Probleme mot de passe windows craqué

En effet mais j’ai toujours vue sur les connectiques a l’arrière de la tours.

Salut.

Mettre un mot de passe au bios c’est bien, sauf qu’en ouvrant ta tour, elle peut soit enlever la pile un moment, soit bouger un cavalier, et la le bios revient à ses paramètres d’origines, plus de mot de passe! :wink:

Elle a soit:

Installer un keyloggeur sur ta machine comme ça a déjà été évoqué. Tu me diras: "oui mais il faut déjà avoir un accès a la machine avant! :ennuye: " Certes, mais j’imagine que depuis un live CD, c’est pas impossible d’installer ce genre de chose. Ou alors elle t’as eu avec une pièce jointe de mail?

Tu as un anti-virus à jour au moins? (ça fait pas tout, mais ça aide)

Sinon, elle a très bien pu cracker le mot de passe avec des soft comme John the ripper, embarqué sur live-cd.

Ce qui m’amène à ma question: Es tu sous XP ou Seven?

Car sous xp, les mots de passe sont chiffrés avec ce qu’on appelle hash de type LM(pour simplifier: un hash, c’est ton mot de passe sous forme chiffré, et avec un chiffrement dit irréversible. Mais irréversibilité contournable d’une certaine manière…) , et ça c’est dépassé et très simple à casser. Exemple de faiblesse: Si tu as un mot de passe de 10 caractères, pour son stockage sous forme chiffré il est en fait découpé en deux: un de 7 caractères, et un autre de 3 caractères. Si si :paf:

Sous Seven, c’est des hashs de type NTLM, bien plus robuste. C’est encore très très loin d’être bien sécurisé mais il y a un peu de progrès quand même. (Mais si ton mot de passe est pas tip top et que quelqu’un en met les moyens matériels, ça ne le retiendra pas bien longtemps. On peut te piquer les mots de passe chiffrés chez toi et ensuite travailler au décryptage chez soi tranquillement. )

Si tu veux et que tu es sous XP, je peut te dire comment avoir des mots de passe chiffrés avec NTLM plutôt que LM, c’est pas très compliqué et ça améliore un peu la sécurité. Si tu es sous vista ou seven, c’est fait d’office.

L’idéal aurait été que quand tu met un mot de passe au BIOS, tu ai un système qui empêche d’ouvrir la tour. Pour la mienne, il faut forcément une clé pour ça. Et là exit le démarrage sur un live cd. Mais pas autrement :slight_smile:
Edité le 18/07/2011 à 16:35

Salut, alors déja je suis sous windows 7 j’ai un mot de passe pour le bios oui et je me rappel que la personne m’avais demandé un jour par tel si j’ai un logiciel pour gravé et lire les cd (subterfuge:confused:) et récement j’ai trouvé un petit soft pour gravé des cd bootable. Pour mon mot de passe au départ il y avait des chiffres MAJ et lettre minuscule. Comme antivirus j’ai kaspersky qui est toujour a jour et il me semble d’avoir vue dans les rapport des fichiers suspects.

Sinon j’ai eu un soft ZHP et j’ai fait un diagnostique que je posterais ce soir.

Le mieux serait que tu inclues un caractère spécial et que ton mot de passe soit assez long (8 caractères ou plus).

Car comme je l’ai déjà dit, les mots de passe windows c’est vraiment pas la panacée niveau sécurité.

(Je veux pas troller mais Linux est mieux de coté là :smiley: )

Sinon, vu ce que tu me dis, je dirais qu’elle à casser ton mot de passe la première fois, et ensuite elle à installer un keylogger (ou même une backdoor) pour revenir tranquillement plus tard, prédisant que tu allais mettre un mot de passe au bios…

(ça expliquerait pourquoi ton mot de passe du bios est toujours là et qu’elle à quand même pu revenir.)
Edité le 18/07/2011 à 17:14

Voila
[spoiler]
Rapport de ZHPDiag v1.27.2412 par Nicolas Coolman, Update du 16/07/2011
Run by DJ CROSS at 17/07/2011 20:50:16
Web site : www.premiumorange.com…

—\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox v (Defaut)

—\ System Information
Windows 7 Business Edition, 64-bit (Build 7600)
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
~ Boot mode: ~ Normal (Normal boot)
Total RAM: 4094 MB (68% free)
~ System Restore: Activé (Enable)
System drive C: has 101 GB (69%) free of 146 GB

—\ Logged in mode
~ Computer Name: DJCROSS-PC
~ User Name: DJ CROSS
~ All Users Names: Sexydouce974, DJ CROSS, CR DESIGN, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
~ Logged in as Administrator

—\ Environnement Variables
~ %AppData%=C:\Users\DJ CROSS\AppData\Roaming
~ %Desktop%=C:\Users\DJ CROSS\Desktop
~ %Favorites%=C:\Users\DJ CROSS\Favorites
~ %LocalAppData%=C:\Users\DJ CROSS\AppData\Local
~ %StartMenu%=C:\Users\DJ CROSS\AppData\Roaming\Microsoft\Windows\Start Menu\

—\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 101 Go of 146 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 195 Go of 319 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 101 Go of 932 Go)
F:\ Hard drive, Flash drive, Thumb drive (Free 171 Go of 233 Go)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
K:\ CD-ROM drive (Not Inserted)

—\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

—\ Recherche particulière de fichiers génériques
[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorateur Windows.) (.24/06/2011 - 07:23:14.) – C:\Windows\Explorer.exe [2870272]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (…) (.14/07/2009 - 02:39:31.) – C:\Windows\system32\rundll32.exe [45568]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) – C:\Windows\system32\Wininit.exe [129024]
[MD5.27CDAF355CCE3762C7F13719E814418B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.24/06/2011 - 21:18:28.) – C:\Windows\system32\wininet.dll [1197056]
[MD5.00000000000000000000000000000000] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.24/06/2011 - 07:24:40.) – C:\Windows\system32\Winlogon.exe [389632]
[MD5.00000000000000000000000000000000] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) – C:\Windows\system32\drivers\atapi.sys [24128]
[MD5.00000000000000000000000000000000] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.14/07/2009 - 02:48:27.) – C:\Windows\system32\drivers\ntfs.sys [1659984]

—\ Etat des fichiers cachés (Caché/Total)
~ Mes Favoris (My Favorites) : 3/26
~ Mes Documents (My Documents) : 1/1050
~ Mon Bureau (My Desktop) : 1/6
~ Menu demarrer (Programs) : 7/38

—\ Processus lancés
[MD5.18728219FB9FBDF8B9FFA378E5326892] - (.Tonec Inc. - Internet Download Manager (IDM).) – C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3380632]
[MD5.48D53A10A43DD40676750C661EE50F5F] - (.Pas de propriétaire - HIDRec Application.) – C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [155648]
[MD5.D96A17DF435F430FD1843708928B2A3C] - (.AVerMedia TECHNOLOGIES, Inc. - AVerQuick.) – C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [651264]
[MD5.946D70667B0119F2BEEAE0849E1D46A2] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) – C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe [352976]
[MD5.207B16FA69F61D1895F8D8532F587E4B] - (.Tonec Inc. - Internet Download Manager agent for click m.) – C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [263600]
[MD5.186863295CB16BF8C52723B785DCE907] - (.AVerMedia Technologies, Inc. - AVerMedia TV Application.) – C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe [5271552]
[MD5.05E77D70834AE50290F75C3F1CA3B689] - (.Nicolas Coolman - Diagnostic Tool.) – C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [657408]

—\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\DJ CROSS\AppData\Roaming\Mozilla\Firefox\Profiles\70y69a4n.default\prefs.js
M0 - MFSP: prefs.js [DJ CROSS - 70y69a4n.default] www.google.fr…

—\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R0 - HKUS\S-1-5-21-901185609-3674869338-465440158-1002-901185609-3674869338-465440158-1000\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-901185609-3674869338-465440158-1002-901185609-3674869338-465440158-1000\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) – C:\Windows\System32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0

—\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

—\ Modification d’une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe

—\ Browser Helper Objects de navigateur (O2)
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) – C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2 - BHO: IEVkbdBHO [64Bits] - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} . (.Kaspersky Lab ZAO - IE Virtual Keyboard.) – C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\ievkbd.dll
O2 - BHO: link filter bho [64Bits] - {E33CF602-D945-461A-83F0-819F76A199F8} . (.Kaspersky Lab ZAO - WebToolBar component.) – C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) – C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: IEVkbdBHO [64Bits] - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} . (.Kaspersky Lab ZAO - IE Virtual Keyboard.) – C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
O2 - BHO: link filter bho [64Bits] - {E33CF602-D945-461A-83F0-819F76A199F8} . (.Kaspersky Lab ZAO - WebToolBar component.) – C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll

—\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM…\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) – C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM…\RunOnce: [*WerKernelReporting] . (.Microsoft Corporation - Rapports de problèmes Windows.) – C:\Windows\SYSTEM32\WerFault.exe
O4 - HKCU…\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) – C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - HKCU…\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) – C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
O4 - HKCU…\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) – C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10n_Plugin.exe
O4 - HKLM…\Wow6432Node\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) – C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
O4 - HKLM…\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) – C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM…\Wow6432Node\Run: [JMB36X IDE Setup] . (…) – C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM…\Wow6432Node\Run: [AdobeCS4ServiceManager] . (.Adobe Systems Incorporated - Adobe CS4 Service Manager.) – C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
O4 - HKLM…\Wow6432Node\RunOnce: [Malwarebytes’ Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes’ Anti-Malware.) – C:\Program Files (x86)\Malwarebytes’ Anti-Malware\mbamgui.exe
O4 - HKUS\S-1-5-19…\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) – C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20…\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) – C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-901185609-3674869338-465440158-1002-901185609-3674869338-465440158-1000…\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) – C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-19…\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) – C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20…\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) – C:\Windows\System32\mctadmin.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk . (…) – C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk . (.AVerMedia TECHNOLOGIES, Inc…) – C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe

—\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\DJ CROSS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) – C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\DJ CROSS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) – C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\DJ CROSS\Desktop\Background Changer.lnk . (.http://www.julien-manici.com/.) – E:\bann loziciel\Windows 7 Logon Background Changer\Win7LogonBackgroundChanger.exe
O4 - Global Startup: C:\Users\DJ CROSS\Desktop\Format Factory.lnk . (.Free Time.) – C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
O4 - Global Startup: C:\Users\DJ CROSS\Desktop\Glary Utilities.lnk . (.Glarysoft Ltd.) – C:\Program Files (x86)\Glary Utilities\Integrator.exe
O4 - Global Startup: C:\Users\DJ CROSS\Desktop\Revo Uninstaller.lnk . (.VS Revo Group.) – C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\revouninstaller.exe
O4 - Global Startup: C:\Users\DJ CROSS\Desktop\Soulseek.lnk . (…) – C:\Program Files (x86)\SoulseekNS\slsk.exe
O4 - Global Startup: C:\Users\DJ CROSS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\AIMP2.lnk . (.AIMP DevTeam.) – C:\Program Files (x86)\AIMP2\AIMP2.exe
O4 - Global Startup: C:\Users\DJ CROSS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk . (.Gretech Corp…) – C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe
O4 - Global Startup: C:\Users\DJ CROSS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) – C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\DJ CROSS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) – C:\Program Files (x86)\Mozilla Firefox\firefox.exe

—\ Lignes supplémentaires dans le menu contextuel d’Internet Explorer (O8)
O8 - Extra context menu item: Télécharger avec IDM . (…) – C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM . (…) – C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm

—\ Boutons situés sur la barre d’outils principale d’Internet Explorer (O9)
O9 - Extra button: Clavier &virtuel [64Bits] - {4248FE82-7FCB-46AC-B270-339F08212110} . (…) – C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\kbrd.ico
O9 - Extra button: Clavier &virtuel [64Bits] - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (…) – C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\logo.ico

—\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) – C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) – C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) – C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) – C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) – C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) – C:\Windows\system32\pnrpnsp.dll

—\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip…{3A615DFE-5C08-4666-ABB8-F92B274BD520}: DhcpNameServer = 212.27.40.241 212.27.40.242
O17 - HKLM\System\CS1\Services\Tcpip…{3A615DFE-5C08-4666-ABB8-F92B274BD520}: DhcpNameServer = 212.27.40.241 212.27.40.242
O17 - HKLM\System\CS2\Services\Tcpip…{3A615DFE-5C08-4666-ABB8-F92B274BD520}: DhcpNameServer = 212.27.40.241 212.27.40.242
O17 - HKLM\System\CS3\Services\Tcpip…{3A615DFE-5C08-4666-ABB8-F92B274BD520}: DhcpNameServer = 212.27.40.241 212.27.40.242
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.242

—\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: klogon . (.Kaspersky Lab ZAO - Logon Visualizer.) – C:\Windows\System32\klogon.dll

—\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

—\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe
O23 - Service: AVerRemote (AVerRemote) . (.AVerMedia - AVerRemote MFC Application.) - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService (AVerScheduleService) . (.Pas de propriétaire - ScheduleService Module.) - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe

—\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(…) - (.not file.)

—\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GlaryInitialize.job
[MD5.8E9371203664927C54BFB3DBC0A712A3] [APT] [GlaryInitialize] (.Glarysoft Ltd.) – C:\Program Files (x86)\Glary Utilities\initialize.exe
[MD5.00000000000000000000000000000000] [APT] [{4C80476B-EB87-422E-B505-530F6AE2EFB0}] (…) – C:\Users\DJ CROSS\Desktop\R1.17.62.00_eSATA\setup.exe (.not file.)

—\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (kl2) . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) - C:\Windows\System32\DRIVERS\kl2.sys
O41 - Driver: (KLIF) . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_AMD64].) - C:\Windows\System32\DRIVERS\klif.sys
O41 - Driver: (KLIM6) . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) - C:\Windows\System32\DRIVERS\klim6.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys

—\ Logiciels installés (O42)
O42 - Logiciel: AIMP2 - (.AIMP DevTeam.) [HKLM][64Bits] – AIMP2
O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc…) [HKLM] – {503F672D-6C84-448A-8F8F-4BC35AC83441}
O42 - Logiciel: AMD Drag and Drop Transcoding - (.ATI Technologies Inc…) [HKLM] – {5DF57DB1-D971-3DA3-B4BB-F6FC7D73A997}
O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc…) [HKLM] – {4044201A-8576-2999-1166-96C5593F3CFF}
O42 - Logiciel: AVerMedia A850 USB DMB-TH 1.0.64.30 - (.AVerMedia TECHNOLOGIES, Inc…) [HKLM][64Bits] – AVerMedia A850 USB DMB-TH
O42 - Logiciel: AVerTV - (.AVerMedia Technologies, Inc…) [HKLM][64Bits] – InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}
O42 - Logiciel: Adaptateur Bewan Wi-Fi 802.11n - (.Bewan.) [HKLM][64Bits] – {28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc…) [HKLM][64Bits] – Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc…) [HKLM][64Bits] – {197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
O42 - Logiciel: Adobe Anchor Service CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {1618734A-3957-4ADD-8199-F973763109A8}
O42 - Logiciel: Adobe Anchor Service x64 CS4 - (.Adobe Systems Incorporated.) [HKLM] – {887797BF-37A5-4199-B0C9-0D38D6196E9A}
O42 - Logiciel: Adobe Bridge CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {83877DB1-8B77-45BC-AB43-2BAC22E093E0}
O42 - Logiciel: Adobe CMaps CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {94D398EB-D2FD-4FD1-B8C4-592635E8A191}
O42 - Logiciel: Adobe CMaps x64 CS4 - (.Adobe Systems Incorporated.) [HKLM] – {90BA8112-80B3-4617-A3C1-BD2771B60F74}
O42 - Logiciel: Adobe CSI CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {0F723FC1-7606-4867-866C-CE80AD292DAF}
O42 - Logiciel: Adobe CSI CS4 x64 - (.Adobe Systems Incorporated.) [HKLM] – {8DAA31EB-6830-4006-A99F-4DF8AB24714F}
O42 - Logiciel: Adobe Color - Photoshop Specific CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
O42 - Logiciel: Adobe Color EU Recommended Settings CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
O42 - Logiciel: Adobe Color JA Extra Settings CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {0D6013AB-A0C7-41DC-973C-E93129C9A29F}
O42 - Logiciel: Adobe Color NA Extra Settings CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {098A2A49-7CF3-4F08-A38D-FB879117152A}
O42 - Logiciel: Adobe Color Video Profiles CS CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {63C24A08-70F3-4C8E-B9FB-9F21A903801D}
O42 - Logiciel: Adobe Default Language CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {C52E3EC1-048C-45E1-8D53-10B0C6509683}
O42 - Logiciel: Adobe Device Central CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {67F0E67A-8E93-4C2C-B29D-47C48262738A}
O42 - Logiciel: Adobe Drive CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {16E16F01-2E2D-4248-A42F-76261C147B6C}
O42 - Logiciel: Adobe Drive CS4 x64 - (.Adobe Systems Incorporated.) [HKLM] – {A3454894-144A-4D80-B605-C128FE0D7329}
O42 - Logiciel: Adobe ExtendScript Toolkit CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
O42 - Logiciel: Adobe Extension Manager CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {054EFA56-2AC1-48F4-A883-0AB89874B972}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] – Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] – Adobe Flash Player Plugin
O42 - Logiciel: Adobe Fonts All - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
O42 - Logiciel: Adobe Fonts All x64 - (.Adobe Systems Incorporated.) [HKLM] – {6631325A-9B1B-4EE7-8E64-8CC4A6F10643}
O42 - Logiciel: Adobe Linguistics CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {931AB7EA-3656-4BB7-864D-022B09E3DD67}
O42 - Logiciel: Adobe Linguistics CS4 x64 - (.Adobe Systems Incorporated.) [HKLM] – {8875A1C0-6308-4790-8CF6-D34E89880052}
O42 - Logiciel: Adobe Output Module - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {BB4E33EC-8181-4685-96F7-8554293DEC6A}
O42 - Logiciel: Adobe PDF Library Files CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {F93C84A6-0DC6-42AF-89FA-776F7C377353}
O42 - Logiciel: Adobe PDF Library Files x64 CS4 - (.Adobe Systems Incorporated.) [HKLM] – {DFFABE78-8173-4E97-9C5C-22FB26192FC5}
O42 - Logiciel: Adobe Photoshop CS4 (64 Bit) - (.Adobe Systems Incorporated.) [HKLM] – {D40172D6-CE2D-4B72-BF5F-26A04A900B7B}
O42 - Logiciel: Adobe Photoshop CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – Adobe_faf656ef605427ee2f42989c3ad31b8
O42 - Logiciel: Adobe Photoshop CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
O42 - Logiciel: Adobe Photoshop CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {E4848436-0345-47E2-B648-8B522FCDA623}
O42 - Logiciel: Adobe Photoshop CS4 Support - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
O42 - Logiciel: Adobe Search for Help - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {F0E64E2E-3A60-40D8-A55D-92F6831875DA}
O42 - Logiciel: Adobe Service Manager Extension - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}
O42 - Logiciel: Adobe Type Support CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
O42 - Logiciel: Adobe Type Support x64 CS4 - (.Adobe Systems Incorporated.) [HKLM] – {8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}
O42 - Logiciel: Adobe Update Manager CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {05308C4E-7285-4066-BAE3-6B50DA6ED755}
O42 - Logiciel: Adobe WinSoft Linguistics Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
O42 - Logiciel: Adobe WinSoft Linguistics Plugin x64 - (.Adobe Systems Incorporated.) [HKLM] – {295CFB7C-A57E-4313-93E7-68E7CE1D0332}
O42 - Logiciel: Adobe XMP Panels CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
O42 - Logiciel: AdobeColorCommonSetCMYK - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {68243FF8-83CA-466B-B2B8-9F99DA5479C4}
O42 - Logiciel: AdobeColorCommonSetRGB - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM][64Bits] – {19A492A0-888F-44A0-9B21-D91700763F62}
O42 - Logiciel: Connect - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {B29AD377-CC12-490A-A480-1452337C618D}
O42 - Logiciel: FormatFactory 2.60 - (.Free Time.) [HKLM][64Bits] – FormatFactory
O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM][64Bits] – GOM Player
O42 - Logiciel: Glary Utilities 2.23.0.923 - (.Glarysoft Ltd.) [HKLM][64Bits] – Glary Utilities_is1
O42 - Logiciel: Internet Download Manager - (.Pas de propriétaire.) [HKLM][64Bits] – Internet Download Manager
O42 - Logiciel: JMicron JMB36X Driver - (.JMicron Technology Corp…) [HKLM][64Bits] – {3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}
O42 - Logiciel: K-Lite Mega Codec Pack 6.3.0 - (.Pas de propriétaire.) [HKLM][64Bits] – KLiteCodecPack_is1
O42 - Logiciel: Kaspersky Anti-Virus 2011 - (.Kaspersky Lab.) [HKLM][64Bits] – InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}
O42 - Logiciel: Kaspersky Anti-Virus 2011 - (.Kaspersky Lab.) [HKLM][64Bits] – {66F1F013-008F-4875-B283-5A814B820347}
O42 - Logiciel: Logiciel d’archivage WinRAR - (.Pas de propriétaire.) [HKLM] – WinRAR archiver
O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM][64Bits] – {7DB4CB30-B94A-4282-AC8A-C86F615AA45B}
O42 - Logiciel: Malwarebytes’ Anti-Malware - (.Malwarebytes Corporation.) [HKLM][64Bits] – Malwarebytes’ Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM][64Bits] – {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM][64Bits] – Microsoft .NET Framework 1.1 (1033)
O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] – {DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
O42 - Logiciel: Mozilla Firefox (3.6.18) - (.Mozilla.) [HKLM][64Bits] – Mozilla Firefox (3.6.18)
O42 - Logiciel: PDF Settings CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
O42 - Logiciel: Photoshop Camera Raw - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {CC75AB5C-2110-4A7F-AF52-708680D22FE8}
O42 - Logiciel: Photoshop Camera Raw_x64 - (.Adobe Systems Incorporated.) [HKLM] – {2D74E972-5A85-44DC-9193-8A302BA8C181}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] – {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp…) [HKLM][64Bits] – {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Reason 4.0 - (.Propellerhead Software AB.) [HKLM][64Bits] – Reason4_is1
O42 - Logiciel: Revo Uninstaller 1.83 - (.VS Revo Group.) [HKLM][64Bits] – Revo Uninstaller
O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd…) [HKLM] – {D0795B21-0CDA-4a92-AB9E-6E92D8111E44}
O42 - Logiciel: Sony ACID Pro 6.0 - (.Sony.) [HKLM][64Bits] – {C2714A90-DE36-4C69-9B89-E43ACD8C0235}
O42 - Logiciel: Sony Media Manager 2.1 - (.Sony.) [HKLM][64Bits] – {DD10F763-CDF6-46CD-9254-C8CE5E91B53E}
O42 - Logiciel: SoulSeek 157 NS 13e - (.Pas de propriétaire.) [HKLM][64Bits] – Soulseek2
O42 - Logiciel: Suite Shared Configuration CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {842B4B72-9E8F-4962-B3C1-1C422A5C4434}
O42 - Logiciel: SuperCopier2 - (.Pas de propriétaire.) [HKLM][64Bits] – SuperCopier2
O42 - Logiciel: VLC media player 1.0.5 - (.VideoLAN Team.) [HKLM][64Bits] – VLC media player
O42 - Logiciel: WMV9/VC-1 Video Playback - (.ATI Technologies Inc…) [HKLM] – {F757A09E-71FB-B75D-20B1-B3E27CD8DEA1}
O42 - Logiciel: kuler - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {098727E1-775A-4450-B573-3F441F1CA243}

—\ HKCU & HKLM Software Keys
[HKCU\Software\AMD]
[HKCU\Software\ATI]
[HKCU\Software\AVerMedia TECHNOLOGIES, Inc.]
[HKCU\Software\Adobe]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DT Soft]
[HKCU\Software\DownloadManager]
[HKCU\Software\FreeTime]
[HKCU\Software\GNU]
[HKCU\Software\GRETECH]
[HKCU\Software\Gabest]
[HKCU\Software\GlarySoft]
[HKCU\Software\Haali]
[HKCU\Software\KasperskyLab]
[HKCU\Software\MONOGRAM]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes’ Anti-Malware]
[HKCU\Software\MediaInfo]
[HKCU\Software\Mozilla]
[HKCU\Software\Policies]
[HKCU\Software\Propellerhead Software]
[HKCU\Software\Realtek]
[HKCU\Software\SFX TEAM]
[HKCU\Software\Sony Media Software]
[HKCU\Software\SoulSeek]
[HKCU\Software\Soulseek2]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\VirtualDJ]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\cybelsoft]
[HKCU\Software\madFlac]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AVerMedia TECHNOLOGIES, Inc.]
[HKLM\Software\Adobe]
[HKLM\Software\AviSynth]
[HKLM\Software\Bewan]
[HKLM\Software\CDDB]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Codec Tweak Tool]
[HKLM\Software\Creative Tech]
[HKLM\Software\DT Soft]
[HKLM\Software\GNU]
[HKLM\Software\GRETECH]
[HKLM\Software\HaaliMkx]
[HKLM\Software\HighCriteria]
[HKLM\Software\Intel]
[HKLM\Software\KLCodecPack]
[HKLM\Software\KasperskyLab]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\Macrovision]
[HKLM\Software\Malwarebytes’ Anti-Malware]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\Propellerhead Software]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SAMSUNG]
[HKLM\Software\SRS Labs]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Corporation]
[HKLM\Software\Sony Media Software]
[HKLM\Software\VST]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinRAR]
[HKLM\Software\Wow6432Node]
[HKLM\Software\cybelsoft]
[HKLM\Software\mozilla.org]

