bonjour à tous toutes

j'aimerais supprimé la "'é"('à de barre babylon

j'ai essayé avec adwcleaner mais ça marche pas

puis par une methode en passant par regedit---> recherche ---> babylon mais j'ai peur de fair des conneries

merci de m'aider

salut Cap'tain

Je suppose que c'est dans Firefox ?  va voir dans module complémentaire et désactive.

@+ sur SC

salut,

Essaye :

http://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/118275.html --> C'est une marque très efficace.

http://www.01net.com/telecharger/windows/Internet/internet_utlitaire/fiches/111009.html

N'oublie pas de faire une recherche sur le pc pour pouvoir si tu ne trouves pas des résidus de Babylon (par ex : dans application Data ou windows ou Program Files)

Comme tu dit la recherche dans regedit est efficace (c'est ce que devrait faire en fait tous les logiciels de désinstallation !) mais potentiellement dangeureux. Tu fais bien d'être prudent. Si tu essayes de le faire n'oublies pas de sauvegarder tout d'abord le registre.

Bonne journée

bonsoir Tigene, Koytlo2

j'ai tout essayé:

- registre dans HKLM\software\microsoft\windows\currentversion\explorer\browser helper objets\ ... comme l'indiquait ccleaner, j'ai du l'enlkever a la main

- adwcleaner

- le logiciel de Koytlo2: il n'apparait meme pas

- tous mes vieux rapports de desinstallation des fois que ...

- toutes les vieilles sauvegardes de registre de ccleaner des fois que ...

- recherche windows: neant

rien n'y fait

j'ai toujours cette tin de barre

par contre chose etonnante pour moi mais surement pas pour vous comme j'ai desinstaller firefox j'ai donc ouvert IE et là plus de barre

a plus de m'aider merci

bonjour

j'aimerai supprimé ce topic mais je ne sais comment faire

je vais essayé de trouvé un autre forum, n'en prenez pas rigueur

merci

On peut laisser le topic, il y a des indications qui peuvent servir à d'autres, même si on n'a pas résolu pour toi.

Si tu trouves la solution, vient nous en faire part, merci cap'tain

@+

salut Tigene,

j'attends une reponse sur "forum securite domain" (site a priori belge) ou il y a, je crois, des helpers en commun avec VIC

je leur ai envoyé un rapport ZHP diag, je verrais bien

bonne journée a toi

Koytlo2 a écrit:

salut,

 

Essaye :

http://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/118275.html --> C'est une marque très efficace.

http://www.01net.com/telecharger/windows/Internet/internet_utlitaire/fiches/111009.html

N'oublie pas de faire une recherche sur le pc pour pouvoir si tu ne trouves pas des résidus de Babylon (par ex : dans application Data ou windows ou Program Files)

Comme tu dit la recherche dans regedit est efficace (c'est ce que devrait faire en fait tous les logiciels de désinstallation !) mais potentiellement dangeureux. Tu fais bien d'être prudent. Si tu essayes de le faire n'oublies pas de sauvegarder tout d'abord le registre.

 

Bonne journée

 

 

bonjour k2  01net  nest pas un bon site pour telecharger il y a des spyware sur ce site et plusieurs adware il est toujour mieux de telecharger sur le site d origine du soft .

alors tu fais attention  @+ 

bonjour tahiti peux tu me poster le lien de zhpdiag just pour le voir @+

bonjour Twister,

voici le rapprot apres le fix

Rapport de ZHPDiag v1.31.19 par Nicolas Coolman, Update du 06/09/2012
Run by Caro at 19/09/2012 18:47:21
Web site :  http://nicolascoolman.skyrock.com/
State : Version à jour.


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 15.0.1 v15.0.1 (Defaut)

---\\ Windows Product Information
~ Langage: Français
Windows 7 Ultimate Edition, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : HYRR2
Windows License : OK
Software Protection Service (Protection logicielle)  : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: x86 Family 15 Model 107 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2047 MB (62% free)
System Restore: Activé (Enable)
System drive C: has 18 GB (22%) free of 80 GB

---\\ Logged in mode
~ Computer Name: CARO-PC
~ User Name: Caro
~ All Users Names: UpdatusUser, Guest, Caro, Administrator,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Caro\AppData\Roaming\
~ %Desktop% : C:\Users\Caro\Desktop\
~ %Favorites% : C:\Users\Caro\Favorites\
~ %LocalAppData% : C:\Users\Caro\AppData\Local\
~ %StartMenu% : C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 18 Go of 80 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 228 Go of 466 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 30 Go of 68 Go)
F:\ CD-ROM drive (Not Inserted)
L:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Security Center & Tools Informations
~ UAC deactivate by user
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  Out Of Date
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.A1236375B74EA63C75657D564890C436] - (.Microsoft Corporation - Internet Extensions for Win32.) (.16/07/2011 - 07:30:23.) -- C:\Windows\System32\wininet.dll [1126912]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 13:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.6DD03008047432CD4192DD869CBBC485] - (.Microsoft Corporation - Microsoft Tablet PC Component.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [1536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.81189C3D7763838E55C397759D49007A] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 06:39:00.) -- C:\Windows\system32\Drivers\ntfs.sys [1211264]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 11:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Scan Generic Processes in 00mn 01s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/1149
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 1/1454
~ Mon Bureau (My Desktop) : 1/41
~ Menu demarrer (Programs) : 0/38
~ Scan Hidden Files in 00mn 03s



---\\ Processus lancés
[MD5.20C4535969F2006F6082CDF146CD95C4] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe   [4273976] [PID.2040]
[MD5.311CCA642D0BFAF29EBC2C0D71CBB286] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe   [1820520] [PID.2560]
[MD5.4CE0626245E0F0AC4970AF913FB6964A] - (...) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [3764736] [PID.1620]
[MD5.9C376F42BDE37F18D0A39AF7415D9BE6] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe   [917984] [PID.3372]
[MD5.7F6EC840E0954055D58CD57B6ACA9D92] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe   [16864] [PID.4004]
[MD5.142B2F3AC93853107AE551F0A87FB863] - (.Adobe Systems, Inc. - Adobe Flash Player 11.4 r402.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_278.exe   [1807280] [PID.4060]
[MD5.A3B80E6B7CDE9660F639658739A5824E] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.2.) -- C:\Windows\system32\nvvsvc.exe   [645992] [PID.]
[MD5.A766CCAD980235FF34E7F8089D3175A3] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe   [382312] [PID.]
[MD5.F68194F74350D4A2ADE98961E33F884C] - (.Microsoft Corporation - Isolation graphique de périphérique audio W.) -- C:\Windows\system32\AUDIODG.exe   [100864] [PID.]
[MD5.954CA32CB0E3CCD19956D900A4A9F3FC] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe   [864104] [PID.]
[MD5.2F7C0F3E39C45E0127FB78B2F18A41F3] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe   [44808] [PID.]
[MD5.D19C4EE2AC7C47B8F5F84FFF1A789D8A] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe   [63960] [PID.]
[MD5.CF87A1DE791347E75B98885214CED2B8] - (.Microsoft Corporation - Service de la plateforme de protection logi.) -- C:\Windows\system32\sppsvc.exe   [3179520] [PID.]
[MD5.61FF84F865B4414EFDC11856BF5757AD] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe   [1258856] [PID.]
~ Scan Processes Running in 00mn 01s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\Caro\AppData\Roaming\Mozilla\Firefox\Profiles\n7nk1ok6.default\prefs.js
M3 - MFPP: Plugins - [Caro] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Caro] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Caro] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Caro] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Caro] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Caro] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Caro] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Caro - n7nk1ok6.default] http://search.babylon.com
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.4.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.7.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.7.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.7.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com # win # 6.0.2.0.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll
P2 - FPN: [HKLM] [@nokia.com/EnablerPlugin] - (.Pas de propriétaire - Nokia Suite Enabler Plugin.) -- C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
P2 - FPN: [HKLM] [@nvidia.com/3DVision] - (.NVIDIA Corporation - NVIDIA 3D Vision plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
P2 - FPN: [HKLM] [@nvidia.com/3DVisionStreaming] - (.NVIDIA Corporation - NVIDIA 3D Vision Streaming plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
P2 - FPN: [HKLM] [@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5] - (.RocketLife, LLP - A component of your photo software powered by RocketLife.) -- C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.2] - (.VideoLAN - VLC media player Web Plugin 2.0.2.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.4.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.4.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: USERINIT=C:\Windows\system32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 29



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - {0347C33E-8762-4905-BF09-768834316C61} Clé orpheline
O2 - BHO: (no name) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} Clé orpheline
O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} Clé orpheline
O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} Clé orpheline
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Clé orpheline
O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} Clé orpheline
O2 - BHO: (no name) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} Clé orpheline
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} Clé orpheline
O2 - BHO: (no name) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} Clé orpheline
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (...) --  (.not file.)
O3 - Toolbar: (no name) - [HKLM]{D0F4A166-B8D4-48b8-9D63-80849FE137CB} . (...) --  (.not file.)
~ Scan Toolbar in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\UpdatusUser\Desktop\AD-R.lnk . (...)  -- C:\Program Files\Ad-Remover\main.exe (.not file.)
O4 - Global Startup: C:\Users\UpdatusUser\Desktop\PDF Editeur 3.3.lnk . (...)  -- C:\Program Files\PDF Editeur 3\PDFEdit.exe
O4 - Global Startup: C:\Users\UpdatusUser\Desktop\PhotoFiltre 7.lnk . (.Antonio Da Cruz.)  -- C:\Program Files\PhotoFiltre 7\PhotoFiltre7.exe
O4 - Global Startup: C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk . (.FileHippo.com.)  -- C:\Program Files\FileHippo.com\UpdateChecker.exe
O4 - Global Startup: C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WebPlayerV2.lnk . (...)  -- C:\Users\Caro\AppData\Roaming\Microsoft\Installer\{77236F9C-987C-40EC-832B-5BD6181E4846}\_05C54B1BA48220C27C65AA.exe
O4 - Global Startup: C:\Users\Caro\Desktop\Audacity.lnk . (...)  -- C:\Program Files\Audacity\audacity.exe
O4 - Global Startup: C:\Users\Caro\Desktop\Auslogics Disk Defrag.lnk . (.Auslogics.)  -- C:\Program Files\Auslogics\Auslogics Disk Defrag\DiskDefrag.exe
O4 - Global Startup: C:\Users\Caro\Desktop\Mikogo 4.lnk . (...)  -- C:\Users\Caro\AppData\Roaming\Mikogo 4\mikogo-host.exe
O4 - Global Startup: C:\Users\Caro\Desktop\PDF Editeur 3.3.lnk . (...)  -- C:\Program Files\PDF Editeur 3\PDFEdit.exe
O4 - Global Startup: C:\Users\Caro\Desktop\PhotoFiltre 7.lnk . (.Antonio Da Cruz.)  -- C:\Program Files\PhotoFiltre 7\PhotoFiltre7.exe
O4 - Global Startup: C:\Users\Caro\Desktop\PlayerPlus.exe.lnk . (...)  -- C:\Program Files\PlayerPlus\playerplus.exe
O4 - Global Startup: C:\Users\Caro\Desktop\Revo Uninstaller.lnk . (.VS Revo Group.)  -- C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
O4 - Global Startup: C:\Users\Caro\Desktop\RumboPoker.lnk . (...)  -- C:\Program Files\RumboPoker\RumboPoker.exe
O4 - Global Startup: C:\Users\Caro\Desktop\TeraCopy.lnk . (.Code Sector Inc..)  -- C:\Program Files\TeraCopy\TeraCopy.exe
O4 - Global Startup: C:\Users\Caro\Desktop\Update Checker.lnk . (.FileHippo.com.)  -- C:\Program Files\FileHippo.com\UpdateChecker.exe
O4 - Global Startup: C:\Users\Caro\Desktop\WebPlayerV2.lnk . (...)  -- C:\Users\Caro\AppData\Roaming\Microsoft\Installer\{77236F9C-987C-40EC-832B-5BD6181E4846}\_748810A0065ABBFCE0FA2E.exe
O4 - Global Startup: C:\Users\Caro\Desktop\Zylom.url . (...)  -- C:\Users\Caro\Desktop\Zylom.url
O4 - Global Startup: C:\Users\Caro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CDBurnerXP.lnk . (.Canneverbe Limited.)  -- C:\Program Files\CDBurnerXP\cdbxpp.exe
O4 - Global Startup: C:\Users\Caro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Download Manager.lnk . (.FreeDownloadManager.ORG.)  -- C:\Program Files\Free Download Manager\fdm.exe
O4 - Global Startup: C:\Users\Caro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Caro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation.)  -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - Global Startup: C:\Users\Caro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
O4 - Global Startup: C:\Users\Caro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mikogo 4.lnk . (...)  -- C:\Users\Caro\AppData\Roaming\Mikogo 4\mikogo-host.exe
O4 - Global Startup: C:\Users\Caro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PC Wizard 2010.lnk . (.CPUID.)  -- C:\Program Files\CPUID\PC Wizard 2010\PC Wizard.exe
~ Scan Global Startup in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Skype Click to Call - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: Skype Click to Call - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Scan Winsock in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Scan Objets ActiveX in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1255D503-FA53-4298-8557-191966CF0F3D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{C65D0F15-DF21-4B07-B3B6-D5D3F1736B25}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{1255D503-FA53-4298-8557-191966CF0F3D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C65D0F15-DF21-4B07-B3B6-D5D3F1736B25}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS2\Services\Tcpip\..\{1255D503-FA53-4298-8557-191966CF0F3D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{C65D0F15-DF21-4B07-B3B6-D5D3F1736B25}: DhcpNameServer = 192.168.42.129
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\Program Files\Common Files\Skype\Skype4COM.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll
~ Scan Protocole Additionnel in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
~ Scan AppInit DLL in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.2.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
~ Scan Services in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sdnclean.exe) - File not found
~ Scan Keys in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\HP Photo Creations Communicator.job
[MD5.E12CFCF1DDBFC50948A75E6E38793225] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.5A7E85100ACB28FBA8A81181A06C52D7] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
[MD5.45C26D4AF94C4D2335B5960F1D9BCC7D] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.7F645BFB17702E90D8F3BE1884A5EBA0] [APT] [HP Photo Creations Communicator] (...) -- C:\ProgramData\HP Photo Creations\Communicator.exe
[MD5.DB2CB037D0046720F9D7AE323378E1C8] [APT] [{185A5686-CE13-4A14-A43B-C15DBB848B12}] (...) -- C:\Downloads\RumboPoker_Setup_WinXP_v03.32Rev306608.exe
[MD5.00000000000000000000000000000000] [APT] [{1D356536-4190-4841-B2B5-996C165AC2B3}] (...) -- E:\setup.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{1E625765-FA7C-4A7D-A0E5-0D62B2015AB2}] (...) -- F:\setup.exe (.not file.)
[MD5.02E94AF0C802FAB0EC59C353EE7A16AA] [APT] [{33143504-C7A2-4D74-885A-2F47F438F91E}] (.Realtek Semiconductor Corp..) -- C:\Windows\system32\RTSndMgr.cpl
[MD5.00000000000000000000000000000000] [APT] [{497808F1-47EF-41E5-9FF4-5C84A658C816}] (...) -- E:\setup.exe (.not file.)
[MD5.73BED0EBA0BA6C635B57BB1C6FFCE68D] [APT] [{564CA18A-4468-4C85-AFDD-DB743499C5E8}] (.Geza Kovacs.) -- C:\Users\Caro\Downloads\unetbootin-windows-563.exe
[MD5.9FBC6F5CBF9B3185465B3A0F9B8D82CB] [APT] [{7636657C-C2F7-40E4-96A0-DCB6ED7DE49C}] (.VS Revo Group.) -- C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
[MD5.00000000000000000000000000000000] [APT] [{8F72CEC3-9635-4EF2-B86C-137B8552DA5B}] (...) -- E:\setup.exe (.not file.)
[MD5.73BED0EBA0BA6C635B57BB1C6FFCE68D] [APT] [{9BED65DF-5330-4886-AE7C-3C8BA14CC8C0}] (.Geza Kovacs.) -- C:\Users\Caro\Downloads\unetbootin-windows-563(1).exe
[MD5.00000000000000000000000000000000] [APT] [{B3AE0BEC-AF6D-48C1-9A6B-87504E3ADBB6}] (...) -- F:\autorun.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{D599A648-59B0-49C4-B47D-8A3496EC3A9D}] (...) -- E:\setup.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{DC4B1475-6D27-4883-9A44-5BE6FECDA385}] (...) -- E:\setup.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{E95A5711-B0BF-4C7B-A1AC-DCB756E27270}] (...) -- F:\setup.exe (.not file.)
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 06s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - IEAK branding.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Scan Active Setup in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\Drivers\aswrdr2.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver:  (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver:  (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver:  (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {A80FA752-C491-4ED9-ABF0-4278563160B2}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.4) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {EB879750-CCBD-4013-BFD5-0294D4DA5BD0}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Audacity 1.2.6 - (.Pas de propriétaire.) [HKLM] -- Audacity_is1
O42 - Logiciel: Auslogics Disk Defrag - (.Auslogics Software Pty Ltd.) [HKLM] -- {DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
O42 - Logiciel: ConvertHelper 2.2 - (.DownloadHelper.) [HKLM] -- {27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1
O42 - Logiciel: EPSON Logiciel imprimante - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON Printer and Utilities
O42 - Logiciel: FileHippo.com Update Checker - (.Pas de propriétaire.) [HKLM] -- FileHippo.com
O42 - Logiciel: Free Download Manager 3.0 - (.FreeDownloadManager.ORG.) [HKLM] -- Free Download Manager_is1
O42 - Logiciel: Free PDF to Word Doc Converter v1.1 - (.www.hellopdf.com.) [HKLM] -- Free PDF to Word Doc Converter_is1
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {28E82311-8616-11E1-BEB0-B8AC6F97B88E}
O42 - Logiciel: HD Tune 2.55 - (.EFD Software.) [HKLM] -- HD Tune_is1
O42 - Logiciel: HP Customer Participation Program 13.0 - (.HP.) [HKLM] -- HPExtendedCapabilities
O42 - Logiciel: HP Imaging Device Functions 13.0 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP Photo Creations - (.HP.) [HKLM] -- HP Photo Creations
O42 - Logiciel: HP Photosmart All-In-One Driver Software 13.0 Rel. A - (.HP.) [HKLM] -- {17016DA1-F040-4032-BD36-34DD317BC9D5}
O42 - Logiciel: HP Photosmart Essential 3.5 - (.HP.) [HKLM] -- HP Photosmart Essential
O42 - Logiciel: HP Smart Web Printing 4.51 - (.HP.) [HKLM] -- HP Smart Web Printing
O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {7059BDA7-E1DB-442C-B7A1-6144596720A4}
O42 - Logiciel: Java 7 Update 7 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217007FF}
O42 - Logiciel: Java(TM) 6 Update 33 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216033FF}
O42 - Logiciel: JavaFX 2.1.1 - (.Oracle Corporation.) [HKLM] -- {1111706F-666A-4037-7777-211328764D10}
O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D}
O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {3BE0CF3B-A329-4C46-8272-2E64ECA66CA4}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.62.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: MediaMonkey 4.0 - (.Ventis Media Inc..) [HKLM] -- MediaMonkey_is1
O42 - Logiciel: Mediaplayer Lite v1.0 - (.Pas de propriétaire.) [HKLM] -- Mediaplayer Lite_is1
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft Office Access MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Access Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0117-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE
O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Groove MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00BA-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Groove MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00BA-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Groove Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0114-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Language Pack 2007 - French/Français - (.Microsoft Corporation.) [HKLM] -- OMUI.fr-fr
O42 - Logiciel: Microsoft Office O MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0100-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Publisher MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office SharePoint Designer MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0017-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0115-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office X MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0101-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 - (.Microsoft Corporation.) [HKLM] -- {5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft_VC100_CRT_SP1_x86 - (.Nokia.) [HKLM] -- {E3B64CC5-C011-40C0-92BC-7316CD5E5688}
O42 - Logiciel: Mikogo 4 - (.BeamYourScreen GmbH.) [HKCU] -- Mikogo 4
O42 - Logiciel: Mises à jour NVIDIA 1.10.8 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: Mozilla Firefox 15.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 15.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: NVIDIA 3D Vision Controller Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIA StereoUSB Driver
O42 - Logiciel: NVIDIA Logiciel système PhysX 9.12.0604 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}
O42 - Logiciel: NVIDIA Pilote 3D Vision 306.23 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision
O42 - Logiciel: NVIDIA Pilote audio HD : 1.3.18.0 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
O42 - Logiciel: NVIDIA Pilote du contrôleur 3D Vision 306.23 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB
O42 - Logiciel: NVIDIA Pilote graphique 306.23 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo
O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM] -- {A57025CC-5F2E-4D01-B387-06DB10500D43}
O42 - Logiciel: Nokia Suite - (.Nokia.) [HKLM] -- Nokia Suite
O42 - Logiciel: Nokia Suite - (.Nokia.) [HKLM] -- {3B69A712-4CBC-40B1-AE55-0203075FD093}
O42 - Logiciel: OCR Software by I.R.I.S. 13.0 - (.HP.) [HKLM] -- HPOCR
O42 - Logiciel: OpenOffice.org 3.4 - (.OpenOffice.org.) [HKLM] -- {51071D66-D034-4239-94E0-723FCA10B6FE}
O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {7390478C-8581-415E-92E9-2997D9306B81}
O42 - Logiciel: PC Wizard 2010.1.94 - (.Laurent KUTIL & Franck DELATTRE.) [HKLM] -- PC Wizard 2010_is1
O42 - Logiciel: PDF Editeur 3 - (.Pas de propriétaire.) [HKLM] -- PDF Editeur 3
O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: PhotoFiltre 7 - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre 7
O42 - Logiciel: PlayerPlus - (.Pas de propriétaire.) [HKLM] -- PlayerPlus
O42 - Logiciel: PokerTH - (.www.pokerth.net.) [HKLM] -- PokerTH 0.9.3
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {0E64B098-8018-4256-BA23-C316A43AD9B0}
O42 - Logiciel: RUNAWAY 2 - The dream of the turtle - (.Pas de propriétaire.) [HKLM] -- {79DE0CE4-F38A-4DA7-81DF-949E615EA0AB}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Revo Uninstaller 1.93 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller
O42 - Logiciel: RumboPoker - (.RumboPoker.) [HKCU] -- RumboPoker_301_0
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies
O42 - Logiciel: Skype Click to Call - (.Skype Technologies S.A..) [HKLM] -- {B6CF2967-C81E-40C0-9815-C05774FEF120}
O42 - Logiciel: Skype™ 5.10 - (.Skype Technologies S.A..) [HKLM] -- {EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
O42 - Logiciel: TeraCopy 2.22 - (.Code Sector.) [HKLM] -- TeraCopy_is1
O42 - Logiciel: VLC media player 2.0.2 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Visionneuse Microsoft PowerPoint - (.Microsoft Corporation.) [HKLM] -- {95140000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: WebPlayerV2 - (.Kreapixel.) [HKLM] -- {77236F9C-987C-40EC-832B-5BD6181E4846}
O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Driver Package - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0 - (.Nokia.) [HKLM] -- 17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
O42 - Logiciel: avast! Free Antivirus v7.0.1456.0 - (.AVAST Software.) [HKLM] -- avast

---\\ HKCU & HKLM Software Keys
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Audacity]
[HKCU\Software\Auslogics]
[HKCU\Software\Big Fish Games]
[HKCU\Software\BrowserMngr]
[HKCU\Software\BrowserTemp]
[HKCU\Software\CPUID]
[HKCU\Software\Canneverbe Limited]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Code Sector]
[HKCU\Software\DSS]
[HKCU\Software\Datastead]
[HKCU\Software\EPSON]
[HKCU\Software\FileHippo.com]
[HKCU\Software\FreeDownloadManager.ORG]
[HKCU\Software\Froggie]
[HKCU\Software\GSC Game World]
[HKCU\Software\GameHouse]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Hamster]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HowardMedia]
[HKCU\Software\I.R.I.S.]
[HKCU\Software\Iris]
[HKCU\Software\JavaSoft]
[HKCU\Software\Karlis Blumentals]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Macrovision]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MediaLooks]
[HKCU\Software\MediaMonkey]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\Nokia]
[HKCU\Software\ODBC]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\PDFCreator]
[HKCU\Software\PDFEdit]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RumboPoker]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\SecuROM]
[HKCU\Software\Skype]
[HKCU\Software\Smart Projects]
[HKCU\Software\TeamViewer]
[HKCU\Software\Trolltech]
[HKCU\Software\Turbopoker.fr]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\Visan]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Winamp]
[HKCU\Software\cybelsoft]
[HKCU\Software\geissplugin]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Big Fish Games]
[HKLM\Software\BrowserChoice]
[HKLM\Software\BrowserMngr]
[HKLM\Software\Canneverbe Limited]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Code Sector]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\DownloadHelper]
[HKLM\Software\EPSON]
[HKLM\Software\FileServe]
[HKLM\Software\FreeDownloadManager.ORG]
[HKLM\Software\GameInstaller]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\I.R.I.S.]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Micro Application]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nokia Mobile Phones]
[HKLM\Software\Nokia]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Oracle]
[HKLM\Software\PC Connectivity Solution]
[HKLM\Software\PCSuite]
[HKLM\Software\PDFCreator]
[HKLM\Software\PENDULO Studios]
[HKLM\Software\PTECH]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RocketLife]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\SimplyGen]
[HKLM\Software\Skype]
[HKLM\Software\SonicFocus]
[HKLM\Software\Sonic]
[HKLM\Software\TeamViewer]
[HKLM\Software\Turbopoker.fr]
[HKLM\Software\Uniblue]
[HKLM\Software\VideoLAN]
[HKLM\Software\Visan]
[HKLM\Software\Volatile]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\Wow6432Node]
[HKLM\Software\cybelsoft]
[HKLM\Software\mozilla.org]
[HKLM\Software\www.pokerth.net]
~ Scan Softwares in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10/07/2012 - 19:12:33 - [0,003] ----D C:\Program Files\ABC Amber NBU Converter
O43 - CFD: 15/06/2011 - 23:59:27 - [158,553] ----D C:\Program Files\Adobe
O43 - CFD: 22/02/2012 - 22:50:01 - [2,316] ----D C:\Program Files\Apple Software Update
O43 - CFD: 31/08/2011 - 10:57:33 - [8,288] ----D C:\Program Files\Audacity
O43 - CFD: 13/07/2012 - 19:31:33 - [9,289] ----D C:\Program Files\Auslogics
O43 - CFD: 28/02/2012 - 23:10:38 - [254,649] ----D C:\Program Files\AVAST Software
O43 - CFD: 13/09/2012 - 18:24:21 - [4,779] ----D C:\Program Files\CCleaner
O43 - CFD: 13/07/2012 - 19:33:43 - [13,732] ----D C:\Program Files\CDBurnerXP
O43 - CFD: 18/09/2012 - 21:14:23 - [559,646] ----D C:\Program Files\Common Files
O43 - CFD: 25/08/2011 - 14:22:58 - [29,417] ----D C:\Program Files\ConvertHelper
O43 - CFD: 14/11/2011 - 11:03:03 - [6,792] ----D C:\Program Files\CPUID
O43 - CFD: 05/07/2012 - 21:33:28 - [0,764] ----D C:\Program Files\DIFX
O43 - CFD: 09/12/2011 - 16:50:57 - [4,299] ----D C:\Program Files\DOSBox-0.74
O43 - CFD: 16/07/2011 - 08:33:42 - [79,439] ----D C:\Program Files\DVD Maker
O43 - CFD: 13/07/2012 - 19:19:16 - [0,420] ----D C:\Program Files\FileHippo.com
O43 - CFD: 17/11/2011 - 18:17:40 - [18,578] ----D C:\Program Files\Free Download Manager
O43 - CFD: 14/12/2011 - 16:23:54 - [2,721] ----D C:\Program Files\Free PDF to Word Doc Converter
O43 - CFD: 26/09/2011 - 11:09:42 - [0,002] ----D C:\Program Files\Full Tilt Poker.Fr
O43 - CFD: 27/04/2012 - 20:52:18 - [163,143] ----D C:\Program Files\Google
O43 - CFD: 03/12/2011 - 18:52:23 - [1,234] ----D C:\Program Files\HD Tune
O43 - CFD: 17/09/2012 - 16:23:25 - [322,520] ----D C:\Program Files\HP
O43 - CFD: 17/09/2012 - 18:01:44 - [0,430] ----D C:\Program Files\HP Photo Creations
O43 - CFD: 08/04/2012 - 10:03:31 - [0] ----D C:\Program Files\hpmonitor
O43 - CFD: 16/07/2012 - 12:41:52 - [12,525] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 22/02/2012 - 22:51:05 - [5,964] ----D C:\Program Files\Internet Explorer
O43 - CFD: 18/09/2012 - 21:13:23 - [208,145] ----D C:\Program Files\Java
O43 - CFD: 06/01/2012 - 16:39:06 - [4,919] ----D C:\Program Files\Languages
O43 - CFD: 17/09/2012 - 16:12:45 - [7,241] ----D C:\Program Files\ma-config.com
O43 - CFD: 13/07/2012 - 20:05:32 - [11,825] ----D C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 07/07/2012 - 13:43:26 - [50,462] ----D C:\Program Files\MediaMonkey
O43 - CFD: 06/11/2011 - 17:08:34 - [3,768] ----D C:\Program Files\Mediaplayer Lite
O43 - CFD: 04/01/2012 - 19:49:39 - [4,515] ----D C:\Program Files\Micro Application
O43 - CFD: 14/07/2009 - 09:50:24 - [141,490] ----D C:\Program Files\Microsoft Games
O43 - CFD: 07/01/2012 - 18:35:46 - [865,719] ----D C:\Program Files\Microsoft Office
O43 - CFD: 07/01/2012 - 18:35:33 - [0,014] ----D C:\Program Files\Microsoft Visual Studio
O43 - CFD: 07/01/2012 - 18:32:42 - [61,814] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 07/01/2012 - 18:36:28 - [3,032] ----D C:\Program Files\Microsoft Works
O43 - CFD: 07/01/2012 - 18:34:46 - [7,789] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 18/09/2012 - 20:42:26 - [41,431] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 18/09/2012 - 20:42:34 - [0,211] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 05/07/2012 - 18:33:17 - [0,002] ----D C:\Program Files\Mozilla Thunderbird
O43 - CFD: 07/01/2012 - 18:36:00 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 04/10/2011 - 10:54:45 - [63,464] ----D C:\Program Files\MSECache
O43 - CFD: 11/09/2012 - 20:55:07 - [131,492] ----D C:\Program Files\Nokia
O43 - CFD: 15/09/2012 - 18:47:48 - [1026,220] ----D C:\Program Files\NVIDIA Corporation
O43 - CFD: 13/07/2012 - 19:57:54 - [308,295] ----D C:\Program Files\OpenOffice.org 3
O43 - CFD: 13/07/2012 - 19:15:43 - [33,207] ----D C:\Program Files\Oracle
O43 - CFD: 11/09/2012 - 20:53:27 - [15,052] ----D C:\Program Files\PC Connectivity Solution
O43 - CFD: 10/01/2012 - 11:16:12 - [13,288] ----D C:\Program Files\PDF Editeur 3
O43 - CFD: 13/07/2012 - 19:37:42 - [23,474] ----D C:\Program Files\PDFCreator
O43 - CFD: 16/07/2012 - 12:10:03 - [-593,539] ----D C:\Program Files\Pendulo Studios
O43 - CFD: 07/04/2012 - 11:24:02 - [7,801] ----D C:\Program Files\PhotoFiltre 7
O43 - CFD: 24/01/2012 - 15:28:16 - [57,956] ----D C:\Program Files\PlayerPlus
O43 - CFD: 13/02/2012 - 20:07:57 - [42,558] ----D C:\Program Files\PokerTH-0.9.3
O43 - CFD: 05/06/2012 - 15:36:02 - [72,431] ----D C:\Program Files\QuickTime
O43 - CFD: 15/01/2012 - 23:16:08 - [3,331] ----D C:\Program Files\RealArcade
O43 - CFD: 12/07/2011 - 09:11:59 - [34,468] ----D C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 06:52:30 - [37,345] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 29/04/2012 - 14:05:42 - [27,947] ----D C:\Program Files\RumboPoker
O43 - CFD: 06/01/2012 - 16:39:07 - [0,007] ----D C:\Program Files\SearchProviders
O43 - CFD: 13/07/2012 - 20:00:14 - [31,371] R---D C:\Program Files\Skype
O43 - CFD: 12/07/2011 - 09:15:44 - [0] --H-D C:\Program Files\Temp
O43 - CFD: 01/01/2012 - 14:23:13 - [5,197] ----D C:\Program Files\TeraCopy
O43 - CFD: 10/02/2012 - 11:15:28 - [0] ----D C:\Program Files\Trend Micro
O43 - CFD: 14/07/2009 - 06:53:23 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 13/11/2011 - 11:53:36 - [92,184] ----D C:\Program Files\VideoLAN
O43 - CFD: 28/02/2012 - 18:58:38 - [6,502] ----D C:\Program Files\VS Revo Group
O43 - CFD: 16/07/2011 - 08:33:40 - [3,002] ----D C:\Program Files\Windows Defender
O43 - CFD: 16/07/2011 - 08:33:41 - [6,792] ----D C:\Program Files\Windows Journal
O43 - CFD: 16/07/2011 - 08:33:42 - [6,395] ----D C:\Program Files\Windows Mail
O43 - CFD: 16/07/2011 - 08:33:41 - [6,426] ----D C:\Program Files\Windows Media Player
O43 - CFD: 14/07/2009 - 06:52:30 - [11,690] ----D C:\Program Files\Windows NT
O43 - CFD: 16/07/2011 - 08:33:41 - [4,251] ----D C:\Program Files\Windows Photo Viewer
O43 - CFD: 16/07/2011 - 08:33:41 - [0,181] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 16/07/2011 - 08:33:42 - [7,446] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 13/07/2012 - 19:26:11 - [3,945] ----D C:\Program Files\WinRAR
O43 - CFD: 19/09/2012 - 18:47:39 - [10,107] ----D C:\Program Files\ZHPDiag
O43 - CFD: 07/07/2011 - 17:38:12 - [3,722] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 22/02/2012 - 22:50:16 - [60,279] ----D C:\Program Files\Common Files\Apple
O43 - CFD: 07/01/2012 - 18:35:33 - [0,089] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 25/09/2011 - 09:17:50 - [0,507] ----D C:\Program Files\Common Files\Hewlett-Packard
O43 - CFD: 24/10/2011 - 15:19:51 - [5,403] ----D C:\Program Files\Common Files\HP
O43 - CFD: 16/07/2012 - 12:09:43 - [3,045] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 18/09/2012 - 21:14:23 - [1,184] ----D C:\Program Files\Common Files\Java
O43 - CFD: 13/07/2012 - 19:30:09 - [389,662] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 11/09/2012 - 20:55:09 - [11,525] ----D C:\Program Files\Common Files\Nokia
O43 - CFD: 14/07/2009 - 04:37:05 - [0,003] ----D C:\Program Files\Common Files\Services
O43 - CFD: 13/07/2012 - 20:00:14 - [2,056] ----D C:\Program Files\Common Files\Skype
O43 - CFD: 14/07/2009 - 04:37:05 - [39,202] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 07/01/2012 - 18:32:08 - [42,969] ----D C:\Program Files\Common Files\System
O43 - CFD: 19/09/2012 - 09:19:16 - [12,541] ----D C:\ProgramData\Adobe
O43 - CFD: 22/02/2012 - 22:49:59 - [41,037] ----D C:\ProgramData\Apple
O43 - CFD: 05/06/2012 - 15:35:43 - [25,578] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 06:53:55 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 28/02/2012 - 23:10:38 - [11,545] ----D C:\ProgramData\AVAST Software
O43 - CFD: 26/09/2011 - 11:09:56 - [0] ----D C:\ProgramData\Big Fish Games
O43 - CFD: 13/08/2012 - 21:56:35 - [1,983] ----D C:\ProgramData\Browser Manager
O43 - CFD: 07/01/2012 - 17:06:37 - [0] ----D C:\ProgramData\Canneverbe Limited
O43 - CFD: 14/07/2009 - 06:53:55 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 06:53:55 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 17/03/2012 - 12:52:04 - [0,469] ----D C:\ProgramData\EPSON
O43 - CFD: 14/07/2009 - 06:53:55 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 17/11/2011 - 18:17:34 - [0,003] ----D C:\ProgramData\FreeDownloadManager.ORG
O43 - CFD: 11/07/2011 - 13:09:50 - [0,106] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 17/09/2012 - 14:45:41 - [20,865] ----D C:\ProgramData\HP
O43 - CFD: 17/09/2012 - 18:02:01 - [53,724] ----D C:\ProgramData\HP Photo Creations
O43 - CFD: 24/10/2011 - 15:21:29 - [0,009] ----D C:\ProgramData\HP Product Assistant
O43 - CFD: 06/09/2011 - 10:05:29 - [0,008] ----D C:\ProgramData\Installations
O43 - CFD: 17/09/2012 - 16:12:45 - [1,313] ----D C:\ProgramData\ma-config.com
O43 - CFD: 18/10/2011 - 19:34:41 - [16,121] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 21/12/2011 - 14:04:37 - [0,535] ----D C:\ProgramData\MediaMonkey
O43 - CFD: 19/09/2012 - 18:40:04 - [282,119] -S--D C:\ProgramData\Microsoft
O43 - CFD: 23/08/2012 - 12:15:13 - [0,174] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 28/04/2012 - 08:48:07 - [0,000] ----D C:\ProgramData\Mozilla
O43 - CFD: 05/07/2012 - 21:34:40 - [129,867] ----D C:\ProgramData\Nokia
O43 - CFD: 05/07/2012 - 21:31:13 - [399,634] ----D C:\ProgramData\NokiaInstallerCache
O43 - CFD: 19/09/2012 - 18:41:34 - [3,228] ----D C:\ProgramData\NVIDIA
O43 - CFD: 07/07/2011 - 16:00:11 - [2,471] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 05/07/2012 - 21:36:37 - [0,009] ----D C:\ProgramData\PC Suite
O43 - CFD: 16/10/2011 - 17:55:57 - [0] ----D C:\ProgramData\Pendulo Studios
O43 - CFD: 13/07/2012 - 20:00:21 - [52,941] ----D C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - 06:53:55 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 28/07/2011 - 17:13:05 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 25/09/2011 - 20:28:42 - [0] ---AD C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - 06:53:55 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 17/09/2012 - 18:02:04 - [0,310] ----D C:\ProgramData\Visan
O43 - CFD: 26/09/2011 - 17:15:57 - [0,000] ----D C:\ProgramData\Web Installer
O43 - CFD: 25/09/2011 - 09:22:41 - [0,000] ----D C:\ProgramData\WEBREG
O43 - CFD: 07/12/2011 - 16:48:18 - [0,010] ----D C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
O43 - CFD: 11/07/2011 - 11:58:00 - [27,801] ----D C:\Users\Caro\AppData\Roaming\Adobe
O43 - CFD: 23/02/2012 - 10:36:56 - [0,018] ----D C:\Users\Caro\AppData\Roaming\Apple Computer
O43 - CFD: 04/08/2011 - 11:04:47 - [0,058] ----D C:\Users\Caro\AppData\Roaming\Auslogics
O43 - CFD: 14/12/2011 - 13:27:34 - [0,000] ----D C:\Users\Caro\AppData\Roaming\CAD-KAS
O43 - CFD: 07/01/2012 - 17:06:37 - [0,001] ----D C:\Users\Caro\AppData\Roaming\Canneverbe Limited
O43 - CFD: 10/12/2011 - 23:37:59 - [0,000] ----D C:\Users\Caro\AppData\Roaming\Download Manager
O43 - CFD: 18/09/2012 - 20:43:21 - [0,030] ----D C:\Users\Caro\AppData\Roaming\Free Download Manager
O43 - CFD: 25/09/2011 - 09:23:59 - [0,356] ----D C:\Users\Caro\AppData\Roaming\HP
O43 - CFD: 07/10/2011 - 11:05:54 - [0,000] ----D C:\Users\Caro\AppData\Roaming\Identities
O43 - CFD: 13/09/2012 - 18:04:57 - [0,341] ----D C:\Users\Caro\AppData\Roaming\IObit
O43 - CFD: 07/07/2011 - 17:44:25 - [0,002] ----D C:\Users\Caro\AppData\Roaming\Macromedia
O43 - CFD: 18/10/2011 - 19:34:53 - [16,101] ----D C:\Users\Caro\AppData\Roaming\Malwarebytes
O43 - CFD: 14/07/2009 - 09:48:45 - [0] ----D C:\Users\Caro\AppData\Roaming\Media Center Programs
O43 - CFD: 16/09/2012 - 20:30:04 - [21,460] ----D C:\Users\Caro\AppData\Roaming\MediaMonkey
O43 - CFD: 23/08/2012 - 12:15:14 - [5,604] -S--D C:\Users\Caro\AppData\Roaming\Microsoft
O43 - CFD: 09/02/2012 - 18:36:42 - [10,428] ----D C:\Users\Caro\AppData\Roaming\Mikogo 4
O43 - CFD: 18/09/2012 - 20:42:50 - [16,882] ----D C:\Users\Caro\AppData\Roaming\Mozilla
O43 - CFD: 06/07/2012 - 08:29:42 - [0,593] ----D C:\Users\Caro\AppData\Roaming\Nokia
O43 - CFD: 06/07/2012 - 08:29:43 - [0,029] ----D C:\Users\Caro\AppData\Roaming\Nokia Suite
O43 - CFD: 22/12/2011 - 22:48:26 - [0,015] ----D C:\Users\Caro\AppData\Roaming\NVIDIA
O43 - CFD: 01/08/2011 - 23:28:36 - [0,000] ----D C:\Users\Caro\AppData\Roaming\Objectif Tarot
O43 - CFD: 28/07/2011 - 17:30:46 - [190,090] ----D C:\Users\Caro\AppData\Roaming\OpenOffice.org
O43 - CFD: 05/07/2012 - 21:37:10 - [4,847] ----D C:\Users\Caro\AppData\Roaming\PC Suite
O43 - CFD: 18/08/2011 - 11:37:35 - [0,001] ----D C:\Users\Caro\AppData\Roaming\PhotoFiltre
O43 - CFD: 07/04/2012 - 11:27:19 - [0,003] ----D C:\Users\Caro\AppData\Roaming\PhotoFiltre 7
O43 - CFD: 07/04/2012 - 11:16:23 - [0] ----D C:\Users\Caro\AppData\Roaming\PhotoFiltre Studio X
O43 - CFD: 13/02/2012 - 20:08:31 - [0,020] ----D C:\Users\Caro\AppData\Roaming\pokerth
O43 - CFD: 22/08/2011 - 11:48:27 - [4,232] ----D C:\Users\Caro\AppData\Roaming\RumboPoker
O43 - CFD: 13/07/2012 - 20:03:32 - [3,982] ----D C:\Users\Caro\AppData\Roaming\Skype
O43 - CFD: 13/03/2012 - 11:44:03 - [0,021] ----D C:\Users\Caro\AppData\Roaming\TeamViewer
O43 - CFD: 16/09/2012 - 12:22:47 - [0,055] ----D C:\Users\Caro\AppData\Roaming\TeraCopy
O43 - CFD: 16/11/2011 - 10:11:25 - [11,658] ----D C:\Users\Caro\AppData\Roaming\Thunderbird
O43 - CFD: 17/09/2012 - 18:02:04 - [0] ----D C:\Users\Caro\AppData\Roaming\Visan
O43 - CFD: 15/09/2012 - 23:48:47 - [0,077] ----D C:\Users\Caro\AppData\Roaming\vlc
O43 - CFD: 07/07/2011 - 19:26:07 - [0,000] ----D C:\Users\Caro\AppData\Roaming\WinRAR
O43 - CFD: 24/09/2011 - 13:14:13 - [0,010] ----D C:\Users\Caro\AppData\Roaming\YoudaGames
O43 - CFD: 11/07/2011 - 11:58:00 - [15,389] ----D C:\Users\Caro\AppData\Local\Adobe
O43 - CFD: 22/02/2012 - 22:50:04 - [0] ----D C:\Users\Caro\AppData\Local\Apple
O43 - CFD: 15/07/2012 - 23:48:46 - [0] ----D C:\Users\Caro\AppData\Local\Apple Computer
O43 - CFD: 07/07/2011 - 15:53:45 - [0] ----D C:\Users\Caro\AppData\Local\Application Data
O43 - CFD: 04/12/2011 - 19:22:44 - [0] ----D C:\Users\Caro\AppData\Local\Diagnostics
O43 - CFD: 09/12/2011 - 16:31:27 - [0,010] ----D C:\Users\Caro\AppData\Local\DOSBox
O43 - CFD: 16/09/2012 - 11:11:58 - [0,096] ----D C:\Users\Caro\AppData\Local\ElevatedDiagnostics
O43 - CFD: 15/01/2012 - 23:45:43 - [1,644] ----D C:\Users\Caro\AppData\Local\GameHouse
O43 - CFD: 25/03/2012 - 23:20:46 - [0,002] ----D C:\Users\Caro\AppData\Local\Google
O43 - CFD: 07/07/2011 - 15:53:45 - [0] ----D C:\Users\Caro\AppData\Local\History
O43 - CFD: 25/09/2011 - 09:22:14 - [3,095] ----D C:\Users\Caro\AppData\Local\HP
O43 - CFD: 16/06/2012 - 08:55:10 - [0] ----D C:\Users\Caro\AppData\Local\Macromedia
O43 - CFD: 27/12/2011 - 01:34:25 - [18,475] ----D C:\Users\Caro\AppData\Local\MediaMonkey
O43 - CFD: 05/07/2012 - 20:53:50 - [123,333] ----D C:\Users\Caro\AppData\Local\Microsoft
O43 - CFD: 09/01/2012 - 17:55:42 - [0,674] ----D C:\Users\Caro\AppData\Local\Microsoft Games
O43 - CFD: 07/01/2012 - 17:18:39 - [0] ----D C:\Users\Caro\AppData\Local\Microsoft Help
O43 - CFD: 07/07/2011 - 17:03:32 - [53,962] ----D C:\Users\Caro\AppData\Local\Mozilla
O43 - CFD: 05/07/2012 - 21:35:37 - [0,580] ----D C:\Users\Caro\AppData\Local\Nokia
O43 - CFD: 05/07/2012 - 21:35:48 - [0] ----D C:\Users\Caro\AppData\Local\NokiaAccount
O43 - CFD: 07/12/2011 - 16:43:54 - [0] ----D C:\Users\Caro\AppData\Local\PackageAware
O43 - CFD: 19/09/2012 - 18:43:40 - [0,696] ----D C:\Users\Caro\AppData\Local\Temp
O43 - CFD: 07/07/2011 - 15:53:45 - [0] ----D C:\Users\Caro\AppData\Local\Temporary Internet Files
O43 - CFD: 16/11/2011 - 10:11:25 - [0,663] ----D C:\Users\Caro\AppData\Local\Thunderbird
O43 - CFD: 13/07/2011 - 11:23:46 - [0,001] ----D C:\Users\Caro\AppData\Local\VirtualStore
O43 - CFD: 12/07/2011 - 09:14:19 - [0,000] R---D C:\Windows\System32\Config\systemprofile\Start Menu\Programs\Administrative Tools
O43 - CFD: 12/07/2011 - 09:14:19 - [0,000] R---D C:\Windows\System32\Config\systemprofile\Start Menu\Programs\Startup
O43 - CFD: 14/07/2009 - 06:42:04 - [0,014] R---D C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 16/07/2011 - 08:55:44 - [0,000] R---D C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 11/03/2012 - 22:42:58 - [0,000] ----D C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 14/07/2009 - 06:37:42 - [0,001] R---D C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 15/11/2011 - 19:26:16 - [0,003] ----D C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mikogo 4
O43 - CFD: 14/12/2011 - 13:27:17 - [0] ----D C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Editeur 3.3
O43 - CFD: 07/04/2012 - 11:24:02 - [0] ----D C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
O43 - CFD: 24/01/2012 - 15:28:16 - [0,004] ----D C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayerPlus
O43 - CFD: 28/02/2012 - 21:23:35 - [0,004] ----D C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 22/08/2011 - 11:25:40 - [0,003] ----D C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RumboPoker
O43 - CFD: 14/08/2012 - 07:56:18 - [0] R---D C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 13/07/2012 - 19:26:18 - [0,003] ----D C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Scan Program Folder in 00mn 20s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.BA1DD8BD56D2D2DC11CE4F1F50C612D2] - 19/09/2012 - 17:47:25 ---A- . (...) -- C:\Windows\win.ini   [1920]
O44 - LFC:[MD5.57DC338E84B8BB040FACCA759648D880] - 19/09/2012 - 17:45:11 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [841732]
O44 - LFC:[MD5.C95EBB6333C3289C81FD56D42289CC52] - 19/09/2012 - 17:41:35 ---A- . (...) -- C:\Windows\setupact.log   [6174]
O44 - LFC:[MD5.00431DACC82345B9C191D1F43ADFA975] - 19/09/2012 - 17:41:33 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.ED4848C7D8B2E5AC58B19D41E25D1174] - 19/09/2012 - 17:41:15 ---A- . (...) -- C:\Windows\PFRO.log   [2782]
O44 - LFC:[MD5.3B6F0E8EC254686E4382390B4C49EF59] - 19/09/2012 - 08:19:10 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe   [696240]
O44 - LFC:[MD5.51911756C61CF1437DA21E82EC4BA1A7] - 19/09/2012 - 08:19:09 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl   [73136]
O44 - LFC:[MD5.A18569289EBC2C5D854F20B34AE2FA77] - 18/09/2012 - 20:13:28 ---A- . (.Oracle Corporation - Pas de description.) -- C:\Windows\System32\WindowsAccessBridge.dll   [93672]
O44 - LFC:[MD5.26AA6FE941BEF224B97589B3FA191509] - 18/09/2012 - 20:13:25 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\deployJava1.dll   [746984]
O44 - LFC:[MD5.E62F8C879F6CE332B8ADCE134065BC88] - 18/09/2012 - 20:13:25 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\java.exe   [174056]
O44 - LFC:[MD5.5BD255C0051A41738FCB67F3A0C68DCA] - 18/09/2012 - 20:13:25 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\javaw.exe   [174056]
O44 - LFC:[MD5.BABCB7BF8C7210A666546A8B34F7BC54] - 18/09/2012 - 20:13:25 ---A- . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\Windows\System32\javaws.exe   [246760]
O44 - LFC:[MD5.AB87C54CA19675880B0CAE65B8AF140C] - 18/09/2012 - 20:13:25 ---A- . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(T.) -- C:\Windows\System32\npdeployJava1.dll   [821736]
O44 - LFC:[MD5.6C07C35F796EC37E34D96855ECE75837] - 17/09/2012 - 19:11:10 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1557414]
O44 - LFC:[MD5.84F88BB631711A9B971CA0505B27D3A0] - 17/09/2012 - 19:11:10 ---A- . (...) -- C:\Windows\System32\perfc009.dat   [107034]
O44 - LFC:[MD5.BEA4576917C87F73AE53142FC73A20CD] - 17/09/2012 - 19:11:10 ---A- . (...) -- C:\Windows\System32\perfc00C.dat   [130946]
O44 - LFC:[MD5.618D25853D752EF6328C98EC464D2CBF] - 17/09/2012 - 19:11:10 ---A- . (...) -- C:\Windows\System32\perfh009.dat   [618714]
O44 - LFC:[MD5.D1E66F505C3195C4A8B7B7DAE2B16305] - 17/09/2012 - 19:11:10 ---A- . (...) -- C:\Windows\System32\perfh00C.dat   [705118]
O44 - LFC:[MD5.27207A3790E0A6FCCC1FDB01BA2ECC3D] - 17/09/2012 - 17:03:08 ---A- . (...) -- C:\Windows\System32\TEST.log   [4308]
O44 - LFC:[MD5.EED5B26B54282929AD0EBF1C4E24CD4C] - 17/09/2012 - 16:57:17 ---A- . (...) -- C:\Windows\System32\SENT.log   [786]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 17/09/2012 - 16:50:47 ---A- . (...) -- C:\Windows\System32\RECV.log   [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 17/09/2012 - 07:11:44 ---A- . (...) -- C:\Windows\setuperr.log   [0]
O44 - LFC:[MD5.77F9F9A199B87FE3F852E12F5419240B] - 15/09/2012 - 17:44:40 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\System32\Drivers\nvhda32v.sys   [149352]
O44 - LFC:[MD5.1E6B66A9703B4DD58F96086DD424FA98] - 15/09/2012 - 17:44:40 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\System32\nvhdap32.dll   [28008]
O44 - LFC:[MD5.C247D9FCB0CAE30E992338DE50138C2D] - 13/09/2012 - 17:12:53 ---A- . (...) -- C:\AdwCleaner[R4].txt   [1360]
O44 - LFC:[MD5.59C69B0F4DF561EE8594EFE90D3C53C6] - 13/09/2012 - 17:10:28 ---A- . (...) -- C:\AdwCleaner[S5].txt   [1862]
O44 - LFC:[MD5.E81D2E2231FB3BF5F68DD060001323A0] - 13/09/2012 - 17:09:55 ---A- . (...) -- C:\AdwCleaner[R3].txt   [1777]
O44 - LFC:[MD5.F451DCACBAA67F3307305EBD4A39EA07] - 11/09/2012 - 19:53:35 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\Windows\System32\Drivers\pccsmcfd.sys   [19072]
O44 - LFC:[MD5.E3220959586B5FE3BE9F32B6BCF2FC41] - 30/08/2012 - 20:13:00 ---A- . (...) -- C:\Windows\System32\nvinfo.pb   [12956]
O44 - LFC:[MD5.81B28189DBEB342A1E7707D0849A634B] - 30/08/2012 - 20:13:00 ---A- . (.NVIDIA Corporation - Display Driver Coinstaller.) -- C:\Windows\System32\nvdispco32.dll   [1009512]
O44 - LFC:[MD5.56B792FC60D844A46AD48521858EB0C4] - 30/08/2012 - 20:13:00 ---A- . (.NVIDIA Corporation - Generic Coinstaller.) -- C:\Windows\System32\nvdispgenco32.dll   [888168]
O44 - LFC:[MD5.29721466E0130C298DA309CD74325D73] - 30/08/2012 - 20:13:00 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Driver, Version 306.23.) -- C:\Windows\System32\nvcuda.dll   [7626088]
O44 - LFC:[MD5.11B15FA6508EFB891F225C4C8B376DFC] - 30/08/2012 - 20:13:00 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Driver, Version 306.23.) -- C:\Windows\System32\nvopencl.dll   [6109032]
O44 - LFC:[MD5.E47AF4EAEAADBE8A88D9D3EAD0BA3440] - 30/08/2012 - 20:13:00 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Decode API, Version 306.2.) -- C:\Windows\System32\nvcuvid.dll   [2573672]
O44 - LFC:[MD5.EFAA72B604FA513CE83DABF23B2321E9] - 30/08/2012 - 20:13:00 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Encoder, Version 306.23.) -- C:\Windows\System32\nvcuvenc.dll   [1866088]
O44 - LFC:[MD5.C0FEF9AF70BA0FEFB94C1323635EEA51] - 30/08/2012 - 20:13:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible OpenGL ICD.) -- C:\Windows\System32\nvoglv32.dll   [19828584]
O44 - LFC:[MD5.BC685C4DF101BF99E97B34B7ACA3F207] - 30/08/2012 - 20:13:00 ---A- . (.NVIDIA Corporation - NVIDIA Compiler, Version 306.23.) -- C:\Windows\System32\nvcompiler.dll   [17559912]
O44 - LFC:[MD5.AD2B4A9C4ECFBC9BBD9F9A4B8C7510FF] - 30/08/2012 - 20:13:00 ---A- . (.NVIDIA Corporation - NVIDIA D3D10 Driver, Version 306.23.) -- C:\Windows\System32\nvwgf2um.dll   [12465512]
O44 - LFC:[MD5.97F064EA7D1240ADA38657E249EB3C5B] - 30/08/2012 - 20:13:00 ---A- . (.NVIDIA Corporation - NVIDIA NVAPI Library, Version 306.23.) -- C:\Windows\System32\nvapi.dll   [2422120]
O44 - LFC:[MD5.0C1C10223C7627D656ED1DA67E3F6E73] - 30/08/2012 - 20:13:00 ---A- . (.NVIDIA Corporation - NVIDIA WDDM D3D Driver, Version 306.23.) -- C:\Windows\System32\nvd3dum.dll   [15291752]
O44 - LFC:[MD5.D3F22DA8F670EFD15D348B5952769CEF] - 30/08/2012 - 20:13:00 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\Drivers\nvlddmkm.sys   [10790760]
O44 - LFC:[MD5.A3B80E6B7CDE9660F639658739A5824E] - 30/08/2012 - 16:57:55 ---A- . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.2.) -- C:\Windows\System32\nvvsvc.exe   [645992]
O44 - LFC:[MD5.692A2ECA4ACB58BB337EE084E414B132] - 30/08/2012 - 16:57:54 ---A- . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.2.) -- C:\Windows\System32\nvsvcr.dll   [2557288]
O44 - LFC:[MD5.3DC8C008A20E0C356E8DA65B2DA5CA83] - 30/08/2012 - 16:57:54 ---A- . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\System32\nvmctray.dll   [108392]
O44 - LFC:[MD5.4582878C3BBBF2005A2DC4F2726C4A5A] - 30/08/2012 - 16:57:54 ---A- . (.NVIDIA Corporation - Pas de description.) -- C:\Windows\System32\nvshext.dll   [62312]
O44 - LFC:[MD5.3CB15ED250A70B9FA3FF5AA125362A63] - 30/08/2012 - 16:57:32 ---A- . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\System32\nvcpl.dll   [3963240]
O44 - LFC:[MD5.56139C1B79B6EE0C6D02754F3F70892F] - 30/08/2012 - 16:57:27 ---A- . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.2.) -- C:\Windows\System32\nvsvc.dll   [2836840]
O44 - LFC:[MD5.C3F7134C0C46E8C33F3EA6C0D2714CE6] - 30/08/2012 - 09:40:14 ---A- . (...) -- C:\Windows\System32\nvStreaming.exe   [429416]
~ Scan Files in 00mn 13s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
~ Scan ShellExecuteHooks in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ Scan Keys in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s



---\\ MountPoints2 Shell Key (O51) (None)

---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM  [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\APSDaemon  [Key] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O53 - SMSR:HKLM\...\startupreg\EPSON Stylus DX4400 Series  [Key] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.exe
O53 - SMSR:HKLM\...\startupreg\GrooveMonitor  [Key] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O53 - SMSR:HKLM\...\startupreg\HP Software Update  [Key] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O53 - SMSR:HKLM\...\startupreg\hpqSRMon  [Key] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O53 - SMSR:HKLM\...\startupreg\QuickTime Task  [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched  [Key] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
~ Scan SMSR Keys in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=3
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=3
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
~ Scan Keys in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [422976]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
~ Scan Drivers in 00mn 00s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.31 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\aswFsBlk.sys (aswFsBlk)  .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK
O64 - Services: CurCS - 03/07/2012 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt)  .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 03/07/2012 - C:\Windows\system32\Drivers\aswrdr2.sys (aswRdr)  .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\aswSnx.sys (aswSnx)  .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\aswSP.sys (aswSP)  .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\aswTdi.sys (aswTdi)  .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache)  .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\secdrv.sys (secdrv)  .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Scan Services in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
~ Scan Keys in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [Caro - n7nk1ok6.default] user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
O69 - SBI: prefs.js [Caro - n7nk1ok6.default] user_pref("browser.search.order.1", "Search the web (Babylon)");
O69 - SBI: prefs.js [Caro - n7nk1ok6.default] user_pref("browser.search.selectedEngine", "Search the web (Babylon)");
O69 - SBI: prefs.js [Caro - n7nk1ok6.default] user_pref("browser.startup.homepage", "http://search.babylon.com/?affID=112468&tt=120812_bandext_3312_2&babsrc=HP_ss&mntrId=3ee967[...]
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Search the web (Babylon)) - http://search.babylon.com
~ Scan Keys in 00mn 00s



---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [168960]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [593408]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [674304]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll   [473600]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll   [286208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [300544]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [242176]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll   [521216]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [1914368]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [585728]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [499712]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [21504]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [47104]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [114688]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [164352]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [750592]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll   [113664]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [168960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [102400]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [76800]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll   [149504]
~ Scan Services in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.73B51A940779CEF820135FA833AE8D7F] [SPRF][04/08/2011] (.Auslogics Software Pty Ltd - Auslogics Disk Defrag Installation File.) -- C:\Users\Caro\Desktop\disk-defrag-setup.exe   [4677544]
[MD5.E733C27D6ABE8550CC2953FF97E844FF] [SPRF][18/11/2011] (.Pas de propriétaire - Hamster Launcher.) -- C:\Users\Caro\Desktop\hamsterfreevideoconverter.exe   [410744]
[MD5.2ED5155543BBA196F94D49016A7F2FC9] [SPRF][14/11/2011] (.Laurent KUTIL & Franck DELATTRE - PC Wizard 2010 Setup.) -- C:\Users\Caro\Desktop\pc-wizard_2010.1.94-setup.exe   [5429551]
[MD5.C7EB0502FE9B79705C74F7466DBAA4E2] [SPRF][13/09/2012] (.Mozilla - Firefox.) -- C:\Program Files\Firefox Setup 15.0.1.exe   [17950968]
[MD5.932C01E6C3E840DC46239CB9D2C0387B] [SPRF][14/12/2011] (.Tracker Software Products Ltd. - PDF-XChange Viewer.) -- C:\Program Files\PDFXCview.exe   [12907104]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][11/01/2008] (...) -- C:\Program Files\Portable.dat   [0]
[MD5.7FBD938AC7B802FBB6AF3AEDBB0F96F5] [SPRF][08/08/2011] (...) -- C:\Program Files\resource.dat   [1189792]
[MD5.866C8D790C7784CD726F89CDB347F080] [SPRF][06/01/2012] (...) -- C:\Program Files\Settings.dat   [10583]
[MD5.F1CD64DD3702BDCDFB0531BB21C6BEFC] [SPRF][21/06/2011] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.3 r181.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe   [3123872]
~ Scan Files in 00mn 01s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{2763039D-930D-44E5-A971-75C3E75045DD}" | In - None - P17 - TRUE | .(.Hewlett-Packard - HP Software Update Client.) -- C:\Program Files\HP\hp software update\hpwucli.exe
O87 - FAEL: "{04723EAB-897B-4CB0-A0AA-525E861A3266}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O87 - FAEL: "{C24A031C-04C2-4B05-9596-DE6EDC1635C6}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe
O87 - FAEL: "{65EBBB50-CCD7-4C68-87E0-DB36D03B756F}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe
O87 - FAEL: "{0C187AD7-56B7-471A-B809-86F34653B400}" | In - Private - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O87 - FAEL: "{A23B6CDA-D217-4899-90ED-5CB89F320678}" | In - Private - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O87 - FAEL: "TCP Query User{74023D74-A2D1-48EB-AD49-917CE1D03558}C:\program files\mediamonkey\mediamonkey (non-skinned).exe" | In - Private - P6 - TRUE | .(.Ventis Media Inc..) -- C:\program files\mediamonkey\mediamonkey (non-skinned).exe
O87 - FAEL: "UDP Query User{2915089E-250B-42D1-AB2D-392CDE23FAC4}C:\program files\mediamonkey\mediamonkey (non-skinned).exe" | In - Private - P17 - TRUE | .(.Ventis Media Inc..) -- C:\program files\mediamonkey\mediamonkey (non-skinned).exe
O87 - FAEL: "TCP Query User{02639B69-F28F-46EF-968A-D64E40FA5B35}C:\program files\free download manager\fdm.exe" | In - Private - P6 - TRUE | .(.FreeDownloadManager.ORG - Free Download Manager.) -- C:\program files\free download manager\fdm.exe
O87 - FAEL: "UDP Query User{78821233-5AE6-4DD9-A73E-B39440C42609}C:\program files\free download manager\fdm.exe" | In - Private - P17 - TRUE | .(.FreeDownloadManager.ORG - Free Download Manager.) -- C:\program files\free download manager\fdm.exe
O87 - FAEL: "{A8264BBD-8081-42BB-8315-FCEF97FF5A24}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
O87 - FAEL: "{685CBDE4-5DCF-471B-8DC0-E3A19013C719}" | In - None - P17 - TRUE | .(.Nokia - Nokia Suite.) -- C:\Program Files\nokia\nokia suite\nokiasuite.exe
O87 - FAEL: "{5E72ECFA-66D1-4DCA-80A9-E8D8A2861D6D}" | In - None - P17 - TRUE | .(.Nokia - Nokia Suite.) -- C:\Program Files\nokia\nokia suite\nokiasuite.exe
O87 - FAEL: "{32B87981-9D96-4120-83CB-A0A80D1CBAA5}" | In - Public - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O87 - FAEL: "{FB3CCC25-8275-4074-ACA0-9C711C36205E}" | In - Public - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O87 - FAEL: "{129EE93C-6804-41D5-B172-C93EE35DD92B}" | In - Public - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe
O87 - FAEL: "{0C85FCF1-F58F-4FF4-9DCA-8652B063A1AD}" | In - Public - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe
~ Scan Firewall in 00mn 01s



---\\ Scan Additionnel (O88)
Database Version : 9187 - (06/09/2012)
Clés trouvées (Keys found) : 3
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 0

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}]   =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}]   =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]   =>Toolbar.Babylon
~ Scan Additionnel in 00mn 11s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 27/07/2012 63960 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 19/09/2012 250288 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 03/07/2012 44808 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Auto 15/12/2011 136176 |  (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 15/12/2011 136176 |  (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Demand 14/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SS - | Demand 02/09/2012 312264 |  (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe
SS - | Demand 06/09/2012 114144 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 30/08/2012 645992 |  (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 30/08/2012 1258856 |  (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Demand 01/08/2012 724888 |  (ServiceLayer) . (.Nokia.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
SS - | Auto 03/07/2012 160944 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 30/08/2012 382312 |  (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Scan Services in 00mn 13s



End of the scan (1265 lines in 01mn 27s)(0)

mais l'operation est en cours et a deja bien avancée

voir le sujet : (souce Ddbus 91)

http://www.security-domain.be/entraide/virus-securite/babylon-search-toolbar-a-supprimer-t2086.html