Sujet Précédent Sujet Suivant

VIRUS FACBOOK

Fermé
TROLL - 22 févr. 2011 à 09:33
Tigzy Messages postés 7498 Date d'inscription lundi 15 février 2010 Statut Contributeur sécurité Dernière intervention 15 septembre 2021 - 24 févr. 2011 à 11:26
Bonjour,

IL Y A DEUX JOURS J AI CLIQUER SUR FACEBOOK SUR LA VIDEO '' regarde l'enfant qui vol en russie'' MA OUVERT PLEIN DE PAGE KE JE NE POUVAI PAS FERMER J AI DONC ETTEIND MON ORDINATEUR.

DEPUIS LORSQUE JE ME CONNECTE A FACEBOOK SAME BLOQUE LA PAGE ET UN MESSAGE S AFFICHE EN DISANT QUE L ONGLET A ETE PERDU

MERCI DE VOTRE AIDE



A voir également:

4 réponses

Réponse 1 / 4
Tigzy Messages postés 7498 Date d'inscription lundi 15 février 2010 Statut Contributeur sécurité Dernière intervention 15 septembre 2021 582
22 févr. 2011 à 09:42
Bonjour

Merci de ne pas écrire en majuscule, sur internet cela équivaut à crier.


Télécharger sur le bureau Malwarebyte's Anti-Malware

= double-clic sur mbam-setup pour lancer l'installation
= Installer simplement sans rien modifier
= Ne pas décocher "Faire la mise à jour"
= si la mise à jour a échoué, la faire après execution du logiciel => onglet "Mise à jour"
= Quand le programme lancé ==> cocher Exécuter un examen complet
= Clic Rechercher
= Eventuellement décocher les disque à ne pas analyser
= Clic Lancer l'examen
= En fin de scan ( 1h environ), si infection trouvée
==> Clic Afficher résultat
= Fermer vos applications en cours
= Vérifier si tout est coché et clic Supprimer la sélection

un rapport s'ouvre le copier et le coller dans la réponse


-----------

* Télécharge ZHPDiag
Capture

* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Heberge le rapport ici: cijoint et colle le lien dans la réponse



1
TROLL
22 févr. 2011 à 09:58
desolé pour les majuscules!!!!!!!


merci de ta reponse ; je vais essayer mais je ne suis pas une experte donc je sais pas se que sa va donner

bonne journee
0
Tigzy Messages postés 7498 Date d'inscription lundi 15 février 2010 Statut Contributeur sécurité Dernière intervention 15 septembre 2021 582
22 févr. 2011 à 10:01
Pas besoin d'être un expert, il suffit de prendre le temps de lire et de faire ce qui est demandé ;)
0
TROLL
23 févr. 2011 à 10:26
bonjout tigzy

j en suis a l etape ou il fau copier coller le rapport dans la réponse???
0
Tigzy Messages postés 7498 Date d'inscription lundi 15 février 2010 Statut Contributeur sécurité Dernière intervention 15 septembre 2021 582
23 févr. 2011 à 13:32
Bah copie colle :)
0
TROLL
23 févr. 2011 à 21:00
j'ai tout fait jusqu au bout sa ne marche tjr pas

merci quand meme
0
Réponse 2 / 4
TROLL
24 févr. 2011 à 10:55
Malwarebytes' Anti-Malware 1.17
Version de la base de données: 846

10:23:59 23/02/2011
mbam-log-2-23-2011 (10-23-59).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 157287
Temps écoulé: 38 minute(s), 24 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 37
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\shopperreports.iebutton (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.iebutton.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbinfoband (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbinfoband.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.iebuttona (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.iebuttona.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbax (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbax.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.rprtctrl (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.rprtctrl.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9bec9b38-bf39-4899-806e-a1c5dfeb60a2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e6961c59-cfce-4ccd-b794-bc78db98413a} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport2.hbax (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport2.hbax.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport2.hbinfoband (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport2.hbinfoband.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport2.iebutton (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport2.iebutton.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport2.iebuttona (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport2.iebuttona.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport2.rprtctrl (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport2.rprtctrl.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\ShopperReports3\bin\3.0.517.0\ShopperReports.dll (Adware.Shopping.Report) -> Quarantined and deleted successfully.
0
Réponse 3 / 4
TROLL
24 févr. 2011 à 10:58
Rapport de ZHPDiag v1.27.1622 par Nicolas Coolman, Update du 23/02/2011
Run by hello at 23/02/2011 20:50:43
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr

---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18882 (Defaut)

---\\ System Information
Windows Vista Home Premium Edition, 32-bit (Build 6000)
Processor: x86 Family 6 Model 14 Stepping 12, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2037 MB (43% free)
System Restore: Activé (Enable)
System drive C: has 10 GB (15%) free of 68 GB

---\\ Logged in mode
Computer Name: PC-DE-HELLO
User Name: hello
All Users Names: hello, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=C:\Users\hello\AppData\Roaming
%LocalAppData%=C:\Users\hello\AppData\Local
%StartMenu%=C:\Users\hello\AppData\Roaming\Microsoft\Windows\Start Menu

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 10 Go of 68 Go)
D:\ CD-ROM drive (Not Inserted)


---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK


---\\ Recherche particulière de fichiers génériques
[MD5.37440D09DEAE0B672A04DCCF7ABF06BE] - (.Microsoft Corporation - Explorateur Windows.) (.29/01/2009 09:27:05.) -- C:\Windows\Explorer.exe [2923520]
[MD5.D4385B03E8CCCEE6F0EE249F827C1F3E] - (.Microsoft Corporation - Application de démarrage de Windows.) (.02/11/2006 10:45:57.) -- C:\Windows\System32\Wininit.exe [95744]
[MD5.91B8712BDC74295DA14A08F519B70D65] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.02/01/2010 07:38:20.) -- C:\Windows\System32\wininet.dll [916480]
[MD5.9F75392B9128A91ABAFB044EA350BAAD] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.02/11/2006 10:45:57.) -- C:\Windows\System32\Winlogon.exe [308224]
[MD5.B35CFCEF838382AB6490B321C87EDF17] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.29/01/2009 09:28:20.) -- C:\Windows\System32\drivers\atapi.sys [21560]
[MD5.37430AA7A66D7A63407ADC2C0D05E9F6] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.29/01/2009 09:43:13.) -- C:\Windows\System32\drivers\ntfs.sys [1060920]


---\\ Processus lancés
[MD5.4719ED2A9E1F0FF37BC3FC1999F4FFC4] - (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\Program Files\AVG\AVG10\avgtray.exe [2747744]
[MD5.2E0953919779A44BF9DFB7B07C58535A] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125440]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408]
[MD5.693E4C15CEE5D6487D7913A2701B5E40] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376]
[MD5.0CCE84F6F693478A769BFC1E993CBF67] - (.AVG Technologies CZ, s.r.o. - AVG IDS application.) -- C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe [737872]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53472]
[MD5.66EA5047C4752DEF988775C71CFD8F67] - (.Malwarebytes - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [1183352]
[MD5.88BD42DAE7CFFEB256CA7145A15E4843] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638216]
[MD5.20A098A4D12E49342228D3AFE98EAFDF] - (.Microsoft Corporation - Windows Live Toolbar User Elevation Helper.) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe [223584]
[MD5.8B4022226C18FA378C324C11CBADDA36] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe [304304]
[MD5.711FD53E441255983C0AB014E2F107F4] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe [233936]
[MD5.CF5FAAE47BD45081EBD2B4732A866B64] - (.Microsoft Corporation - Microsoft Word.) -- C:\Program Files\Microsoft Office\Office10\WINWORD.EXE [10577312]
[MD5.6D12771CB33619F4BDAF2F6BBD310F60] - (.Microsoft Corp. - Microsoft Office Live Add-in Sign-in.) -- C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe [97128]
[MD5.6E66F6174D283EF491CE5DB832010BC4] - (.Microsoft Corporation - Microsoft Agent Server.) -- C:\Windows\MSAgent\agentsvr.exe [292864]
[MD5.B7CD1514C30A6785A8D5E50C933EE747] - (.Microsoft Corporation - Microsoft Feeds Synchronization.) -- C:\Windows\system32\msfeedssync.exe [13312]
[MD5.C799301BE48A4C969ED6202A4278DD40] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [631808]


---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.51204.0.) -- c:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll


---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKUS\S-1-5-21-2781872221-1342822096-2635222749-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-2781872221-1342822096-2635222749-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} . (.Ask.com - Ask.com Toolbar.) (5.6.13.184) -- C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1


---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll


---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"


---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} . (.Shareaza Development Team - Shareaza Web Download Hook.) -- C:\Program Files\Shareaza\RazaWebHook32.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} . (.AVG Technologies CZ, s.r.o. - Safe Search for Internet Explorer.) -- C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: EOBHO - {C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} Clé orpheline
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask.com - Ask.com Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll


---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: LimeWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask.com - Ask.com Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll


---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [LanguageShortcut] . (.Pas de propriétaire - Language Application.) -- C:\Program Files\CyberLink\PowerDVD\Language\Language.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (.not file.)
O4 - HKLM\..\Run: [MSConfig] . (.Microsoft Corporation - Utilitaire de configuration système.) -- C:\Windows\system32\msconfig.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] . (.Malwarebytes - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - HKLM\..\Run: [AVG_TRAY] . (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [EPSON SX100 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEDE.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-2781872221-1342822096-2635222749-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-2781872221-1342822096-2635222749-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-2781872221-1342822096-2635222749-1000\..\Run: [EPSON SX100 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEDE.exe
O4 - HKUS\S-1-5-21-2781872221-1342822096-2635222749-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-2781872221-1342822096-2635222749-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-2781872221-1342822096-2635222749-1000\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe


---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\hello\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\hello\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\hello\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\hello\Desktop\Aller sur MSN.fr.lnk - Clé orpheline
O4 - Global Startup: C:\Users\hello\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - Global Startup: C:\Users\hello\Desktop\Départ Ski Challenge 2010 (FTV).lnk . (...) -- C:\Games\Ski Challenge 2010 (FTV)\Updater.exe
O4 - Global Startup: C:\Users\hello\Desktop\f.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\hello\Desktop\MEMUP 500GB (F) - Raccourci.lnk . (...) -- F:\ (.not file.)
O4 - Global Startup: C:\Users\hello\Desktop\Microsoft Word.lnk . (...) -- C:\Windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe
O4 - Global Startup: C:\Users\hello\Desktop\Musique - Raccourci.lnk . (...) -- C:\Users\hello\Music
O4 - Global Startup: C:\Users\hello\Desktop\Nero StartSmart Essentials.lnk . (.Nero AG.) -- C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe
O4 - Global Startup: C:\Users\hello\Desktop\Partouche.lnk . (...) -- C:\Users\hello\AppData\Roaming\Partouche\Partouche.exe
O4 - Global Startup: C:\Users\hello\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
O4 - Global Startup: C:\Users\hello\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\hello\Desktop\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\hello\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\hello\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk . (.Nero AG.) -- C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe
O4 - Global Startup: C:\Users\hello\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.lnk . (.PokerStars.) -- C:\Program Files\PokerStars\PokerStarsUpdate.exe
O4 - Global Startup: C:\Users\hello\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shareaza.lnk . (.Shareaza Development Team.) -- C:\Program Files\Shareaza\Shareaza.exe
O4 - Global Startup: C:\Users\hello\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline
O4 - Global Startup: C:\Users\hello\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline


---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Download with &Shareaza . (.Shareaza Development Team - Shareaza Web Download Hook.) -- c:\program files\shareaza\razawebhook32.dll
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Excel.) -- C:\PROGRA~1\MICROS~2\Office10\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll


---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\PokerStars\main.ico


---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll


---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: Microsoft XML Parser for Java - (Microsoft XML Parser for Java) - (.not file.) - C:\Windows\Java\classes\xmldso.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab


---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D2BBC903-CA37-44B2-8254-6CAEEB45E486}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{D2BBC903-CA37-44B2-8254-6CAEEB45E486}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{D2BBC903-CA37-44B2-8254-6CAEEB45E486}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241


---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} . (.AVG Technologies CZ, s.r.o. - Safe Search pluggable protocol.) -- C:\Program Files\AVG\AVG10\avgpp.dll


---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll


---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll


---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o. - AVG IDS application.) - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: (avgwd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: (EPSON_EB_RPCV4_01) . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.exe
O23 - Service: (EPSON_PM_RPCV4_01) . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.exe
O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: (InCDsrv) . (.Nero AG - incdsrv.) - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: (NBService) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: (NeroRegInCDSrv) - Clé orpheline
O23 - Service: (NMIndexingService) . (.Nero AG - Nero Home.) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe


---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Word.) - C:\Program Files\Microsoft Office\Office10\WINWORD.exe


---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Norton Security Scan for hello.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{73BE4DC6-0948-4471-B801-0215E242E9C2}.job
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.EF6C857E9758308C577FB5CB208B7922] [APT] [Norton Security Scan for hello] (.Symantec Corporation.) -- C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe
[MD5.EF7C202CB60E1166501875F565904083] [APT] [Scheduled Update for Ask Toolbar] (.Pas de propriétaire.) -- C:\Program Files\Ask.com\UpdateTask.exe


---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (Avgldx86) . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - C:\Windows\System32\DRIVERS\avgldx86.sys
O41 - Driver: (Avgmfx86) . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) - C:\Windows\System32\DRIVERS\avgmfx86.sys
O41 - Driver: (Avgtdix) . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - C:\Windows\System32\DRIVERS\avgtdix.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (DfsC) . (.Microsoft Corporation - DFS Client MUP Surrogate Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (InCDPass) . (.Nero AG - Ahead RW Filter Driver.) - C:\Windows\System32\drivers\InCDPass.sys
O41 - Driver: (InCDrec) . (.Nero AG - InCD File System Recognizer.) - C:\Windows\System32\drivers\InCDRec.sys
O41 - Driver: (incdrm) . (.Nero AG - Nero MRW Filter Driver.) - C:\Windows\System32\drivers\InCDRm.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Tcpip) . (.Microsoft Corporation - TCP/IP Driver.) - C:\Windows\System32\drivers\tcpip.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys


---\\ Logiciels installés (O42)
O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
O42 - Logiciel: AVG 2011 - (.AVG Technologies.) [HKLM] -- AVG
O42 - Logiciel: AVG 2011 - (.AVG Technologies.) [HKLM] -- {A276502A-8979-44FB-8090-90CF72F22ABC}
O42 - Logiciel: AVG 2011 - (.AVG Technologies.) [HKLM] -- {F4C68898-EBA5-46A9-82B3-2D30426086BF}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems, Inc..) [HKLM] -- {ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE}
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: ClickPotato - (.Pinball Corporation..) [HKLM] -- ClickPotatoLiteSA
O42 - Logiciel: DVD Suite - (.CyberLink Corporation.) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: EPSON SX100 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON SX100 Series
O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON Stylus SX100_TX100 Manuel - (.Pas de propriétaire.) [HKLM] -- EPSON Stylus SX100_TX100 Guide d'utilisation
O42 - Logiciel: EoRezo 1.0 - (.EoRezo.) [HKLM] -- EoRezo_is1
O42 - Logiciel: Epson Easy Photo Print 2 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {DEDB47A3-C988-4A43-A645-E2CEA571E680}
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: Java(TM) 6 Update 20 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}
O42 - Logiciel: LG PC Suite II - (.LG PC Suite.) [HKLM] -- {14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}
O42 - Logiciel: LG USB Modem Drivers - (.LG Electronics.) [HKLM] -- {FA02ACAC-9E14-4878-A257-92A22A647C2C}
O42 - Logiciel: LG USB Modem driver - (.LG Electronics.) [HKLM] -- {C3ABE126-2BB2-4246-BFE1-6797679B3579}
O42 - Logiciel: LimeWire 5.5.8 - (.Lime Wire, LLC.) [HKLM] -- LimeWire
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Office Live Add-in 1.3 - (.Microsoft Corporation.) [HKLM] -- {57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
O42 - Logiciel: Microsoft Office XP Professional avec FrontPage - (.Microsoft Corporation.) [HKLM] -- {9028040C-6000-11D3-8CFE-0050048383C9}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Monopoly - (.Pas de propriétaire.) [HKLM] -- Monopoly
O42 - Logiciel: Monopoly Version 8 - (.Olivier RAVET.) [HKLM] -- Monopoly_is1
O42 - Logiciel: Nero 7 Essentials - (.Nero AG.) [HKLM] -- {EF3E420F-2DCF-4C24-8E37-896801901036}
O42 - Logiciel: Norton Security Scan - (.Symantec Corporation.) [HKLM] -- NSS
O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: Partouche - (.Partouche.) [HKCU] -- Partouche
O42 - Logiciel: PokerStars - (.PokerStars.) [HKLM] -- PokerStars
O42 - Logiciel: PowerDVD - (.CyberLink Corporation.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
O42 - Logiciel: ResultBar 1.0 build 113 - (.Pas de propriétaire.) [HKLM] -- ResultBar
O42 - Logiciel: Satsuki Decoder Pack - (.Pas de propriétaire.) [HKLM] -- Satsuki Decoder Pack
O42 - Logiciel: Shareaza 2.5.2.0 - (.Shareaza Development Team.) [HKLM] -- Shareaza_is1
O42 - Logiciel: ShopperReports - (.ShopperReports.) [HKLM] -- ShoppingReport2
O42 - Logiciel: ShopperReports - (.SmartShopper.) [HKLM] -- ShopperReportsSA
O42 - Logiciel: Ski Challenge 2010 (FTV) - (.Pas de propriétaire.) [HKCU] -- sc10-FR_FTV_MAIN
O42 - Logiciel: SoftwareUpdate 1.0 - (.eoRezo.) [HKLM] -- SoftwareUpdate_is1
O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5464-3428-900000000004}
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VLC media player 1.0.1 - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {230B83A5-7D88-4B95-B71E-F44C0C78B002}
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {9D6524E6-15CF-4852-BF70-04FE973A3DE1}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}
O42 - Logiciel: Xvid 1.2.1 final uninstall - (.Xvid team (Koepi).) [HKLM] -- Xvid_is1
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ABBYY]
[HKCU\Software\AC3Filter]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\AskToolbarInfo]
[HKCU\Software\AppDataLow\Aurigma]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\AskToolbar]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\ShopperReports3]
[HKCU\Software\AppDataLow\Software\ShoppingReport2]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Ask.com]
[HKCU\Software\AskToolbar]
[HKCU\Software\Avg]
[HKCU\Software\CDDB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Cyberlink]
[HKCU\Software\EPSON]
[HKCU\Software\EoRezo]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Greentube]
[HKCU\Software\Haali]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\LG Electronics Inc]
[HKCU\Software\Lake]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\PatchPoker]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Satsuki Decoder Pack]
[HKCU\Software\Shareaza]
[HKCU\Software\ShopperReports3]
[HKCU\Software\ShoppingReport2]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\clickpotatolitesa]
[HKCU\Software\eMule]
[HKLM\Software\ABBYY]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\AppDataLow]
[HKLM\Software\Audible]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CDDB]
[HKLM\Software\CXT]
[HKLM\Software\Classes]
[HKLM\Software\ClickPotatoLite]
[HKLM\Software\Clients]
[HKLM\Software\Conexant]
[HKLM\Software\CyberLink]
[HKLM\Software\ENE Technology Inc]
[HKLM\Software\EPSON]
[HKLM\Software\GNU]
[HKLM\Software\Gabest]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\LG Electronics]
[HKLM\Software\LG PC Suite]
[HKLM\Software\Lake]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NOS]
[HKLM\Software\Nero]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\RealNetworks]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\STURM]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Shareaza]
[HKLM\Software\ShopperReports3]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows]
[HKLM\Software\mozilla.org]


---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/02/2009 - 15:34:46 - [124487825] ----D- C:\Program Files\ABBYY FineReader 6.0 Sprint
O43 - CFD: 08/06/2009 - 10:29:56 - [52164181] ----D- C:\Program Files\Adobe
O43 - CFD: 28/10/2010 - 12:05:20 - [1686849] ----D- C:\Program Files\Ask.com
O43 - CFD: 15/02/2011 - 19:19:46 - [102540958] ----D- C:\Program Files\AVG
O43 - CFD: 20/05/2010 - 18:17:28 - [2812120] ----D- C:\Program Files\CCleaner
O43 - CFD: 29/11/2010 - 19:50:14 - [765301] ----D- C:\Program Files\ClickPotatoLite
O43 - CFD: 17/05/2010 - 14:13:06 - [778301279] ----D- C:\Program Files\Common Files
O43 - CFD: 29/01/2009 - 10:47:58 - [94784271] ----D- C:\Program Files\CyberLink
O43 - CFD: 21/05/2010 - 07:31:30 - [1192651] ----D- C:\Program Files\EoRezo
O43 - CFD: 17/02/2009 - 12:00:18 - [13155695] ----D- C:\Program Files\epson
O43 - CFD: 17/02/2009 - 12:02:32 - [93975345] ----D- C:\Program Files\Epson Software
O43 - CFD: 28/01/2009 - 18:13:24 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 05/02/2010 - 09:52:30 - [14962188] ----D- C:\Program Files\Google
O43 - CFD: 19/05/2010 - 21:24:16 - [411861] ----D- C:\Program Files\Ihsv
O43 - CFD: 19/06/2009 - 17:44:26 - [23480577] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 27/08/2010 - 08:55:26 - [4560280] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 11/06/2010 - 09:21:28 - [87743435] ----D- C:\Program Files\Java
O43 - CFD: 12/08/2009 - 10:59:08 - [2029773] ----D- C:\Program Files\LG Electronics
O43 - CFD: 12/08/2009 - 11:00:16 - [171864412] ----D- C:\Program Files\LG PC Suite II
O43 - CFD: 10/05/2010 - 22:05:36 - [106717706] ----D- C:\Program Files\LimeWire
O43 - CFD: 23/02/2011 - 09:31:10 - [3983682] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 11/04/2009 - 10:31:48 - [1544075] ----D- C:\Program Files\Microsoft
O43 - CFD: 02/11/2006 - 13:37:36 - [92804023] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 20/02/2009 - 16:15:06 - [75824870] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 18/12/2010 - 17:35:38 - [38361211] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 24/11/2009 - 12:27:52 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 11/04/2009 - 10:31:12 - [2188837] ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 19/05/2010 - 21:15:34 - [3053476] ----D- C:\Program Files\Monopoly
O43 - CFD: 11/03/2010 - 11:03:04 - [99153006] ----D- C:\Program Files\Movie Maker
O43 - CFD: 02/11/2006 - 13:37:36 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 02/11/2006 - 13:37:36 - [3272760] ----D- C:\Program Files\MSN
O43 - CFD: 25/03/2009 - 11:31:32 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 29/01/2009 - 11:34:58 - [257817230] ----D- C:\Program Files\Nero
O43 - CFD: 17/05/2010 - 08:37:36 - [13041048] ----D- C:\Program Files\Norton Security Scan
O43 - CFD: 17/05/2010 - 08:37:34 - [8446147] ----D- C:\Program Files\NortonInstaller
O43 - CFD: 09/06/2009 - 11:06:52 - [0] ----D- C:\Program Files\NOS
O43 - CFD: 14/08/2010 - 01:40:02 - [84402922] ----D- C:\Program Files\PokerStars
O43 - CFD: 02/11/2006 - 13:37:36 - [38637313] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 18/02/2011 - 14:29:58 - [0] ----D- C:\Program Files\ResultBar
O43 - CFD: 04/02/2009 - 00:33:24 - [22184022] ----D- C:\Program Files\Satsuki Decoder Pack
O43 - CFD: 15/03/2010 - 18:23:00 - [25032638] ----D- C:\Program Files\Shareaza
O43 - CFD: 29/11/2010 - 19:49:54 - [2365572] ----D- C:\Program Files\ShopperReports3
O43 - CFD: 29/11/2010 - 22:32:12 - [89824] ----D- C:\Program Files\ShoppingReport2
O43 - CFD: 21/05/2010 - 07:36:16 - [49366863] ----D- C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 02/11/2006 - 14:01:56 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 30/01/2009 - 10:04:06 - [74466874] ----D- C:\Program Files\VideoLAN
O43 - CFD: 29/01/2009 - 10:00:14 - [1016832] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 02/11/2006 - 13:42:34 - [2761216] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 29/01/2009 - 10:00:06 - [4486592] ----D- C:\Program Files\Windows Defender
O43 - CFD: 02/11/2006 - 13:42:34 - [7078008] ----D- C:\Program Files\Windows Journal
O43 - CFD: 29/01/2011 - 11:20:18 - [150794930] ----D- C:\Program Files\Windows Live
O43 - CFD: 24/03/2009 - 11:21:28 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 15/04/2010 - 09:21:42 - [9071240] ----D- C:\Program Files\Windows Mail
O43 - CFD: 29/10/2009 - 03:02:32 - [4496487] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 28/01/2009 - 18:13:24 - [7940176] ----D- C:\Program Files\Windows NT
O43 - CFD: 02/11/2006 - 13:42:34 - [13463714] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 29/01/2009 - 09:59:42 - [6664237] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 29/11/2010 - 22:33:54 - [770659] ----D- C:\Program Files\Xvid
O43 - CFD: 23/02/2011 - 20:50:54 - [3454447] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 16/11/2009 - 14:09:24 - [0] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 29/01/2009 - 11:37:06 - [112399032] ----D- C:\Program Files\Common Files\Ahead
O43 - CFD: 20/02/2009 - 16:15:24 - [86016] ----D- C:\Program Files\Common Files\Designer
O43 - CFD: 19/06/2009 - 17:44:06 - [3057576] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 24/03/2009 - 11:21:34 - [255602037] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 02/11/2006 - 12:18:34 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 02/11/2006 - 12:18:34 - [41100711] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 23/02/2011 - 15:17:16 - [0] ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 29/01/2009 - 10:00:10 - [16561652] ----D- C:\Program Files\Common Files\System
O43 - CFD: 24/03/2009 - 11:17:16 - [349491553] ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 16/11/2009 - 14:09:22 - [0] ----D- C:\ProgramData\Adobe
O43 - CFD: 29/01/2009 - 11:37:30 - [320] ----D- C:\ProgramData\Ahead
O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 18/02/2011 - 13:44:30 - [254085276] ----D- C:\ProgramData\AVG10
O43 - CFD: 15/02/2011 - 19:20:40 - [189240423] ----D- C:\ProgramData\avg8
O43 - CFD: 28/01/2009 - 18:13:24 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 04/12/2010 - 07:26:52 - [10804875] ----D- C:\ProgramData\ClickPotatoLiteSA
O43 - CFD: 18/02/2011 - 13:44:08 - [96] --H-D- C:\ProgramData\Common Files
O43 - CFD: 01/02/2009 - 01:21:02 - [8404] ----D- C:\ProgramData\CyberLink
O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 25/03/2009 - 12:22:32 - [0] ----D- C:\ProgramData\eMule
O43 - CFD: 17/02/2009 - 11:58:30 - [7342521] ----D- C:\ProgramData\EPSON
O43 - CFD: 28/01/2009 - 18:13:24 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 08/06/2009 - 10:32:28 - [1479060] ----D- C:\ProgramData\Google
O43 - CFD: 20/05/2010 - 18:24:26 - [704714] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 28/01/2009 - 18:13:24 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 15/02/2011 - 19:20:16 - [142839579] ----D- C:\ProgramData\MFAData
O43 - CFD: 05/06/2010 - 07:59:32 - [123039441] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 28/01/2009 - 18:13:24 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 29/01/2009 - 11:34:58 - [4943975] ----D- C:\ProgramData\Nero
O43 - CFD: 17/05/2010 - 08:37:42 - [3357] ----D- C:\ProgramData\Norton
O43 - CFD: 17/05/2010 - 08:37:34 - [67654] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 09/06/2009 - 11:06:52 - [0] ----D- C:\ProgramData\NOS
O43 - CFD: 18/02/2011 - 14:29:58 - [0] ----D- C:\ProgramData\ResultBar
O43 - CFD: 22/02/2011 - 09:20:14 - [4409] ----D- C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 17/05/2010 - 14:10:30 - [399076777] ----D- C:\ProgramData\Symantec
O43 - CFD: 15/02/2011 - 19:06:08 - [88422845] ----D- C:\ProgramData\Temp
O43 - CFD: 02/11/2006 - 14:02:06 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 17/02/2009 - 12:03:08 - [3498] ----D- C:\ProgramData\UDL
O43 - CFD: 08/06/2009 - 10:31:28 - [2817799] ----D- C:\Users\hello\AppData\Roaming\Adobe
O43 - CFD: 10/02/2009 - 11:35:56 - [124146] ----D- C:\Users\hello\AppData\Roaming\Ahead
O43 - CFD: 18/02/2011 - 13:45:22 - [168] ----D- C:\Users\hello\AppData\Roaming\AVG10
O43 - CFD: 29/11/2010 - 19:50:14 - [0] ----D- C:\Users\hello\AppData\Roaming\ClickPotatoLite
O43 - CFD: 01/02/2009 - 01:21:10 - [5643] ----D- C:\Users\hello\AppData\Roaming\CyberLink
O43 - CFD: 19/03/2009 - 23:32:08 - [199] ----D- C:\Users\hello\AppData\Roaming\dvdcss
O43 - CFD: 19/05/2010 - 21:24:04 - [893232] ----D- C:\Users\hello\AppData\Roaming\eoRezo
O43 - CFD: 17/02/2009 - 12:08:14 - [1003] ----D- C:\Users\hello\AppData\Roaming\EPSON
O43 - CFD: 08/06/2009 - 10:36:16 - [0] ----D- C:\Users\hello\AppData\Roaming\Google
O43 - CFD: 28/01/2009 - 18:18:06 - [0] ----D- C:\Users\hello\AppData\Roaming\Identities
O43 - CFD: 17/02/2009 - 11:59:00 - [0] ----D- C:\Users\hello\AppData\Roaming\InstallShield
O43 - CFD: 19/06/2009 - 17:42:14 - [1530377] ----D- C:\Users\hello\AppData\Roaming\LG Electronics
O43 - CFD: 21/01/2011 - 17:47:12 - [25775327] ----D- C:\Users\hello\AppData\Roaming\LimeWire
O43 - CFD: 28/01/2009 - 18:26:28 - [1923790] ----D- C:\Users\hello\AppData\Roaming\Macromedia
O43 - CFD: 20/05/2010 - 18:24:36 - [2858170] ----D- C:\Users\hello\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 13:37:36 - [0] ----D- C:\Users\hello\AppData\Roaming\Media Center Programs
O43 - CFD: 04/02/2009 - 09:00:00 - [100] ----D- C:\Users\hello\AppData\Roaming\Media Player Classic
O43 - CFD: 15/02/2011 - 19:21:16 - [26849096] -S--D- C:\Users\hello\AppData\Roaming\Microsoft
O43 - CFD: 25/03/2009 - 16:45:40 - [0] ----D- C:\Users\hello\AppData\Roaming\Mozilla
O43 - CFD: 14/08/2010 - 01:38:24 - [144801008] ----D- C:\Users\hello\AppData\Roaming\Partouche
O43 - CFD: 10/02/2009 - 11:13:10 - [0] ----D- C:\Users\hello\AppData\Roaming\PeerNetworking
O43 - CFD: 15/03/2010 - 18:23:26 - [895814] ----D- C:\Users\hello\AppData\Roaming\Shareaza
O43 - CFD: 29/11/2010 - 19:49:56 - [0] ----D- C:\Users\hello\AppData\Roaming\ShopperReports3
O43 - CFD: 10/01/2011 - 11:35:30 - [475379] ----D- C:\Users\hello\AppData\Roaming\vlc


---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.9CED1200D8DCB37500ECFD7F70EE1200] - 23/02/2011 - 19:59:28 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1697998]
O44 - LFC:[MD5.6DD38830444745C4C6610A26337FD9C4] - 23/02/2011 - 09:06:57 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.FFD4BFD928C76C6390A6E292F3ACF101] - 15/02/2011 - 19:06:34 ---A- . (...) -- C:\Windows\System32\commonpriv.log [3412]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/02/2011 - 19:06:33 ---A- . (...) -- C:\Windows\System32\commonpriv.log.lock [0]
O44 - LFC:[MD5.804E1719ED5B679523D1FF2AC0F79BEA] - 09/02/2011 - 10:11:16 ---A- . (...) -- C:\Windows\System32\perfc009.dat [103924]
O44 - LFC:[MD5.FB485590099151791690AB183505681E] - 09/02/2011 - 10:11:16 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [117572]
O44 - LFC:[MD5.13D5D823B4CEC9B854787886898B0F11] - 09/02/2011 - 10:11:16 ---A- . (...) -- C:\Windows\System32\perfh009.dat [610142]
O44 - LFC:[MD5.3993D97449584894FC310269C22338A6] - 09/02/2011 - 10:11:16 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [690832]
O44 - LFC:[MD5.6CBACA685A4221B59F8D4B519FAF3FD8] - 09/02/2011 - 10:11:15 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1512256]
O44 - LFC:[MD5.72986186CA7A8C3F1F41681EDAD59F2B] - 10/06/2008 - 19:02:44 ---A- . (...) -- C:\Windows\System32\drivers\mbamcatchme.sys [34296]


---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{0c0991e8-5b3e-11df-9c54-000acd15fb89}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- E:\AdobeR.exe (.not file.)
O51 - MPSK:{25558fd2-fd2b-11dd-abae-806e6f6e6963}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- E:\AdobeR.exe (.not file.)
O51 - MPSK:{8d78744e-a910-11df-aee2-000acd15fb89}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\iStudio.exe (.not file.)
O51 - MPSK:{943884be-5d70-11de-8bda-0016d4b02b27}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- E:\USBAutoRun.exe (.not file.)
O51 - MPSK:{c805ba68-9174-11df-b979-000acd15fb89}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- E:\33r.exe (.not file.)
O51 - MPSK:{e1a04602-f620-11de-a6fc-0016d4b02b27}\AutoRun\command - Clé orpheline


---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.ffds"="ff_vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ff_vfw.dll
O52 - TDSD: \Drivers32\"VIDC.VP40"="vp4vfw.dll" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\xvidvfw.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"wdmaud.drv"="Pilote de fonction UAA 1.1 Microsoft pour High Definition Audio" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\xvidvfw.dll


---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\InCD [Key] . (.Nero AG - InCD.) -- C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O53 - SMSR:HKLM\...\startupreg\NeroFilterCheck [Key] . (.Nero AG - NeroCheck.) -- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O53 - SMSR:HKLM\...\startupreg\RavAV [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Windows\AdobeR.exe
O53 - SMSR:HKLM\...\startupreg\RemoteControl [Key] . (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
O53 - SMSR:HKLM\...\startupreg\SecurDisc [Key] . (.Nero AG - NBH.) -- C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe


---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll


---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0


---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [420968]
O58 - SDL:[MD5.B84088CA3CDCA97DA44A984C6CE1CCAD] - 02/11/2006 - 10:51:32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297576]
O58 - SDL:[MD5.7880C67BCCC27C86FD05AA2AFB5EA469] - 02/11/2006 - 10:50:35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [98408]
O58 - SDL:[MD5.9AE713F8E30EFC2ABCCD84904333DF4D] - 02/11/2006 - 10:51:00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [147048]
O58 - SDL:[MD5.90395B64600EBB4552E26E178C94B2E4] - 02/11/2006 - 10:49:20 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [14952]
O58 - SDL:[MD5.5F673180268BB1FDB69C99B6619FE379] - 02/11/2006 - 10:50:09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [67688]
O58 - SDL:[MD5.957F7540B5E7F602E44648C7DE5A1C05] - 02/11/2006 - 10:50:10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [67688]
O58 - SDL:[MD5.6046A55F79DE9C581B8D5E9C1366CC81] - 02/11/2006 - 08:30:52 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athr.sys [467456]
O58 - SDL:[MD5.5F6C56305EA73760CDAFC7604D64BBE0] - 03/08/2010 - 15:23:54 ---A- . (.AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Driver..) -- C:\Windows\system32\drivers\AVGIDSDriver.sys [123472]
O58 - SDL:[MD5.20A2D48722CF055C846BDEAFA4F733CE] - 13/09/2010 - 15:27:40 ---A- . (.AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Helper Driver..) -- C:\Windows\system32\drivers\AVGIDSEH.sys [25680]
O58 - SDL:[MD5.0A95333CA80CA8B79D612F3965466CC0] - 03/08/2010 - 15:23:52 ---A- . (.AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Filter Driver..) -- C:\Windows\system32\drivers\AVGIDSFilter.sys [30288]
O58 - SDL:[MD5.AB7E4B37126447FFE4FB639901012FB3] - 03/08/2010 - 15:23:58 ---A- . (.AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Loader Driver..) -- C:\Windows\system32\drivers\AVGIDSShim.sys [27216]
O58 - SDL:[MD5.
0
Réponse 4 / 4
Tigzy Messages postés 7498 Date d'inscription lundi 15 février 2010 Statut Contributeur sécurité Dernière intervention 15 septembre 2021 582
24 févr. 2011 à 11:26
Bon alors, ça m'étonne pas que le problème soit toujours présent, tu n'as pas fait la mise à jour de Malwarebytes.

relance le , onglet MAJ => faire la mise à jour.
Puis onglet Scan, relance un scan complet.


Pour ZHPdiag, le rapport n'est pas complet car il est trop long. il faut l'heberger sur cijoint, comme demandé.

Merci
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
problème facbook
Benson -
MPMP10 -

1 réponse
Récupérer mon messenger facbook
Sylvain974 -
georges97 -

9 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses