Index du Forum
Se connecter pour vérifier ses messages privés
Pc Dell
Aller à la page: 1, 2  >

 
Poster un nouveau sujet   Répondre au sujet     Index du Forum » Protection système et Aide » Suis-je infecté ou Non? Que dois-je faire? » Mon PC est infecté » Aide à la désinfection Sujet précédent :: Sujet suivant  
Pc Dell
 MessagePosté le: Dim 12 Aoû - 15:42 (2012) Répondre en citant  
Message
  mollet
Pilier du Forum
Pilier du Forum


Hors ligne

Inscrit le: 24 Jan 2010
Messages: 854
Niveau Général Informatique:
Navigateur: FireFox
Féminin Balance (23sep-22oct)
Point(s): 841
Moyenne de points: 0,98

PublicitéSupprimer les publicités ?
j''ai fais un scan complet de l'ordinateur fixe de ma fille c un dell voilà le scann peux tu regarder et me dire si tout est ok merci d'avanceRapport de ZHPDiag v1.31.13 par Nicolas Coolman, Update du 31/07/2012
Run by Chrystelle at 12/08/2012 18:32:15
Web site :  http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Web site :  http://nicolascoolman.skyrock.com/
State : Version à jour.


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.19272
MFIE: Mozilla Firefox 14.0.1 v14.0.1 (Defaut)
GCIE: Google Chrome v21.0.1180.75
OBIE: Safari v5.34.57.2

---\\ Windows Product Information
~ Langage: Français
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : B9HD2
Windows License : OK
Windows Automatic Updates : OK

---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 7, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3326 MB (27% free)
System Restore: Activé (Enable)
System drive C: has 453 GB (77%) free of 581 GB

---\\ Logged in mode
~ Computer Name: COMPUTIE
~ User Name: Chrystelle
~ All Users Names: Chrystelle, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Chrystelle\AppData\Roaming\
~ %Desktop% : C:\Users\Chrystelle\Desktop\
~ %Favorites% : C:\Users\Chrystelle\Favorites\
~ %LocalAppData% : C:\Users\Chrystelle\AppData\Local\
~ %StartMenu% : C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 453 Go of 581 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 10 Go of 15 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Hard drive, Flash drive, Thumb drive (Free 568 Go of 596 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.DEAF5B0677A6B864B8F4F41C127695DB] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.15/05/2012 - 07:37:49.) -- C:\Windows\System32\wininet.dll [916992]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 - 07:32:49.) -- C:\Windows\system32\Drivers\ntfs.sys [1083880]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.147281C01FCB1DF9252DE2A10D5E7093] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.11/04/2009 - 07:32:55.) -- C:\Windows\system32\Drivers\volsnap.sys [226280]
~ Scan Generic Processes in 00mn 01s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/3
~ Mes musiques (My Musics) : 7/97
~ Mes Videos (My Videos) : 1/10
~ Mes Favoris (My Favorites) : 1/33
~ Mes Documents (My Documents) : 1/3398
~ Mon Bureau (My Desktop) : 1/5
~ Menu demarrer (Programs) : 1/35
~ Scan Hidden Files in 00mn 03s



---\\ Processus lancés
[MD5.58D9C70B01DBF2DEAEA787A1D7C869BB] - (.Stardock Corporation - Dell Dock.) -- C:\Program Files\Dell\DellDock\DellDock.exe   [1295656] [PID.3144]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe   [1008184] [PID.3340]
[MD5.85FB84AAE36E498F471CB76270D4B8F6] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe   [6246400] [PID.3352]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe   [69120] [PID.3404]
[MD5.F0187E45268E86AAAA932CBD9087BEA8] - (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe   [30192] [PID.3456]
[MD5.B93C4070F24E46B0097648C276B5039E] - (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe   [49152] [PID.3508]
[MD5.4EB0C6C3EF4D8885CF2B5D0062F31E44] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe   [1259376] [PID.3780]
[MD5.4405758C4569213F3CFAC20E495EDF4C] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe   [258512] [PID.3988]
[MD5.34086F1DBB4065047EA3671CB70505CC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe   [421776] [PID.3996]
[MD5.98A078F838A70F84E1BD490D7C7675F4] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   [254696] [PID.4004]
[MD5.E0E15F209360E4A97ABCC21A486B4AEE] - (.Apple Inc. - ubd.exe.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe   [59240] [PID.4016]
[MD5.1BA45CDEF852381DA4A95D056DDB4B48] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe   [210520] [PID.3156]
[MD5.DC35217E5F49C2FE2D5EBC7CB52FEC65] - (.Pas de propriétaire - WlanCU MFC Application.) -- C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe   [434176] [PID.2944]
[MD5.83170B8E03213093B065A9638E146499] - (.OpenOffice.org - OpenOffice.org 3.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe   [7424000] [PID.792]
[MD5.2D821AFA5A1A9CA7F9F997A1AAD09E72] - (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe   [168960] [PID.1228]
[MD5.0CEF6926C814953F18C925AB46E2889C] - (.Pas de propriétaire - Philips CamSuite GUI module.) -- C:\Program Files\Philips\CamSuite\1.0.9.0\ACPGUI.dll   [815104] [PID.2280]
[MD5.873867A02F0E83F18CF871E776B651DC] - (.OpenOffice.org - OpenOffice.org 3.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin   [7418368] [PID.4156]
[MD5.BB3A22F3EED85A12CFB2DD60D9F9B52F] - (.Apple Inc. - distnoted.) -- C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe   [13672] [PID.5524]
[MD5.85E7BB8A103644085C5C665481022E56] - (.Hewlett-Packard Co. - HP CUE Status.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe   [271960] [PID.5536]
[MD5.3F677172F23FC17283D9BCE4B42E3F65] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe   [913888] [PID.824]
[MD5.A06AB1550658A19E871A6FD7FF1C2CDB] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe   [16864] [PID.1328]
[MD5.5152880D76353F5278AD613D0AE8D6E9] - (.Adobe Systems, Inc. - Adobe Flash Player 11.3 r300.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe   [1536712] [PID.5372]
[MD5.FCB13D9E3D55075C8FACA9CA3C55B263] - (...) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [3763200] [PID.5204]
[MD5.A98D17BDF713E30E23C0353AA92BBC26] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe   [675840] [PID.]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe   [3408896] [PID.]
[MD5.DB29915209770D8B59654345EC2D943A] - (.Stardock Corporation - Dock Login Service.) -- C:\Program Files\Dell\DellDock\DockLogin.exe   [155648] [PID.]
[MD5.27C9A4E1EF31C7A64DE8FBC0AA568503] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe   [86224] [PID.]
[MD5.92996A91E5AFE1B763F95E6C59914D16] - (.Pas de propriétaire - Philips CamSuite service.) -- C:\Program Files\Philips\CamSuite\1.0.9.0\ACPService.exe   [741376] [PID.]
[MD5.B6D7239E7AF6D1B64C790A28067DC6E5] - (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) -- C:\Windows\system32\AERTSrv.exe   [73728] [PID.]
[MD5.E491888D529410D7BD8FBBAD825795C8] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe   [110032] [PID.]
[MD5.F401929EE0CC92BFE7F15161CA535383] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe   [55184] [PID.]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe   [390504] [PID.]
[MD5.B71BCE16EC79170C8A9CC89BFD847EAB] - (.Avira Operations GmbH & Co. KG - Avira Shadow Copy Service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe   [80336] [PID.]
[MD5.E6BE7A41A28D8F2DB174957454D32448] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe   [821648] [PID.]
[MD5.C7FBDD1ED42F82BFA35167A5C9803EA3] - (.Microsoft Corporation - PresentationFontCache.exe.) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe   [43904] [PID.]
~ Scan Processes Running in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Chrystelle\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] https://isearch.avg.com
G0 - GCSP: Preference [User Data\Default] https://isearch.avg.com
G1 - GCS: Preference [User Data\Default] https://isearch.avg.com
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\Chrystelle\AppData\Roaming\Mozilla\Firefox\Profiles\gsamgv00.default\prefs.js
M3 - MFPP: Plugins - [Chrystelle] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Chrystelle] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Chrystelle] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Chrystelle] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Chrystelle] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Chrystelle] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Chrystelle] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Chrystelle - gsamgv00.default]  http://www.google.fr
M2 - MFEP: prefs.js [Chrystelle - gsamgv00.default\crossriderapp2258@crossrider.com] [] I Want This v (.215 Apps.)
M2 - MFEP: prefs.js [Chrystelle - gsamgv00.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX, LLC - DivX Plus Web Player version 2.2.0.52.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=1.6.0_33] - (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npdeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_33 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.10411.0.) -- C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.3.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.3.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) - {8e5025c2-8ea3-430d-80b8-a14151068a6d} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.3.) (No version) -- (.not file.)
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} . (.DivX, LLC - DivX Plus Web Player HTML5 <video> version.) -- C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} . (.Dell Inc. - BAE.dll.) -- C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [Google Desktop Search] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O4 - HKLM\..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (.not file.)
O4 - HKLM\..\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKCU\..\Run: [Philips Intelligent Agent] C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe (.not file.)
O4 - HKCU\..\Run: [MobileDocuments] . (.Apple Inc. - ubd.exe.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter]  oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter]  oobefldr.dll
O4 - HKUS\S-1-5-21-2377154152-2923938475-3745986388-1000\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKUS\S-1-5-21-2377154152-2923938475-3745986388-1000\..\Run: [Philips Intelligent Agent] C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe (.not file.)
O4 - HKUS\S-1-5-21-2377154152-2923938475-3745986388-1000\..\Run: [MobileDocuments] . (.Apple Inc. - ubd.exe.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
O4 - HKUS\S-1-5-21-2377154152-2923938475-3745986388-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Chrystelle\Desktop\DivX Movies.lnk . (...)  -- C:\Users\Chrystelle\Videos\DivX Movies
O4 - Global Startup: C:\Users\Chrystelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\4Media iPod to PC Transfer.lnk . (...)  -- C:\Program Files\4Media\iPod to PC Transfer\iPodManager.exe
O4 - Global Startup: C:\Users\Chrystelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk . (...)  -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - Global Startup: C:\Users\Chrystelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..)  -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\Chrystelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Chrystelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.)  -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\Chrystelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8991D8E8-B2B7-4870-9837-19D286CB89E2}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\..\{F232F89E-D779-4BDE-B103-31F9D66A4133}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{8991D8E8-B2B7-4870-9837-19D286CB89E2}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{F232F89E-D779-4BDE-B103-31F9D66A4133}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS3\Services\Tcpip\..\{8991D8E8-B2B7-4870-9837-19D286CB89E2}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS3\Services\Tcpip\..\{F232F89E-D779-4BDE-B103-31F9D66A4133}: DhcpNameServer = 192.168.1.254
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (...) --
O18 - Handler: dvd - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (...) --
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: its - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: mhtml - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: ms-its - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: tv - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: vbscript - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (...) --
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (...) --
~ Scan Protocole Additionnel in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: GoToAssist . (.Citrix Online, a division of Citrix Systems - Citrix Online GoToAssist.) -- C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
~ Scan Winlogon in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Google - Google Desktop.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll
~ Scan AppInit DLL in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ Scan STS/SSO in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ACPService (ACPService) . (.Pas de propriétaire - Philips CamSuite service.) - C:\Program Files\Philips\CamSuite\1.0.9.0\ACPService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Windows\System32\AERTSrv.exe
O23 - Service: Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Avira Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service:  (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\System32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) . (.Stardock Corporation - Dock Login Service.) - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
~ Scan Services in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\hpwebreg_CN0B8393GN05HX.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\RtlNICDiagVistaStart.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\SystemToolsDailyTest.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\User_Feed_Synchronization-{C5DA1661-2ABD-4521-B98E-3DEE005CC2F2}.job
[MD5.F19C98AD81D2C0E1BBFD8153D2C80EE8] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.2EFF6334A2BD29E404F6809C37658FCD] [APT] [hpwebreg_CN0B8393GN05HX] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\hpwebreg.exe
[MD5.FB1EC67544ECA6637B3FD1B73AD8F067] [APT] [PCDEventLauncher] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\sessionchecker.exe
[MD5.E1D1DEE4C83B34955A4A672BB3E85BDE] [APT] [PCDoctorBackgroundMonitorTask] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\uaclauncher.exe
[MD5.99F1BD68F9E028B6C9802CD9DDE00AD0] [APT] [RtlNICDiagVistaStart] (.Realtek.) -- C:\Program Files\Realtek\RTNICDiag\RTNICDiag.exe
[MD5.E1D1DEE4C83B34955A4A672BB3E85BDE] [APT] [SystemToolsDailyTest] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\uaclauncher.exe
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 03s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Scan Active Setup in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver:  (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys
O41 - Driver:  (avkmgr) . (.Avira GmbH - Avira Manager Driver.) - C:\Windows\System32\DRIVERS\avkmgr.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver:  (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver:  (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver:  (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver:  (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver:  (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver:  (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver:  (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver:  (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver:  (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver:  (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Tcpip) . (.Microsoft Corporation - TCP/IP Driver.) - C:\Windows\System32\drivers\tcpip.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver:  (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
~ Scan Drivers in 00mn 45s



---\\ Logiciels installés (O42)
O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {A80FA752-C491-4ED9-ABF0-4278563160B2}
O42 - Logiciel: 4Media iPod to PC Transfer - (.4Media.) [HKLM] -- 4Media iPod to PC Transfer
O42 - Logiciel: 802.11g Wireless USB 2.0 Adapter - (.Pas de propriétaire.) [HKLM] -- SiS163u
O42 - Logiciel: ATI Catalyst Control Center - (.Pas de propriétaire.) [HKLM] -- {055EE59D-217B-43A7-ABFF-507B966405D8}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.3) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {122ADF8C-DDA1-480C-9936-C88F2825B265}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Avira Free Antivirus - (.Avira.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: Belkin F7D1102 Surf Wireless Micro USB Adapter - (.Pas de propriétaire.) [HKLM] -- {B20F9D1C-A0A5-4cd8-8306-DA03872311B1}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B}
O42 - Logiciel: Browser Address Error Redirector - (.Dell.) [HKLM] -- {62230596-37E5-4618-A329-0D21F529A86F}
O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM] -- DivX Setup
O42 - Logiciel: Dell Dock - (.Dell.) [HKLM] -- {F6CB42B9-F033-4152-8813-FF11DA8E6A78}
O42 - Logiciel: Dell Getting Started Guide - (.Dell Inc..) [HKLM] -- {7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}
O42 - Logiciel: Dell Support Center - (.Dell Inc..) [HKLM] -- Dell Support Center
O42 - Logiciel: Dell Support Center - (.PC-Doctor, Inc..) [HKLM] -- {0090A87C-3E0E-43D4-AA71-A71B06563A4A}
O42 - Logiciel: Dell-eBay - (.Dell.) [HKLM] -- {B935C985-A17F-484B-8470-09E4FC27DC26}
O42 - Logiciel: EDocs - (.Pas de propriétaire.) [HKLM] -- {6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}
O42 - Logiciel: GoToAssist 8.0.0.514 - (.Pas de propriétaire.) [HKLM] -- GoToAssist
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Customer Participation Program 8.0 - (.HP.) [HKLM] -- HPExtendedCapabilities
O42 - Logiciel: HP Deskjet 3050 J610 series Aide - (.Hewlett Packard.) [HKLM] -- {F7632A9B-661E-4FD9-B1A4-3B86BC99847F}
O42 - Logiciel: HP Deskjet All-In-One Software 8.0 - (.HP.) [HKLM] -- {24557DC0-0839-496f-82F9-C4EB72EFE4FA}
O42 - Logiciel: HP Imaging Device Functions 8.0 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP Photo Creations - (.HP Photo Creations Powered by RocketLife.) [HKLM] -- HP Photo Creations
O42 - Logiciel: HP Photosmart Essential - (.HP.) [HKLM] -- {EB21A812-671B-4D08-B974-2A347F0D8F70}
O42 - Logiciel: HP Product Assistant - (.Hewlett-Packard.) [HKLM] -- {36FDBE6E-6684-462B-AE98-9A39A1B200CC}
O42 - Logiciel: HP Solution Center 8.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}
O42 - Logiciel: HPSSupply - (.Nom de votre société.) [HKLM] -- {EB75DE50-5754-4F6F-875D-126EDF8E4CB3}
O42 - Logiciel: Harry Potter et le Prince de Sang-Mêlé™ - (.Electronic Arts.) [HKLM] -- {FD1B1980-8CAB-4474-89F8-1245AF657AD1}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}
O42 - Logiciel: Java(TM) 6 Update 33 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216033FF}
O42 - Logiciel: Java(TM) 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}
O42 - Logiciel: Logiciel de base du périphérique HP Deskjet 3050 J610 series - (.Hewlett-Packard Co..) [HKLM] -- {BD88845C-00DF-43F2-97D1-E71C408FB5CC}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] -- {37477865-A3F1-4772-AD43-AAFC6BCFF99F}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
O42 - Logiciel: Microsoft WSE 3.0 Runtime - (.Microsoft Corp..) [HKLM] -- {E3E71D07-CD27-46CB-8448-16D4FB29AA13}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox 14.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 14.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: OpenOffice.org 3.1 - (.OpenOffice.org.) [HKLM] -- {0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: Package de pilotes Windows - Philips (SPC630) Image  (07/07/2008 1.00.10.65 - (.Philips.) [HKLM] -- 63AC44233A7F75D43C2B277636D0A5A3C4FE6A9E
O42 - Logiciel: Package de pilotes Windows - Philips CL (phaudlwr) MEDIA  (06/02/2008 1.0.5 - (.Philips CL.) [HKLM] -- 10F7630C78CC9B1F315B5FA216ECB493C3ACD3E5
O42 - Logiciel: Package de pilotes Windows - Philips USB  (07/07/2008 1.00.10.6551) - (.Philips.) [HKLM] -- AF240394FC080FA9D034CEB31B3714313893122B
O42 - Logiciel: Philips CamSuite - (.Philips.) [HKLM] -- {E6C773DF-41C4-4A4F-B6C5-7830FF10342F}
O42 - Logiciel: Philips SPC630NC Webcam - (.Philips.) [HKLM] -- {7D0266AC-0D2C-4ED5-A706-3DA55BBDFE56}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {0E64B098-8018-4256-BA23-C316A43AD9B0}
O42 - Logiciel: Realtek Ethernet Network Card Diagnostic tool for Windows Vista - (.Realtek.) [HKLM] -- {1FECF5F8-8E75-432C-9FF7-1C04F1956B54}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Pas de propriétaire.) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Roxio Creator Audio - (.Roxio.) [HKLM] -- {73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
O42 - Logiciel: Roxio Creator Copy - (.Roxio.) [HKLM] -- {B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
O42 - Logiciel: Roxio Creator DE - (.Roxio.) [HKLM] -- {09760D42-E223-42AD-8C3E-55B47D0DDAC3}
O42 - Logiciel: Roxio Creator DE - (.Roxio.) [HKLM] -- {ED439A64-F018-4DD4-8BA5-328D85AB09AB}
O42 - Logiciel: Roxio Creator Data - (.Roxio.) [HKLM] -- {08E81ABD-79F7-49C2-881F-FD6CB0975693}
O42 - Logiciel: Roxio Creator Tools - (.Roxio.) [HKLM] -- {1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
O42 - Logiciel: Roxio Express Labeler 3 - (.Roxio.) [HKLM] -- {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
O42 - Logiciel: Roxio Update Manager - (.Roxio.) [HKLM] -- {30465B6C-B53F-49A1-9EBA-A3F187AD502E}
O42 - Logiciel: Safari - (.Apple Inc..) [HKLM] -- {C779648B-410E-4BBA-B75B-5815BCEFE71D}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2604111
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2657424
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2572078
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2604121
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2633870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656351
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656368v2
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656405
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2686827
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client P - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870
O42 - Logiciel: TRENDnet TEW-424UB Wireless USB 2.0 Adapter Vista Driver and Utility - (.Pas de propriétaire.) [HKLM] -- InstallShield_{B1BDEA80-95CE-4DFB-B9D3-DC800E7F87B4}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2600217) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217
O42 - Logiciel: Utilitaire de configuration iPhone - (.Apple Inc..) [HKLM] -- {FA54AFB1-5745-4389-B8C1-9F7509672ED1}
O42 - Logiciel: VC80CRTRedist - 8.0.50727.6195 - (.DivX, Inc.) [HKLM] -- {933B4015-4618-4716-A828-5289FC03165F}
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\4Media]
[HKCU\Software\ALWIL Software]
[HKCU\Software\ATI Technologies Inc.]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\DivXNetworks]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\PriceGong]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\ArcSoft]
[HKCU\Software\Aureal]
[HKCU\Software\Avira]
[HKCU\Software\Blizzard Entertainment]
[HKCU\Software\CDDB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Dell]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\Electronic Arts]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\PC-Doctor]
[HKCU\Software\Philips]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\Rising Sun Solutions, Inc.]
[HKCU\Software\Roxio]
[HKCU\Software\SecuROM]
[HKCU\Software\Sonic]
[HKCU\Software\Trolltech]
[HKCU\Software\Visan]
[HKCU\Software\Vision]
[HKLM\Software\8169Diag]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adobe]
[HKLM\Software\America Online]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\Avira]
[HKLM\Software\Belkin International, Inc.]
[HKLM\Software\CDDB]
[HKLM\Software\Citrix]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\Dell Inc.]
[HKLM\Software\Dell]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\Electronic Arts]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\ICE]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\MicroVision]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\PC-Doctor]
[HKLM\Software\Philips]
[HKLM\Software\Policies]
[HKLM\Software\Preclick]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RocketLife]
[HKLM\Software\Roxio]
[HKLM\Software\SRS Labs]
[HKLM\Software\Sonic]
[HKLM\Software\Sun Microsystems]
[HKLM\Software\Symantec]
[HKLM\Software\Visan]
[HKLM\Software\Vision]
[HKLM\Software\Volatile]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Windows]
[HKLM\Software\X-AVCSD]
[HKLM\Software\ZSMC]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 20/09/2009 - 00:06:40 - [11,754] ----D C:\Program Files\4Media
O43 - CFD: 11/08/2012 - 11:38:49 - [2,450] ----D C:\Program Files\AC3Filter
O43 - CFD: 12/08/2012 - 12:58:05 - [113,305] ----D C:\Program Files\Adobe
O43 - CFD: 29/11/2009 - 16:40:35 - [0] ----D C:\Program Files\Alwil Software
O43 - CFD: 15/01/2012 - 15:52:03 - [2,316] ----D C:\Program Files\Apple Software Update
O43 - CFD: 20/12/2008 - 11:21:06 - [82,339] ----D C:\Program Files\ATI Technologies
O43 - CFD: 20/09/2009 - 14:46:45 - [0,001] ----D C:\Program Files\Atlantis
O43 - CFD: 26/05/2012 - 11:50:17 - [183,757] ----D C:\Program Files\Avira
O43 - CFD: 15/01/2012 - 15:23:02 - [1,442] ----D C:\Program Files\Belkin
O43 - CFD: 15/01/2012 - 16:43:13 - [0,586] ----D C:\Program Files\Bonjour
O43 - CFD: 20/12/2008 - 11:29:30 - [3,389] ----D C:\Program Files\Citrix
O43 - CFD: 11/08/2012 - 11:38:37 - [746,724] ----D C:\Program Files\Common Files
O43 - CFD: 11/03/2012 - 13:04:05 - [0,609] ----D C:\Program Files\Conduit
O43 - CFD: 20/12/2008 - 11:35:42 - [13,000] ----D C:\Program Files\Dell
O43 - CFD: 24/05/2012 - 13:13:53 - [118,603] ----D C:\Program Files\Dell Support Center
O43 - CFD: 03/09/2009 - 21:46:13 - [0,758] ----D C:\Program Files\DIFX
O43 - CFD: 14/06/2012 - 12:01:14 - [97,507] ----D C:\Program Files\DivX
O43 - CFD: 10/07/2012 - 23:02:40 - [0,077] ----D C:\Program Files\EA GAMES
O43 - CFD: 11/07/2012 - 18:33:03 - [364,440] ----D C:\Program Files\Electronic Arts
O43 - CFD: 24/02/2009 - 18:11:44 - [0] R---D C:\Program Files\Fichiers communs
O43 - CFD: 24/05/2012 - 21:37:53 - [428,709] ----D C:\Program Files\Google
O43 - CFD: 20/06/2012 - 14:56:37 - [0] ----D C:\Program Files\Hewlett-Packard
O43 - CFD: 18/06/2012 - 17:45:02 - [142,671] ----D C:\Program Files\HP
O43 - CFD: 13/03/2012 - 19:16:32 - [0,352] ----D C:\Program Files\HP Photo Creations
O43 - CFD: 10/07/2012 - 23:02:40 - [153,007] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 20/12/2008 - 11:19:38 - [0] ----D C:\Program Files\Intel
O43 - CFD: 20/06/2012 - 09:07:25 - [5,607] ----D C:\Program Files\Internet Explorer
O43 - CFD: 18/06/2012 - 11:43:43 - [2,259] ----D C:\Program Files\iPod
O43 - CFD: 18/06/2012 - 11:45:38 - [149,103] ----D C:\Program Files\iTunes
O43 - CFD: 16/01/2012 - 18:03:53 - [165,771] ----D C:\Program Files\Java
O43 - CFD: 20/09/2009 - 14:53:30 - [15,892] ----D C:\Program Files\JRE
O43 - CFD: 24/05/2012 - 18:19:01 - [0,216] ----D C:\Program Files\Microsoft
O43 - CFD: 02/11/2006 - 14:37:34 - [89,117] ----D C:\Program Files\Microsoft Games
O43 - CFD: 20/12/2008 - 11:24:51 - [52,514] ----D C:\Program Files\Microsoft Office
O43 - CFD: 12/08/2012 - 12:48:17 - [40,838] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 15/01/2012 - 19:28:32 - [137,975] ----D C:\Program Files\Microsoft Works
O43 - CFD: 04/06/2009 - 13:05:02 - [0,934] ----D C:\Program Files\Microsoft WSE
O43 - CFD: 21/01/2012 - 16:56:51 - [0,015] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 15/01/2012 - 20:56:49 - [94,740] ----D C:\Program Files\Movie Maker
O43 - CFD: 11/08/2012 - 15:25:23 - [37,711] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 11/08/2012 - 15:25:26 - [0,195] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 02/11/2006 - 14:37:34 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 26/02/2012 - 11:21:15 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 20/09/2009 - 14:53:29 - [367,412] ----D C:\Program Files\OpenOffice.org 3
O43 - CFD: 15/01/2012 - 15:10:01 - [24,521] ----D C:\Program Files\Philips
O43 - CFD: 24/05/2012 - 18:23:24 - [72,431] ----D C:\Program Files\QuickTime
O43 - CFD: 20/12/2008 - 11:19:10 - [0,417] ----D C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:34 - [36,906] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 20/12/2008 - 11:27:22 - [17,818] ----D C:\Program Files\Roxio
O43 - CFD: 24/05/2012 - 18:30:24 - [102,605] ----D C:\Program Files\Safari
O43 - CFD: 24/02/2009 - 18:25:09 - [5,213] ----D C:\Program Files\TRENDnet
O43 - CFD: 02/11/2006 - 15:01:55 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 19/09/2009 - 10:12:30 - [22,420] ----D C:\Program Files\Utilitaire de configuration iPhone
O43 - CFD: 21/05/2010 - 14:31:47 - [0,970] ----D C:\Program Files\Windows Calendar
O43 - CFD: 21/05/2010 - 14:31:44 - [2,610] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 21/05/2010 - 14:31:38 - [4,283] ----D C:\Program Files\Windows Defender
O43 - CFD: 20/06/2012 - 09:07:26 - [6,757] ----D C:\Program Files\Windows Journal
O43 - CFD: 03/09/2009 - 13:48:53 - [78,223] ----D C:\Program Files\Windows Live
O43 - CFD: 03/09/2009 - 13:49:10 - [0,234] ----D C:\Program Files\Windows Live SkyDrive
O43 - CFD: 18/06/2012 - 18:15:30 - [8,694] ----D C:\Program Files\Windows Mail
O43 - CFD: 15/01/2012 - 20:56:58 - [4,290] ----D C:\Program Files\Windows Media Player
O43 - CFD: 24/02/2009 - 18:11:44 - [7,589] ----D C:\Program Files\Windows NT
O43 - CFD: 21/05/2010 - 14:31:42 - [12,902] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 12/06/2010 - 23:38:28 - [0,128] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 21/05/2010 - 14:31:45 - [6,225] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 12/08/2012 - 18:32:38 - [12,789] ----D C:\Program Files\ZHPDiag
O43 - CFD: 12/08/2012 - 12:58:10 - [3,652] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 23/01/2010 - 12:48:46 - [30,670] ----D C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 18/06/2012 - 11:43:42 - [146,859] ----D C:\Program Files\Common Files\Apple
O43 - CFD: 15/01/2012 - 15:29:37 - [0,000] ----D C:\Program Files\Common Files\ArcSoft
O43 - CFD: 11/08/2012 - 11:38:41 - [0,006] ----D C:\Program Files\Common Files\AVG Secure Search
O43 - CFD: 11/03/2012 - 13:17:08 - [23,581] ----D C:\Program Files\Common Files\DivX Shared
O43 - CFD: 16/02/2012 - 15:21:22 - [0,436] ----D C:\Program Files\Common Files\Hewlett-Packard
O43 - CFD: 18/06/2012 - 17:45:05 - [2,065] ----D C:\Program Files\Common Files\HP
O43 - CFD: 20/12/2008 - 11:25:16 - [4,815] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 16/02/2012 - 23:34:34 - [37,320] ----D C:\Program Files\Common Files\Java
O43 - CFD: 24/02/2009 - 21:39:45 - [0,421] ----D C:\Program Files\Common Files\logishrd
O43 - CFD: 03/09/2009 - 13:49:15 - [261,427] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 11/03/2012 - 13:17:10 - [4,736] ----D C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 20/12/2008 - 11:26:20 - [30,710] ----D C:\Program Files\Common Files\Roxio Shared
O43 - CFD: 02/11/2006 - 13:18:33 - [0,003] ----D C:\Program Files\Common Files\Services
O43 - CFD: 20/12/2008 - 11:26:20 - [1,038] ----D C:\Program Files\Common Files\Sonic Shared
O43 - CFD: 03/09/2009 - 21:45:26 - [118,877] ----D C:\Program Files\Common Files\SPC630NC
O43 - CFD: 02/11/2006 - 13:18:33 - [39,198] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 20/12/2008 - 11:27:21 - [0,700] ----D C:\Program Files\Common Files\SureThing Shared
O43 - CFD: 15/01/2012 - 20:56:29 - [8,333] ----D C:\Program Files\Common Files\System
O43 - CFD: 03/09/2009 - 13:34:06 - [0] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 24/02/2009 - 20:27:19 - [31,879] -SH-D C:\Program Files\Common Files\WindowsLiveInstaller
O43 - CFD: 12/08/2012 - 12:58:07 - [262,312] ----D C:\ProgramData\Adobe
O43 - CFD: 15/01/2012 - 17:33:35 - [229,876] ----D C:\ProgramData\Apple
O43 - CFD: 27/02/2009 - 02:16:27 - [295,616] ----D C:\ProgramData\Apple Computer
O43 - CFD: 24/02/2009 - 18:11:44 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 04/09/2009 - 22:44:46 - [0,006] ----D C:\ProgramData\ArcSoft
O43 - CFD: 24/02/2009 - 18:18:25 - [0,000] ----D C:\ProgramData\ATI
O43 - CFD: 11/08/2012 - 11:39:08 - [0,255] ----D C:\ProgramData\AVG Secure Search
O43 - CFD: 26/05/2012 - 11:50:17 - [135,438] ----D C:\ProgramData\Avira
O43 - CFD: 24/02/2009 - 18:11:44 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 11/08/2012 - 11:37:59 - [0,000] --H-D C:\ProgramData\Common Files
O43 - CFD: 24/05/2012 - 13:08:26 - [2,276] ----D C:\ProgramData\Dell
O43 - CFD: 14/06/2012 - 12:02:05 - [4,568] ----D C:\ProgramData\DivX
O43 - CFD: 24/02/2009 - 18:11:44 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 23/01/2010 - 12:58:00 - [21,200] ----D C:\ProgramData\Electronic Arts
O43 - CFD: 24/02/2009 - 18:11:44 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 24/05/2012 - 18:16:40 - [1,833] ----D C:\ProgramData\Google
O43 - CFD: 16/02/2012 - 15:15:52 - [0,321] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 20/06/2012 - 14:58:57 - [62,810] ----D C:\ProgramData\HP
O43 - CFD: 13/03/2012 - 19:26:42 - [2,487] ----D C:\ProgramData\HP Photo Creations
O43 - CFD: 11/08/2012 - 12:49:35 - [0,009] ----D C:\ProgramData\HP Product Assistant
O43 - CFD: 16/02/2012 - 15:22:16 - [0] ----D C:\ProgramData\HPSSUPPLY
O43 - CFD: 20/12/2008 - 11:25:18 - [0,000] ----D C:\ProgramData\InstallShield
O43 - CFD: 18/06/2012 - 18:01:45 - [0,009] ----D C:\ProgramData\McAfee
O43 - CFD: 24/02/2009 - 18:11:44 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 24/05/2012 - 18:19:01 - [212,957] -S--D C:\ProgramData\Microsoft
O43 - CFD: 24/02/2009 - 18:11:44 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 11/08/2012 - 15:25:24 - [0,000] ----D C:\ProgramData\Mozilla
O43 - CFD: 20/12/2008 - 11:34:32 - [0,001] ----D C:\ProgramData\PC-Doctor
O43 - CFD: 24/05/2012 - 13:13:22 - [30,506] ----D C:\ProgramData\PCDr
O43 - CFD: 15/01/2012 - 15:10:00 - [3,224] ----D C:\ProgramData\Philips
O43 - CFD: 11/08/2012 - 11:29:13 - [0,102] ----D C:\ProgramData\River Past G5
O43 - CFD: 15/07/2012 - 13:02:22 - [0] ----D C:\ProgramData\Roxio
O43 - CFD: 20/12/2008 - 11:26:23 - [0,001] ----D C:\ProgramData\Sonic
O43 - CFD: 16/01/2012 - 18:04:14 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 20/12/2008 - 11:27:25 - [5,070] ----D C:\ProgramData\Uninstall
O43 - CFD: 16/02/2012 - 15:33:33 - [0,000] ----D C:\ProgramData\WEBREG
O43 - CFD: 15/01/2012 - 17:36:01 - [0] ----D C:\ProgramData\WindowsSearch
O43 - CFD: 24/02/2009 - 20:22:02 - [0,215] ----D C:\ProgramData\WLInstaller
O43 - CFD: 14/03/2009 - 00:43:39 - [0,003] ----D C:\ProgramData\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
O43 - CFD: 15/01/2012 - 17:43:26 - [0,516] ----D C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
O43 - CFD: 19/09/2009 - 10:09:40 - [0,002] ----D C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
O43 - CFD: 30/05/2009 - 23:27:07 - [0,002] ----D C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
O43 - CFD: 23/01/2010 - 12:57:45 - [1,234] ----D C:\Users\Chrystelle\AppData\Roaming\Adobe
O43 - CFD: 24/03/2012 - 11:10:03 - [117,869] ----D C:\Users\Chrystelle\AppData\Roaming\Apple Computer
O43 - CFD: 03/09/2009 - 21:52:52 - [0,000] ----D C:\Users\Chrystelle\AppData\Roaming\ArcSoft
O43 - CFD: 24/02/2009 - 18:18:25 - [0] ----D C:\Users\Chrystelle\AppData\Roaming\ATI
O43 - CFD: 26/05/2012 - 11:55:48 - [0] ----D C:\Users\Chrystelle\AppData\Roaming\Avira
O43 - CFD: 24/05/2012 - 13:13:43 - [0,041] ----D C:\Users\Chrystelle\AppData\Roaming\Dell
O43 - CFD: 24/03/2012 - 12:02:27 - [0,163] ----D C:\Users\Chrystelle\AppData\Roaming\DivX
O43 - CFD: 11/03/2012 - 13:03:38 - [0] ----D C:\Users\Chrystelle\AppData\Roaming\GetRightToGo
O43 - CFD: 25/02/2009 - 01:52:19 - [0] ----D C:\Users\Chrystelle\AppData\Roaming\Google
O43 - CFD: 18/06/2012 - 19:28:58 - [0,045] ----D C:\Users\Chrystelle\AppData\Roaming\HP
O43 - CFD: 07/07/2012 - 10:16:42 - [0,008] ----D C:\Users\Chrystelle\AppData\Roaming\HpUpdate
O43 - CFD: 24/02/2009 - 18:17:32 - [0] ----D C:\Users\Chrystelle\AppData\Roaming\Identities
O43 - CFD: 19/06/2012 - 09:26:17 - [0,489] ----D C:\Users\Chrystelle\AppData\Roaming\Image Zone Express
O43 - CFD: 10/01/2010 - 22:52:35 - [43,057] ----D C:\Users\Chrystelle\AppData\Roaming\LimeWire
O43 - CFD: 24/02/2009 - 20:29:58 - [1,992] ----D C:\Users\Chrystelle\AppData\Roaming\Macromedia
O43 - CFD: 02/11/2006 - 14:37:34 - [0] ----D C:\Users\Chrystelle\AppData\Roaming\Media Center Programs
O43 - CFD: 12/08/2012 - 12:03:47 - [8,271] -S--D C:\Users\Chrystelle\AppData\Roaming\Microsoft
O43 - CFD: 18/01/2010 - 17:03:48 - [13,960] ----D C:\Users\Chrystelle\AppData\Roaming\Mozilla
O43 - CFD: 20/09/2009 - 14:55:04 - [2,192] ----D C:\Users\Chrystelle\AppData\Roaming\OpenOffice.org
O43 - CFD: 24/05/2012 - 12:10:18 - [6,159] ----D C:\Users\Chrystelle\AppData\Roaming\PCDr
O43 - CFD: 19/06/2012 - 09:26:17 - [0,003] ----D C:\Users\Chrystelle\AppData\Roaming\Printer Info Cache
O43 - CFD: 11/08/2012 - 11:29:13 - [0,034] ----D C:\Users\Chrystelle\AppData\Roaming\River Past G5
O43 - CFD: 15/07/2012 - 13:02:21 - [0,001] ----D C:\Users\Chrystelle\AppData\Roaming\Roxio
O43 - CFD: 09/09/2009 - 22:47:14 - [0,013] ----D C:\Users\Chrystelle\AppData\Roaming\Template
O43 - CFD: 12/08/2012 - 12:57:50 - [44,447] ----D C:\Users\Chrystelle\AppData\Local\Adobe
O43 - CFD: 27/02/2009 - 02:15:11 - [0] ----D C:\Users\Chrystelle\AppData\Local\Apple
O43 - CFD: 29/11/2009 - 18:47:11 - [74,434] ----D C:\Users\Chrystelle\AppData\Local\Apple Computer
O43 - CFD: 24/02/2009 - 18:15:08 - [0] ----D C:\Users\Chrystelle\AppData\Local\Application Data
O43 - CFD: 03/09/2009 - 21:48:06 - [0] ----D C:\Users\Chrystelle\AppData\Local\ArcSoft
O43 - CFD: 24/02/2009 - 18:18:25 - [0,038] ----D C:\Users\Chrystelle\AppData\Local\ATI
O43 - CFD: 11/08/2012 - 11:39:18 - [0,581] ----D C:\Users\Chrystelle\AppData\Local\AVG Secure Search
O43 - CFD: 11/08/2012 - 13:58:49 - [0] ----D C:\Users\Chrystelle\AppData\Local\Conduit
O43 - CFD: 11/03/2012 - 13:46:03 - [0,000] ----D C:\Users\Chrystelle\AppData\Local\DDMSettings
O43 - CFD: 11/07/2012 - 18:45:45 - [0,020] ----D C:\Users\Chrystelle\AppData\Local\Electronic Arts
O43 - CFD: 20/06/2012 - 08:37:53 - [0] ----D C:\Users\Chrystelle\AppData\Local\ElevatedDiagnostics
O43 - CFD: 24/05/2012 - 18:16:40 - [393,166] ----D C:\Users\Chrystelle\AppData\Local\Google
O43 - CFD: 24/02/2009 - 18:15:08 - [0] ----D C:\Users\Chrystelle\AppData\Local\Historique
O43 - CFD: 13/03/2012 - 19:13:50 - [0,036] ----D C:\Users\Chrystelle\AppData\Local\HP
O43 - CFD: 11/08/2012 - 11:38:04 - [0,042] ----D C:\Users\Chrystelle\AppData\Local\I Want This
O43 - CFD: 12/08/2012 - 12:03:47 - [0] ----D C:\Users\Chrystelle\AppData\Local\Macromedia
O43 - CFD: 12/08/2012 - 12:03:47 - [990,742] ----D C:\Users\Chrystelle\AppData\Local\Microsoft
O43 - CFD: 25/02/2009 - 20:01:45 - [0,634] ----D C:\Users\Chrystelle\AppData\Local\Microsoft Games
O43 - CFD: 18/01/2010 - 17:03:48 - [57,472] ----D C:\Users\Chrystelle\AppData\Local\Mozilla
O43 - CFD: 11/08/2012 - 14:06:04 - [0,002] ----D C:\Users\Chrystelle\AppData\Local\Stardock_Corporation
O43 - CFD: 12/08/2012 - 18:33:29 - [981,398] ----D C:\Users\Chrystelle\AppData\Local\Temp
O43 - CFD: 24/02/2009 - 18:15:08 - [0] ----D C:\Users\Chrystelle\AppData\Local\Temporary Internet Files
O43 - CFD: 11/06/2010 - 11:24:05 - [4,051] ----D C:\Users\Chrystelle\AppData\Local\VirtualStore
O43 - CFD: 20/09/2009 - 00:25:30 - [0,004] ----D C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4Media
O43 - CFD: 21/01/2008 - 04:42:46 - [0,015] R---D C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 24/02/2009 - 18:17:46 - [0,000] R---D C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 24/02/2009 - 18:18:29 - [0,005] ----D C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Desktop
O43 - CFD: 26/07/2012 - 11:35:48 - [0,002] ----D C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 21/01/2008 - 04:42:46 - [0,001] R---D C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 20/09/2009 - 14:55:25 - [0,003] R---D C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 24/02/2009 - 19:06:02 - [0,002] ----D C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TRENDnet
~ Scan Program Folder in 00mn 32s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.A81C616F4AD1B9CA9630D417FAFF53C4] - 12/08/2012 - 11:48:37 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.6568F7C9C397F5F41AC060AF531124D3] - 12/08/2012 - 11:48:17 ---A- . (...) -- C:\Windows\PFRO.log   [52514]
O44 - LFC:[MD5.3967CC0B23E64997D19556A886C883DA] - 12/08/2012 - 11:47:09 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1245938]
O44 - LFC:[MD5.0E41FBA0169521F8C2054D7270827D4C] - 12/08/2012 - 11:47:00 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe   [426184]
O44 - LFC:[MD5.55BAB11461AF614A9BE43DDA52EF6125] - 12/08/2012 - 11:47:00 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl   [70344]
~ Scan Files in 01mn 01s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
~ Scan Keys in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s



---\\ MountPoints2 Shell Key (O51) (None)

---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"VIDC.I420"="lvcodec2.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\System32\lvcodec2.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.VP60"="C:\Windows\system32\vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\system32\vp6vfw.dll
O52 - TDSD: \Drivers32\"vidc.VP61"="C:\Windows\system32\vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\system32\vp6vfw.dll
O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll
O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"vp6vfw.dll"="EA VP6 Codec" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\System32\vp6vfw.dll
~ Scan Keys in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53) (None)

---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
~ Scan Keys in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [422968]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
~ Scan Drivers in 00mn 00s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.31 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Windows\system32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\Safari\Safari.exe (.not file.)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Windows\system32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files\Safari\Safari.exe (.not file.)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Windows\system32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\Safari\Safari.exe (.not file.)
~ Scan Keys in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {70D46D94-BF1E-45ED-B567-48701376298E} - (Google Desktop) - http://127.0.0.1:4664/search&s=2pysF--2MS9pDa96MTbvwvm2QXk?q={searchTer…
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (01NET.com Customized Web Search) - http://search.conduit.com
~ Scan Keys in 00mn 00s



---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [24576]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [62976]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [247808]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [40448]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [40448]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [125952]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [125952]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [438784]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll   [315392]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll   [262144]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [68608]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [47104]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [288256]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [242688]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll   [449024]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll   [1933848]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll   [1933848]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [247808]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [200704]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [19968]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [33280]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [111616]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [45056]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [153088]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [153088]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [162304]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [601600]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\System32\sessenv.dll   [84992]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [81920]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [81920]
~ Scan Services in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.66950F44002638D0788CC42D3E69BA46] [SPRF][09/08/2012] (...) -- C:\Users\Chrystelle\AppData\Local\d3d9caps.dat   [680]
[MD5.B9918718C6AF9F92F9E49A01AF35DEB7] [SPRF][09/08/2012] (.Ask.com - AskIC Dynamic Link Library.) -- C:\Users\Chrystelle\AppData\Local\Temp\AskSLib.dll   [248008]
[MD5.77B2514C0C4F995FB820867209A467A3] [SPRF][03/06/2007] (.Electronic Arts Inc. - Electronic Arts AutoRun.) -- C:\Users\Chrystelle\AppData\Local\Temp\AutoRun.exe   [633928]
[MD5.23AF433B8AEF56EA4E84538017860042] [SPRF][03/06/2007] (.Electronic Arts Inc. - AutoRun GUI.) -- C:\Users\Chrystelle\AppData\Local\Temp\AutoRunGUI.dll   [588872]
[MD5.A5275199DB0A1D6BEAC60CD5DC7EF2E7] [SPRF][11/03/2012] (.Conduit - Pas de description.) -- C:\Users\Chrystelle\AppData\Local\Temp\conduitinstaller.exe   [209576]
[MD5.24F2C14A35AE69F5CB8632C77B67D5EB] [SPRF][24/05/2012] (...) -- C:\Users\Chrystelle\AppData\Local\Temp\defaultCache.reg   [1409740]
[MD5.8D0EE0BB5FB6F89B10EABA01F40F7F37] [SPRF][27/02/2009] (.DivX, Inc. - DivX Web Player Installer, L:EN, DivX Web Player 1.4.2.) -- C:\Users\Chrystelle\AppData\Local\Temp\DivXInstaller.exe   [3813472]
[MD5.145945C46A622D57DD59B12EA4957F69] [SPRF][11/03/2012] (.DivX, LLC - DivX Setup.) -- C:\Users\Chrystelle\AppData\Local\Temp\DivXSetup.exe   [932704]
[MD5.9FDAF73561686CE32B352F575BA9E2C3] [SPRF][10/07/2012] (.Sony DADC Austria AG - SecuROM DRM Dialog.) -- C:\Users\Chrystelle\AppData\Local\Temp\drm_dialogs.dll   [65536]
[MD5.5D71296D071DCF10286F3B7F277D6B46] [SPRF][11/07/2012] (.Sony DADC Austria AG - SecuROM dynamic-data module.) -- C:\Users\Chrystelle\AppData\Local\Temp\drm_dyndata_7330005.dll   [208896]
[MD5.E5BD60AA555912C12315E3FCD7FDD067] [SPRF][08/03/2009] (.Sony DADC Austria AG - SecuROM dynamic-data module.) -- C:\Users\Chrystelle\AppData\Local\Temp\drm_dyndata_7370012.dll   [208896]
[MD5.C66BDF9510EAA086FF853A534F302A77] [SPRF][25/02/2009] (.Sony DADC Austria AG - SecuROM dynamic-data module.) -- C:\Users\Chrystelle\AppData\Local\Temp\drm_dyndata_7380013.dll   [204800]
[MD5.0FA7EBC97D52A1553FAB8D3D401138CA] [SPRF][12/07/2012] (.Sony DADC Austria AG - SecuROM dynamic-data module.) -- C:\Users\Chrystelle\AppData\Local\Temp\drm_dyndata_7380015.dll   [204800]
[MD5.7A665BD950339DA2C23228B067109C73] [SPRF][23/01/2010] (.Electronic Arts, Inc. - EA Download Manager.) -- C:\Users\Chrystelle\AppData\Local\Temp\EAD22BC.exe   [22091888]
[MD5.6385A061AD763708EEAB57B76EC854BD] [SPRF][05/06/2009] (.Electronic Arts, Inc. - EA Download Manager.) -- C:\Users\Chrystelle\AppData\Local\Temp\EAD27EA.exe   [6674216]
[MD5.B9B0790106784987D763BD7BB19843B0] [SPRF][13/09/2009] (.Electronic Arts, Inc. - EA Download Manager.) -- C:\Users\Chrystelle\AppData\Local\Temp\EADDD63.exe   [6819160]
[MD5.EF70BDCC7EC2262BECF0C834C9B9030B] [SPRF][03/06/2007] (...) -- C:\Users\Chrystelle\AppData\Local\Temp\EAInstall.dll   [879688]
[MD5.05BF033508361AD628855530307FD76A] [SPRF][03/06/2007] (.Electronic Arts Inc. - Uninstall.) -- C:\Users\Chrystelle\AppData\Local\Temp\eauninstall.exe   [322632]
[MD5.BFD203827AB373DE4650A8898DCD7E6A] [SPRF][18/08/2004] (.Macromedia, Inc. - Macromedia Flash Player 6.0  r21.) -- C:\Users\Chrystelle\AppData\Local\Temp\First15.exe   [1453843]
[MD5.31B2A8BA16E3434D6958726BD10B999F] [SPRF][04/10/2008] (.Adobe Systems Incorporated - Adobe® Flash® Player Plugin Installer.) -- C:\Users\Chrystelle\AppData\Local\Temp\FP_PL_MSI_INSTALLER.exe   [1845594]
[MD5.317132E9C64F98B06483BA940990A27D] [SPRF][13/03/2012] (.Igor Pavlov - 7z Setup SFX.) -- C:\Users\Chrystelle\AppData\Local\Temp\FR-Package.exe   [1392280]
[MD5.0B57F8A086DCA012AA18BB94E75ADBC9] [SPRF][03/06/2007] (.Microsoft Corporation - Game Explorer Install Helper DLL.) -- C:\Users\Chrystelle\AppData\Local\Temp\GameuxInstallHelper.dll   [109640]
[MD5.E648E9A2177EA1236AF2B0A3394534F6] [SPRF][03/06/2007] (.Electronic Arts - Registration code installer program.) -- C:\Users\Chrystelle\AppData\Local\Temp\Harry Potter and the Order of the Phoenix_uninst.exe   [97352]
[MD5.822AD0D91D012B82E26D1F1BFA286AC6] [SPRF][14/11/2011] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Chrystelle\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe   [909088]
[MD5.C2BE3D1DCF0B8D09B89088E8A56AF7A4] [SPRF][05/02/2012] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Chrystelle\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe   [908576]
[MD5.107167F15D30AA71D7CAFC0326AFB315] [SPRF][08/06/2012] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Chrystelle\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe   [909104]
[MD5.6852A15E6C573C475D08CE11224E9329] [SPRF][16/05/2012] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\Chrystelle\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe   [893936]
[MD5.039C3115E52625CD1DADC6F713860336] [SPRF][17/12/2009] (.Google Inc. - GoogleToolbarNotifier.) -- C:\Users\Chrystelle\AppData\Local\Temp\SearchWithGoogleUpdate.exe   [410608]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][16/09/2009] (...) -- C:\Users\Chrystelle\AppData\Local\Temp\stub.exe   [0]
[MD5.2D2894581D355D5F44EAE38898A66846] [SPRF][01/01/2012] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\Chrystelle\AppData\Local\Temp\tb01NE.dll   [4398888]
[MD5.1A0633CD2037AB14D64DC3F75217C286] [SPRF][18/03/2010] (.Electronic Arts, Inc. - EA Access installer extension.) -- C:\Users\Chrystelle\AppData\Local\Temp\UninstallEACore.dll   [226624]
[MD5.966BCF006DDAFA9EDF0C625CE4A4E1E1] [SPRF][03/09/2009] (.Electronic Arts, Inc. - EADM Installer.) -- C:\Users\Chrystelle\AppData\Local\Temp\UninstallEADM.dll   [193840]
[MD5.5B2DA96D90C95228239806D40B720BD2] [SPRF][18/08/2004] (...) -- C:\Users\Chrystelle\AppData\Local\Temp\VP6.reg   [340]
[MD5.1410ADCB69C267916EE702E2A443E93F] [SPRF][18/08/2004] (...) -- C:\Users\Chrystelle\AppData\Local\Temp\VP6Install.exe   [23040]
[MD5.4D6F38D3CDA2D0BA502BC1C499A622CF] [SPRF][18/08/2004] (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Users\Chrystelle\AppData\Local\Temp\VP6VFW.dll   [442368]
[MD5.A30EF117F088BCA2FF7F5AD18CEE65EC] [SPRF][12/08/2009] (.Microsoft Corporation - Windows Live Installer.) -- C:\Users\Chrystelle\AppData\Local\Temp\wlsetup-cvr.exe   [36278112]
[MD5.407E3AD05C7260151F1E9DE0E8191612] [SPRF][15/06/2012] (...) -- C:\Users\Chrystelle\AppData\Roaming\wklnhst.dat   [826]
[MD5.8CE7705CB43B03BB7970B04087C7758F] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll   [29616]
[MD5.01E2ECA759056F23C73A035FDABB2D6D] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe   [201648]
[MD5.0C135B4FEFF52ED92CF08BB3F0A75A90] [SPRF][11/09/2006] (.Macrovision Corporation - Macrovision Software Manager Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll   [484272]
~ Scan Files in 00mn 12s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{7FF8800A-FAFD-4BDC-8D4B-D44B23A60571}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{ED3F1FC7-BCE8-4BA0-A61B-BC46375F041F}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{38933D0D-3214-40E5-B897-E8AB69C5BD40}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
O87 - FAEL: "{56D376D0-AA86-4B64-9D0D-2200098B3B9F}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{AD7F2EE6-7339-42A2-9334-30C009151AD1}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{E41B3F24-1F98-4379-A373-E15776E8E8EB}" | In - Private - P6 - TRUE | .(.Hewlett-Packard Co. - DeviceSetup.exe.) -- C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe
O87 - FAEL: "{FA5BBBA9-C0E4-49A1-B57E-928CA6729387}" | In - Private - P17 - TRUE | .(.Hewlett-Packard Co. - DeviceSetup.exe.) -- C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe
O87 - FAEL: "{EFC12FE0-9D0C-4E80-9D19-B6A334B2F048}" | In - Private - P6 - TRUE | .(.Hewlett-Packard Co. - HPNetworkCommunicator.) -- C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe
O87 - FAEL: "{7727BA9F-7FF9-4BBE-A190-23A836C25903}" | In - Private - P17 - TRUE | .(.Hewlett-Packard Co. - HPNetworkCommunicator.) -- C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe
O87 - FAEL: "{818FED21-5534-4F27-8F0C-E9E2CC6F2A0B}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
~ Scan Firewall in 00mn 00s



---\\ Scan Additionnel (O88)
Database Version : 9174 - (31/07/2012)
Clés trouvées (Keys found) : 5
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 5
Fichiers trouvés  (Files found) : 0

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}]   =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}]   =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes]   =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\PriceGong]   =>Adware.PriceGong
[HKLM\Software\Classes\Toolbar.CT3128284]   =>Toolbar.Agent
C:\Program Files\Conduit   =>Toolbar.Conduit
C:\Users\Chrystelle\AppData\Local\Conduit   =>Toolbar.Conduit
C:\Users\Chrystelle\AppData\LocalLow\Conduit   =>Toolbar.Conduit
C:\Users\Chrystelle\AppData\LocalLow\PriceGong   =>Adware.PriceGong
~ Scan Additionnel in 00mn 06s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand  0 |  (ACDaemon) . (...) - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SR - | Auto  741376 |  (ACPService) . (...) - C:\Program Files\Philips\CamSuite\1.0.9.0\ACPService.exe
SS - | Auto 04/04/2012 63928 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 12/08/2012 250056 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 18/07/2008 73728 |  (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\AERTSrv.exe
SR - | Auto 15/02/2012 86224 |  (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 15/02/2012 110032 |  (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 24/05/2012 55184 |  (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 21/05/2008 675840 |  (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\System32\Ati2evxx.exe
SR - | Auto 31/08/2011 390504 |  (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 24/09/2008 155648 |  (DockLoginService) . (.Stardock Corporation.) - C:\Program Files\Dell\DellDock\DockLogin.exe
SS - | Demand 17/12/2009 30192 |  (GoogleDesktopManager-110309-193829) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
SS - | Demand 20/12/2008 16680 |  (GoToAssist) . (.Citrix Online, a division of Citrix Systems.) - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
SS - | Demand 20/12/2008 16680 |  (gpsvc) . (.Citrix Online, a division of Citrix Systems.) - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
SS - | Auto 29/11/2009 133104 |  (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 29/11/2009 133104 |  (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Demand 21/01/2008 21504 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 21/01/2008 21504 | C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Demand 07/06/2012 821648 |  (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 14/07/2012 113120 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Demand 24/03/2008 74384 |  (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
SR - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Scan Services in 00mn 07s



End of the scan (1182 lines in 03mn 12s)(0)


Dernière édition par mollet le Jeu 16 Aoû - 10:53 (2012); édité 2 fois


IM

Pc Dell
 MessagePosté le: Dim 12 Aoû - 16:01 (2012) Répondre en citant  
Message
  mollet
Pilier du Forum
Pilier du Forum


Hors ligne

Inscrit le: 24 Jan 2010
Messages: 854
Niveau Général Informatique:
Navigateur: FireFox
Féminin Balance (23sep-22oct)
Point(s): 841
Moyenne de points: 0,98

je sais pas si tu vas me le demander mais j'ai essayé de faire un scan avec zhp diag en cliquant sur le tournevis ( ordi fixe dell de ma fille) et lorsque je clique cela ne se met pas en route elle est sous vista




IM

Pc Dell
 MessagePosté le: Lun 13 Aoû - 16:09 (2012) Répondre en citant  
Message
  nenette58
Administrateurs WSI
Administrateurs WSI


Hors ligne

Inscrit le: 01 Nov 2008
Messages: 3 843
Niveau Général Informatique:
Estimation Protection:
Navigateur: FireFox
Féminin Cancer (21juin-23juil) 狗 Chien
Point(s): 4 310
Moyenne de points: 1,12
Version Pack: Gratuite
Autre: MalwareBytes+Zemana

Non, ça va aller, le rapport est assez complet comme ça. Okay

Désinstalle : Conduit via le panneau de configuration



  • Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
  • Lance le, clique sur [Recherche] puis patiente le temps du scan.
  • Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[R1].txt


Nul n'a autant besoin d'un sourire que celui qui n'en a pas à donner.





Pc Dell
 MessagePosté le: Lun 13 Aoû - 17:01 (2012) Répondre en citant  
Message
  mollet
Pilier du Forum
Pilier du Forum


Hors ligne

Inscrit le: 24 Jan 2010
Messages: 854
Niveau Général Informatique:
Navigateur: FireFox
Féminin Balance (23sep-22oct)
Point(s): 841
Moyenne de points: 0,98

merci beaucoup pour avoir chan# AdwCleaner v1.800 - Rapport créé le 13/08/2012 à 20:00:02
# Mis à jour le 01/08/2012 par Xplode
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Nom d'utilisateur : Chrystelle - COMPUTIE
# Exécuté depuis : C:\Users\Chrystelle\Downloads\adwcleaner.exe
# Option [Recherche]


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Présent : C:\Users\Chrystelle\AppData\Local\AVG Secure Search
Dossier Présent : C:\Users\Chrystelle\AppData\Local\Conduit
Dossier Présent : C:\Users\CHRYST~1\AppData\Local\Temp\avg@toolbar
Dossier Présent : C:\Users\Chrystelle\AppData\LocalLow\AVG Secure Search
Dossier Présent : C:\Users\Chrystelle\AppData\LocalLow\boost_interprocess
Dossier Présent : C:\Users\Chrystelle\AppData\LocalLow\Conduit
Dossier Présent : C:\Users\Chrystelle\AppData\LocalLow\PriceGong
Dossier Présent : C:\Users\Chrystelle\AppData\Roaming\Mozilla\Firefox\Profiles\gsamgv00.default\extensions\crossriderapp2258@crossrider.com
Dossier Présent : C:\ProgramData\AVG Secure Search
Dossier Présent : C:\Program Files\Conduit
Dossier Présent : C:\Program Files\Common Files\AVG Secure Search

***** [Registre] *****

[*] Clé Présente : HKLM\SOFTWARE\Classes\Toolbar.CT3128284
Clé Présente : HKCU\Software\AppDataLow\Software\Conduit
Clé Présente : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Clé Présente : HKCU\Software\AppDataLow\Software\PriceGong
Clé Présente : HKLM\SOFTWARE\Conduit

***** [Registre - GUID] *****

Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

***** [Navigateurs] *****

-\\ Internet Explorer v8.0.6001.19272

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT3128284

-\\ Mozilla Firefox v14.0.1 (fr)

Nom du profil : default
Fichier : C:\Users\Chrystelle\AppData\Roaming\Mozilla\Firefox\Profiles\gsamgv00.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.

-\\ Google Chrome v21.0.1180.75

Fichier : C:\Users\Chrystelle\AppData\Local\Google\Chrome\User Data\Default\Preferences

Présente :       "homepage": "hxxps://isearch.avg.com/?cid={03003F04-1B48-4DEB-98F9-4B7949C0E6AC}&mid=6b078fb5d[...]
Présente :          "urls_to_restore_on_startup": [ "hxxps://isearch.avg.com/?cid={03003F04-1B48-4DEB-98F9-4B79[...]
Présente :       "icon_url": "hxxps://isearch.avg.com/favicon.ico",
Présente :       "keyword": "isearch.avg.com",
Présente :       "name": "AVG Secure Search",
Présente :       "search_url": "hxxps://isearch.avg.com/search?cid={03003F04-1B48-4DEB-98F9-4B7949C0E6AC}&mid=&[...]
Présente :    "homepage": "hxxps://isearch.avg.com/?cid={03003F04-1B48-4DEB-98F9-4B7949C0E6AC}&mid=6b078fb5d5aa[...]
Présente :       "urls_to_restore_on_startup": [ "hxxps://isearch.avg.com/?cid={03003F04-1B48-4DEB-98F9-4B7949C[...]

*************************

AdwCleaner[R1].txt - [3064 octets] - [13/08/2012 20:00:02]

########## EOF - C:\AdwCleaner[R1].txt - [3192 octets] ##########
gé le dossier pour ma fille voici le rapport




IM

Pc Dell
 MessagePosté le: Lun 13 Aoû - 17:02 (2012) Répondre en citant  
Message
  mollet
Pilier du Forum
Pilier du Forum


Hors ligne

Inscrit le: 24 Jan 2010
Messages: 854
Niveau Général Informatique:
Navigateur: FireFox
Féminin Balance (23sep-22oct)
Point(s): 841
Moyenne de points: 0,98

je n'ai pas trouvé le dossier conduit dans panneau de configuration pour le désinstaller




IM

Pc Dell
 MessagePosté le: Lun 13 Aoû - 19:14 (2012) Répondre en citant  
Message
  mollet
Pilier du Forum
Pilier du Forum


Hors ligne

Inscrit le: 24 Jan 2010
Messages: 854
Niveau Général Informatique:
Navigateur: FireFox
Féminin Balance (23sep-22oct)
Point(s): 841
Moyenne de points: 0,98

ça y est en cherchant j'ai trouvé le dossier conduit  sur le disque c dans le dossier conduit il est écrit extension dell - alertes dell _ est ce bien de ce dossier que tu veux parler ? je peux le supprimer sans problème pour le bon fonctionnement de l'ordi ? merci de ton aide




IM

Pc Dell
 MessagePosté le: Mar 14 Aoû - 13:21 (2012) Répondre en citant  
Message
  nenette58
Administrateurs WSI
Administrateurs WSI


Hors ligne

Inscrit le: 01 Nov 2008
Messages: 3 843
Niveau Général Informatique:
Estimation Protection:
Navigateur: FireFox
Féminin Cancer (21juin-23juil) 狗 Chien
Point(s): 4 310
Moyenne de points: 1,12
Version Pack: Gratuite
Autre: MalwareBytes+Zemana

mollet a écrit:
ça y est en cherchant j'ai trouvé le dossier conduit  sur le disque c dans le dossier conduit il est écrit extension dell - alertes dell _ est ce bien de ce dossier que tu veux parler ? je peux le supprimer sans problème pour le bon fonctionnement de l'ordi ? merci de ton aide


Je ne connais pas les dessous cachés des pc Dell, donc je ne peux rien affirmer, le mieux est de laisser faire AdwCleaner qui l'a trouvé au bon endroit : Dossier Présent : C:\Program Files\Conduit Okay

  • Relance AdwCleaner, clique sur [Suppression] puis patiente le temps du scan.
  • Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.
    S'il est demandé de redémarrer le pc pour finir le nettoyage, fais-le de suite

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt


Ensuite, télécharge MalwareBytes Anti Malware et exécute un scan complet.
Supprime tout ce qu'il va trouver et poste le rapport s'il te plait Okay


Nul n'a autant besoin d'un sourire que celui qui n'en a pas à donner.





Pc Dell
 MessagePosté le: Mar 14 Aoû - 15:24 (2012) Répondre en citant  
Message
  mollet
Pilier du Forum
Pilier du Forum


Hors ligne

Inscrit le: 24 Jan 2010
Messages: 854
Niveau Général Informatique:
Navigateur: FireFox
Féminin Balance (23sep-22oct)
Point(s): 841
Moyenne de points: 0,98

ok merci beaucoup




IM

Pc Dell
 MessagePosté le: Mar 14 Aoû - 15:34 (2012) Répondre en citant  
Message
  mollet
Pilier du Forum
Pilier du Forum


Hors ligne

Inscrit le: 24 Jan 2010
Messages: 854
Niveau Général Informatique:
Navigateur: FireFox
Féminin Balance (23sep-22oct)
Point(s): 841
Moyenne de points: 0,98

# AdwCleaner v1.801 - Rapport créé le 14/08/2012 à 18:26:00
# Mis à jour le 14/08/2012 par Xplode
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Nom d'utilisateur : Chrystelle - COMPUTIE
# Mode de démarrage : Normal
# Exécuté depuis : C:\Users\Chrystelle\Downloads\adwcleaner(1).exe
# Option [Suppression]


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\Users\Chrystelle\AppData\Local\AVG Secure Search
Dossier Supprimé : C:\Users\Chrystelle\AppData\Local\Conduit
Dossier Supprimé : C:\Users\CHRYST~1\AppData\Local\Temp\avg@toolbar
Dossier Supprimé : C:\Users\Chrystelle\AppData\LocalLow\AVG Secure Search
Dossier Supprimé : C:\Users\Chrystelle\AppData\LocalLow\boost_interprocess
Dossier Supprimé : C:\Users\Chrystelle\AppData\LocalLow\Conduit
Dossier Supprimé : C:\Users\Chrystelle\AppData\LocalLow\PriceGong
Dossier Supprimé : C:\Users\Chrystelle\AppData\Roaming\Mozilla\Firefox\Profiles\gsamgv00.default\extensions\crossriderapp2258@crossrider.com
Dossier Supprimé : C:\ProgramData\AVG Secure Search
Dossier Supprimé : C:\Program Files\Conduit
Dossier Supprimé : C:\Program Files\Common Files\AVG Secure Search

***** [Registre] *****

[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT3128284
Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit
Clé Supprimée : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Clé Supprimée : HKCU\Software\AppDataLow\Software\PriceGong
Clé Supprimée : HKCU\Software\Ask.com.tmp
Clé Supprimée : HKLM\SOFTWARE\Conduit

***** [Registre - GUID] *****

Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

***** [Navigateurs] *****

-\\ Internet Explorer v8.0.6001.19272

Remplacé : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT3128284 --> hxxp://www.google.com

-\\ Mozilla Firefox v14.0.1 (fr)

Nom du profil : default
Fichier : C:\Users\Chrystelle\AppData\Roaming\Mozilla\Firefox\Profiles\gsamgv00.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.

-\\ Google Chrome v21.0.1180.75

Fichier : C:\Users\Chrystelle\AppData\Local\Google\Chrome\User Data\Default\Preferences

Supprimée :       "homepage": "hxxps://isearch.avg.com/?cid={03003F04-1B48-4DEB-98F9-4B7949C0E6AC}&mid=6b078fb5d[...]
Supprimée :          "urls_to_restore_on_startup": [ "hxxps://isearch.avg.com/?cid={03003F04-1B48-4DEB-98F9-4B79[...]
Supprimée :       "icon_url": "hxxps://isearch.avg.com/favicon.ico",
Supprimée :       "keyword": "isearch.avg.com",
Supprimée :       "name": "AVG Secure Search",
Supprimée :       "search_url": "hxxps://isearch.avg.com/search?cid={03003F04-1B48-4DEB-98F9-4B7949C0E6AC}&mid=&[...]
Supprimée :    "homepage": "hxxps://isearch.avg.com/?cid={03003F04-1B48-4DEB-98F9-4B7949C0E6AC}&mid=6b078fb5d5aa[...]
Supprimée :       "urls_to_restore_on_startup": [ "hxxps://isearch.avg.com/?cid={03003F04-1B48-4DEB-98F9-4B7949C[...]

*************************

AdwCleaner[R1].txt - [3193 octets] - [13/08/2012 20:00:02]
AdwCleaner[S1].txt - [3265 octets] - [14/08/2012 18:26:00]

########## EOF - C:\AdwCleaner[S1].txt - [3393 octets] ##########




IM

Pc Dell
 MessagePosté le: Mar 14 Aoû - 16:32 (2012) Répondre en citant  
Message
  nenette58
Administrateurs WSI
Administrateurs WSI


Hors ligne

Inscrit le: 01 Nov 2008
Messages: 3 843
Niveau Général Informatique:
Estimation Protection:
Navigateur: FireFox
Féminin Cancer (21juin-23juil) 狗 Chien
Point(s): 4 310
Moyenne de points: 1,12
Version Pack: Gratuite
Autre: MalwareBytes+Zemana

Parfait, AdwCleaner a bien fait son job Okay

J'attends le rapport Malwarebytes, que je lirai demain ... eh oui, je travaille demain et très tôt en plus


Nul n'a autant besoin d'un sourire que celui qui n'en a pas à donner.





Pc Dell
 MessagePosté le: Mar 14 Aoû - 16:41 (2012) Répondre en citant  
Message
  mollet
Pilier du Forum
Pilier du Forum


Hors ligne

Inscrit le: 24 Jan 2010
Messages: 854
Niveau Général Informatique:
Navigateur: FireFox
Féminin Balance (23sep-22oct)
Point(s): 841
Moyenne de points: 0,98

le scann malwarebyte est entrain de se faire




IM

Pc Dell
 MessagePosté le: Mar 14 Aoû - 17:25 (2012) Répondre en citant  
Message
  mollet
Pilier du Forum
Pilier du Forum


Hors ligne

Inscrit le: 24 Jan 2010
Messages: 854
Niveau Général Informatique:
Navigateur: FireFox
Féminin Balance (23sep-22oct)
Point(s): 841
Moyenne de points: 0,98

Malwarebytes Anti-Malware (Essai) 1.62.0.1300
www.malwarebytes.org

Version de la base de données: v2012.08.14.03

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19272
Chrystelle :: COMPUTIE [administrateur]

Protection: Désactivé

14/08/2012 18:36:06
mbam-log-2012-08-14 (18-36-06).txt

Type d'examen: Examen complet (C:\|D:\|J:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 402844
Temps écoulé: 1 heure(s), 40 minute(s), 52 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)

(fin)
voilà le scan de malwarebytes




IM

Pc Dell
 MessagePosté le: Mer 15 Aoû - 13:23 (2012) Répondre en citant  
Message
  nenette58
Administrateurs WSI
Administrateurs WSI


Hors ligne

Inscrit le: 01 Nov 2008
Messages: 3 843
Niveau Général Informatique:
Estimation Protection:
Navigateur: FireFox
Féminin Cancer (21juin-23juil) 狗 Chien
Point(s): 4 310
Moyenne de points: 1,12
Version Pack: Gratuite
Autre: MalwareBytes+Zemana

Eh bien, c'est tout bon Okay Peux-tu refaire un rapport ZHPDiag, s'il te plait ? Au cas où il y aurait encore des bricoles à supprimer ...


Nul n'a autant besoin d'un sourire que celui qui n'en a pas à donner.





Pc Dell
 MessagePosté le: Mer 15 Aoû - 14:34 (2012) Répondre en citant  
Message
  mollet
Pilier du Forum
Pilier du Forum


Hors ligne

Inscrit le: 24 Jan 2010
Messages: 854
Niveau Général Informatique:
Navigateur: FireFox
Féminin Balance (23sep-22oct)
Point(s): 841
Moyenne de points: 0,98

d'accord
Run by Chrystelle at 15/08/2012 17:31:00
Web site :  http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Web site :  http://nicolascoolman.skyrock.com/
Rapport de ZHPDiag v1.31.13 par Nicolas Coolman, Update du 31/07/2012
State : Version à jour.


---\\ Web Browser
MSIE: Internet Explorer v

---\\ Windows Product Information
~ Langage: Français
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : B9HD2
Windows License : OK
Windows Automatic Updates : OK

---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 7, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3326 MB (62% free)
System Restore: Inconnu (Unknown)
System drive C: has 451 GB (77%) free of 581 GB

---\\ Logged in mode
~ Computer Name: COMPUTIE
~ User Name: Chrystelle
~ All Users Names: Chrystelle, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Chrystelle\AppData\Roaming\
~ %Desktop% : C:\Users\Chrystelle\Desktop\
~ %Favorites% : C:\Users\Chrystelle\Favorites\
~ %LocalAppData% : C:\Users\Chrystelle\AppData\Local\
~ %StartMenu% : C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 451 Go of 581 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 10 Go of 15 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Hard drive, Flash drive, Thumb drive (Free 568 Go of 596 Go)



---\\ Security Center & Tools Informations
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.DEAF5B0677A6B864B8F4F41C127695DB] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.15/05/2012 - 07:37:49.) -- C:\Windows\System32\wininet.dll [916992]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 - 07:32:49.) -- C:\Windows\system32\Drivers\ntfs.sys [1083880]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.147281C01FCB1DF9252DE2A10D5E7093] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.11/04/2009 - 07:32:55.) -- C:\Windows\system32\Drivers\volsnap.sys [226280]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/3
~ Mes musiques (My Musics) : 7/97
~ Mes Videos (My Videos) : 1/10
~ Mes Favoris (My Favorites) : 1/33
~ Mes Documents (My Documents) : 1/3399
~ Mon Bureau (My Desktop) : 1/5
~ Menu demarrer (Programs) : 1/35
~ Scan Hidden Files in 00mn 03s



---\\ Processus lancés
[MD5.0CEF6926C814953F18C925AB46E2889C] - (.Pas de propriétaire - Philips CamSuite GUI module.) -- C:\Program Files\Philips\CamSuite\1.0.9.0\ACPGUI.dll   [815104] [PID.3364]
[MD5.58D9C70B01DBF2DEAEA787A1D7C869BB] - (.Stardock Corporation - Dell Dock.) -- C:\Program Files\Dell\DellDock\DellDock.exe   [1295656] [PID.3948]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe   [69120] [PID.4088]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe   [1008184] [PID.700]
[MD5.85FB84AAE36E498F471CB76270D4B8F6] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe   [6246400] [PID.2648]
[MD5.F0187E45268E86AAAA932CBD9087BEA8] - (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe   [30192] [PID.800]
[MD5.E681281D9BFC9D45D3B72532717E5880] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe   [49152] [PID.756]
[MD5.B93C4070F24E46B0097648C276B5039E] - (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe   [49152] [PID.3280]
[MD5.4EB0C6C3EF4D8885CF2B5D0062F31E44] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe   [1259376] [PID.3448]
[MD5.9F0BE235A0136EA9E94CF9BD037C30EC] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe   [348664] [PID.3688]
[MD5.34086F1DBB4065047EA3671CB70505CC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe   [421776] [PID.3728]
[MD5.98A078F838A70F84E1BD490D7C7675F4] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   [254696] [PID.3744]
[MD5.84DB35F319E5B67838A4877C11748866] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe   [462920] [PID.3756]
[MD5.E0E15F209360E4A97ABCC21A486B4AEE] - (.Apple Inc. - ubd.exe.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe   [59240] [PID.3424]
[MD5.1BA45CDEF852381DA4A95D056DDB4B48] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe   [210520] [PID.4036]
[MD5.DC35217E5F49C2FE2D5EBC7CB52FEC65] - (.Pas de propriétaire - WlanCU MFC Application.) -- C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe   [434176] [PID.4060]
[MD5.83170B8E03213093B065A9638E146499] - (.OpenOffice.org - OpenOffice.org 3.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe   [7424000] [PID.3272]
[MD5.873867A02F0E83F18CF871E776B651DC] - (.OpenOffice.org - OpenOffice.org 3.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin   [7418368] [PID.3392]
[MD5.3F677172F23FC17283D9BCE4B42E3F65] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe   [913888] [PID.3108]
[MD5.25CA1677AAA3CDC99CD4FCF940886F3C] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe   [49152] [PID.5428]
[MD5.85E7BB8A103644085C5C665481022E56] - (.Hewlett-Packard Co. - HP CUE Status.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe   [271960] [PID.4244]
[MD5.A06AB1550658A19E871A6FD7FF1C2CDB] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe   [16864] [PID.6004]
[MD5.DA98CA1EB259AC35D3F5F5C225BFC828] - (.Adobe Systems, Inc. - Adobe Flash Player 11.3 r300.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe   [1536712] [PID.4580]
[MD5.BB3A22F3EED85A12CFB2DD60D9F9B52F] - (.Apple Inc. - distnoted.) -- C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe   [13672] [PID.5560]
[MD5.FCB13D9E3D55075C8FACA9CA3C55B263] - (...) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [3763200] [PID.1320]
~ Scan Processes Running in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Chrystelle\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\Chrystelle\AppData\Roaming\Mozilla\Firefox\Profiles\gsamgv00.default\prefs.js
M3 - MFPP: Plugins - [Chrystelle] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Chrystelle] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Chrystelle] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Chrystelle] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Chrystelle] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Chrystelle] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Chrystelle] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Chrystelle - gsamgv00.default]  http://www.google.fr
M2 - MFEP: prefs.js [Chrystelle - gsamgv00.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Interpréteur de commandes Windows.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) - {8e5025c2-8ea3-430d-80b8-a14151068a6d} . (.Microsoft Corporation - Interpréteur de commandes Windows.) (No version) -- (.not file.)
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKCU\..\Run: [Philips Intelligent Agent] C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe (.not file.)
O4 - HKCU\..\Run: [MobileDocuments] . (.Apple Inc. - ubd.exe.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-21-2377154152-2923938475-3745986388-1000\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKUS\S-1-5-21-2377154152-2923938475-3745986388-1000\..\Run: [Philips Intelligent Agent] C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe (.not file.)
O4 - HKUS\S-1-5-21-2377154152-2923938475-3745986388-1000\..\Run: [MobileDocuments] . (.Apple Inc. - ubd.exe.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
O4 - HKUS\S-1-5-21-2377154152-2923938475-3745986388-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Chrystelle\Desktop\DivX Movies.lnk . (...)  -- C:\Users\Chrystelle\Videos\DivX Movies
O4 - Global Startup: C:\Users\Chrystelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\4Media iPod to PC Transfer.lnk . (...)  -- C:\Program Files\4Media\iPod to PC Transfer\iPodManager.exe
O4 - Global Startup: C:\Users\Chrystelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk . (...)  -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - Global Startup: C:\Users\Chrystelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..)  -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\Chrystelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Chrystelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.)  -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\Chrystelle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\hpwebreg_CN0B8393GN05HX.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\RtlNICDiagVistaStart.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\SystemToolsDailyTest.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\User_Feed_Synchronization-{C5DA1661-2ABD-4521-B98E-3DEE005CC2F2}.job
[MD5.2EFF6334A2BD29E404F6809C37658FCD] [APT] [hpwebreg_CN0B8393GN05HX] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\hpwebreg.exe
[MD5.FB1EC67544ECA6637B3FD1B73AD8F067] [APT] [PCDEventLauncher] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\sessionchecker.exe
[MD5.E1D1DEE4C83B34955A4A672BB3E85BDE] [APT] [PCDoctorBackgroundMonitorTask] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\uaclauncher.exe
[MD5.E1D1DEE4C83B34955A4A672BB3E85BDE] [APT] [SystemToolsDailyTest] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\uaclauncher.exe
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 01s



---\\ Composants installés (ActiveSetup Installed Components) (O40) (None)

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 20/09/2009 - 00:06:40 - [11,754] ----D C:\Program Files\4Media
O43 - CFD: 11/08/2012 - 11:38:49 - [2,450] ----D C:\Program Files\AC3Filter
O43 - CFD: 12/08/2012 - 12:58:05 - [113,305] ----D C:\Program Files\Adobe
O43 - CFD: 29/11/2009 - 16:40:35 - [0] ----D C:\Program Files\Alwil Software
O43 - CFD: 15/01/2012 - 15:52:03 - [2,316] ----D C:\Program Files\Apple Software Update
O43 - CFD: 20/12/2008 - 11:21:06 - [82,339] ----D C:\Program Files\ATI Technologies
O43 - CFD: 20/09/2009 - 14:46:45 - [0,001] ----D C:\Program Files\Atlantis
O43 - CFD: 26/05/2012 - 11:50:17 - [185,148] ----D C:\Program Files\Avira
O43 - CFD: 15/01/2012 - 15:23:02 - [1,442] ----D C:\Program Files\Belkin
O43 - CFD: 15/01/2012 - 16:43:13 - [0,586] ----D C:\Program Files\Bonjour
O43 - CFD: 20/12/2008 - 11:29:30 - [3,389] ----D C:\Program Files\Citrix
O43 - CFD: 14/08/2012 - 18:26:08 - [746,718] ----D C:\Program Files\Common Files
O43 - CFD: 20/12/2008 - 11:35:42 - [13,000] ----D C:\Program Files\Dell
O43 - CFD: 24/05/2012 - 13:13:53 - [118,603] ----D C:\Program Files\Dell Support Center
O43 - CFD: 03/09/2009 - 21:46:13 - [0,758] ----D C:\Program Files\DIFX
O43 - CFD: 14/06/2012 - 12:01:14 - [97,507] ----D C:\Program Files\DivX
O43 - CFD: 10/07/2012 - 23:02:40 - [0,077] ----D C:\Program Files\EA GAMES
O43 - CFD: 11/07/2012 - 18:33:03 - [364,440] ----D C:\Program Files\Electronic Arts
O43 - CFD: 24/02/2009 - 18:11:44 - [0] R---D C:\Program Files\Fichiers communs
O43 - CFD: 24/05/2012 - 21:37:53 - [428,709] ----D C:\Program Files\Google
O43 - CFD: 20/06/2012 - 14:56:37 - [0] ----D C:\Program Files\Hewlett-Packard
O43 - CFD: 18/06/2012 - 17:45:02 - [142,671] ----D C:\Program Files\HP
O43 - CFD: 13/03/2012 - 19:16:32 - [0,352] ----D C:\Program Files\HP Photo Creations
O43 - CFD: 10/07/2012 - 23:02:40 - [153,007] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 20/12/2008 - 11:19:38 - [0] ----D C:\Program Files\Intel
O43 - CFD: 20/06/2012 - 09:07:25 - [5,607] ----D C:\Program Files\Internet Explorer
O43 - CFD: 18/06/2012 - 11:43:43 - [2,259] ----D C:\Program Files\iPod
O43 - CFD: 18/06/2012 - 11:45:38 - [149,103] ----D C:\Program Files\iTunes
O43 - CFD: 16/01/2012 - 18:03:53 - [165,771] ----D C:\Program Files\Java
O43 - CFD: 20/09/2009 - 14:53:30 - [15,892] ----D C:\Program Files\JRE
O43 - CFD: 14/08/2012 - 18:35:16 - [11,705] ----D C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 24/05/2012 - 18:19:01 - [0,216] ----D C:\Program Files\Microsoft
O43 - CFD: 02/11/2006 - 14:37:34 - [89,117] ----D C:\Program Files\Microsoft Games
O43 - CFD: 20/12/2008 - 11:24:51 - [52,514] ----D C:\Program Files\Microsoft Office
O43 - CFD: 12/08/2012 - 12:48:17 - [40,838] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 15/01/2012 - 19:28:32 - [137,975] ----D C:\Program Files\Microsoft Works
O43 - CFD: 04/06/2009 - 13:05:02 - [0,934] ----D C:\Program Files\Microsoft WSE
O43 - CFD: 21/01/2012 - 16:56:51 - [0,015] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 15/01/2012 - 20:56:49 - [94,740] ----D C:\Program Files\Movie Maker
O43 - CFD: 11/08/2012 - 15:25:23 - [37,711] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 11/08/2012 - 15:25:26 - [0,195] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 02/11/2006 - 14:37:34 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 26/02/2012 - 11:21:15 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 20/09/2009 - 14:53:29 - [367,412] ----D C:\Program Files\OpenOffice.org 3
O43 - CFD: 15/01/2012 - 15:10:01 - [24,521] ----D C:\Program Files\Philips
O43 - CFD: 24/05/2012 - 18:23:24 - [72,431] ----D C:\Program Files\QuickTime
O43 - CFD: 20/12/2008 - 11:19:10 - [0,417] ----D C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:34 - [36,906] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 20/12/2008 - 11:27:22 - [17,818] ----D C:\Program Files\Roxio
O43 - CFD: 24/05/2012 - 18:30:24 - [102,605] ----D C:\Program Files\Safari
O43 - CFD: 24/02/2009 - 18:25:09 - [5,213] ----D C:\Program Files\TRENDnet
O43 - CFD: 02/11/2006 - 15:01:55 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 19/09/2009 - 10:12:30 - [22,420] ----D C:\Program Files\Utilitaire de configuration iPhone
O43 - CFD: 21/05/2010 - 14:31:47 - [0,970] ----D C:\Program Files\Windows Calendar
O43 - CFD: 21/05/2010 - 14:31:44 - [2,610] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 21/05/2010 - 14:31:38 - [4,283] ----D C:\Program Files\Windows Defender
O43 - CFD: 20/06/2012 - 09:07:26 - [6,757] ----D C:\Program Files\Windows Journal
O43 - CFD: 03/09/2009 - 13:48:53 - [78,223] ----D C:\Program Files\Windows Live
O43 - CFD: 03/09/2009 - 13:49:10 - [0,234] ----D C:\Program Files\Windows Live SkyDrive
O43 - CFD: 18/06/2012 - 18:15:30 - [8,694] ----D C:\Program Files\Windows Mail
O43 - CFD: 15/01/2012 - 20:56:58 - [4,290] ----D C:\Program Files\Windows Media Player
O43 - CFD: 24/02/2009 - 18:11:44 - [7,589] ----D C:\Program Files\Windows NT
O43 - CFD: 21/05/2010 - 14:31:42 - [12,902] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 12/06/2010 - 23:38:28 - [0,128] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 21/05/2010 - 14:31:45 - [6,225] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 15/08/2012 - 17:31:16 - [12,789] ----D C:\Program Files\ZHPDiag
O43 - CFD: 12/08/2012 - 12:58:10 - [3,652] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 23/01/2010 - 12:48:46 - [30,670] ----D C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 18/06/2012 - 11:43:42 - [146,859] ----D C:\Program Files\Common Files\Apple
O43 - CFD: 15/01/2012 - 15:29:37 - [0,000] ----D C:\Program Files\Common Files\ArcSoft
O43 - CFD: 11/03/2012 - 13:17:08 - [23,581] ----D C:\Program Files\Common Files\DivX Shared
O43 - CFD: 16/02/2012 - 15:21:22 - [0,436] ----D C:\Program Files\Common Files\Hewlett-Packard
O43 - CFD: 18/06/2012 - 17:45:05 - [2,065] ----D C:\Program Files\Common Files\HP
O43 - CFD: 20/12/2008 - 11:25:16 - [4,815] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 16/02/2012 - 23:34:34 - [37,320] ----D C:\Program Files\Common Files\Java
O43 - CFD: 24/02/2009 - 21:39:45 - [0,421] ----D C:\Program Files\Common Files\logishrd
O43 - CFD: 03/09/2009 - 13:49:15 - [261,427] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 11/03/2012 - 13:17:10 - [4,736] ----D C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 20/12/2008 - 11:26:20 - [30,710] ----D C:\Program Files\Common Files\Roxio Shared
O43 - CFD: 02/11/2006 - 13:18:33 - [0,003] ----D C:\Program Files\Common Files\Services
O43 - CFD: 20/12/2008 - 11:26:20 - [1,038] ----D C:\Program Files\Common Files\Sonic Shared
O43 - CFD: 03/09/2009 - 21:45:26 - [118,877] ----D C:\Program Files\Common Files\SPC630NC
O43 - CFD: 02/11/2006 - 13:18:33 - [39,198] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 20/12/2008 - 11:27:21 - [0,700] ----D C:\Program Files\Common Files\SureThing Shared
O43 - CFD: 15/01/2012 - 20:56:29 - [8,333] ----D C:\Program Files\Common Files\System
O43 - CFD: 03/09/2009 - 13:34:06 - [0] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 24/02/2009 - 20:27:19 - [31,879] -SH-D C:\Program Files\Common Files\WindowsLiveInstaller
O43 - CFD: 12/08/2012 - 12:58:07 - [262,312] ----D C:\ProgramData\Adobe
O43 - CFD: 15/01/2012 - 17:33:35 - [229,876] ----D C:\ProgramData\Apple
O43 - CFD: 27/02/2009 - 02:16:27 - [295,616] ----D C:\ProgramData\Apple Computer
O43 - CFD: 24/02/2009 - 18:11:44 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 04/09/2009 - 22:44:46 - [0,006] ----D C:\ProgramData\ArcSoft
O43 - CFD: 24/02/2009 - 18:18:25 - [0,000] ----D C:\ProgramData\ATI
O43 - CFD: 26/05/2012 - 11:50:17 - [72,325] ----D C:\ProgramData\Avira
O43 - CFD: 24/02/2009 - 18:11:44 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 11/08/2012 - 11:37:59 - [0,000] --H-D C:\ProgramData\Common Files
O43 - CFD: 24/05/2012 - 13:08:26 - [2,276] ----D C:\ProgramData\Dell
O43 - CFD: 14/06/2012 - 12:02:05 - [4,568] ----D C:\ProgramData\DivX
O43 - CFD: 24/02/2009 - 18:11:44 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 23/01/2010 - 12:58:00 - [21,200] ----D C:\ProgramData\Electronic Arts
O43 - CFD: 24/02/2009 - 18:11:44 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 24/05/2012 - 18:16:40 - [1,833] ----D C:\ProgramData\Google
O43 - CFD: 16/02/2012 - 15:15:52 - [0,321] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 20/06/2012 - 14:58:57 - [62,812] ----D C:\ProgramData\HP
O43 - CFD: 13/03/2012 - 19:26:42 - [2,487] ----D C:\ProgramData\HP Photo Creations
O43 - CFD: 11/08/2012 - 12:49:35 - [0,009] ----D C:\ProgramData\HP Product Assistant
O43 - CFD: 16/02/2012 - 15:22:16 - [0] ----D C:\ProgramData\HPSSUPPLY
O43 - CFD: 20/12/2008 - 11:25:18 - [0,000] ----D C:\ProgramData\InstallShield
O43 - CFD: 12/08/2012 - 21:59:32 - [6,534] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 18/06/2012 - 18:01:45 - [0,009] ----D C:\ProgramData\McAfee
O43 - CFD: 24/02/2009 - 18:11:44 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 24/05/2012 - 18:19:01 - [5,274] -S--D C:\ProgramData\Microsoft
O43 - CFD: 24/02/2009 - 18:11:44 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 11/08/2012 - 15:25:24 - [0,000] ----D C:\ProgramData\Mozilla
O43 - CFD: 20/12/2008 - 11:34:32 - [0,001] ----D C:\ProgramData\PC-Doctor
O43 - CFD: 24/05/2012 - 13:13:22 - [27,942] ----D C:\ProgramData\PCDr
O43 - CFD: 15/01/2012 - 15:10:00 - [3,224] ----D C:\ProgramData\Philips
O43 - CFD: 11/08/2012 - 11:29:13 - [0,102] ----D C:\ProgramData\River Past G5
O43 - CFD: 15/07/2012 - 13:02:22 - [0] ----D C:\ProgramData\Roxio
O43 - CFD: 20/12/2008 - 11:26:23 - [0,001] ----D C:\ProgramData\Sonic
O43 - CFD: 16/01/2012 - 18:04:14 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 20/12/2008 - 11:27:25 - [5,070] ----D C:\ProgramData\Uninstall
O43 - CFD: 16/02/2012 - 15:33:33 - [0,000] ----D C:\ProgramData\WEBREG
O43 - CFD: 15/01/2012 - 17:36:01 - [0] ----D C:\ProgramData\WindowsSearch
O43 - CFD: 24/02/2009 - 20:22:02 - [0,215] ----D C:\ProgramData\WLInstaller
O43 - CFD: 14/03/2009 - 00:43:39 - [0,003] ----D C:\ProgramData\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
O43 - CFD: 15/01/2012 - 17:43:26 - [0] ----D C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
O43 - CFD: 19/09/2009 - 10:09:40 - [0,002] ----D C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
O43 - CFD: 30/05/2009 - 23:27:07 - [0,002] ----D C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
O43 - CFD: 23/01/2010 - 12:57:45 - [1,234] ----D C:\Users\Chrystelle\AppData\Roaming\Adobe
O43 - CFD: 24/03/2012 - 11:10:03 - [117,868] ----D C:\Users\Chrystelle\AppData\Roaming\Apple Computer
O43 - CFD: 03/09/2009 - 21:52:52 - [0,000] ----D C:\Users\Chrystelle\AppData\Roaming\ArcSoft
O43 - CFD: 24/02/2009 - 18:18:25 - [0] ----D C:\Users\Chrystelle\AppData\Roaming\ATI
O43 - CFD: 26/05/2012 - 11:55:48 - [0] ----D C:\Users\Chrystelle\AppData\Roaming\Avira
O43 - CFD: 24/05/2012 - 13:13:43 - [0,041] ----D C:\Users\Chrystelle\AppData\Roaming\Dell
O43 - CFD: 24/03/2012 - 12:02:27 - [0,163] ----D C:\Users\Chrystelle\AppData\Roaming\DivX
O43 - CFD: 11/03/2012 - 13:03:38 - [0] ----D C:\Users\Chrystelle\AppData\Roaming\GetRightToGo
O43 - CFD: 25/02/2009 - 01:52:19 - [0] ----D C:\Users\Chrystelle\AppData\Roaming\Google
O43 - CFD: 18/06/2012 - 19:28:58 - [0,045] ----D C:\Users\Chrystelle\AppData\Roaming\HP
O43 - CFD: 07/07/2012 - 10:16:42 - [0,008] ----D C:\Users\Chrystelle\AppData\Roaming\HpUpdate
O43 - CFD: 24/02/2009 - 18:17:32 - [0] ----D C:\Users\Chrystelle\AppData\Roaming\Identities
O43 - CFD: 19/06/2012 - 09:26:17 - [0,489] ----D C:\Users\Chrystelle\AppData\Roaming\Image Zone Express
O43 - CFD: 10/01/2010 - 22:52:35 - [43,057] ----D C:\Users\Chrystelle\AppData\Roaming\LimeWire
O43 - CFD: 24/02/2009 - 20:29:58 - [1,992] ----D C:\Users\Chrystelle\AppData\Roaming\Macromedia
O43 - CFD: 12/08/2012 - 21:59:42 - [0,008] ----D C:\Users\Chrystelle\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 14:37:34 - [0] ----D C:\Users\Chrystelle\AppData\Roaming\Media Center Programs
O43 - CFD: 12/08/2012 - 12:03:47 - [8,272] -S--D C:\Users\Chrystelle\AppData\Roaming\Microsoft
O43 - CFD: 18/01/2010 - 17:03:48 - [13,701] ----D C:\Users\Chrystelle\AppData\Roaming\Mozilla
O43 - CFD: 20/09/2009 - 14:55:04 - [2,192] ----D C:\Users\Chrystelle\AppData\Roaming\OpenOffice.org
O43 - CFD: 24/05/2012 - 12:10:18 - [6,158] ----D C:\Users\Chrystelle\AppData\Roaming\PCDr
O43 - CFD: 19/06/2012 - 09:26:17 - [0,003] ----D C:\Users\Chrystelle\AppData\Roaming\Printer Info Cache
O43 - CFD: 11/08/2012 - 11:29:13 - [0,034] ----D C:\Users\Chrystelle\AppData\Roaming\River Past G5
O43 - CFD: 15/07/2012 - 13:02:21 - [0,001] ----D C:\Users\Chrystelle\AppData\Roaming\Roxio
O43 - CFD: 09/09/2009 - 22:47:14 - [0,013] ----D C:\Users\Chrystelle\AppData\Roaming\Template
O43 - CFD: 12/08/2012 - 12:57:50 - [44,447] ----D C:\Users\Chrystelle\AppData\Local\Adobe
O43 - CFD: 27/02/2009 - 02:15:11 - [0] ----D C:\Users\Chrystelle\AppData\Local\Apple
O43 - CFD: 29/11/2009 - 18:47:11 - [74,434] ----D C:\Users\Chrystelle\AppData\Local\Apple Computer
O43 - CFD: 24/02/2009 - 18:15:08 - [0] ----D C:\Users\Chrystelle\AppData\Local\Application Data
O43 - CFD: 03/09/2009 - 21:48:06 - [0] ----D C:\Users\Chrystelle\AppData\Local\ArcSoft
O43 - CFD: 24/02/2009 - 18:18:25 - [0,038] ----D C:\Users\Chrystelle\AppData\Local\ATI
O43 - CFD: 11/03/2012 - 13:46:03 - [0,000] ----D C:\Users\Chrystelle\AppData\Local\DDMSettings
O43 - CFD: 11/07/2012 - 18:45:45 - [0,020] ----D C:\Users\Chrystelle\AppData\Local\Electronic Arts
O43 - CFD: 20/06/2012 - 08:37:53 - [0] ----D C:\Users\Chrystelle\AppData\Local\ElevatedDiagnostics
O43 - CFD: 24/05/2012 - 18:16:40 - [393,163] ----D C:\Users\Chrystelle\AppData\Local\Google
O43 - CFD: 24/02/2009 - 18:15:08 - [0] ----D C:\Users\Chrystelle\AppData\Local\Historique
O43 - CFD: 13/03/2012 - 19:13:50 - [0,036] ----D C:\Users\Chrystelle\AppData\Local\HP
O43 - CFD: 12/08/2012 - 12:03:47 - [0] ----D C:\Users\Chrystelle\AppData\Local\Macromedia
O43 - CFD: 12/08/2012 - 12:03:47 - [935,266] ----D C:\Users\Chrystelle\AppData\Local\Microsoft
O43 - CFD: 25/02/2009 - 20:01:45 - [0,634] ----D C:\Users\Chrystelle\AppData\Local\Microsoft Games
O43 - CFD: 18/01/2010 - 17:03:48 - [57,539] ----D C:\Users\Chrystelle\AppData\Local\Mozilla
O43 - CFD: 11/08/2012 - 14:06:04 - [0,002] ----D C:\Users\Chrystelle\AppData\Local\Stardock_Corporation
O43 - CFD: 15/08/2012 - 17:31:13 - [982,854] ----D C:\Users\Chrystelle\AppData\Local\Temp
O43 - CFD: 24/02/2009 - 18:15:08 - [0] ----D C:\Users\Chrystelle\AppData\Local\Temporary Internet Files
O43 - CFD: 11/06/2010 - 11:24:05 - [4,051] ----D C:\Users\Chrystelle\AppData\Local\VirtualStore
O43 - CFD: 20/09/2009 - 00:25:30 - [0,004] ----D C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4Media
O43 - CFD: 21/01/2008 - 04:42:46 - [0,015] R---D C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 24/02/2009 - 18:17:46 - [0,000] R---D C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 24/02/2009 - 18:18:29 - [0,005] ----D C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Desktop
O43 - CFD: 26/07/2012 - 11:35:48 - [0,002] ----D C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 21/01/2008 - 04:42:46 - [0,001] R---D C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 20/09/2009 - 14:55:25 - [0,003] R---D C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 24/02/2009 - 19:06:02 - [0,002] ----D C:\Users\Chrystelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TRENDnet
~ Scan Program Folder in 00mn 26s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.A584F93945AB397AC9A31305E793EA00] - 15/08/2012 - 16:27:44 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.61F330AF1FC46B7F515BFFFB4578C035] - 14/08/2012 - 22:40:51 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1316007]
O44 - LFC:[MD5.818D091A1F48400062F33AEB194949C4] - 14/08/2012 - 20:32:10 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe   [426184]
O44 - LFC:[MD5.4154A3678BCF729F6C6AB2297A92F939] - 14/08/2012 - 20:32:10 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl   [70344]
O44 - LFC:[MD5.6DFE7F2E8E8A337263AA5C92A215F161] - 14/08/2012 - 17:35:14 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys   [22344]
O44 - LFC:[MD5.BF056C33EABD665C514C008059CFBD0E] - 14/08/2012 - 17:26:42 ---A- . (...) -- C:\AdwCleaner[S1].txt   [3394]
O44 - LFC:[MD5.7CFF514EA066A88924D1FEB73AC29BAD] - 13/08/2012 - 19:00:05 ---A- . (...) -- C:\AdwCleaner[R1].txt   [3193]
O44 - LFC:[MD5.7D967A682D4694DF7FA57D63A2DB01FE] - 13/08/2012 - 18:50:18 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\System32\Drivers\avipbb.sys   [137928]
O44 - LFC:[MD5.D5541F0AFB767E85FC412FC609D96A74] - 13/08/2012 - 18:50:18 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\System32\Drivers\avgntflt.sys   [83392]
O44 - LFC:[MD5.F1A10D5728C6A8DB4BCAC182E9C0D2E7] - 13/08/2012 - 01:35:40 ---A- . (...) -- C:\Windows\PFRO.log   [54976]
~ Scan Files in 00mn 03s



---\\ Contrôle du Safe Boot (CSB) (O49) (None)

---\\ MountPoints2 Shell Key (O51) (None)

---\\ ShareTools MSconfig StartupReg (O53) (None)

---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [422968]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
~ Scan Drivers in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68) (None)

---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {70D46D94-BF1E-45ED-B567-48701376298E} - (Google Desktop) - http://127.0.0.1:4664/search&s=2pysF--2MS9pDa96MTbvwvm2QXk?q={searchTer…
~ Scan Keys in 00mn 00s



---\\ Recherche des services démarrés par Svchost (O83) (None)

---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.66950F44002638D0788CC42D3E69BA46] [SPRF][09/08/2012] (...) -- C:\Users\Chrystelle\AppData\Local\d3d9caps.dat   [680]
[MD5.B9918718C6AF9F92F9E49A01AF35DEB7] [SPRF][09/08/2012] (.Ask.com - AskIC Dynamic Link Library.) -- C:\Users\Chrystelle\AppData\Local\Temp\AskSLib.dll   [248008]
[MD5.77B2514C0C4F995FB820867209A467A3] [SPRF][03/06/2007] (.Electronic Arts Inc. - Electronic Arts AutoRun.) -- C:\Users\Chrystelle\AppData\Local\Temp\AutoRun.exe   [633928]
[MD5.23AF433B8AEF56EA4E84538017860042] [SPRF][03/06/2007] (.Electronic Arts Inc. - AutoRun GUI.) -- C:\Users\Chrystelle\AppData\Local\Temp\AutoRunGUI.dll   [588872]
[MD5.A5275199DB0A1D6BEAC60CD5DC7EF2E7] [SPRF][11/03/2012] (.Conduit - Pas de description.) -- C:\Users\Chrystelle\AppData\Local\Temp\conduitinstaller.exe   [209576]
[MD5.24F2C14A35AE69F5CB8632C77B67D5EB] [SPRF][24/05/2012] (...) -- C:\Users\Chrystelle\AppData\Local\Temp\defaultCache.reg   [1409740]
[MD5.8D0EE0BB5FB6F89B10EABA01F40F7F37] [SPRF][27/02/2009] (.DivX, Inc. - DivX Web Player Installer, L:EN, DivX Web Player 1.4.2.) -- C:\Users\Chrystelle\AppData\Local\Temp\DivXInstaller.exe   [3813472]
[MD5.145945C46A622D57DD59B12EA4957F69] [SPRF][11/03/2012] (.DivX, LLC - DivX Setup.) -- C:\Users\Chrystelle\AppData\Local\Temp\DivXSetup.exe   [932704]
[MD5.9FDAF73561686CE32B352F575BA9E2C3] [SPRF][10/07/2012] (.Sony DADC Austria AG - SecuROM DRM Dialog.) -- C:\Users\Chrystelle\AppData\Local\Temp\drm_dialogs.dll   [65536]
[MD5.5D71296D071DCF10286F3B7F277D6B46] [SPRF][11/07/2012] (.Sony DADC Austria AG - SecuROM dynamic-data module.) -- C:\Users\Chrystelle\AppData\Local\Temp\drm_dyndata_7330005.dll   [208896]
[MD5.E5BD60AA555912C12315E3FCD7FDD067] [SPRF][08/03/2009] (.Sony DADC Austria AG - SecuROM dynamic-data module.) -- C:\Users\Chrystelle\AppData\Local\Temp\drm_dyndata_7370012.dll   [208896]
[MD5.C66BDF9510EAA086FF853A534F302A77] [SPRF][25/02/2009] (.Sony DADC Austria AG - SecuROM dynamic-data module.) -- C:\Users\Chrystelle\AppData\Local\Temp\drm_dyndata_7380013.dll   [204800]
[MD5.0FA7EBC97D52A1553FAB8D3D401138CA] [SPRF][12/07/2012] (.Sony DADC Austria AG - SecuROM dynamic-data module.) -- C:\Users\Chrystelle\AppData\Local\Temp\drm_dyndata_7380015.dll   [204800]
[MD5.7A665BD950339DA2C23228B067109C73] [SPRF][23/01/2010] (.Electronic Arts, Inc. - EA Download Manager.) -- C:\Users\Chrystelle\AppData\Local\Temp\EAD22BC.exe   [22091888]
[MD5.6385A061AD763708EEAB57B76EC854BD] [SPRF][05/06/2009] (.Electronic Arts, Inc. - EA Download Manager.) -- C:\Users\Chrystelle\AppData\Local\Temp\EAD27EA.exe   [6674216]
[MD5.B9B0790106784987D763BD7BB19843B0] [SPRF][13/09/2009] (.Electronic Arts, Inc. - EA Download Manager.) -- C:\Users\Chrystelle\AppData\Local\Temp\EADDD63.exe   [6819160]
[MD5.EF70BDCC7EC2262BECF0C834C9B9030B] [SPRF][03/06/2007] (...) -- C:\Users\Chrystelle\AppData\Local\Temp\EAInstall.dll   [879688]
[MD5.05BF033508361AD628855530307FD76A] [SPRF][03/06/2007] (.Electronic Arts Inc. - Uninstall.) -- C:\Users\Chrystelle\AppData\Local\Temp\eauninstall.exe   [322632]
[MD5.BFD203827AB373DE4650A8898DCD7E6A] [SPRF][18/08/2004] (.Macromedia, Inc. - Macromedia Flash Player 6.0  r21.) -- C:\Users\Chrystelle\AppData\Local\Temp\First15.exe   [1453843]
[MD5.31B2A8BA16E3434D6958726BD10B999F] [SPRF][04/10/2008] (.Adobe Systems Incorporated - Adobe® Flash® Player Plugin Installer.) -- C:\Users\Chrystelle\AppData\Local\Temp\FP_PL_MSI_INSTALLER.exe   [1845594]
[MD5.317132E9C64F98B06483BA940990A27D] [SPRF][13/03/2012] (.Igor Pavlov - 7z Setup SFX.) -- C:\Users\Chrystelle\AppData\Local\Temp\FR-Package.exe   [1392280]
[MD5.0B57F8A086DCA012AA18BB94E75ADBC9] [SPRF][03/06/2007] (.Microsoft Corporation - Game Explorer Install Helper DLL.) -- C:\Users\Chrystelle\AppData\Local\Temp\GameuxInstallHelper.dll   [109640]
[MD5.E648E9A2177EA1236AF2B0A3394534F6] [SPRF][03/06/2007] (.Electronic Arts - Registration code installer program.) -- C:\Users\Chrystelle\AppData\Local\Temp\Harry Potter and the Order of the Phoenix_uninst.exe   [97352]
[MD5.822AD0D91D012B82E26D1F1BFA286AC6] [SPRF][14/11/2011] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Chrystelle\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe   [909088]
[MD5.C2BE3D1DCF0B8D09B89088E8A56AF7A4] [SPRF][05/02/2012] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Chrystelle\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe   [908576]
[MD5.107167F15D30AA71D7CAFC0326AFB315] [SPRF][08/06/2012] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Chrystelle\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe   [909104]
[MD5.6852A15E6C573C475D08CE11224E9329] [SPRF][16/05/2012] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\Chrystelle\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe   [893936]
[MD5.039C3115E52625CD1DADC6F713860336] [SPRF][17/12/2009] (.Google Inc. - GoogleToolbarNotifier.) -- C:\Users\Chrystelle\AppData\Local\Temp\SearchWithGoogleUpdate.exe   [410608]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][16/09/2009] (...) -- C:\Users\Chrystelle\AppData\Local\Temp\stub.exe   [0]
[MD5.2D2894581D355D5F44EAE38898A66846] [SPRF][01/01/2012] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\Chrystelle\AppData\Local\Temp\tb01NE.dll   [4398888]
[MD5.95312A0C21BFA1A66736D107409F7A03] [SPRF][14/08/2012] (...) -- C:\Users\Chrystelle\AppData\Local\Temp\Uninst.bat   [647]
[MD5.1A0633CD2037AB14D64DC3F75217C286] [SPRF][18/03/2010] (.Electronic Arts, Inc. - EA Access installer extension.) -- C:\Users\Chrystelle\AppData\Local\Temp\UninstallEACore.dll   [226624]
[MD5.966BCF006DDAFA9EDF0C625CE4A4E1E1] [SPRF][03/09/2009] (.Electronic Arts, Inc. - EADM Installer.) -- C:\Users\Chrystelle\AppData\Local\Temp\UninstallEADM.dll   [193840]
[MD5.5B2DA96D90C95228239806D40B720BD2] [SPRF][18/08/2004] (...) -- C:\Users\Chrystelle\AppData\Local\Temp\VP6.reg   [340]
[MD5.1410ADCB69C267916EE702E2A443E93F] [SPRF][18/08/2004] (...) -- C:\Users\Chrystelle\AppData\Local\Temp\VP6Install.exe   [23040]
[MD5.4D6F38D3CDA2D0BA502BC1C499A622CF] [SPRF][18/08/2004] (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Users\Chrystelle\AppData\Local\Temp\VP6VFW.dll   [442368]
[MD5.A30EF117F088BCA2FF7F5AD18CEE65EC] [SPRF][12/08/2009] (.Microsoft Corporation - Windows Live Installer.) -- C:\Users\Chrystelle\AppData\Local\Temp\wlsetup-cvr.exe   [36278112]
[MD5.407E3AD05C7260151F1E9DE0E8191612] [SPRF][15/06/2012] (...) -- C:\Users\Chrystelle\AppData\Roaming\wklnhst.dat   [826]
[MD5.8CE7705CB43B03BB7970B04087C7758F] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll   [29616]
[MD5.01E2ECA759056F23C73A035FDABB2D6D] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe   [201648]
[MD5.0C135B4FEFF52ED92CF08BB3F0A75A90] [SPRF][11/09/2006] (.Macrovision Corporation - Macrovision Software Manager Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll   [484272]
~ Scan Files in 00mn 42s



---\\ Scan Additionnel (O88)
Database Version : 9176 - (31/07/2012)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 0

[HKCU\Software\Ask.com.tmp]   =>Toolbar.Ask
~ Scan Additionnel in 00mn 06s



End of the scan (528 lines in 01mn 40s)(0)




IM

Pc Dell
 MessagePosté le: Mer 15 Aoû - 14:45 (2012) Répondre en citant  
Message
  nenette58
Administrateurs WSI
Administrateurs WSI


Hors ligne

Inscrit le: 01 Nov 2008
Messages: 3 843
Niveau Général Informatique:
Estimation Protection:
Navigateur: FireFox
Féminin Cancer (21juin-23juil) 狗 Chien
Point(s): 4 310
Moyenne de points: 1,12
Version Pack: Gratuite
Autre: MalwareBytes+Zemana

Quelques bricoles à supprimer ...

  • Lance ZHPFix depuis le raccourci sur ton bureau .
    (Sous Vista et Windows 7: clic droit puis "Exécuter en tant qu'administrateur")
  • Dans la fenêtre principale clique sur le bouton [ H ] ( "coller les ligne Helper" ) .
  • Copie/colle tout le texte ci-dessous :

    [MD5.B9918718C6AF9F92F9E49A01AF35DEB7] [SPRF][09/08/2012] (.Ask.com - AskIC Dynamic Link Library.) -- C:\Users\Chrystelle\AppData\Local\Temp\AskSLib.dll [248008]
    [MD5.A5275199DB0A1D6BEAC60CD5DC7EF2E7] [SPRF][11/03/2012] (.Conduit - Pas de description.) -- C:\Users\Chrystelle\AppData\Local\Temp\conduitinstaller.exe [209576]
    [MD5.2D2894581D355D5F44EAE38898A66846] [SPRF][01/01/2012] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\Chrystelle\AppData\Local\Temp\tb01NE.dll [4398888]
    [HKCU\Software\Ask.com.tmp] => Toolbar.Ask
    R3 - URLSearchHook: (no name) - {8e5025c2-8ea3-430d-80b8-a14151068a6d} . (.Microsoft Corporation - Interpréteur de commandes Windows.) (No version) -- (.not file.)
    EmptyTemp
    EmptyFlash



  • Clique sur le bouton "OK " une petite case vide apparaitra au début de chaque ligne. Ne touche plus à rien !
  • Clique sur le bouton "Tous " (vérifie que toutes les lignes soient bien cochées)
  • Enfin clique sur le bouton "Nettoyer "
  • Laisse travailler l'outil
  • Si il t'est demandé de redémarrer le PC pour finir le nettoyage , fais-le
  • Une fois terminé, un rapport s'affiche : copie/colle tout son contenu dans ta prochaine réponse.


Note : ce rapport est sauvegardé dans ce dossier > C:\Program files\ZHPFix\ZHPFixReport.txt


Nul n'a autant besoin d'un sourire que celui qui n'en a pas à donner.





Pc Dell
 MessagePosté le: Aujourd’hui à 05:50 (2017)  
Message
  Contenu Sponsorisé







Poster un nouveau sujet   Répondre au sujet     Index du Forum » Aide à la désinfection

Page 1 sur 2
Toutes les heures sont au format GMT - 1 Heure
Aller à la page: 1, 2  >

Montrer les messages depuis:

  

Sauter vers:  

Portail | Index | Creer un forum | Forum gratuit d’entraide | Annuaire des forums gratuits | Signaler une violation | Conditions générales d'utilisation
Powered by phpBB © 2001, 2017 phpBB Group Traduction par : phpBB-fr.com