—\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 30/06/2011 - 20:02:20 - [377423917] ----D- C:\Program Files\Adobe
O43 - CFD: 19/06/2011 - 15:42:44 - [23449773] ----D- C:\Program Files\ATI
O43 - CFD: 19/06/2011 - 15:48:34 - [28] ----D- C:\Program Files\ATI Technologies
O43 - CFD: 30/06/2011 - 19:54:56 - [247945486] ----D- C:\Program Files\Common Files
O43 - CFD: 14/07/2009 - 17:35:42 - [90257428] ----D- C:\Program Files\DVD Maker
O43 - CFD: 19/06/2011 - 15:37:00 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 20/09/2009 - 12:20:34 - [3171760] ----D- C:\Program Files\Internet Download Manager
O43 - CFD: 01/01/2008 - 01:10:30 - [5174573] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 19/06/2011 - 17:11:56 - [16058912] ----D- C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 07:32:40 - [36253865] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 20/06/2011 - 22:27:46 - [40812541] ----D- C:\Program Files\SAMSUNG
O43 - CFD: 14/07/2009 - 07:09:28 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 14/07/2009 - 17:24:10 - [4039168] ----D- C:\Program Files\Windows Defender
O43 - CFD: 14/07/2009 - 17:35:40 - [9224824] ----D- C:\Program Files\Windows Journal
O43 - CFD: 25/06/2011 - 09:38:52 - [6667264] ----D- C:\Program Files\Windows Mail
O43 - CFD: 24/06/2011 - 21:16:14 - [7687085] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 19/06/2011 - 15:37:00 - [12627124] ----D- C:\Program Files\Windows NT
O43 - CFD: 14/07/2009 - 17:24:10 - [5516568] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 07:32:40 - [235008] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 14/07/2009 - 17:24:10 - [7674424] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 19/06/2011 - 16:12:44 - [4524560] ----D- C:\Program Files\WinRAR
O43 - CFD: 30/06/2011 - 20:03:04 - [183257019] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 19/06/2011 - 15:48:44 - [238856] ----D- C:\Program Files\Common Files\ATI Technologies
O43 - CFD: 30/06/2011 - 19:54:56 - [1038349] ----D- C:\Program Files\Common Files\Macrovision Shared
O43 - CFD: 19/06/2011 - 15:42:46 - [50789821] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 14/07/2009 - 17:24:10 - [12009971] ----D- C:\Program Files\Common Files\System
O43 - CFD: 02/07/2011 - 14:13:56 - [610302] ----D- C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 19/06/2011 - 15:48:50 - [188] ----D- C:\ProgramData\ATI
O43 - CFD: 28/06/2011 - 14:46:44 - [11398] ----D- C:\ProgramData\AVerTV
O43 - CFD: 19/06/2011 - 16:16:28 - [3773671] ----D- C:\ProgramData\Bewan Driver
O43 - CFD: 19/06/2011 - 15:37:00 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 26/06/2011 - 12:56:00 - [404] ----D- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 19/06/2011 - 15:37:00 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 01/01/2008 - 01:10:20 - [22202] ----D- C:\ProgramData\FLEXnet
O43 - CFD: 17/07/2011 - 20:40:32 - [522654645] ----D- C:\ProgramData\Kaspersky Lab
O43 - CFD: 19/06/2011 - 15:42:24 - [110974608] ----D- C:\ProgramData\Kaspersky Lab Setup Files
O43 - CFD: 19/06/2011 - 16:32:40 - [1229115] ----D- C:\ProgramData\ma-config.com
O43 - CFD: 12/07/2011 - 22:28:36 - [6991501] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 19/06/2011 - 15:37:00 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 01/01/2008 - 01:09:46 - [268504871] -S–D- C:\ProgramData\Microsoft
O43 - CFD: 19/06/2011 - 15:37:00 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 26/06/2011 - 13:03:10 - [3386357] ----D- C:\ProgramData\Propellerhead Software
O43 - CFD: 20/06/2011 - 22:27:34 - [321057] ----D- C:\ProgramData\Samsung
O43 - CFD: 30/06/2011 - 19:06:12 - [358] ----D- C:\ProgramData\Sony
O43 - CFD: 09/07/2011 - 11:18:22 - [0] ----D- C:\ProgramData\Soulseek
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 02/07/2011 - 16:24:50 - [315] ----D- C:\Users\DJ CROSS\AppData\Roaming\Adobe
O43 - CFD: 01/01/2008 - 01:10:26 - [89062] ----D- C:\Users\DJ CROSS\AppData\Roaming\AIMP
O43 - CFD: 19/06/2011 - 15:48:50 - [0] ----D- C:\Users\DJ CROSS\AppData\Roaming\ATI
O43 - CFD: 26/06/2011 - 13:00:34 - [513] ----D- C:\Users\DJ CROSS\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 09/07/2011 - 11:26:18 - [0] ----D- C:\Users\DJ CROSS\AppData\Roaming\DMCache
O43 - CFD: 02/07/2011 - 18:00:54 - [0] ----D- C:\Users\DJ CROSS\AppData\Roaming\dvdcss
O43 - CFD: 30/06/2011 - 19:00:28 - [24807] ----D- C:\Users\DJ CROSS\AppData\Roaming\GlarySoft
O43 - CFD: 19/06/2011 - 16:12:52 - [127861] ----D- C:\Users\DJ CROSS\AppData\Roaming\GRETECH
O43 - CFD: 19/06/2011 - 15:37:36 - [0] ----D- C:\Users\DJ CROSS\AppData\Roaming\Identities
O43 - CFD: 01/01/2008 - 00:19:00 - [1094428] ----D- C:\Users\DJ CROSS\AppData\Roaming\IDM
O43 - CFD: 19/06/2011 - 16:15:58 - [0] ----D- C:\Users\DJ CROSS\AppData\Roaming\InstallShield
O43 - CFD: 19/06/2011 - 15:53:34 - [1537] ----D- C:\Users\DJ CROSS\AppData\Roaming\Macromedia
O43 - CFD: 12/07/2011 - 22:28:48 - [1061] ----D- C:\Users\DJ CROSS\AppData\Roaming\Malwarebytes
O43 - CFD: 14/07/2009 - 17:35:20 - [0] ----D- C:\Users\DJ CROSS\AppData\Roaming\Media Center Programs
O43 - CFD: 19/06/2011 - 16:33:30 - [147] ----D- C:\Users\DJ CROSS\AppData\Roaming\Media Player Classic
O43 - CFD: 01/01/2008 - 01:09:52 - [1772139] -S–D- C:\Users\DJ CROSS\AppData\Roaming\Microsoft
O43 - CFD: 19/06/2011 - 15:40:02 - [761755] ----D- C:\Users\DJ CROSS\AppData\Roaming\Mozilla
O43 - CFD: 26/06/2011 - 13:05:46 - [7780] ----D- C:\Users\DJ CROSS\AppData\Roaming\Propellerhead Software
O43 - CFD: 30/06/2011 - 19:06:34 - [0] ----D- C:\Users\DJ CROSS\AppData\Roaming\Sony
O43 - CFD: 02/07/2011 - 18:00:54 - [77507] ----D- C:\Users\DJ CROSS\AppData\Roaming\vlc
O43 - CFD: 19/06/2011 - 16:25:04 - [12] ----D- C:\Users\DJ CROSS\AppData\Roaming\WinRAR
O43 - CFD: 30/06/2011 - 19:56:26 - [0] ----D- C:\Users\DJ CROSS\AppData\Local\Adobe
O43 - CFD: 19/06/2011 - 15:37:10 - [0] -SH-D- C:\Users\DJ CROSS\AppData\Local\Application Data
O43 - CFD: 01/01/2008 - 01:10:26 - [17481] ----D- C:\Users\DJ CROSS\AppData\Local\ApplicationHistory
O43 - CFD: 19/06/2011 - 15:48:50 - [62559] ----D- C:\Users\DJ CROSS\AppData\Local\ATI
O43 - CFD: 24/06/2011 - 07:15:18 - [67] ----D- C:\Users\DJ CROSS\AppData\Local\AVerMedia
O43 - CFD: 19/06/2011 - 15:37:10 - [0] -SH-D- C:\Users\DJ CROSS\AppData\Local\Historique
O43 - CFD: 19/06/2011 - 17:09:24 - [1021] ----D- C:\Users\DJ CROSS\AppData\Local\http___www.julien-manici
O43 - CFD: 01/01/2008 - 01:09:52 - [85681487] ----D- C:\Users\DJ CROSS\AppData\Local\Microsoft
O43 - CFD: 19/06/2011 - 15:39:56 - [89199495] ----D- C:\Users\DJ CROSS\AppData\Local\Mozilla
O43 - CFD: 17/07/2011 - 19:56:44 - [42592060] ----D- C:\Users\DJ CROSS\AppData\Local\Temp
O43 - CFD: 19/06/2011 - 15:37:10 - [0] -SH-D- C:\Users\DJ CROSS\AppData\Local\Temporary Internet Files
O43 - CFD: 01/01/2008 - 01:09:52 - [168] ----D- C:\Users\DJ CROSS\AppData\Local\VirtualStore
O43 - CFD: 30/06/2011 - 20:01:28 - [583417525] ----D- C:\Program Files (x86)\Adobe
O43 - CFD: 19/06/2011 - 16:26:56 - [8702540] ----D- C:\Program Files (x86)\AIMP2
O43 - CFD: 19/06/2011 - 15:48:48 - [2448924] ----D- C:\Program Files (x86)\AMD APP
O43 - CFD: 19/06/2011 - 15:48:16 - [41571793] ----D- C:\Program Files (x86)\ATI Technologies
O43 - CFD: 19/06/2011 - 18:44:20 - [51007394] ----D- C:\Program Files (x86)\AVerMedia
O43 - CFD: 30/06/2011 - 19:56:54 - [553378205] ----D- C:\Program Files (x86)\Common Files
O43 - CFD: 26/06/2011 - 12:56:20 - [10382532] ----D- C:\Program Files (x86)\DAEMON Tools Lite
O43 - CFD: 01/01/2008 - 01:10:20 - [339754] ----D- C:\Program Files (x86)\Free Video Converter
O43 - CFD: 19/06/2011 - 15:46:42 - [118070272] ----D- C:\Program Files (x86)\FreeTime
O43 - CFD: 01/01/2008 - 01:10:20 - [18842407] ----D- C:\Program Files (x86)\Glary Utilities
O43 - CFD: 19/06/2011 - 16:12:28 - [20783971] ----D- C:\Program Files (x86)\GRETECH
O43 - CFD: 19/06/2011 - 18:44:52 - [26010358] --H-D- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 19/06/2011 - 17:07:50 - [96703] ----D- C:\Program Files (x86)\Intel
O43 - CFD: 30/06/2011 - 20:25:14 - [9891790] ----D- C:\Program Files (x86)\Internet Download Manager
O43 - CFD: 01/01/2008 - 01:10:30 - [4494117] ----D- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 19/06/2011 - 15:42:32 - [52525423] ----D- C:\Program Files (x86)\K-Lite Codec Pack
O43 - CFD: 19/06/2011 - 15:43:44 - [73905486] ----D- C:\Program Files (x86)\Kaspersky Lab
O43 - CFD: 19/06/2011 - 16:32:42 - [6093848] ----D- C:\Program Files (x86)\ma-config.com
O43 - CFD: 12/07/2011 - 22:28:40 - [3977867] ----D- C:\Program Files (x86)\Malwarebytes’ Anti-Malware
O43 - CFD: 30/06/2011 - 18:55:32 - [94908110] ----D- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 10/07/2011 - 13:20:08 - [30108604] ----D- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files (x86)\MSBuild
O43 - CFD: 26/06/2011 - 13:01:28 - [1499468725] ----D- C:\Program Files (x86)\Propellerhead
O43 - CFD: 19/06/2011 - 17:11:44 - [5822298] ----D- C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:40 - [38597377] ----D- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 30/06/2011 - 19:03:58 - [98524049] ----D- C:\Program Files (x86)\Sony
O43 - CFD: 30/06/2011 - 18:53:12 - [129250558] ----D- C:\Program Files (x86)\Sony Setup
O43 - CFD: 09/07/2011 - 11:18:06 - [3765625] ----D- C:\Program Files (x86)\SoulseekNS
O43 - CFD: 01/01/2008 - 01:10:20 - [1226139] ----D- C:\Program Files (x86)\SuperCopier2
O43 - CFD: 30/06/2011 - 22:02:30 - [78593361] ----D- C:\Program Files (x86)\VideoLAN
O43 - CFD: 06/07/2011 - 15:48:34 - [102024] ----D- C:\Program Files (x86)\VirtualDJ
O43 - CFD: 19/06/2011 - 16:11:02 - [2618612] ----D- C:\Program Files (x86)\VS Revo Group
O43 - CFD: 30/06/2011 - 19:04:50 - [247] ----D- C:\Program Files (x86)\Vstplugins
O43 - CFD: 14/07/2009 - 17:24:10 - [524800] ----D- C:\Program Files (x86)\Windows Defender
O43 - CFD: 25/06/2011 - 09:38:52 - [6180864] ----D- C:\Program Files (x86)\Windows Mail
O43 - CFD: 24/06/2011 - 21:16:14 - [5024017] ----D- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:40 - [12197556] ----D- C:\Program Files (x86)\Windows NT
O43 - CFD: 14/07/2009 - 17:24:10 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 07:32:42 - [189440] ----D- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 14/07/2009 - 17:24:10 - [5994114] ----D- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 17/07/2011 - 20:50:52 - [3929475] ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD: 30/06/2011 - 20:00:28 - [410796282] ----D- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 30/06/2011 - 19:56:54 - [27374423] ----D- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 19/06/2011 - 15:48:44 - [194312] ----D- C:\Program Files (x86)\Common Files\ATI Technologies
O43 - CFD: 19/06/2011 - 18:43:44 - [42920896] ----D- C:\Program Files (x86)\Common Files\AVerMedia
O43 - CFD: 19/06/2011 - 17:07:06 - [3990558] ----D- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 30/06/2011 - 19:54:46 - [655885] ----D- C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 14/07/2009 - 17:24:10 - [16237105] ----D- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:10 - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 14/07/2009 - 17:24:10 - [10102259] ----D- C:\Program Files (x86)\Common Files\System

—\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.7109BD39EE7D6D360FA0FCA721BCB01E] - 17/07/2011 - 19:47:21 —A- . (…) – C:\Windows\SysNative\PerfStringBackup.INI [1553042]
O44 - LFC:[MD5.6690944052E5F58C66213D0E8C0E1CB0] - 17/07/2011 - 19:47:21 —A- . (…) – C:\Windows\SysNative\perfc009.dat [107396]
O44 - LFC:[MD5.EAB4DE6DF3EF0A4585480BF1693A7BBD] - 17/07/2011 - 19:47:21 —A- . (…) – C:\Windows\SysNative\perfc00C.dat [132340]
O44 - LFC:[MD5.8C268C9335838C85E1F2ED3538C2609A] - 17/07/2011 - 19:47:21 —A- . (…) – C:\Windows\SysNative\perfh009.dat [615760]
O44 - LFC:[MD5.D5239C8A89B4CC395A2AEEF6573955E1] - 17/07/2011 - 19:47:21 —A- . (…) – C:\Windows\SysNative\perfh00C.dat [704618]
O44 - LFC:[MD5.C5C16F234675CC757F2A0CCD325BD543] - 17/07/2011 - 19:47:21 —A- . (…) – C:\Windows\System32\PerfStringBackup.INI [1578582]
O44 - LFC:[MD5.0C0000001C00000057494E444F577E31] - 17/07/2011 - 15:30:33 —A- . (…) – C:\Windows\WindowsUpdate.log [1739478]
O44 - LFC:[MD5.6761D3D1B8AF0ECC37FDDA3AE1F4D531] - 17/07/2011 - 13:49:08 —A- . (…) – C:\Windows\setupact.log [34689]
O44 - LFC:[MD5.C9EA2F7A8489AAA26E7C717714693326] - 17/07/2011 - 09:06:25 --HA- . (…) – C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [14976]
O44 - LFC:[MD5.C9EA2F7A8489AAA26E7C717714693326] - 17/07/2011 - 09:06:25 --HA- . (…) – C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [14976]
O44 - LFC:[MD5.EC2E424B18C6568D7ACB75684131AD60] - 17/07/2011 - 08:59:01 -S-A- . (…) – C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.F15588B2BFE6C54F214C637F33D8F81D] - 16/07/2011 - 08:19:54 —A- . (…) – C:\Windows\SysNative\FNTCACHE.DAT [3056552]
O44 - LFC:[MD5.1BF517E4506D305F83223240D55873C0] - 07/07/2011 - 15:25:45 —A- . (…) – C:\Windows\MEMORY.DMP [372141737]
O44 - LFC:[MD5.E616C70EAD980D26EBF42A78E3404416] - 01/07/2011 - 13:10:03 —A- . (…) – C:\Windows\ntbtlog.txt [187604]
O44 - LFC:[MD5.6CBA8FD5A6079F8FCE1F9D497BAA3B05] - 30/06/2011 - 19:25:12 —A- . (…) – C:\Windows\PFRO.log [7454]
O44 - LFC:[MD5.FF4D998645E69E1252E88592406F7AA8] - 30/06/2011 - 19:21:13 —A- . (…) – C:\Windows\IE9_main.log [4862]
O44 - LFC:[MD5.EFC5353E4F513DEF55ED7B7872363957] - 24/06/2011 - 06:30:34 —A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) – C:\Windows\SysNative\atmfd.dll [367104]
O44 - LFC:[MD5.7D643BB2B21B22621D76BE185AE9F7F8] - 24/06/2011 - 06:30:34 —A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) – C:\Windows\System32\atmfd.dll [294912]
O44 - LFC:[MD5.8BD25A34DA5E53AE115977DD1E15AB3C] - 24/06/2011 - 06:30:33 —A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library…) – C:\Windows\SysNative\atmlib.dll [46080]
O44 - LFC:[MD5.D592AAA377748FC50E34D731F0D0D7B8] - 24/06/2011 - 06:30:33 —A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library…) – C:\Windows\System32\atmlib.dll [34304]
O44 - LFC:[MD5.CE7EA4FD479F7E540EDB01931ED77193] - 19/06/2011 - 16:12:30 R-HA- . (…) – C:\Windows\ctfile.rfc [159]
O44 - LFC:[MD5.2326DB5F0796ED2DE229B0B491133980] - 19/06/2011 - 16:11:44 —A- . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) – C:\Windows\SysNative\RTSnMg64.cpl [612384]
O44 - LFC:[MD5.D7E568561C5046248A77B3F57DD55063] - 19/06/2011 - 16:11:44 —A- . (.Realtek Semiconductor Corp. - Realtek LFX/GFX DSP UI component for Window.) – C:\Windows\SysNative\RtPgEx64.dll [1692192]
O44 - LFC:[MD5.C3D8EEC684545310F66B5220748C2C5D] - 19/06/2011 - 16:11:44 —A- . (.Realtek Semiconductor Corp. - RtlCPAPI Module.) – C:\Windows\SysNative\RtlCPAPI64.dll [332320]
O44 - LFC:[MD5.A88BE9A6C4E646A2B2A1BD3A7F4B58E7] - 19/06/2011 - 16:11:44 —A- . (.SRS Labs, Inc. - COM object implementing SRS Headphone 360.) – C:\Windows\SysNative\SRSHP64.dll [198896]
O44 - LFC:[MD5.A028717B791416182959B325D5B40679] - 19/06/2011 - 16:11:44 —A- . (.SRS Labs, Inc. - TruSurround HD and HD4 COM object for Windo.) – C:\Windows\SysNative\SRSTSH64.dll [211184]
O44 - LFC:[MD5.018D3D2478754AA411DE6DA6DE5F8F21] - 19/06/2011 - 16:11:44 —A- . (.SRS Labs, Inc. - TruSurroundXT Module.) – C:\Windows\SysNative\SRSTSX64.dll [518896]
O44 - LFC:[MD5.2FCADCC14F8E540F6ADE4BF92BD8AEDD] - 19/06/2011 - 16:11:44 —A- . (.SRS Labs, Inc. - WOW HD COM object for Windows.) – C:\Windows\SysNative\SRSWOW64.dll [155888]
O44 - LFC:[MD5.80007E259BCB3C0534AF73E9E1DB81EC] - 19/06/2011 - 16:11:44 —A- . (.Waves Audio Ltd. - General Library for Plug-Ins.) – C:\Windows\SysNative\WavesGUILib.dll [2719504]
O44 - LFC:[MD5.04CFE870C30640C9A369E0FE8C654B98] - 19/06/2011 - 16:11:43 —A- . (.Creative Technology Ltd. - Audio Processing Object Chaining Module.) – C:\Windows\SysNative\MBWrp64.dll [78936]
O44 - LFC:[MD5.25D74864274539330DCC4234140D11AF] - 19/06/2011 - 16:11:43 —A- . (.Creative Technology Ltd. - Creative Audio Processing Object Module.) – C:\Windows\SysNative\MBAPO64.dll [607832]
O44 - LFC:[MD5.09D9D2C960A14D3857B6E5B1AB6F4D0E] - 19/06/2011 - 16:11:43 —A- . (.Creative Technology Ltd. - Creative Chaining Property Page Loader Modu.) – C:\Windows\SysNative\MBPPCn64.dll [60504]
O44 - LFC:[MD5.5B56FAF6FC0D3D940DFD0C997178317B] - 19/06/2011 - 16:11:43 —A- . (.Creative Technology Ltd. - Creative Property Page Loader Module.) – C:\Windows\SysNative\MBppld64.dll [64600]
O44 - LFC:[MD5.FC15E0EA2BFA595A0A99DB9DBB6F4791] - 19/06/2011 - 16:11:43 —A- . (.Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) – C:\Windows\SysNative\RTEED64A.dll [198656]
O44 - LFC:[MD5.E2474B395F5FC1AA53A1CFFD2255768F] - 19/06/2011 - 16:11:43 —A- . (.Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) – C:\Windows\SysNative\RTEEP64A.dll [363008]
O44 - LFC:[MD5.08B5B689D33792E9DA1FB3389D245AB6] - 19/06/2011 - 16:11:43 —A- . (.Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) – C:\Windows\SysNative\RTEEG64A.dll [73216]
O44 - LFC:[MD5.14FB4CDB4C638CFBA9F76BDC8334C1B6] - 19/06/2011 - 16:11:43 —A- . (.Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) – C:\Windows\SysNative\RTEEL64A.dll [95744]
O44 - LFC:[MD5.D6C8752E6623D91A4B300CA11AE52709] - 19/06/2011 - 16:11:43 —A- . (.Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) – C:\Windows\SysNative\RP3DAA64.dll [304640]
O44 - LFC:[MD5.C0F643AE9CEF2C0BF802619B3DE87EAD] - 19/06/2011 - 16:11:43 —A- . (.Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) – C:\Windows\SysNative\RP3DHT64.dll [304640]
O44 - LFC:[MD5.62BA98158C52C17BC38E53DF4D167189] - 19/06/2011 - 16:11:43 —A- . (.Fortemedia Corporation - Fortemedia SAMSoft sAPO.) – C:\Windows\SysNative\FMAPO64.dll [327584]
O44 - LFC:[MD5.7F72869F65A83ED0AD176FA29B4CC91E] - 19/06/2011 - 16:11:43 —A- . (.Realtek Semiconductor Corp. - RTCOMDLL Module.) – C:\Windows\SysNative\RTCOM64.dll [1201184]
O44 - LFC:[MD5.8C055A4726E3C49386468C92F1EAFAED] - 19/06/2011 - 16:11:43 —A- . (.Realtek Semiconductor Corp. - Realtek APO API.) – C:\Windows\SysNative\RtkApi64.dll [469024]
O44 - LFC:[MD5.0B96208DC69BFC2817CDFD6CC634F8C2] - 19/06/2011 - 16:11:43 —A- . (.Realtek Semiconductor Corp. - Realtek HD Audio Coinstaller.) – C:\Windows\SysNative\RCoInst64.dll [66592]
O44 - LFC:[MD5.0A36A164424433B65ACD58D03FB279B9] - 19/06/2011 - 16:11:43 —A- . (.Realtek Semiconductor Corp. - Realtek® LFX/GFX DSP component.) – C:\Windows\SysNative\RtkAPO64.dll [1638944]
O44 - LFC:[MD5.943D302B443CC35F6DA4E611782E4482] - 19/06/2011 - 16:11:43 —A- . (.Realtek Semiconductor Corp. - RtkCfg.dll.) – C:\Windows\SysNative\RtkCfg64.dll [149536]
O44 - LFC:[MD5.974D8D8A0823CDFDE5D6C70B6C092939] - 19/06/2011 - 16:11:43 —A- . (.Waves Audio Ltd. - MaxxAudio APO.) – C:\Windows\SysNative\MaxxAudioAPO20.dll [325904]
O44 - LFC:[MD5.87B5AB256A5A068EDDA0F4B4FAC728CC] - 19/06/2011 - 16:11:43 —A- . (.Waves Audio Ltd. - Pas de description.) – C:\Windows\SysNative\MaxxAudioEQ.dll [2197264]
O44 - LFC:[MD5.146A3052AC655454B61C5BEB5496A5AA] - 19/06/2011 - 16:11:42 —A- . (.Andrea Electronics Corporation - Capture Noise Filters (64-bit).) – C:\Windows\SysNative\AERTAC64.dll [168864]
O44 - LFC:[MD5.973ADB6AD47AC047F900C0D760AB6BE2] - 19/06/2011 - 16:11:42 —A- . (.Andrea Electronics Corporation - Render Noise Filters (64-bit).) – C:\Windows\SysNative\AERTAR64.dll [108960]
O44 - LFC:[MD5.C0E078A1C4ADA282131D141EA5154510] - 19/06/2011 - 16:11:41 —A- . (.Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) – C:\Windows\RtlExUpd.dll [838176]
O44 - LFC:[MD5.49A88E6CD77939F5F7D443628A18A317] - 19/06/2011 - 15:53:46 —A- . (.Realtek Semiconductor Corporation - RTNUninst.) – C:\Windows\SysNative\RTNUninst64.dll [107552]
O44 - LFC:[MD5.1FEEAAC60C072A899D8DA8DCD0713FD3] - 19/06/2011 - 15:29:03 RSHA- . (…) – C:\BOOTSECT.BAK [8192]
O44 - LFC:[MD5.78E0D5CB22B666AFF9CFE19FE8FC1D43] - 19/06/2011 - 15:16:27 —A- . (.Ralink Technology, Inc. - Ralink CoInstaller Dynamic Link Library.) – C:\Windows\SysNative\RaCoInstx.dll [305152]
O44 - LFC:[MD5.4473EDCA3345EB34E8857FF4A8F372CC] - 19/06/2011 - 14:34:18 —A- . (…) – C:\Windows\SysNative\license.rtf [57694]
O44 - LFC:[MD5.4473EDCA3345EB34E8857FF4A8F372CC] - 19/06/2011 - 14:34:18 —A- . (…) – C:\Windows\System32\license.rtf [57694]
O44 - LFC:[MD5.2E5CF05A569947D5B851DBBDFC88F1A2] - 19/06/2011 - 14:33:33 —A- . (…) – C:\Windows\DtcInstall.log [1774]
O44 - LFC:[MD5.EE0DD3609AFE69A9F318F38AC941E39F] - 19/06/2011 - 14:33:27 —A- . (…) – C:\Windows\TSSysprep.log [1313]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 19/06/2011 - 14:32:29 —A- . (…) – C:\Windows\ativpsrm.bin [0]
O44 - LFC:[MD5.8B138ED363128BFF2C2E1E7FEA9793B4] - 12/08/2010 - 09:00:00 —A- . (…) – C:\Windows\avisplitter.ini [38]
O44 - LFC:[MD5.E932C9B9591F3845D7794A657874645D] - 15/09/2009 - 11:35:56 —A- . (…) – C:\Windows\SysNative\RaCoInst.dat [13931]
O44 - LFC:[MD5.E932C9B9591F3845D7794A657874645D] - 15/09/2009 - 11:35:56 —A- . (…) – C:\Windows\System32\RaCoInst.dat [13931]
O44 - LFC:[MD5.901E0199FCDCF1893C5137D73857DCC2] - 27/07/2009 - 07:38:56 —A- . (…) – C:\Windows\SysNative\AP6RMFP.BIN [238]
O44 - LFC:[MD5.301711504570B99CC1FF14B943BB8EA3] - 27/07/2009 - 07:38:56 —A- . (…) – C:\Windows\SysNative\AP6RMHR.BIN [126]
O44 - LFC:[MD5.4ADBB6357B856C1E86D5F3629C4CC95D] - 27/07/2009 - 07:38:56 —A- . (…) – C:\Windows\SysNative\AP6RMHV.BIN [350]
O44 - LFC:[MD5.5BA6A54C9E983B6E7889FD7DD1EDD66E] - 27/07/2009 - 07:38:56 —A- . (…) – C:\Windows\SysNative\AP6RMJH.BIN [252]
O44 - LFC:[MD5.5BA6A54C9E983B6E7889FD7DD1EDD66E] - 27/07/2009 - 07:38:56 —A- . (…) – C:\Windows\SysNative\AP6RMJX.BIN [252]
O44 - LFC:[MD5.D371FF80A8576082675905B20A1FF76A] - 27/07/2009 - 07:38:56 —A- . (…) – C:\Windows\SysNative\AP6RMKS.BIN [189]
O44 - LFC:[MD5.D6AE2D5521DD93AEBC90D411D099FA36] - 14/07/2009 - 02:38:58 RSHA- . (…) – C:\bootmgr [383562]
O44 - LFC:[MD5.7C836BC5143D28C3151AE623FF0622A6] - 04/12/2008 - 10:59:04 —A- . (…) – C:\Windows\SysNative\APOMgr64.DLL [188416]
O44 - LFC:[MD5.1A71A35D6ABFEFB940C61CDBB8C3B234] - 17/09/2008 - 13:07:44 —A- . (…) – C:\Windows\SysNative\CmdRtr64.DLL [88064]

—\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM…\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) – C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) – C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Minimal\vgasave.sys . (…) – C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM…\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) – C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) – C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) – C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) – C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) – C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) – C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) – C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\vgasave.sys . (…) – C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) – C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) – C:\Windows\System32\Drivers\volmgrx.sys

—\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32"msacm.l3acm"=“C:\Windows\System32\l3codeca.acm” . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) – C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc"C:\Windows\System32\l3codeca.acm"=“Fraunhofer IIS MPEG Layer-3 Codec” . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) – C:\Windows\System32\l3codeca.acm

—\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM…\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) – C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM…\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) – C:\Windows\system32\credssp.dll

—\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM…\Policies\System] - “ConsentPromptBehaviorAdmin”=2
O55 - MWPS:[HKLM…\Policies\System] - “ConsentPromptBehaviorUser”=3
O55 - MWPS:[HKLM…\Policies\System] - “EnableInstallerDetection”=1
O55 - MWPS:[HKLM…\Policies\System] - “EnableLUA”=1
O55 - MWPS:[HKLM…\Policies\System] - “EnableSecureUIAPaths”=1
O55 - MWPS:[HKLM…\Policies\System] - “EnableUIADesktopToggle”=0
O55 - MWPS:[HKLM…\Policies\System] - “EnableVirtualization”=1
O55 - MWPS:[HKLM…\Policies\System] - “PromptOnSecureDesktop”=1
O55 - MWPS:[HKLM…\Policies\System] - “ValidateAdminCodeSignatures”=0
O55 - MWPS:[HKLM…\Policies\System] - “dontdisplaylastusername”=0
O55 - MWPS:[HKLM…\Policies\System] - “legalnoticecaption”=
O55 - MWPS:[HKLM…\Policies\System] - “legalnoticetext”=
O55 - MWPS:[HKLM…\Policies\System] - “scforceoption”=0
O55 - MWPS:[HKLM…\Policies\System] - “shutdownwithoutlogon”=1
O55 - MWPS:[HKLM…\Policies\System] - “undockwithoutlogon”=1
O55 - MWPS:[HKLM…\Policies\System] - “FilterAdministratorToken”=0

—\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM…\policies\Explorer] - “NoActiveDesktop”=1
O56 - MWPE:[HKLM…\policies\Explorer] - “NoActiveDesktopChanges”=1
O56 - MWPE:[HKLM…\policies\Explorer] - “ForceActiveDesktopOn”=0

—\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.6D7F09CD92A9FEF3A8EFCE66231FDD79] - 30/06/2011 - 06:51:10 —A- . (.Adobe Systems, Inc. - Adobe Drive File System Driver.) – C:\Windows\system32\drivers\adfs.sys [88632]
O58 - SDL:[MD5.0B0000002700000000EF18006C524000] - 10/06/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) – C:\Windows\system32\drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.0B0000002700000000EF18006C524000] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) – C:\Windows\system32\drivers\adpahci.sys [339536]
O58 - SDL:[MD5.0B0000002700000000EF18006C524000] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) – C:\Windows\system32\drivers\adpu320.sys [182864]
O58 - SDL:[MD5.0A0000002600000000EF18006C524000] - 14/07/2009 - 02:52:21 RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) – C:\Windows\system32\drivers\aliide.sys [15440]
O58 - SDL:[MD5.0B0000002700000000EF18006C524000] - 10/06/2009 - 02:52:21 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) – C:\Windows\system32\drivers\amdsata.sys [106576]
O58 - SDL:[MD5.0B0000002600000000EF18006C524000] - 10/06/2009 - 02:52:20 RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) – C:\Windows\system32\drivers\amdsbs.sys [194128]
O58 - SDL:[MD5.0A0000002700000000EF18006C524000] - 13/07/2009 - 02:52:21 RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) – C:\Windows\system32\drivers\amdxata.sys [28752]
O58 - SDL:[MD5.0A0000002300000000EF18006C524000] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) – C:\Windows\system32\drivers\arc.sys [87632]
O58 - SDL:[MD5.0A0000002600000000EF18006C524000] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) – C:\Windows\system32\drivers\arcsas.sys [97856]
O58 - SDL:[MD5.0B0000002800000000EF18006C524000] - 19/06/2011 - 19:46:44 RSHAD . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) – C:\Windows\system32\drivers\AtihdW76.sys [114704]
O58 - SDL:[MD5.0C0000002800000000EF18006C524000] - 19/06/2011 - 03:44:48 RSHAD . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) – C:\Windows\system32\drivers\atikmdag.sys [9319936]
O58 - SDL:[MD5.0B0000002800000000EF18006C524000] - 19/06/2011 - 02:22:32 RSHAD . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) – C:\Windows\system32\drivers\atikmpag.sys [306176]
O58 - SDL:[MD5.0B0000002F0000004156455241467E31] - 19/06/2011 - 11:39:10 RSHAD . (.AVerMedia TECHNOLOGIES, Inc. - AVerAF15DMBTH Driver.) – C:\Windows\system32\drivers\AVerAF15DMBTH64.sys [611840]
O58 - SDL:[MD5.0B0000002800000000EF18[/spoiler]

C’est quoi un backdoor? :confused:

L’heure est grave, il y a quelque minute je voulais voir mon facebook mais bizarrement mon compte été verrouiller et j’ai du remettre un mot de passe. Vous comprenez pourquoi je veut pas être clément ou encore employé la discution :non:
Du coup je vais installer un keylogger sur mon pc et rendre les pièces de la monaie:diable:

Plus personne?

le rapport ZHP est incomplet ,

puisque tu as Kaspersky , il doit bien classer un keylooger dans les applications avec restrictions élevées
et te demander ton autorisation pour le débloquer ; donc tu l aurais vu !!

et comme maintenant ç est toi qui dis :
< vais installer un keylogger sur mon pc et rendre les pièces de la monaie >

ç est bien que ç est toi qui a surtout envie d espionner le compte de ta copine !!

par contre , si tu trouves des anomalies sur ton pc , avec le p2p , il faut pas y trouver drole !

Je suis aller loin en disan que je vais faire pareil, mais je pense pas installé vraiment un keylogger!

Ceux qui est bizare c’est que il y a deux jours j’ai fait exprès de désactiver sont compte et la j’ai pu voir clairement qu’elle a utilisé un compte administrateur pour ce connecté. Je pense donc qu’elle utilise la technique de youtube qui ma l’aire très efficace. :confused: