A76038BC8B2958C719C81D0F6730] - 02/03/2014 - 12:12:11 ---A- . (...) -- C:\WINDOWS\setupact.log [191641]
O44 - LFC
