Sujet Précédent Sujet Suivant

Virus embêtant!!

Fermé
fmounet007007 Messages postés 23 Date d'inscription mardi 4 octobre 2011 Statut Membre Dernière intervention 7 octobre 2011 - 4 oct. 2011 à 17:59
 kristof78400 - 10 oct. 2011 à 13:20
Bonjour,

J'ai installé un anti-virus gratuit qui m'a été conseillé: Microsoft security Essentials.
Cet anti-virus me dit que mon ordinateur est en danger à chaque fois que j'allume l'ordi.
Il essaie alors de supprimer le virus, qui s'appelle "trojan:win32/Eyestye.C!cfg.
Mais à chaque fois, c'est la meme chose, il revient, et Microsoft security Essentials le supprime de nouveau.... enfin il ne le supprime pas vraiment apparemment...
Que puis-je faire pour supprimer ce virus de mon ordi?
Merci d'avance!!



32 réponses

  • 1
  • 2
Réponse 1 / 32
loumax91 Messages postés 3182 Date d'inscription mardi 14 juin 2011 Statut Contributeur sécurité Dernière intervention 14 avril 2019 478
4 oct. 2011 à 18:52
Bonjour

Utilise ce logiciel de désinfection généraliste :

* Télécharge et installe Malwarebytes' Anti-Malware
* A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
* Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
* Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
* Sélectionne tes disques durs" puis clique sur "Lancer l'examen"
* A la fin de l'analyse, clique sur Afficher les résultats
* Coche tous les éléments détectés puis clique sur Supprimer la sélection
* Enregistre le rapport
* S'il t'est demandé de redémarrer l'ordinateur, clique sur Yes
* Poste dans ta prochaine réponse le rapport apparaissant après la suppression


Ensuite :
Peux-tu utiliser ce logiciel de diagnostic, ça me permettra de t'aider :

* Télécharge ZHPDiag (de Nicolas Coolman)
* Lance le (si tu es sous Windows Vista ou Windows 7, fais le par un clic-droit --> Exécuter en temps qu'administrateur)
* Laisse toi guider lors de l'installation (pense à cocher la case pour créer un raccourci sur le Bureau)
* Il se lancera automatiquement à la fin de l'installation
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Rends toi sur ce site, clique sur "Parcourir", sélectionne le rapport de ZHPDiag et clique sur Envoyer le fichier. Patiente pendant l'envoi du fichier, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
0
Réponse 2 / 32
fmounet007007 Messages postés 23 Date d'inscription mardi 4 octobre 2011 Statut Membre Dernière intervention 7 octobre 2011
5 oct. 2011 à 13:35
ok je fais ça merci!
0
Réponse 3 / 32
fmounet007007 Messages postés 23 Date d'inscription mardi 4 octobre 2011 Statut Membre Dernière intervention 7 octobre 2011
5 oct. 2011 à 17:06
voici la copie du rapport après l'analyse. J'ai fait une analyse rapide... après deux essais d'analyse complète... mais malwarebytes bloquait à chaque fois...

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Version de la base de données: 7876

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19120

5/10/2011 17:04:10
mbam-log-2011-10-05 (17-04-10).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 171159
Temps écoulé: 14 minute(s), 58 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 9
Fichier(s) infecté(s): 13

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\QuestBrowse (Adware.QuestBrowse) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport2 (Adware.Hotbar) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT\exefile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: () Good: ("%1" %*) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
c:\program files\shoppingreport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\shoppingreport2\Bin (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\shoppingreport2\Bin\2.7.32 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0} (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0}\chrome (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0}\defaults (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0}\defaults\preferences (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\$recycle$ (Trojan.Spyeyes) -> Quarantined and deleted successfully.
c:\servi3e.bin (Trojan.SpyEyes) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\Users\FV\AppData\Local\Temp\jar_cache7048015542930257959.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\FV\AppData\Local\Temp\0.06143102847192994.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\FV\AppData\Local\Temp\WSBandoo.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\FV\AppData\Local\Temp\wsget.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\FV\AppData\Local\Temp\ppddfcfux.exxe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\FV\AppData\Local\Temp\w32rim_mem.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\FV\AppData\Local\Temp\wrfwe_di.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\FV\AppData\Local\Temp\dffuck.exe (Malware.Trace) -> Quarantined and deleted successfully.
c:\program files\shoppingreport2\Uninst.exe (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0}\chrome.manifest (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0}\install.rdf (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0}\chrome\questbrowse.jar (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0}\defaults\preferences\prefs.js (Adware.QuestBrowse) -> Quarantined and deleted successfully.
0
Réponse 4 / 32
fmounet007007 Messages postés 23 Date d'inscription mardi 4 octobre 2011 Statut Membre Dernière intervention 7 octobre 2011
5 oct. 2011 à 17:34
voici l'adresse du lien pour ZHPDIag:

https://pjjoint.malekal.com/files.php?id=ZHPDiag_f14e14u8y10g14n5z10h7j9d9s11l15k8v14p12r10w10h8z5k13
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 32
loumax91 Messages postés 3182 Date d'inscription mardi 14 juin 2011 Statut Contributeur sécurité Dernière intervention 14 avril 2019 478
5 oct. 2011 à 18:15
Bonjour,


Nous allons essayer de régler ton problème ensemble. D'abord, quelques rappels :

- N'ouvre pas d'autres sujets pour le même problème (que ce soit sur ce forum ou sur un autre)
- N'hésite pas à poser des questions en cas de besoin ;)
- Sois patient(e) quand tu postes un message, je ne réponds pas instantanément : je suis bénévole et je ne suis pas en permanence devant mon ordinateur. Mais rassure toi, je ne laisse jamais tomber personne ;)
- La désinfection (si nécessaire) va se dérouler en plusieurs étapes. Même si les symptômes de l'infection disparaissent, la désinfection ne sera terminée que quand je te le confirmerai --> Merci de revenir jusqu'au bout, sinon ce qu'on a fait n'aura servi à rien.



Téléchargez AdwCleaner ( d'Xplode ) sur votre bureau.
http://general-changelog-team.fr/telechargements/logiciels/viewdownload/75-outils-de-xplode/28-adwcleaner
Lancez le, cliquez sur [Suppression] puis patientez le temps du scan.
Une fois le scan fini, un rapport s'ouvrira.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt


A suivre :
utilise cet outil de désinfection spécifique aux logiciels publicitaires :

* Télécharge AD-Remover (de C_XX) sur ton Bureau.
/!\ Déconnecte toi et ferme toutes les applications en cours /!\
* Double-clique sur l'icône AD-Remover
* Au menu principal, clique sur "Nettoyer"
* Confirme le lancement de l'analyse et laisse l'outil travailler
* Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report.log )

*******************
*Poste ces deux rapports ici et refais une analyse ZHPDiag stp.
0
Réponse 6 / 32
fmounet007007 Messages postés 23 Date d'inscription mardi 4 octobre 2011 Statut Membre Dernière intervention 7 octobre 2011
5 oct. 2011 à 18:38
voici le rapport d'AdwCleaner.
Voici le 3ème truc "anti-virus" que j'installe sur mon pc. Et, suivant vos conseils, je vais installer un 4ème! Pourrez-vous m'indiquer à la fin de la procédure ceux que je pourrai désinstaller de mon pc. Encore merci pr tout!

le rapport:

# AdwCleaner v1.309 - Rapport créé le 05/10/2011 à 18:34:07
# Mis à jour le 29/09/11 à 20h par Xplode
# Système d'exploitation : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Nom d'utilisateur : FV - PC-DE-FV (Administrateur)
# Exécuté depuis : C:\Users\FV\Downloads\adwcleaner0.exe
# Option [Suppression]


***** [KillNav] *****

# firefox.exe [PID:2844] -> Tué

***** [Processus] *****


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\ProgramData\Babylon
Dossier Supprimé : C:\Users\FV\AppData\Roaming\Babylon
Dossier Supprimé : C:\Users\FV\AppData\Local\Babylon
Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml

***** [Registre] *****

Clé Supprimée : HKCU\Software\DataMngr
Clé Supprimée : HKCU\Software\AppDataLow\Software\searchqutb
Clé Supprimée : HKCU\Software\AppDataLow\Software\ShoppingReport2
Clé Supprimée : HKLM\SOFTWARE\Babylon
Clé Supprimée : HKLM\SOFTWARE\bandoo
Clé Supprimée : HKLM\SOFTWARE\DataMngr
Clé Supprimée : HKLM\SOFTWARE\SearchquMediabarTb
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{7FF99715-3016-4381-84CE-E4E4C9673020}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FF99715-3016-4381-84CE-E4E4C9673020}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7FF99715-3016-4381-84CE-E4E4C9673020}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FF99715-3016-4381-84CE-E4E4C9673020}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]

***** [Navigateurs] *****

-\\ Internet Explorer v8.0.6001.19120

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v7.0.1 (fr)

Profil : 7ezrw9ux.default
Fichier : C:\Users\FV\AppData\Roaming\Mozilla\Firefox\Profiles\7ezrw9ux.default\prefs.js

Supprimée : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Supprimée : user_pref("browser.startup.homepage", "hxxp://www.searchqu.com/402");
Supprimée : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");

-\\ Google Chrome v [Impossible d'obtenir la version]

Fichier : C:\Users\FV\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[S1].txt - [4772 octets] - [05/10/2011 18:34:07]

*************************

Dossier Temporaire : 127 dossier(s) et 3499 fichier(s) supprimé(s)

########## EOF - C:\AdwCleaner[S1].txt - [4999 octets] ##########
0
Réponse 7 / 32
fmounet007007 Messages postés 23 Date d'inscription mardi 4 octobre 2011 Statut Membre Dernière intervention 7 octobre 2011
5 oct. 2011 à 18:56
Malgré 2 essais d'installation, impossible de démarrer"AD-Remover ".
LOrsque je double-clique sur l'icône du bureau, une fenêtre m'indique ceci: ERROR: NOT_ADMINISTRATOR

que faire maintenant? ùmerci encore
0
loumax91 Messages postés 3182 Date d'inscription mardi 14 juin 2011 Statut Contributeur sécurité Dernière intervention 14 avril 2019 478
5 oct. 2011 à 19:05
Essaies clique droit sur l'icône Ad-R => exécuter en tant qu'administrateur
0
Réponse 8 / 32
fmounet007007 Messages postés 23 Date d'inscription mardi 4 octobre 2011 Statut Membre Dernière intervention 7 octobre 2011
5 oct. 2011 à 19:30
Ok ça fonctionne. Voici le rapport de AD-Remover:

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 19:20:46 le 05/10/2011, Mode normal

Microsoft® Windows Vista(TM) Édition Familiale Basique Service Pack 2 (X86)
FV@PC-DE-FV (eMachines, inc. eMG620)

============== ACTION(S) ==============


Dossier supprimé: C:\Program Files\Windows Searchqu Toolbar
Dossier supprimé: C:\Users\FV\AppData\LocalLow\SearchquTB
Dossier supprimé: C:\Users\FV\AppData\LocalLow\ShoppingReport2
Dossier supprimé: C:\ProgramData\Trymedia

(!) -- Fichiers temporaires supprimés.


Clé supprimée: HKLM\Software\Classes\Toolbar.CT2542115
Clé supprimée: HKLM\Software\Trymedia Systems
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7402}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7402}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\QuestBrowse
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Searchqu MediaBar
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ShoppingReport2
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu MediaBar

Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{7FF99715-3016-4381-84CE-E4E4C9673020}


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [7.0.1 (fr)] ****

HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\@zylom.com/ZylomGamesPlayer (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)

-- C:\Users\FV\AppData\Roaming\Mozilla\FireFox\Profiles\7ezrw9ux.default --
Prefs.js - browser.download.lastDir, C:\\Users\\FV\\Pictures
Prefs.js - browser.search.defaultenginename, Search the web (Babylon)
Prefs.js - browser.search.selectedEngine, Web Search
Prefs.js - browser.startup.homepage_override.buildID, 20110928134238
Prefs.js - browser.startup.homepage_override.mstone, rv:7.0.1

========================================

**** Internet Explorer Version [8.0.6001.19120] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} - "Google Desktop" (hxxp://127.0.0.1:4664/search&s=fxPRSHX5qlkQ42inPfzse4SjObs?q={searchTerms})
HKLM_ElevationPolicy\{442E3CEB-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar1user.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)
HKLM_ElevationPolicy\{c6f2e56b-c2a2-43E8-abae-2bdb1e9fafd8} - c:\Program Files\Common Files\Symantec Shared\Support Controls\sshelper.exe (Symantec, Inc.)
BHO\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - "?" (c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll)
BHO\{7FF99715-3016-4381-84CE-E4E4C9673020} (?)

========================================

C:\Program Files\Ad-Remover\Quarantine: 497 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 13 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 05/10/2011 19:20:54 (4368 Octet(s))

Fin à: 19:22:56, 05/10/2011

============== E.O.F ==============
0
loumax91 Messages postés 3182 Date d'inscription mardi 14 juin 2011 Statut Contributeur sécurité Dernière intervention 14 avril 2019 478
5 oct. 2011 à 19:41
Les outils on bien travaillés, comment se comporte le PC ?
Ne t'inquiète pas, nous supprimerons tous les outils le moment venu.
J'attends ton lien pour le rapport ZHPDiag, suis la même procédure décrite dans mon premier message.
0
Réponse 9 / 32
fmounet007007 Messages postés 23 Date d'inscription mardi 4 octobre 2011 Statut Membre Dernière intervention 7 octobre 2011
5 oct. 2011 à 19:37
J'ai fait une nouvelle analyse avec ZHPDiag, dont voici le rapport ( il est super long)

Rapport de ZHPDiag v1.28.1367 par Nicolas Coolman, Update du 05/10/2011
Run by FV at 5/10/2011 19:30:55
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
State : Version à jour.


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.19120
MFIE: Mozilla Firefox 7.0.1 v7.0.1 (Defaut)
GCIE: Google Chrome v14.0.835.202

---\\ Windows Product Information
Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : P92J4
Windows License : OK
Windows Automatic Updates : OK

---\\ System Information
~ Processor: x86 Family 17 Model 3 Stepping 1, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1789 MB (49% free)
System Restore: Activé (Enable)
System drive C: has 12 GB (17%) free of 70 GB

---\\ Logged in mode
~ Computer Name: PC-DE-FV
~ User Name: FV
~ All Users Names: FV, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\FV\AppData\Roaming\
~ %Desktop% : C:\Users\FV\Desktop\
~ %Favorites% : C:\Users\FV\Favorites\
~ %LocalAppData% : C:\Users\FV\AppData\Local\
~ %StartMenu% : C:\Users\FV\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 12 Go of 70 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 41 Go of 70 Go)
E:\ CD-ROM drive (Free 0 Go of 0 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.17/01/2010 - 7:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.4B555106290BD117334E9A08761C035A] - (....) (.2/11/2006 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 3:33:13.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.8419DAE7205374F2CAA4C9CDBD0999E6] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.10/08/2011 - 12:04:29.) -- C:\Windows\system32\wininet.dll [916480]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.17/01/2010 - 7:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]
[MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.21/01/2008 - 8:20:47.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.16/06/2011 - 14:58:27.) -- C:\Windows\system32\drivers\AFD.sys [273408] 1916
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.17/01/2010 - 7:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944] 1836
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 3:33:23.) -- C:\Windows\system32\drivers\Cdfs.sys [70144] 1844
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.17/01/2010 - 5:39:17.) -- C:\Windows\system32\drivers\Cdrom.sys [67072] 1812
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/06/2011 - 15:59:03.) -- C:\Windows\system32\drivers\DfsC.sys [75264] 1884
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.17/01/2010 - 5:42:42.) -- C:\Windows\system32\drivers\HDAudBus.sys [561152] 1916
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 3:32:45.) -- C:\Windows\system32\drivers\i8042prt.sys [54784] 1900
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 3:34:06.) -- C:\Windows\system32\drivers\IpNat.sys [100864] 1868
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.16/06/2011 - 14:24:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [106496] 1852
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.17/01/2010 - 5:45:37.) -- C:\Windows\system32\drivers\netBT.sys [185856] 1820
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.17/01/2010 - 7:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880] 1916
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.2/11/2006 - 9:51:30.) -- C:\Windows\system32\drivers\Parport.sys [79360] 1900
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 3:34:44.) -- C:\Windows\system32\drivers\Rasl2tp.sys [76288] 1916
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 3:32:22.) -- C:\Windows\system32\drivers\rdpdr.sys [248832] 1868
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.17/01/2010 - 5:45:56.) -- C:\Windows\system32\drivers\tdx.sys [72192] 1812
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/1284
~ Mes musiques (My Musics) : 1/3
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 2/42
~ Mes Documents (My Documents) : 20/1007
~ Mon Bureau (My Desktop) : 1/10
~ Menu demarrer (Programs) : 7/27
~ Scan Hidden Files in 00mn 03s



---\\ Processus lancés
[MD5.19D93154C82FE39A99B269CED1056A92] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1033512] [PID.2472]
[MD5.C459786D07FEAD5717DD1AC287BB2519] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6265376] [PID.2484]
[MD5.6882D187F65ECA79110848A68FDEB2BF] - (.Pas de propriétaire - NTI Backup Now 5 Tray Module.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [34040] [PID.2576]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- C:\Windows\System32\rundll32.exe [44544] [PID.]
[MD5.2F237AAB91497AAA03AF48EAE68758FC] - (.Symantec Corporation - Symantec Service Framework.) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149352] [PID.]
[MD5.17ED0AE8DDEF1ABF12C106BBC245DC76] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files\Launch Manager\QtZyEmachine.EXE [817672] [PID.2776]
[MD5.9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F] - (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192] [PID.2732]
[MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552] [PID.3032]
[MD5.E616A6A6E91B0A86F2F6217CDE835FFE] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856] [PID.]
[MD5.20DF7B435393DAA9CD095B01A755F644] - (.MediaGet LLC - MediaGet torrent client.) -- C:\Users\FV\AppData\Local\MediaGet2\mediaget.exe [8348672] [PID.3128]
[MD5.892699A6AEB910C58B726BD70BEA4F4B] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [95528] [PID.1516]
[MD5.4E5585800B561FBEF64B27425365A36F] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632] [PID.1620]
[MD5.83F4BA8B8CDA4F063AA2002955A508A9] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [PID.4848]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53472] [PID.5048]
[MD5.7B2E3899314974CC40D93A6CD7C855C8] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [2134016] [PID.6020]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.6084]
[MD5.6A4BB2DDFA34BC3C4D20478B1F0E335C] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 176.3.) -- C:\Windows\system32\nvvsvc.exe [196608] [PID.]
[MD5.CFCE43B70CA0CC4DCC8ADB62B792B173] - (.Microsoft Corporation - Antimalware Service Executable.) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736] [PID.]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.]
[MD5.23C3A0680042C0D1DE1F360F8B62BC57] - (.Microsoft Corporation - Infrastructure d'extensibilité pour les ser.) -- C:\Windows\system32\WLANExt.exe [74240] [PID.]
[MD5.09E6AFFAE6C0E9158BF05C7D08D0107A] - (.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [16384] [PID.]
[MD5.4D06D9A26227AC485305133916888DF1] - (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe [24576] [PID.]
[MD5.213822072085B5BBAD9AF30AB577D817] - (.InterVideo - RegMgr Module.) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [112152] [PID.]
[MD5.793FF718477345CD5D232C50BED1E452] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440] [PID.]
[MD5.CB76F68BA0D57C5D25B538981B1C611C] - (.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [50424] [PID.]
[MD5.DF1C10A75DF7E50195FC417F88A33227] - (...) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072] [PID.]
[MD5.AE9560C298D847AEF346BDD5FAD3B0E3] - (.Symantec Corporation - Automatic LiveUpdate Scheduler Service.) -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [238968] [PID.]
[MD5.A5CB074F34BBD89948E34A630D459C0C] - (.Microsoft Corporation - Microsoft Network Inspection System.) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [208944] [PID.]
[MD5.E44C7D6F8D665DA2D9385E5E15EDEEF7] - (.Microsoft Corporation - Interface utilisateur de consentement pour.) -- C:\Windows\system32\consent.exe [81920] [PID.]
~ Scan Processes Running in 00mn 02s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\FV\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\FV\AppData\Roaming\Mozilla\Firefox\Profiles\7ezrw9ux.default\prefs.js
C:\Users\FV\AppData\Roaming\Mozilla\Firefox\Profiles\7ezrw9ux.default\user.js (.not file.)
M3 - MFPP: Plugins - [FV] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [FV] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [FV] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [FV] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [FV] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [FV] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [FV] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M2 - MFEP: prefs.js [FV - 7ezrw9ux.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Zylom - Zylom Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\npzylomgamesplayer.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_23 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@zylom.com/ZylomGamesPlayer] - (.Zylom - Zylom Plugin.) -- C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
~ Scan Firefox Browser in 00mn 01s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKUS\S-1-5-21-1424949869-300242620-2581555811-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} Clé orpheline
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Symantec Corporation - coIEPlugIn.) -- c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
~ Scan Toolbar in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [ccApp] . (.Symantec Corporation - Symantec User Session.) -- c:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [osCheck] . (.Symantec Corporation - Norton 360 Vista Migration Tool.) -- c:\Program Files\Norton 360\osCheck.exe
O4 - HKLM\..\Run: [BkupTray] . (.Pas de propriétaire - NTI Backup Now 5 Tray Module.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll
O4 - HKLM\..\Run: [WarReg_PopUp] . (.eMachines - WR_PopUp.) -- C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\PROGRA~1\LAUNCH~1\QtZyEmachine.exe
O4 - HKLM\..\Run: [eRecoveryService] Clé orpheline
O4 - HKLM\..\Run: [Google Desktop Search] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - HKLM\..\Run: [SymLnch] C:\Program Files\Common Files\Symantec Shared\SymSetup\{2D617065-1C52-4240-B5BC-C0AE12157777}_2_0_0_242\Support\SymLnch\SymLnch.exe (.not file.)
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - Chargeur CTF.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MediaGet2] . (.MediaGet LLC - MediaGet torrent client.) -- C:\Users\FV\AppData\Local\MediaGet2\mediaget.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-1424949869-300242620-2581555811-1000\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-1424949869-300242620-2581555811-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-1424949869-300242620-2581555811-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-21-1424949869-300242620-2581555811-1000\..\Run: [ctfmon.exe] . (.Microsoft Corporation - Chargeur CTF.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1424949869-300242620-2581555811-1000\..\Run: [MediaGet2] . (.MediaGet LLC - MediaGet torrent client.) -- C:\Users\FV\AppData\Local\MediaGet2\mediaget.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\FV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\FV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\FV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\FV\Desktop\Ad-Remover.lnk . (...) -- C:\Program Files\Ad-Remover\main.exe
O4 - Global Startup: C:\Users\FV\Desktop\Bookin - Raccourci.lnk . (...) -- C:\Users\FV\Downloads\Bookin.exe
O4 - Global Startup: C:\Users\FV\Desktop\EBP Business Plan 2007.lnk . (.European Business Products.) -- C:\Program Files\Business Plan\PNegocio.exe
O4 - Global Startup: C:\Users\FV\Desktop\Launch GameShadow.lnk . (.InstallShield Software Corp..) -- C:\Users\FV\AppData\Roaming\Microsoft\Installer\{5A2F371F-8B5D-46B4-833C-0612B065BEC7}\GameShadow.exe1_0A3DE514292C4EBA987823B82B0B2BA2.exe
O4 - Global Startup: C:\Users\FV\Desktop\Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
O4 - Global Startup: C:\Users\FV\Desktop\Module de sécurité.lnk . (...) -- C:\hb32.exe
O4 - Global Startup: C:\Users\FV\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files\PhotoFiltre\PhotoFiltre.exe
O4 - Global Startup: C:\Users\FV\Desktop\Sweet Home 3D.lnk . (.eTeks.) -- C:\Program Files\Sweet Home 3D\SweetHome3D.exe
O4 - Global Startup: C:\Users\FV\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\FV\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\FV\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\FV\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 13s



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll
~ Scan IE Menu Contextuel in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Scan Winsock in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Scan Objets ActiveX in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3AC2133A-2B21-4FED-AF14-CE9622EAAE99}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4D46F2E-1044-43A1-B8CC-80BFACB4F146}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{3AC2133A-2B21-4FED-AF14-CE9622EAAE99}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A4D46F2E-1044-43A1-B8CC-80BFACB4F146}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{3AC2133A-2B21-4FED-AF14-CE9622EAAE99}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{A4D46F2E-1044-43A1-B8CC-80BFACB4F146}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - c:\progra~1\wi9130~1\datamngr\datamngr.dll (.not file.)
~ Scan AppInit DLL in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ Scan SSODL in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) . (.Symantec Corporation - Automatic LiveUpdate Scheduler Service.) - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) . (.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) . (.Symantec Corporation - Symantec Service Framework.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) . (.Symantec Corporation - Symantec Service Framework.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) . (.Symantec Corporation - Symantec Service Framework.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Empowering Technology Service (ETService) . (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IviRegMgr (IviRegMgr) . (.InterVideo - RegMgr Module.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice (LiveUpdate Notice) . (.Symantec Corporation - Symantec Service Framework.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) . (.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) . (...) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 176.3.) - C:\Windows\system32\nvvsvc.exe
~ Scan Services in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe
~ Scan Desktop Component in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
~ Scan Scheduled Task in 00mn 05s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys
O41 - Driver: (IDSvix86) . (.Symantec Corporation - IDS Core Driver.) - C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20090811.002\IDSvix86.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys
O41 - Driver: (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\Windows\system32\DRIVERS\MpFilter.sys
O41 - Driver: (MpKsl6560e668) . (.Microsoft Corporation - KSLDriver.) - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3BBB11A0-8D90-4AE2-BD27-E37931FB285F}\MpKsl6560e668.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys
O41 - Driver: (SPBBCDrv) . (.Symantec Corporation - SPBBC Driver.) - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
O41 - Driver: (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\Drivers\SRTSPX.sys
O41 - Driver: (SymIM) . (.Symantec Corporation - NDIS 6.0 Filter Driver for Windows Vista.) - C:\Windows\system32\DRIVERS\SymIMv.sys
O41 - Driver: (SYMTDI) . (.Symantec Corporation - Network Dispatch Driver.) - C:\Windows\system32\Drivers\SYMTDI.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Scan Drivers in 00mn 01s



---\\ Logiciels installés (O42)
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {77DCDCE3-2DED-62F3-8154-05E745472D07}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {00203668-8170-44A0-BE44-B632FA4D780F}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA0000000001}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Agatha Christie Death on the Nile - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}
O42 - Logiciel: Age of Empires III - (.Microsoft Game Studios.) [HKLM] -- InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}
O42 - Logiciel: Alice Greenfingers - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}
O42 - Logiciel: Amazing Adventures The Lost Tomb - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113772953}
O42 - Logiciel: AppCore - (.Symantec Corporation.) [HKLM] -- {EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
O42 - Logiciel: Azada - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}
O42 - Logiciel: Backup - (.Symantec Corporation.) [HKLM] -- {24DF7221-644B-4C3A-A478-459502D40522}
O42 - Logiciel: Bejeweled 2 Deluxe - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110265407}
O42 - Logiciel: Bookworm Deluxe - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233}
O42 - Logiciel: Bricks of Egypt - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}
O42 - Logiciel: Build-a-lot - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113537610}
O42 - Logiciel: Cake Mania - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}
O42 - Logiciel: Canon SELPHY CP760 - (.Pas de propriétaire.) [HKLM] -- Canon SELPHY CP760
O42 - Logiciel: Chuzzle - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}
O42 - Logiciel: Codec Pack de ELISOFT v14.0 - (.Elisoft.) [HKLM] -- Codec Pack de ELISOFT v14.0
O42 - Logiciel: Company of Heroes - FAKEMSI - (.THQ Inc..) [HKLM] -- {25724802-CC14-4B90-9F3B-3D6955EE27B1}
O42 - Logiciel: Company of Heroes - FAKEMSI - (.THQ Inc..) [HKLM] -- {99A7722D-9ACB-43F3-A222-ABC7133F159E}
O42 - Logiciel: Diner Dash - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110305887}
O42 - Logiciel: Dream Day First Home - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}
O42 - Logiciel: EBP Business Plan 2007 - (.European Business Products.) [HKLM] -- EBP Business Plan_is1
O42 - Logiciel: Farm Frenzy - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11386547}
O42 - Logiciel: Galapago - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}
O42 - Logiciel: GameShadow - (.GameShadow Ltd.) [HKLM] -- {5A2F371F-8B5D-46B4-833C-0612B065BEC7}
O42 - Logiciel: GearDrvs - (.GEAR Software.) [HKLM] -- {CB84F0F2-927B-458D-9DC5-87832E3DC653}
O42 - Logiciel: GearDrvs - (.Symantec Corporation.) [HKLM] -- {206FD69B-F9FE-4164-81BD-D52552BC9C23}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {B3FED300-806C-11E0-A0D0-B8AC6F97B88E}
O42 - Logiciel: Home'Bank Light 3.3.3 - (.ING Belguim.) [HKLM] -- Home'Bank Light_is1
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: InterVideo WinDVD 8 - (.InterVideo Inc..) [HKLM] -- InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}
O42 - Logiciel: Java(TM) 6 Update 23 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216017FF}
O42 - Logiciel: Launch Manager - (.Pas de propriétaire.) [HKLM] -- LManager
O42 - Logiciel: Little Shop World Traveler - (.Denda Games.) [HKLM] -- Denda Games Little Shop World Traveler
O42 - Logiciel: LiveUpdate (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- PsuedoLiveUpdate
O42 - Logiciel: LiveUpdate (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- {E80F62FF-5D3C-4A19-8409-9721F2928206}
O42 - Logiciel: Luxor - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111265347}
O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Mahjong Escape Ancient China - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Antimalware - (.Microsoft Corporation.) [HKLM] -- {05BFB060-4F22-4710-B0A2-2801A1B606C5}
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {50779A29-834E-4E36-BBEB-B7CABC67A825}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox 7.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 7.0.1 (x86 fr)
O42 - Logiciel: MySQL Connector/ODBC 3.51 - (.MySQL AB.) [HKLM] -- {0CB3C535-1171-4A20-B549-E2CB5DEB9723}
O42 - Logiciel: Mystery Case Files - Huntsville - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}
O42 - Logiciel: Mystery Solitaire - Secret Island - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}
O42 - Logiciel: NTI Backup Now 5 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}
O42 - Logiciel: NTI Media Maker 8 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}
O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: Norton 360 (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- SymSetup.{2D617065-1C52-4240-B5BC-C0AE12157777}
O42 - Logiciel: Norton 360 - (.Symantec Corporation.) [HKLM] -- {21829177-4DED-4209-AD08-490B3AC9C01A}
O42 - Logiciel: Norton 360 - (.Symantec Corporation.) [HKLM] -- {2D617065-1C52-4240-B5BC-C0AE12157777}
O42 - Logiciel: Norton 360 HTMLHelp - (.Symantec Corporation.) [HKLM] -- {0BDD3FAD-61CD-4BF3-B9C4-4CEFD43F53F8}
O42 - Logiciel: Norton Confidential Core - (.Symantec Corporation.) [HKLM] -- {55A6283C-638A-4EE0-B491-51118554BDA2}
O42 - Logiciel: OGA Notifier 2.0.0048.0 - (.Microsoft Corporation.) [HKLM] -- {B2544A03-10D0-4E5E-BA69-0362FFC20D18}
O42 - Logiciel: Pando Media Booster - (.Pando Networks Inc..) [HKLM] -- {980A182F-E0A2-4A40-94C1-AE0C1235902E}
O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre
O42 - Logiciel: Quick Zip 4.60.019 - (.Joseph Leung.) [HKLM] -- Quick Zip_is1
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: SPBBC 32bit - (.Symantec Corporation.) [HKLM] -- {77772678-817F-4401-9301-ED1D01A8DA56}
O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553074) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5729F1AE-5895-468F-9165-BAD161C9E982}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553089) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553090) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{643C12A2-AF9A-4712-B8BE-3B7650AFE00A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2584063) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E
0
Réponse 10 / 32
fmounet007007 Messages postés 23 Date d'inscription mardi 4 octobre 2011 Statut Membre Dernière intervention 7 octobre 2011
5 oct. 2011 à 19:40
il est tellement long que je ne sais pas le mettre dans un seul message!!!
0
loumax91 Messages postés 3182 Date d'inscription mardi 14 juin 2011 Statut Contributeur sécurité Dernière intervention 14 avril 2019 478
5 oct. 2011 à 19:42
Trop long, poste le ici :
http://pjjoint.malekal.com/
0
Réponse 11 / 32
fmounet007007 Messages postés 23 Date d'inscription mardi 4 octobre 2011 Statut Membre Dernière intervention 7 octobre 2011
5 oct. 2011 à 19:43
voici la suite:

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553074) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5729F1AE-5895-468F-9165-BAD161C9E982}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553089) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553090) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{643C12A2-AF9A-4712-B8BE-3B7650AFE00A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2584063) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2553073) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{65EA4836-B5A3-4C1D-8883-0C35E471003A}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5D930261-AA5B-48D1-931F-425C9D767490}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870
O42 - Logiciel: Sunset Studios - Love on the High Seas - (.Denda Games.) [HKLM] -- Denda Games Sunset Studios - Love on the High Seas
O42 - Logiciel: Sweet Home 3D version 2.4 - (.eTeks.) [HKLM] -- Sweet Home 3D_is1
O42 - Logiciel: Symantec Real Time Storage Protection Component - (.Symantec Corporation.) [HKLM] -- {D6E6FA4A-5445-4850-8365-CF216C1CBB7A}
O42 - Logiciel: Symantec Technical Support Controls - (.Symantec Corporation.) [HKLM] -- {45690715-80A6-4445-B61D-ADEC5888E8CD}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Tomb Raider: Legend 1.2 - (.Pas de propriétaire.) [HKLM] -- Tomb Raider: Legend
O42 - Logiciel: Turbo Pizza - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2583910) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BDC21583-5601-4B2B-88F3-7919F6DE8FB1}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2553110) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{05D27A23-8E87-46B5-9EAF-F5B4DE7CCCA0}
O42 - Logiciel: VLC media player 1.1.5 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
O42 - Logiciel: Zuma Deluxe - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}
O42 - Logiciel: Zylom Games Player Plugin - (.Zylom Games.) [HKLM] -- Zylom Games Player Plugin
O42 - Logiciel: ccCommon - (.Symantec.) [HKLM] -- {B24E05CC-46FF-4787-BBB8-5CD516AFB118}
O42 - Logiciel: eMachines - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11019760}
O42 - Logiciel: eMachines Recovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: eMachines ScreenSaver - (.Acer Incorporated.) [HKLM] -- {79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\3ivx]
[HKCU\Software\AC3Filter]
[HKCU\Software\AcerUtil]
[HKCU\Software\Adobe]
[HKCU\Software\AnalogX]
[HKCU\Software\AppDataLow\Google]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Aware]
[HKCU\Software\BBL]
[HKCU\Software\Big Fish Games]
[HKCU\Software\Borland]
[HKCU\Software\Bugsplat]
[HKCU\Software\ClassesB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CoreAAC]
[HKCU\Software\CoreVorbis]
[HKCU\Software\Crystal Dynamics]
[HKCU\Software\CyberLink]
[HKCU\Software\DVDXStudios]
[HKCU\Software\DanniDin]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EBP]
[HKCU\Software\Elecard]
[HKCU\Software\Freeware]
[HKCU\Software\GNU]
[HKCU\Software\GSpot Appliance Corp]
[HKCU\Software\Gabest]
[HKCU\Software\GameHouse]
[HKCU\Software\Google]
[HKCU\Software\I-Media]
[HKCU\Software\INCAInternet]
[HKCU\Software\InterVideo]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Ligos]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Macrovision]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MatrixMixer]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Oberon Media]
[HKCU\Software\Oshima Technology laboratory]
[HKCU\Software\Pando Networks]
[HKCU\Software\Paradigm Matrix]
[HKCU\Software\PegasusImaging]
[HKCU\Software\Policies]
[HKCU\Software\QDesign Corporation]
[HKCU\Software\Quanta]
[HKCU\Software\ReClock]
[HKCU\Software\Realtek]
[HKCU\Software\Samsung]
[HKCU\Software\SecuROM]
[HKCU\Software\Softonic]
[HKCU\Software\Symantec]
[HKCU\Software\Synaptics]
[HKCU\Software\TFM]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Valve]
[HKCU\Software\WhiteSmoke]
[HKCU\Software\XviD MPEG4 Codec]
[HKCU\Software\YMPEG]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Zylom]
[HKCU\Software\keyhole.com]
[HKCU\Software\mpa2mka-wxgui]
[HKLM\Software\3ivx]
[HKLM\Software\Aardwork]
[HKLM\Software\Acer Incorporated]
[HKLM\Software\Acer]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\AppDataLow]
[HKLM\Software\Borland]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CDDB]
[HKLM\Software\COMON]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Crystal Dynamics]
[HKLM\Software\Denda Games]
[HKLM\Software\Digital River]
[HKLM\Software\DivXNetworks]
[HKLM\Software\EBP]
[HKLM\Software\Elisoft]
[HKLM\Software\Firefly Studios]
[HKLM\Software\Fraunhofer]
[HKLM\Software\GNU]
[HKLM\Software\GameInstaller]
[HKLM\Software\Gateway]
[HKLM\Software\Google]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\LightScribe]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\MySQL AB]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\NewTech Infosystems]
[HKLM\Software\ODBC]
[HKLM\Software\Oberon Media]
[HKLM\Software\OemSetup]
[HKLM\Software\On2 Technologies]
[HKLM\Software\OnNet]
[HKLM\Software\PRR]
[HKLM\Software\Pando Networks]
[HKLM\Software\PegasusImaging]
[HKLM\Software\Policies]
[HKLM\Software\Quanta]
[HKLM\Software\ReClock]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\SymDebug]
[HKLM\Software\Symantec Technical Support]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\THQ]
[HKLM\Software\Trad-FR]
[HKLM\Software\VideoLAN]
[HKLM\Software\VobSub]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Waterlily Games]
[HKLM\Software\Waves Audio]
[HKLM\Software\WhiteSmoke]
[HKLM\Software\WholeSecurity]
[HKLM\Software\Windows]
[HKLM\Software\mozilla.org]
[HKLM\Software\muvee Technologies]
~ Scan Softwares in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 13/08/2009 - 11:36:08 - [0] ----D- C:\Program Files\Acer Incorporated
O43 - CFD: 5/10/2011 - 19:20:48 - [110405289] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 1/01/2011 - 11:55:24 - [115404622] ----D- C:\Program Files\Adobe
O43 - CFD: 4/01/2010 - 14:49:32 - [15784542] ----D- C:\Program Files\Business Plan
O43 - CFD: 15/10/2009 - 16:12:02 - [53191858] ----D- C:\Program Files\Codec Pack de ELISOFT
O43 - CFD: 4/05/2011 - 10:12:48 - [696404246] ----D- C:\Program Files\Common Files
O43 - CFD: 29/08/2011 - 13:24:44 - [170213959] ----D- C:\Program Files\Denda Games
O43 - CFD: 13/08/2009 - 11:32:14 - [49179642] ----D- C:\Program Files\eMachines
O43 - CFD: 9/09/2008 - 17:18:34 - [881233771] ----D- C:\Program Files\eMachines GameZone
O43 - CFD: 13/08/2009 - 11:22:28 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 17/02/2010 - 17:16:00 - [6351210] ----D- C:\Program Files\GameShadow
O43 - CFD: 29/05/2011 - 16:51:48 - [421713084] ----D- C:\Program Files\Google
O43 - CFD: 13/01/2010 - 22:07:36 - [0] ----D- C:\Program Files\ING
O43 - CFD: 28/07/2011 - 9:08:28 - [67272250] ----D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 11/08/2011 - 11:41:30 - [4566386] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 13/08/2009 - 11:42:40 - [114679234] ----D- C:\Program Files\InterVideo
O43 - CFD: 1/02/2011 - 10:05:22 - [88538965] ----D- C:\Program Files\Java
O43 - CFD: 13/08/2009 - 11:31:34 - [2632285] ----D- C:\Program Files\Launch Manager
O43 - CFD: 5/10/2011 - 13:45:02 - [7022422] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 6/11/2009 - 19:15:36 - [2225728885] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 13/10/2009 - 16:35:52 - [580533370] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 9/09/2008 - 17:36:10 - [7791803] ----D- C:\Program Files\Microsoft Office Suite Activation Assistant
O43 - CFD: 2/10/2011 - 11:56:34 - [18701221] ----D- C:\Program Files\Microsoft Security Client
O43 - CFD: 15/06/2011 - 19:12:08 - [38411899] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 13/10/2009 - 16:35:48 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 13/10/2009 - 16:29:46 - [1387249] ----D- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 17/12/2010 - 19:22:46 - [146453974] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 26/06/2010 - 7:05:46 - [8167779] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 1/02/2011 - 11:11:46 - [20470054] ----D- C:\Program Files\Movie Maker
O43 - CFD: 2/10/2011 - 11:07:08 - [36235233] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 13/10/2009 - 16:36:10 - [26521] ----D- C:\Program Files\MSBuild
O43 - CFD: 21/08/2009 - 18:20:10 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 9/09/2008 - 17:23:06 - [222145920] ----D- C:\Program Files\NewTech Infosystems
O43 - CFD: 29/03/2010 - 10:41:50 - [140851597] ----D- C:\Program Files\Norton 360
O43 - CFD: 9/09/2008 - 17:06:18 - [204492] ----D- C:\Program Files\Oberon Media
O43 - CFD: 4/05/2011 - 9:42:38 - [7460142] ----D- C:\Program Files\Pando Networks
O43 - CFD: 25/03/2010 - 16:14:16 - [3688680] ----D- C:\Program Files\PhotoFiltre
O43 - CFD: 7/03/2010 - 18:16:16 - [11763652] ----D- C:\Program Files\QuickZip4
O43 - CFD: 28/07/2011 - 9:01:32 - [3259675] ----D- C:\Program Files\RealArcade
O43 - CFD: 9/09/2008 - 16:56:14 - [23238719] ----D- C:\Program Files\Realtek
O43 - CFD: 2/11/2006 - 14:35:52 - [38694657] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 13/08/2009 - 12:37:48 - [5228544] ----D- C:\Program Files\Samsung
O43 - CFD: 19/06/2010 - 18:48:38 - [102045677] ----D- C:\Program Files\Sweet Home 3D
O43 - CFD: 27/03/2010 - 7:42:28 - [27102029] ----D- C:\Program Files\Symantec
O43 - CFD: 9/09/2008 - 16:57:00 - [14715569] ----D- C:\Program Files\Synaptics
O43 - CFD: 16/02/2010 - 16:48:44 - [721917] ----D- C:\Program Files\THQ
O43 - CFD: 5/08/2011 - 14:11:50 - [7680929093] ----D- C:\Program Files\Tomb Raider - Legend
O43 - CFD: 2/11/2006 - 14:58:20 - [0] ----D- C:\Program Files\Uninstall Information
O43 - CFD: 8/09/2010 - 11:16:26 - [80529230] ----D- C:\Program Files\VideoLAN
O43 - CFD: 1/02/2011 - 9:11:16 - [1822720] ----D- C:\Program Files\WhiteSmoke
O43 - CFD: 1/02/2011 - 11:11:46 - [1016832] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 1/02/2011 - 11:11:44 - [2737152] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 1/02/2011 - 11:11:44 - [4490624] ----D- C:\Program Files\Windows Defender
O43 - CFD: 17/09/2011 - 12:46:52 - [8935608] ----D- C:\Program Files\Windows Mail
O43 - CFD: 1/02/2011 - 11:11:46 - [4498121] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 13/08/2009 - 11:22:28 - [7957544] ----D- C:\Program Files\Windows NT
O43 - CFD: 1/02/2011 - 11:11:44 - [8228002] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 3/02/2011 - 7:19:06 - [134144] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 1/02/2011 - 11:11:46 - [6655183] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 5/10/2010 - 17:12:40 - [175] ----D- C:\Program Files\Zero G Registry
O43 - CFD: 5/10/2011 - 19:31:22 - [5436750] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 24/03/2011 - 14:14:06 - [510480] ----D- C:\Program Files\Zylom Games
O43 - CFD: 1/01/2011 - 11:55:42 - [3601646] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 9/09/2008 - 17:25:36 - [25438758] ----D- C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 17/03/2010 - 14:01:20 - [12500] ----D- C:\Program Files\Common Files\Canon
O43 - CFD: 13/10/2009 - 16:35:48 - [92976] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 4/05/2011 - 10:12:48 - [0] ----D- C:\Program Files\Common Files\INCA Shared
O43 - CFD: 6/11/2009 - 19:12:04 - [2033069] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 13/08/2009 - 11:42:38 - [179248] ----D- C:\Program Files\Common Files\InterVideo
O43 - CFD: 8/09/2010 - 8:20:24 - [1243079] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 9/09/2008 - 17:22:30 - [7178034] ----D- C:\Program Files\Common Files\LightScribe
O43 - CFD: 13/01/2010 - 7:25:42 - [246765145] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 9/09/2008 - 17:20:24 - [9706600] ----D- C:\Program Files\Common Files\muvee Technologies
O43 - CFD: 9/09/2008 - 17:06:30 - [354896] ----D- C:\Program Files\Common Files\Oberon Media
O43 - CFD: 2/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 2/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 29/03/2010 - 10:41:50 - [315893724] ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 1/02/2011 - 11:11:44 - [42800134] ----D- C:\Program Files\Common Files\System
O43 - CFD: 6/01/2011 - 16:27:18 - [124467961] ----D- C:\ProgramData\Adobe
O43 - CFD: 6/11/2009 - 19:36:52 - [0] ----D- C:\ProgramData\Age of Empires 3
O43 - CFD: 13/08/2009 - 11:26:58 - [13092162682] ----D- C:\ProgramData\Application Data
O43 - CFD: 23/08/2009 - 13:14:40 - [1017811] ----D- C:\ProgramData\Arcade Lab
O43 - CFD: 13/08/2009 - 11:22:28 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 17/03/2010 - 14:03:36 - [213560] ----D- C:\ProgramData\CanonCP
O43 - CFD: 2/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 2/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 9/09/2011 - 14:39:44 - [144] ----D- C:\ProgramData\Driver Whiz
O43 - CFD: 23/10/2009 - 20:21:02 - [22405] ----D- C:\ProgramData\DVD X Studios
O43 - CFD: 13/08/2009 - 11:22:28 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 2/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 13/05/2010 - 10:56:02 - [0] ----D- C:\ProgramData\Firefly Studios
O43 - CFD: 9/09/2008 - 17:10:54 - [0] ----D- C:\ProgramData\FloodLightGames
O43 - CFD: 26/07/2011 - 15:55:40 - [134810] ----D- C:\ProgramData\GameHouse
O43 - CFD: 8/11/2009 - 18:13:18 - [536147] ----D- C:\ProgramData\Google
O43 - CFD: 29/05/2011 - 16:37:40 - [16697636] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 1/01/2011 - 11:51:40 - [2444] ----D- C:\ProgramData\McAfee
O43 - CFD: 29/07/2011 - 19:54:26 - [853] ----D- C:\ProgramData\Media Get LLC
O43 - CFD: 13/08/2009 - 11:22:28 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 2/10/2011 - 11:56:16 - [424901333] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 17/09/2011 - 12:47:56 - [112090] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 13/08/2009 - 11:22:28 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 13/08/2009 - 11:27:36 - [189645] ----D- C:\ProgramData\NVIDIA
O43 - CFD: 12/09/2010 - 17:15:28 - [1204] ----D- C:\ProgramData\Office Genuine Advantage
O43 - CFD: 4/05/2011 - 9:43:46 - [427] ----D- C:\ProgramData\PMB Files
O43 - CFD: 5/10/2010 - 17:17:44 - [6360] ----D- C:\ProgramData\Sports Interactive
O43 - CFD: 2/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 28/04/2010 - 20:28:48 - [224] ----D- C:\ProgramData\Sun
O43 - CFD: 27/03/2010 - 7:40:34 - [615789074] ----D- C:\ProgramData\Symantec
O43 - CFD: 25/03/2011 - 17:25:06 - [0] ---AD- C:\ProgramData\TEMP
O43 - CFD: 2/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 24/03/2011 - 14:18:52 - [6491461] ----D- C:\ProgramData\Zylom
O43 - CFD: 15/08/2009 - 15:46:34 - [1357039] ----D- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
O43 - CFD: 5/10/2011 - 14:51:30 - [0] ----D- C:\Users\FV\AppData\Roaming\6876836
O43 - CFD: 3/01/2011 - 22:21:28 - [6636107] ----D- C:\Users\FV\AppData\Roaming\Adobe
O43 - CFD: 4/09/2009 - 19:05:26 - [1997919] ----D- C:\Users\FV\AppData\Roaming\Big Fish Games
O43 - CFD: 26/09/2010 - 17:40:04 - [199] ----D- C:\Users\FV\AppData\Roaming\dvdcss
O43 - CFD: 7/03/2010 - 20:17:34 - [5871665] ----D- C:\Users\FV\AppData\Roaming\ElementalsTheMagicKey
O43 - CFD: 19/06/2010 - 19:09:24 - [726497] ----D- C:\Users\FV\AppData\Roaming\eTeks
O43 - CFD: 23/08/2009 - 13:17:52 - [23172] ----D- C:\Users\FV\AppData\Roaming\FloodLightGames
O43 - CFD: 15/03/2011 - 14:39:30 - [134227] ----D- C:\Users\FV\AppData\Roaming\FlyWheelGames
O43 - CFD: 19/06/2011 - 17:46:40 - [9450] ----D- C:\Users\FV\AppData\Roaming\Gogii
O43 - CFD: 15/08/2009 - 15:18:44 - [49448] ----D- C:\Users\FV\AppData\Roaming\Google
O43 - CFD: 7/03/2010 - 20:12:52 - [1162] ----D- C:\Users\FV\AppData\Roaming\Identities
O43 - CFD: 15/08/2009 - 15:26:16 - [0] ----D- C:\Users\FV\AppData\Roaming\InterVideo
O43 - CFD: 13/08/2009 - 11:36:08 - [280575] ----D- C:\Users\FV\AppData\Roaming\Macromedia
O43 - CFD: 29/05/2011 - 16:37:48 - [751061] ----D- C:\Users\FV\AppData\Roaming\Malwarebytes
O43 - CFD: 29/07/2011 - 19:54:26 - [2738] ----D- C:\Users\FV\AppData\Roaming\Media Get LLC
O43 - CFD: 1/02/2011 - 9:42:14 - [21103257] -S--D- C:\Users\FV\AppData\Roaming\Microsoft
O43 - CFD: 1/02/2011 - 13:46:44 - [15781302] ----D- C:\Users\FV\AppData\Roaming\Mozilla
O43 - CFD: 25/03/2010 - 16:14:22 - [918] ----D- C:\Users\FV\AppData\Roaming\PhotoFiltre
O43 - CFD: 28/07/2011 - 9:08:26 - [0] ----D- C:\Users\FV\AppData\Roaming\Samsung
O43 - CFD: 7/10/2009 - 18:51:58 - [14952] R---D- C:\Users\FV\AppData\Roaming\SecuROM
O43 - CFD: 5/10/2010 - 17:16:32 - [12793608] ----D- C:\Users\FV\AppData\Roaming\Sports Interactive
O43 - CFD: 15/08/2009 - 15:51:42 - [3089] ----D- C:\Users\FV\AppData\Roaming\Symantec
O43 - CFD: 17/08/2011 - 10:24:12 - [0] ----D- C:\Users\FV\AppData\Roaming\System
O43 - CFD: 13/08/2009 - 12:20:42 - [13824] ----D- C:\Users\FV\AppData\Roaming\Template
O43 - CFD: 30/01/2011 - 20:22:28 - [0] ----D- C:\Users\FV\AppData\Roaming\U3
O43 - CFD: 2/10/2011 - 18:47:14 - [1464196] ----D- C:\Users\FV\AppData\Roaming\vlc
O43 - CFD: 18/10/2010 - 14:01:22 - [16063] ----D- C:\Users\FV\AppData\Roaming\W
O43 - CFD: 29/12/2010 - 7:28:44 - [14138] ----D- C:\Users\FV\AppData\Roaming\wargaming.net
O43 - CFD: 1/02/2011 - 9:11:10 - [360] ----D- C:\Users\FV\AppData\Roaming\WhiteSmoke
O43 - CFD: 9/03/2011 - 17:31:08 - [0] ----D- C:\Users\FV\AppData\Roaming\WinRAR
O43 - CFD: 7/03/2010 - 20:12:52 - [264516] ----D- C:\Users\FV\AppData\Roaming\Zylom
O43 - CFD: 1/01/2011 - 11:55:00 - [16997052] ----D- C:\Users\FV\AppData\Local\Adobe
O43 - CFD: 13/08/2009 - 11:25:26 - [0] -SH-D- C:\Users\FV\AppData\Local\Application Data
O43 - CFD: 6/12/2010 - 14:47:14 - [58158756] ----D- C:\Users\FV\AppData\Local\Google
O43 - CFD: 13/08/2009 - 11:25:26 - [0] -SH-D- C:\Users\FV\AppData\Local\Historique
O43 - CFD: 9/03/2011 - 17:40:40 - [4292] ----D- C:\Users\FV\AppData\Local\LostKing
O43 - CFD: 29/07/2011 - 19:49:20 - [5174299] ----D- C:\Users\FV\AppData\Local\Media Get LLC
O43 - CFD: 5/10/2011 - 17:10:44 - [22859177] ----D- C:\Users\FV\AppData\Local\MediaGet2
O43 - CFD: 17/08/2011 - 9:54:20 - [1623640] ----D- C:\Users\FV\AppData\Local\MesLivres
O43 - CFD: 9/09/2011 - 14:34:34 - [2317817111] ----D- C:\Users\FV\AppData\Local\Microsoft
O43 - CFD: 28/08/2009 - 14:19:18 - [1228235] ----D- C:\Users\FV\AppData\Local\Microsoft Games
O43 - CFD: 17/08/2009 - 9:48:50 - [96764] ----D- C:\Users\FV\AppData\Local\Microsoft Help
O43 - CFD: 13/08/2009 - 11:46:14 - [51375] ----D- C:\Users\FV\AppData\Local\MigWiz
O43 - CFD: 1/02/2011 - 13:46:28 - [58139434] ----D- C:\Users\FV\AppData\Local\Mozilla
O43 - CFD: 23/08/2009 - 13:16:52 - [5243228] ----D- C:\Users\FV\AppData\Local\Oberon Games
O43 - CFD: 4/05/2011 - 10:42:24 - [178395] ----D- C:\Users\FV\AppData\Local\PMB Files
O43 - CFD: 5/10/2011 - 19:31:10 - [82531] ----D- C:\Users\FV\AppData\Local\Temp
O43 - CFD: 13/08/2009 - 11:25:26 - [0] -SH-D- C:\Users\FV\AppData\Local\Temporary Internet Files
O43 - CFD: 4/09/2009 - 19:13:10 - [34094834] ----D- C:\Users\FV\AppData\Local\VirtualStore
O43 - CFD: 28/07/2011 - 9:07:14 - [0] ----D- C:\Users\FV\AppData\Local\Zylom Games
~ Scan Program Folder in 00mn 35s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.1BC86B5A281AC76F0CC597FA24A73A11] - 1/10/2011 - 18:01:33 ---A- . (...) -- C:\Windows\ntbtlog.txt [350968]
O44 - LFC:[MD5.B412A5393E9BF796D97B12E0BDD1E12A] - 18/09/2011 - 9:47:00 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\system32\FlashPlayerCPLApp.cpl [404640]
O44 - LFC:[MD5.E185BDA84E5F03F4E1D8DCA30E209277] - 2/10/2011 - 10:56:37 ---A- . (...) -- C:\Windows\epplauncher.mif [1912]
O44 - LFC:[MD5.E8D05CBA1615AA584A23B9CBA6702AFF] - 4/10/2011 - 16:57:12 ---A- . (...) -- C:\Windows\srun.log [12]
O44 - LFC:[MD5.64041651F535AAF1EE6DE472CA5ABAA5] - 5/10/2011 - 16:29:11 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.363473132B9EF02FAA8266FE6AB15B8E] - 5/10/2011 - 17:35:01 ---A- . (...) -- C:\AdwCleaner[S1].txt [5000]
O44 - LFC:[MD5.9E1FB6B4F58B4850687356BD34373820] - 5/10/2011 - 18:22:58 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [4507]
O44 - LFC:[MD5.310C715B61097EE21DF25AA01AAF075A] - 5/10/2011 - 18:25:18 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.CEAF98D916D2B75B8704BEE7680EE0B5] - 5/10/2011 - 18:25:46 ---A- . (...) -- C:\Windows\system32\agent.log [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 5/10/2011 - 18:25:57 ---A- . (...) -- C:\Windows\system32\LogConfigTemp.xml [0]
O44 - LFC:[MD5.A2A3D9CCE8E32A9369A61A9800B136F9] - 5/10/2011 - 18:29:07 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1251168]
O44 - LFC:[MD5.E5802E6F9CC1B05E8E5230900DAFB1C3] - 5/10/2011 - 18:30:27 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1502476]
O44 - LFC:[MD5.0501041328E2B2AA483B3C7DBF567807] - 5/10/2011 - 18:30:27 ---A- . (...) -- C:\Windows\system32\perfc009.dat [105070]
O44 - LFC:[MD5.098F8816C1BB4D7C82D8D18923371CE3] - 5/10/2011 - 18:30:27 ---A- . (...) -- C:\Windows\system32\perfc00C.dat [127626]
O44 - LFC:[MD5.5EDA333333FAD2FB1FD7C6C47A51AA39] - 5/10/2011 - 18:30:27 ---A- . (...) -- C:\Windows\system32\perfh009.dat [598096]
O44 - LFC:[MD5.C1145BDC23EE16DAF0B9D2163A5E60BA] - 5/10/2011 - 18:30:27 ---A- . (...) -- C:\Windows\system32\perfh00C.dat [681142]
~ Scan Files in 00mn 46s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{120c524d-881d-11de-9afd-806e6f6e6963}\AutoRun\command. (.Linasoft - AutoPlay Menu Loader.) -- E:\autorun.exe
O51 - MPSK:{c86ec8b6-906d-11de-ab57-00238b8aeb66}\AutoRun\command. (...) -- G:\LaunchU3.exe (.not file.)
~ Scan Keys in 00mn 09s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"vidc.i420"="c:\progra~1\codecp~1\i263\i263_32.drv" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.l3acm"="s¸ö" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.DIV3"="c:\progra~1\codecp~1\divx3\divxc32.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.DIV4"="c:\progra~1\codecp~1\divx412\divx.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.DIVX"="c:\progra~1\codecp~1\divx511\divx.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.xvid"="c:\progra~1\codecp~1\xvid\xvid.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.fvfw"="c:\progra~1\codecp~1\ffvfw\ffvfw.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.avis"="c:\progra~1\codecp~1\ffvfw\ffvfw.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.MPG4"="c:\progra~1\codecp~1\mpeg4\mpg4c32.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.MP42"="c:\progra~1\codecp~1\mpeg4\mpg4c32.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.MP43"="c:\progra~1\codecp~1\mpeg4\mpg4c32.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"VIDC.MJPG"="c:\progra~1\codecp~1\picvideo\pvmjpg21.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"VIDC.PIMJ"="c:\progra~1\codecp~1\picvideo\pvljpg20.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"VIDC.PVW2"="c:\progra~1\codecp~1\picvideo\pvwv220.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"VIDC.SJPG"="c:\progra~1\codecp~1\pmmjpeg\pmmjpeg.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.MJPX"="c:\progra~1\codecp~1\m3jpegv3\m3jpeg32.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.dmb1"="c:\progra~1\codecp~1\m3jpegv3\m3jpeg32.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"VIDC.HFYU"="c:\progra~1\codecp~1\huffyuv\huffyuv.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"VIDC.ZLIB"="c:\progra~1\codecp~1\lcljp\avizlib.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"VIDC.MSZH"="c:\progra~1\codecp~1\lcljp\avimszh.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.MVW1"="c:\progra~1\codecp~1\aware\icmw_32.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.dvmc"="c:\progra~1\codecp~1\mcdv\mcdvd_32.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.VP31"="c:\progra~1\codecp~1\on2vp3\vp31vfw.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.VP60"="c:\progra~1\codecp~1\on2vp6\vp6vfw.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.VP61"="c:\progra~1\codecp~1\on2vp6\vp6vfw.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.3IV2"="c:\progra~1\codecp~1\3ivx\3ivxvf~1.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.I263"="c:\progra~1\codecp~1\i263\i263_32.drv" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.imc"="c:\progra~1\codecp~1\i263\imc32.acm" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"VIDC.YMPG"="c:\progra~1\codecp~1\ympeg\ympgcdc.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.ympgacm"="c:\progra~1\codecp~1\ympeg\ympgacm.acm" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"VIDC.WMV3"="c:\progra~1\codecp~1\wm9\wmv9vcm.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.lameacm"="c:\progra~1\codecp~1\mp3lame\lameacm.acm" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.atrac3"="c:\progra~1\codecp~1\atrac3\atrac3.acm" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.qmpeg"="c:\progra~1\codecp~1\qmpeg\qmpeg.acm" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.uleaddv"="c:\progra~1\codecp~1\uleaddv\dvacm.acm" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.vorbis"="c:\progra~1\codecp~1\vorbis\vorbis.acm" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.divxa32"="c:\progra~1\codecp~1\wma\divxa32.acm" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.msaudio2"="c:\progra~1\codecp~1\wma\msaud32h.acm" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.msaudio1"="s¸ö" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\divx3\divxc32.dll"="DivX ;-) 3.20a VKI Video Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\divx412\divx.dll"="DivX 4.12 Video Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\divx511\divx.dll"="DivX 5.1.1 Pro Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\xvid\xvid.dll"="XviD MPEG-4 Video Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\ffvfw\ffvfw.dll"="makeAVIS - FFvfw" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\mpeg4\mpg4c32.dll"="Microcrap MPEG-4 Video Codec V3" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\picvideo\pvmjpg21.dll"="PICVideo MJPEG Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\picvideo\pvljpg20.dll"="PICVideo Lossless JPEG Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\picvideo\pvwv220.dll"="PICVideo Wavelet 2000 Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\pmmjpeg\pmmjpeg.dll"="Paradigm Matrix M-JPEG Codec 1.11N" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\m3jpegv3\m3jpeg32.dll"="Morgan MJPEG 32-bits codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\huffyuv\huffyuv.dll"="Huffyuv lossless codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\lcljp\avizlib.dll"="AVIzlib Loss-Less Codec v2.23" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\lcljp\avimszh.dll"="AVImszh Loss-Less Codec v2.23" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\aware\icmw_32.dll"="Aware MotionWavelets v1.70.4.2" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\mcdv\mcdvd_32.dll"="MainConcept DV Codec v2.04" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\on2vp3\vp31vfw.dll"="On2 VP3 Video Codec v3.2.6.1" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\on2vp6\vp6vfw.dll"="On2 VP61 Advanced Profile" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\3ivx\3ivxvf~1.dll"="3ivx D4 Video Codec v4.5" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\i263\i263_32.drv"="Intel I263/I420 Video Driver v2.55.016" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\i263\imc32.acm"="Intel Music Coder" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\ympeg\ympgcdc.dll"="YMPEG Video codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\ympeg\ympgacm.acm"="YMPEG Audio codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\wm9\wmv9vcm.dll"="Windows Media Video 9 VCM" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"s¸ö"="Windows Media Audio" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\mp3lame\lameacm.acm"="Lame ACM MP3 Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\atrac3\atrac3.acm"="Sony ATRAC3 Audio Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\qmpeg\qmpeg.acm"="QDesign MPEG Audio Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\uleaddv\dvacm.acm"="Ulead DV Audio Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\vorbis\vorbis.acm"="Ogg Vorbis Audio CODEC" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\wma\divxa32.acm"="DivX WMA Audio Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\wma\msaud32h.acm"="Micro$oft WMA Audio V2" . (...) -- (.not file.)
~ Scan Keys in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
~ Scan Keys in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 3:32:46 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968]
O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 3:32:51 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600]
O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 3:32:52 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432]
O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 3:32:53 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560]
O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 21/01/2008 - 3:32:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17464]
O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 3:32:49 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416]
O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 3:32:50 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928]
O58 - SDL:[MD5.997E25F5B7D53C94C0AD2DC080F6868E] - 10/09/2008 - 9:59:00 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athr.sys [912384]
O58 - SDL:[MD5.6FB43F0DADB3FDC287D080C19666AF8D] - 10/09/2008 - 9:39:42 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60x.sys [212992]
O58 - SDL:[MD5.C38077D14ADF896EE1E1DBBCBCF77E14] - 10/09/2008 - 12:18:28 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\system32\drivers\BCMWL6.SYS [1187320]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 2/11/2006 - 9:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 2/11/2006 - 9:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 2/11/2006 - 9:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 2/11/2006 - 9:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 2/11/2006 - 9:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 2/11/2006 - 9:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]
O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 21/01/2008 - 3:32:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19000]
O58 - SDL:[MD5.6186B6B953BDC884F0F379B84B3E3A98] - 9/09/2008 - 16:42:12 ---A- . (.Symantec Corporation - Confidence Online v6.1 WDM driver (6,1,4,10).) -- C:\Windows\system32\drivers\COH_Mon.sys [23888]
O58 - SDL:[MD5.73F5D6835BFA66019C03E316D99649DA] - 9/09/2008 - 3:39:02 ---A- . (.Symantec Corporation - Behavior Blocker v2007.1 WDM driver (2007.1.1.99).) -- C:\Windows\system32\drivers\CO_Mon.sys [36056]
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 2/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]
O58 - SDL:[MD5.73BAF270D24FE726B9CD7F80BB17A23D] - 10/09/2008 - 14:29:36 ---A- . (.Dritek System Inc. - Dritek PS2 Keyboard Filter Driver.) -- C:\Windows\system32\drivers\DKbFltr.sys [21264]
O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 3:32:50 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel(R) PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784]
O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 3:32:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584]
O58 - SDL:[MD5.AB8A6A87D9D7255C3884D5B9541A6E80] - 15/08/2009 - 12:12:54 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [15464]
O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 3:32:52 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504]
O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 3:32:49 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064]
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 2/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]
O58 - SDL:[MD5.C6E5276C00EBDEB096BB5EF4B797D1B6] - 13/08/2009 - 10:13:24 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\system32\drivers\int15.sys [15392]
O58 - SDL:[MD5.8C7FA71CB1EBCD3EDE8958D27B1BF0B4] - 13/08/2009 - 10:13:24 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\system32\drivers\int15_64.sys [17952]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 2/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 2/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]
O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 3:32:49 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312]
O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 3:32:51 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656]
O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 3:32:48 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312]
O58 - SDL:[MD5.69A6268D7F81E53D568AB4E7E991CAF3] - 29/05/2011 - 16:00:50 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [22216]
O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 3:32:53 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288]
O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 3:32:52 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616]
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 2/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 2/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]
O58 - SDL:[MD5.2757D2BA59AEE155209E24942AB127C9] - 9/09/2008 - 10:52:06 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\Windows\system32\drivers\NTIDrvr.sys [14848]
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 2/11/2006 - 8:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]
O58 - SDL:[MD5.EC0E8BC4CA37007DDB51F0DCC0C5472F] - 10/09/2008 - 3:12:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 176.) -- C:\Windows\system32\drivers\nvlddmkm.sys [7546080]
O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 3:32:47 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968]
O58 - SDL:[MD5.736054614AB962D4EC01EF4ABCE115F1] - 22/07/2008 - 3:21:08 ---A- . (.NVIDIA Corporation - NVIDIA nForce(TM) SMU Microcontroller Driver.) -- C:\Windows\system32\drivers\nvsmu.sys [15872]
O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 3:32:47 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112]
O58 - SDL:[MD5.1199B2052F7861C1D39C2318E70904C9] - 21/07/2008 - 9:12:22 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor32.sys [145952]
O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 3:32:50 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360]
O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 2/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]
O58 - SDL:[MD5.001B4278407F4303EFC902A2B16F2453] - 13/08/2009 - 19:09:28 ---A- . (.InterVideo - regi driver.) -- C:\Windows\system32\drivers\regi.sys [11032]
O58 - SDL:[MD5.FE912E4A9719A9792669DEBB403CB9B1] - 9/09/2008 - 10:11:06 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2164248]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 2/11/2006 - 7:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 3:32:52 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808]
O58 - SDL:[MD5.E0E54A571D4323567E95E11FE76A5FF3] - 9/09/2008 - 3:51:00 ---A- . (.Symantec Corporation - Symantec AutoProtect.) -- C:\Windows\system32\drivers\srtsp.sys [279088]
O58 - SDL:[MD5.4E44F0E22DF824D318988CAA6F321C30] - 9/09/2008 - 3:51:00 ---A- . (.Symantec Corporation - Symantec AutoProtect.) -- C:\Windows\system32\drivers\srtspl.sys [317616]
O58 - SDL:[MD5.D3BB40427CF3D02E56BBA97FEDA0A3AA] - 9/09/2008 - 3:51:00 ---A- . (.Symantec Corporation - Symantec AutoProtect.) -- C:\Windows\system32\drivers\srtspx.sys [43696]
O58 - SDL:[MD5.5A1D0CA8A5F1E7B4EC50B9D76C001F0E] - 13/08/2009 - 10:11:16 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Device 1.0 Driver.) -- C:\Windows\system32\drivers\ss_bus.sys [83592]
O58 - SDL:[MD5.A251AEE642F64B8BC5E2CBFEBB437A1D] - 13/08/2009 - 10:11:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_cm.sys [12424]
O58 - SDL:[MD5.A251AEE642F64B8BC5E2CBFEBB437A1D] - 13/08/2009 - 10:11:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_cmnt.sys [12424]
O58 - SDL:[MD5.F0A85580E36A3A85059037D39A9CF079] - 13/08/2009 - 10:11:18 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Modem 1.0 Filter Driver.) -- C:\Windows\system32\drivers\ss_mdfl.sys [15112]
O58 - SDL:[MD5.84C3DBFD1BFA4ADC0A950B3D5506CB00] - 13/08/2009 - 10:11:18 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Modem 1.0 Driver.) -- C:\Windows\system32\drivers\ss_mdm.sys [109704]
O58 - SDL:[MD5.09104A5FE22B716571E90E11B73A042C] - 13/08/2009 - 10:11:18 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_wh.sys [12424]
O58 - SDL:[MD5.09104A5FE22B716571E90E11B73A042C] - 13/08/2009 - 10:11:18 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_whnt.sys [12424]
O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 13/08/2009 - 15:05:00 ---A- . (...) -- C:\Windows\system32\drivers\StarOpen.sys [5632]
O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 2/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]
O58 - SDL:[MD5.FE9F8B3A8BC22D85332B42E92308DDF9] - 27/03/2010 - 12:31:16 ---A- . (.Symantec Corporation - DNS Filter Driver.) -- C:\Windows\system32\drivers\symdns.sys [13616]
O58 - SDL:[MD5.06B95820DF51502099A8A15C93E87986] - 9/09/2008 - 6:42:22 ---A- . (.Symantec Corporation - Symantec Event Library.) -- C:\Windows\system32\drivers\SYMEVENT.SYS [124464]
O58 - SDL:[MD5.A0EA9D273889E53CFAABF2444692CCBF] - 27/03/2010 - 12:31:16 ---A- . (.Symantec Corporation - Firewall Filter Driver.) -- C:\Windows\system32\drivers\symfw.sys [96560]
O58 - SDL:[MD5.23527B9CD4F7B9E31160E98D340E7E85] - 27/03/2010 - 12:31:16 ---A- . (.Symantec Corporation - IDS Filter Driver.) -- C:\Windows\system32\drivers\symids.sys [38576]
O58 - SDL:[MD5.8EAB28DD6CD25355B951AE460FA86B48] - 27/03/2010 - 12:31:42 ---A- . (.Symantec Corporation - NDIS 6.0 Filter Driver for Windows Vista.) -- C:\Windows\system32\drivers\SymIMV.sys [24112]
O58 - SDL:[MD5.C94EACA4B522012EE0691F1E79C42A7D] - 27/03/2010 - 12:31:18 ---A- . (.Symantec Corporation - NDIS Filter Driver.) -- C:\Windows\system32\drivers\symndisv.sys [41008]
O58 - SDL:[MD5.7C6505EA598E58099D3B7E1F70426864] - 27/03/2010 - 12:31:16 ---A- . (.Symantec Corporation - Redirector Filter Driver.) -- C:\Windows\system32\drivers\symredrv.sys [22320]
O58 - SDL:[MD5.E6FF7ACE71D07CA90119F2C6AB592BA4] - 27/03/2010 - 12:31:16 ---A- . (.Symantec Corporation - Network Dispatch Driver.) -- C:\Windows\system32\drivers\symtdi.sys [184496]
O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 2/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]
O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 2/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]
O58 - SDL:[MD5.BF7AA84D5AF0FAA0978C840E63B17DBF] - 10/09/2008 - 2:45:00 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [196784]
O58 - SDL:[MD5.F763E070843EE2803DE1395002B42938] - 9/09/2008 - 10:51:50 ---A- . (.NewTech Infosystems Corporation - NTI CDROM Filter Driver.) -- C:\Windows\system32\drivers\UBHelper.sys [13824]
O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 3:32:45 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 2/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 3:32:49 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 21/01/2008 - 3:32:21 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20024]
O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 3:32:49 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 2/11/2006 - 8:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 2/11/2006 - 8:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 2/11/2006 - 8:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 2/11/2006 - 8:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 2/11/2006 - 8:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.9131FE60ADFAB595C8DA53AD6A06AA31] - 4/05/2011 - 7:43:08 ---A- . (.INCA Internet Co., Ltd. - nProtect NPSC Kernel Mode Driver for NT.) -- C:\Windows\system32\npptNT2.sys [4682]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 2/11/2006 - 8:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 2/11/2006 - 8:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 2/11/2006 - 8:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 2/11/2006 - 8:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 2/11/2006 - 8:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 2/11/2006 - 8:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 2/11/2006 - 8:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 2/11/2006 - 8:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 2/11/2006 - 8:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 2/11/2006 - 8:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]
~ Scan Drivers in 00mn 08s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
O63 - Logiciel: Ad-Remover - (.Pas de propriétaire.) [HKCU] -- Ad-Remover
~ Scan ADS in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 30/07/2008 - C:\Windows\system32\Drivers\COH_Mon.sys - COH_Mon(COH_Mon) .(.Symantec Corporation - Confidence Online v6.1 WDM driver (6,1,4,10.) - LEGACY_COH_MON
O64 - Services: CurCS - 21/08/2007 - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe - comHost(comHost) .(.Symantec Corporation - COM Aggregation Host.) - LEGACY_COMHOST
O64 - Services: CurCS - 8/08/2007 - C:\Windows\system32\drivers\CO_Mon.sys - CO_Mon(CO_Mon) .(.Symantec Corporation - Behavior Blocker
0
Réponse 12 / 32
fmounet007007 Messages postés 23 Date d'inscription mardi 4 octobre 2011 Statut Membre Dernière intervention 7 octobre 2011
5 oct. 2011 à 19:44
et la suite et fin:

---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 30/07/2008 - C:\Windows\system32\Drivers\COH_Mon.sys - COH_Mon(COH_Mon) .(.Symantec Corporation - Confidence Online v6.1 WDM driver (6,1,4,10.) - LEGACY_COH_MON
O64 - Services: CurCS - 21/08/2007 - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe - comHost(comHost) .(.Symantec Corporation - COM Aggregation Host.) - LEGACY_COMHOST
O64 - Services: CurCS - 8/08/2007 - C:\Windows\system32\drivers\CO_Mon.sys - CO_Mon(CO_Mon) .(.Symantec Corporation - Behavior Blocker v2007.1 WDM driver (2007.1.) - LEGACY_CO_MON
O64 - Services: CurCS - 15/07/2009 - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - Symantec Eraser Control driver(eeCtrl) .(.Symantec Corporation - Symantec Eraser Control Driver.) - LEGACY_EECTRL
O64 - Services: CurCS - 15/07/2009 - C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - EraserUtilRebootDrv(EraserUtilRebootDrv) .(.Symantec Corporation - Symantec Eraser Utility Driver.) - LEGACY_ERASERUTILREBOOTDRV
O64 - Services: CurCS - 22/07/2009 - C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20090811.002\IDSvix86.sys - Symantec Intrusion Prevention Driver(IDSvix86) .(.Symantec Corporation - IDS Core Driver.) - LEGACY_IDSVIX86
O64 - Services: CurCS - 11/06/2008 - C:\Windows\system32\drivers\int15.sys - int15(int15) .(.Acer, Inc. - int15.) - LEGACY_INT15
O64 - Services: CurCS - ??/??/???? - C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090818.021\NAVENG.sys (.not file.) - NAVENG (NAVENG) .(...) - LEGACY_NAVENG
O64 - Services: CurCS - ??/??/???? - C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090818.021\NAVEX15.sys (.not file.) - NAVEX15 (NAVEX15) .(...) - LEGACY_NAVEX15
O64 - Services: CurCS - 17/04/2007 - C:\Windows\system32\drivers\regi.sys - regi(regi) .(.InterVideo - regi driver.) - LEGACY_REGI
O64 - Services: CurCS - 17/03/2009 - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys - SPBBCDrv(SPBBCDrv) .(.Symantec Corporation - SPBBC Driver.) - LEGACY_SPBBCDRV
O64 - Services: CurCS - 31/01/2008 - C:\Windows\system32\Drivers\SRTSP.sys - SRTSP(SRTSP) .(.Symantec Corporation - Symantec AutoProtect.) - LEGACY_SRTSP
O64 - Services: CurCS - 31/01/2008 - C:\Windows\system32\Drivers\SRTSPX.sys - SRTSPX(SRTSPX) .(.Symantec Corporation - Symantec AutoProtect.) - LEGACY_SRTSPX
O64 - Services: CurCS - 19/02/2009 - C:\Windows\system32\Drivers\SYMDNS.sys - SYMDNS(SYMDNS) .(.Symantec Corporation - DNS Filter Driver.) - LEGACY_SYMDNS
O64 - Services: CurCS - 27/03/2010 - C:\Windows\system32\Drivers\SYMEVENT.sys - SymEvent(SymEvent) .(.Symantec Corporation - Symantec Event Library.) - LEGACY_SYMEVENT
O64 - Services: CurCS - 19/02/2009 - C:\Windows\system32\Drivers\SYMFW.sys - SYMFW(SYMFW) .(.Symantec Corporation - Firewall Filter Driver.) - LEGACY_SYMFW
O64 - Services: CurCS - 19/02/2009 - C:\Windows\system32\DRIVERS\SymIMv.sys - Symantec Network Security Intermediate Filter Driver(SymIM) .(.Symantec Corporation - NDIS 6.0 Filter Driver for Windows Vista.) - LEGACY_SYMIM
O64 - Services: CurCS - 19/02/2009 - C:\Windows\system32\Drivers\SYMNDISV.sys - SYMNDISV(SYMNDISV) .(.Symantec Corporation - NDIS Filter Driver.) - LEGACY_SYMNDISV
O64 - Services: CurCS - 19/02/2009 - C:\Windows\system32\Drivers\SYMREDRV.sys - SYMREDRV(SYMREDRV) .(.Symantec Corporation - Redirector Filter Driver.) - LEGACY_SYMREDRV
O64 - Services: CurCS - 19/02/2009 - C:\Windows\system32\Drivers\SYMTDI.sys - SYMTDI(SYMTDI) .(.Symantec Corporation - Network Dispatch Driver.) - LEGACY_SYMTDI
~ Scan Services in 00mn 04s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
O69 - SBI: SearchScopes [HKCU] {0DA8DAC9-F5A3-4D21-BEE5-80914B132F5C} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {70D46D94-BF1E-45ED-B567-48701376298E} - (Google Desktop) - http://127.0.0.1:4664/search&s=fxPRSHX5qlkQ42inPfzse4SjObs?q={searchTerms}
~ Scan Keys in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.7FAF5222EEB546E1DC0F348DCB314B0B] [SPRF][29/08/2006] (.Zylom Games - Zylom Games Player.) -- C:\Windows\Downloaded Program Files\zylomgamesplayer.dll [161976]
~ Scan Files in 00mn 00s



---\\ Recherche d'infection Rogue (O86)
C:\Users\FV\AppData\Roaming\6876836
~ Scan Files in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{1AD7AEB3-A381-42D9-A6D3-0FA399F69ED3}" | In - Public - P6 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O87 - FAEL: "{A1850EFA-F017-4143-BADE-53CBCF94ED57}" | In - Public - P6 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O87 - FAEL: "{73D814D8-7916-47ED-934C-4C7D03A01410}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O87 - FAEL: "{AB0CE66F-1493-484A-B348-E022240DFC42}" | In - Public - P17 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O87 - FAEL: "{9F15E43A-7BD9-4A78-B805-2DAB7C143170}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O87 - FAEL: "{F26EC160-5339-42B7-8BFD-80479D1FD445}" | In - Public - P17 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O87 - FAEL: "{0C799FFF-7FD9-43B0-AC91-5F4AE49B3869}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Ubisoft\THE SETTLERS - Bâtisseurs d'Empire\base\bin\Settlers6.exe (.not file.)
O87 - FAEL: "{1E0B1FC4-FD42-4244-A52C-6F3E105AC18D}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Ubisoft\THE SETTLERS - Bâtisseurs d'Empire\base\bin\Settlers6.exe (.not file.)
O87 - FAEL: "{A1A99002-1273-4BB1-9DF4-C21624EAE302}" |In - Private - P6 - FALSE | .(...) -- C:\Program Files\Sports Interactive\Football Manager 2010\fm.exe (.not file.)
O87 - FAEL: "{2152B171-562B-42CA-BF7E-D8246B3F6FE2}" |In - Private - P17 - FALSE | .(...) -- C:\Program Files\Sports Interactive\Football Manager 2010\fm.exe (.not file.)
O87 - FAEL: "{5EB1664F-A7DF-4379-BA01-8641A9953B8E}" | In - Domain - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{C65C8C66-2AE8-4D18-B956-1F491490ED68}" | In - Domain - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{0AB5E8BC-3B41-4F1F-8834-CF9D2CE43970}" | In - Private - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{422B37FB-EBD4-482E-B75B-B34B86C0EFC5}" | In - Private - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{AAE3E47D-8EF8-4297-9109-324E6C6605A2}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "TCP Query User{F64282FB-DBE8-43C2-96E9-0631EC48C12A}C:\program files\google\google earth\client\googleearth.exe" | In - Private - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe
O87 - FAEL: "UDP Query User{38B15C61-AA4E-43C3-9177-B38F9C78D2E0}C:\program files\google\google earth\client\googleearth.exe" | In - Private - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe
O87 - FAEL: "TCP Query User{7CE7B74E-CE03-49DC-A9DD-10A1B31D7A72}C:\games\world_of_tanks_closed_beta\wotlauncher.exe" |In - Private - P6 - TRUE | .(...) -- C:\games\world_of_tanks_closed_beta\wotlauncher.exe (.not file.)
O87 - FAEL: "UDP Query User{0E6B60F7-1893-4DF3-B46F-FD2361FDE20A}C:\games\world_of_tanks_closed_beta\wotlauncher.exe" |In - Private - P17 - TRUE | .(...) -- C:\games\world_of_tanks_closed_beta\wotlauncher.exe (.not file.)
O87 - FAEL: "TCP Query User{B201ECF6-9A1F-487A-B95B-9AA8E6DC1BA5}C:\program files\mozilla firefox\firefox.exe" | In - Private - P6 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe
O87 - FAEL: "UDP Query User{F8B7AD32-F21E-420B-AF80-D39ABE2EA7AD}C:\program files\mozilla firefox\firefox.exe" | In - Private - P17 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe
O87 - FAEL: "TCP Query User{5D26C831-0FFD-4A3C-936C-5C92BAE4ECF5}C:\users\fv\appdata\local\mediaget2\mediaget.exe" | In - Private - P6 - TRUE | .(.MediaGet LLC - MediaGet torrent client.) -- C:\users\fv\appdata\local\mediaget2\mediaget.exe
O87 - FAEL: "UDP Query User{A26A48B0-BAB1-4B3D-A6F8-9FD55F62230A}C:\users\fv\appdata\local\mediaget2\mediaget.exe" | In - Private - P17 - TRUE | .(.MediaGet LLC - MediaGet torrent client.) -- C:\users\fv\appdata\local\mediaget2\mediaget.exe
~ Scan Firewall in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 8700 - (05/10/2011)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 8
Fichiers trouvés (Files found) : 0

C:\Program Files\WhiteSmoke =>PUP.Whitesmoke
C:\ProgramData\Media Get LLC =>PUP.MediaGet
C:\Users\FV\AppData\Roaming\Media Get LLC =>PUP.MediaGet
C:\Users\FV\AppData\Roaming\WhiteSmoke =>PUP.Whitesmoke
C:\Users\FV\AppData\Local\Media Get LLC =>PUP.MediaGet
C:\Users\FV\AppData\Local\MediaGet2 =>PUP.MediaGet
~ Scan Additionnel in 00mn 55s



---\\ Recherche détournement de DNS routeur (O89)
Serveur : UnKnown
Address: 192.168.1.1
Nom : www.l.google.com
Addresses: 209.85.148.106
209.85.148.104
209.85.148.103
209.85.148.99
209.85.148.147
209.85.148.105
Aliases: www.google.fr
www.google.com
~ Scan DNS in 00mn 03s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 9/09/2008 238968 | (Automatic LiveUpdate Scheduler) . (.Symantec Corporation.) - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
SR - | Auto 9/09/2008 16384 | (BUNAgentSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
SR - | Auto 17/10/2008 149352 | (ccEvtMgr) . (.Symantec Corporation.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
SR - | Auto 17/10/2008 149352 | (ccSetMgr) . (.Symantec Corporation.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
SR - | Auto 17/10/2008 149352 | (CLTNetCnService) . (.Symantec Corporation.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
SS - | Demand 9/09/2008 55640 | (comHost) . (.Symantec Corporation.) - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
SR - | Auto 24576 | (ETService) . (...) - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
SS - | Demand 24/08/2010 30192 | Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
SS - | Auto 21/01/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 21/01/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 8/11/2009 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 13/08/2009 112152 | (IviRegMgr) . (.InterVideo.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
SR - | Auto 9/09/2008 61440 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
SS - | Demand 15/08/2009 3220856 | (LiveUpdate) . (.Symantec Corporation.) - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.exe
SR - | Auto 17/10/2008 149352 | (LiveUpdate Notice) . (.Symantec Corporation.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
SS - | Demand 4/05/2011 4032992 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\Windows\system32\GameMon.des
SR - | Auto 9/09/2008 50424 | (NTIBackupSvc) . (.NewTech InfoSystems, Inc..) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
SR - | Auto 131072 | (NTISchedulerSvc) . (...) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
SR - | Auto 10/09/2008 196608 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SS - | Demand 1245064 | (Symantec Core LC) . (...) - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe
~ Scan Services in 00mn 04s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ Scan MBR in 00mn 06s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by FV at 5/10/2011 19:34:44

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 08s



End of the scan (1420 lines in 03mn 49s)(0)
0
Réponse 13 / 32
fmounet007007 Messages postés 23 Date d'inscription mardi 4 octobre 2011 Statut Membre Dernière intervention 7 octobre 2011
5 oct. 2011 à 19:46
dsl pas vu ton message pour le poster ailleurs!
0
Réponse 14 / 32
fmounet007007 Messages postés 23 Date d'inscription mardi 4 octobre 2011 Statut Membre Dernière intervention 7 octobre 2011
5 oct. 2011 à 19:48
mon pc se comporte bien, "microsoft security essentials" ne m'a plus indiqué que mon pc était malade!
0
Réponse 15 / 32
fmounet007007 Messages postés 23 Date d'inscription mardi 4 octobre 2011 Statut Membre Dernière intervention 7 octobre 2011
5 oct. 2011 à 20:11
pardon,mais un autre message vient d'apparaitre 3 fois d'affilée alors que cela n'apparaissait jamais auparavant: "Symantec Service Framework a cessé de fonctionner.
0
Réponse 16 / 32
loumax91 Messages postés 3182 Date d'inscription mardi 14 juin 2011 Statut Contributeur sécurité Dernière intervention 14 avril 2019 478
5 oct. 2011 à 20:53
Tu as deux antivirus d'installés sur ton PC, choisi l'un des deux et désinstalle l'autre.

Si tu désinstalle Norton : http://service1.symantec.com/SUPPORT/INTER/norton360intl.nsf/fr_docid/20070214094739989
Si c'est MSE passe par : ajout/suppression des programmes



Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement :

* Télécharge Defogger (de jpshortstuff) sur ton Bureau
http://www.jpshortstuff.247fixes.com/Defogger.exe
* Lance le
* Une fenêtre apparait : clique sur "Disable"
* Fais redémarrer l'ordinateur si l'outil te le demande
* Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable"

Ensuite suis la procédure déjà décrite et relance :
-AdwCleaner
-Ad-Remover et poste les deux rapports

Quand tu as fini, refais un ZHPDiag et poste le rapport ici : http://pjjoint.malekal.com/


0
Réponse 17 / 32
fmounet007007 Messages postés 23 Date d'inscription mardi 4 octobre 2011 Statut Membre Dernière intervention 7 octobre 2011
6 oct. 2011 à 12:59
voici le rapport d'AdwCleaner:

# AdwCleaner v1.309 - Rapport créé le 06/10/2011 à 12:58:22
# Mis à jour le 29/09/11 à 20h par Xplode
# Système d'exploitation : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Nom d'utilisateur : FV - PC-DE-FV (Administrateur)
# Exécuté depuis : C:\Users\FV\Downloads\adwcleaner0.exe
# Option [Suppression]


***** [KillNav] *****

# firefox.exe [PID:1540] -> Tué

***** [Processus] *****


***** [Services] *****


***** [Fichiers / Dossiers] *****


***** [Registre] *****

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FF99715-3016-4381-84CE-E4E4C9673020}

***** [Navigateurs] *****

-\\ Internet Explorer v8.0.6001.19120

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v7.0.1 (fr)

Profil : 7ezrw9ux.default
Fichier : C:\Users\FV\AppData\Roaming\Mozilla\Firefox\Profiles\7ezrw9ux.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.

-\\ Google Chrome v [Impossible d'obtenir la version]

Fichier : C:\Users\FV\AppData\Local\Google\Chrome\User Data\Default\Preferences
0
Réponse 18 / 32
fmounet007007 Messages postés 23 Date d'inscription mardi 4 octobre 2011 Statut Membre Dernière intervention 7 octobre 2011
6 oct. 2011 à 13:16
voici le rapport d'Ad-remover:

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 13:00:26 le 06/10/2011, Mode normal

Microsoft® Windows Vista(TM) Édition Familiale Basique Service Pack 2 (X86)
FV@PC-DE-FV (eMachines, inc. eMG620)

============== ACTION(S) ==============



(!) -- Fichiers temporaires supprimés.




============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [7.0.1 (fr)] ****

HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\@zylom.com/ZylomGamesPlayer (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)

-- C:\Users\FV\AppData\Roaming\Mozilla\FireFox\Profiles\7ezrw9ux.default --
Prefs.js - browser.download.lastDir, C:\\Users\\FV\\Pictures
Prefs.js - browser.search.defaultenginename, Search the web (Babylon)
Prefs.js - browser.search.selectedEngine, Web Search
Prefs.js - browser.startup.homepage_override.buildID, 20110928134238
Prefs.js - browser.startup.homepage_override.mstone, rv:7.0.1

========================================

**** Internet Explorer Version [8.0.6001.19120] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} - "Google Desktop" (hxxp://127.0.0.1:4664/search&s=fxPRSHX5qlkQ42inPfzse4SjObs?q={searchTerms})
HKLM_ElevationPolicy\{442E3CEB-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar1user.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)
BHO\{7FF99715-3016-4381-84CE-E4E4C9673020} (?)

========================================

C:\Program Files\Ad-Remover\Quarantine: 497 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 28 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 05/10/2011 19:20:54 (4507 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 06/10/2011 13:00:32 (2979 Octet(s))

Fin à: 13:02:15, 06/10/2011

============== E.O.F ==============
0
Réponse 19 / 32
fmounet007007 Messages postés 23 Date d'inscription mardi 4 octobre 2011 Statut Membre Dernière intervention 7 octobre 2011
6 oct. 2011 à 13:26
le lien pour le rapport de ZHPDiag:

https://pjjoint.malekal.com/files.php?id=ZHPDiag_z8z11i58m11l12i8o9s7u6k6v9d11n9l11u15j6q12q14y12

J'avais une autre question:Maintenant j'ai un truc qui s'ouvre au démarrage: le programme Media Get. Je ne me souviens pas l'avoir télécharger! Et j'arrive pas à le supprimer via le panneau de configuration puisqu'il ne s'y trouve pas... comment le virer?
Encore merci pour tout!
0
Réponse 20 / 32
loumax91 Messages postés 3182 Date d'inscription mardi 14 juin 2011 Statut Contributeur sécurité Dernière intervention 14 avril 2019 478
Modifié par loumax91 le 6/10/2011 à 14:51
On va s'en occuper !

Ce script va cibler certains éléments à supprimer :

* Ouvre ce lien, sélectionne le script en entier et copie le (Edition --> Copier)
http://www.cijoint.fr/cjlink.php?file=cj201110/cij7H4Azwq.txt
* Fais un clic-droit sur le raccourci de ZHPFix et choisis "Exécuter en temps qu'administrateur"
* Clique sur l'icone représentant la lettre H (« coller les lignes Helper »)
* Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes
* Clique sur le bouton « GO » pour lancer le nettoyage,
* Copie/colle la totalité du rapport dans ta prochaine réponse


Ensuite :
* Lance MBAM et fais les Mises à jour
* Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
* Sélectionne tes disques durs" puis clique sur "Lancer l'examen"
* A la fin de l'analyse, clique sur Afficher les résultats
* Coche tous les éléments détectés puis clique sur Supprimer la sélection
* Enregistre le rapport
* S'il t'est demandé de redémarrer l'ordinateur, clique sur Yes
* Poste dans ta prochaine réponse le rapport apparaissant après la suppression

Pour terminer refais un scan ZHPDiag et poste le rapport sur : http://pjjoint.malekal.com/

"Celui qui aime à apprendre est bien près du savoir" (Confucius)
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
Comment savoir si j'ai attrapé un virus sur mon téléphone ?
Infolock -
bell -

66 réponses
Virus Altruistic
Mael03250 -
MisteryBean -

11 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses