Virus embêtant!!

fmounet007007 Messages postés 23 Statut Membre -  
 kristof78400 -
Bonjour,

J'ai installé un anti-virus gratuit qui m'a été conseillé: Microsoft security Essentials.
Cet anti-virus me dit que mon ordinateur est en danger à chaque fois que j'allume l'ordi.
Il essaie alors de supprimer le virus, qui s'appelle "trojan:win32/Eyestye.C!cfg.
Mais à chaque fois, c'est la meme chose, il revient, et Microsoft security Essentials le supprime de nouveau.... enfin il ne le supprime pas vraiment apparemment...
Que puis-je faire pour supprimer ce virus de mon ordi?
Merci d'avance!!

32 réponses

  • 1
  • 2
Résumé de la discussion

Le sujet décrit une infection par un trojan nommé Eyestye détecté par l’antivirus gratuit Microsoft Security Essentials, qui affiche une alerte à chaque démarrage et reboucle après la suppression. Des réponses proposent de relancer ZHPFix avec les privilèges administrateur et en mode sans échec, et de reprendre la procédure avec le même script via des liens fournis. D’autres intervenants indiquent des difficultés pratiques (week-end chargé), suggèrent de déposer le rapport de désinfection sur des services dédiés et énumèrent des éléments d’analyse issus de rapports système. Enfin, le fil comprend des extraits de rapports techniques détaillés et des éléments d’analyse issus d’outils comme HijackThis, illustrant une approche de nettoyage pas à pas.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. loumax91 Messages postés 14 Date d'inscription   Statut Contributeur sécurité Dernière intervention   483
     
    Bonjour

    Utilise ce logiciel de désinfection généraliste :

    * Télécharge et installe Malwarebytes' Anti-Malware
    * A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
    * Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
    * Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
    * Sélectionne tes disques durs" puis clique sur "Lancer l'examen"
    * A la fin de l'analyse, clique sur Afficher les résultats
    * Coche tous les éléments détectés puis clique sur Supprimer la sélection
    * Enregistre le rapport
    * S'il t'est demandé de redémarrer l'ordinateur, clique sur Yes
    * Poste dans ta prochaine réponse le rapport apparaissant après la suppression

    Ensuite :
    Peux-tu utiliser ce logiciel de diagnostic, ça me permettra de t'aider :

    * Télécharge ZHPDiag (de Nicolas Coolman)
    * Lance le (si tu es sous Windows Vista ou Windows 7, fais le par un clic-droit --> Exécuter en temps qu'administrateur)
    * Laisse toi guider lors de l'installation (pense à cocher la case pour créer un raccourci sur le Bureau)
    * Il se lancera automatiquement à la fin de l'installation
    * Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
    * Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
    * Rends toi sur ce site, clique sur "Parcourir", sélectionne le rapport de ZHPDiag et clique sur Envoyer le fichier. Patiente pendant l'envoi du fichier, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
    0
  2. fmounet007007 Messages postés 23 Statut Membre
     
    ok je fais ça merci!
    0
  3. fmounet007007 Messages postés 23 Statut Membre
     
    voici la copie du rapport après l'analyse. J'ai fait une analyse rapide... après deux essais d'analyse complète... mais malwarebytes bloquait à chaque fois...

    Malwarebytes' Anti-Malware 1.51.2.1300
    www.malwarebytes.org

    Version de la base de données: 7876

    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.19120

    5/10/2011 17:04:10
    mbam-log-2011-10-05 (17-04-10).txt

    Type d'examen: Examen rapide
    Elément(s) analysé(s): 171159
    Temps écoulé: 14 minute(s), 58 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 4
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 1
    Dossier(s) infecté(s): 9
    Fichier(s) infecté(s): 13

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\Software\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\QuestBrowse (Adware.QuestBrowse) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport2 (Adware.Hotbar) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    HKEY_CLASSES_ROOT\exefile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: () Good: ("%1" %*) -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    c:\program files\shoppingreport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
    c:\program files\shoppingreport2\Bin (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
    c:\program files\shoppingreport2\Bin\2.7.32 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
    c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0} (Adware.QuestBrowse) -> Quarantined and deleted successfully.
    c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0}\chrome (Adware.QuestBrowse) -> Quarantined and deleted successfully.
    c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0}\defaults (Adware.QuestBrowse) -> Quarantined and deleted successfully.
    c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0}\defaults\preferences (Adware.QuestBrowse) -> Quarantined and deleted successfully.
    c:\$recycle$ (Trojan.Spyeyes) -> Quarantined and deleted successfully.
    c:\servi3e.bin (Trojan.SpyEyes) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    c:\Users\FV\AppData\Local\Temp\jar_cache7048015542930257959.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    c:\Users\FV\AppData\Local\Temp\0.06143102847192994.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
    c:\Users\FV\AppData\Local\Temp\WSBandoo.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    c:\Users\FV\AppData\Local\Temp\wsget.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    c:\Users\FV\AppData\Local\Temp\ppddfcfux.exxe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    c:\Users\FV\AppData\Local\Temp\w32rim_mem.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    c:\Users\FV\AppData\Local\Temp\wrfwe_di.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    c:\Users\FV\AppData\Local\Temp\dffuck.exe (Malware.Trace) -> Quarantined and deleted successfully.
    c:\program files\shoppingreport2\Uninst.exe (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
    c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0}\chrome.manifest (Adware.QuestBrowse) -> Quarantined and deleted successfully.
    c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0}\install.rdf (Adware.QuestBrowse) -> Quarantined and deleted successfully.
    c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0}\chrome\questbrowse.jar (Adware.QuestBrowse) -> Quarantined and deleted successfully.
    c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0}\defaults\preferences\prefs.js (Adware.QuestBrowse) -> Quarantined and deleted successfully.
    0
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. loumax91 Messages postés 14 Date d'inscription   Statut Contributeur sécurité Dernière intervention   483
     
    Bonjour,

    Nous allons essayer de régler ton problème ensemble. D'abord, quelques rappels :

    - N'ouvre pas d'autres sujets pour le même problème (que ce soit sur ce forum ou sur un autre)
    - N'hésite pas à poser des questions en cas de besoin ;)
    - Sois patient(e) quand tu postes un message, je ne réponds pas instantanément : je suis bénévole et je ne suis pas en permanence devant mon ordinateur. Mais rassure toi, je ne laisse jamais tomber personne ;)
    - La désinfection (si nécessaire) va se dérouler en plusieurs étapes. Même si les symptômes de l'infection disparaissent, la désinfection ne sera terminée que quand je te le confirmerai --> Merci de revenir jusqu'au bout, sinon ce qu'on a fait n'aura servi à rien.

    Téléchargez AdwCleaner ( d'Xplode ) sur votre bureau.
    http://general-changelog-team.fr/telechargements/logiciels/viewdownload/75-outils-de-xplode/28-adwcleaner
    Lancez le, cliquez sur [Suppression] puis patientez le temps du scan.
    Une fois le scan fini, un rapport s'ouvrira.
    Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt

    A suivre :
    utilise cet outil de désinfection spécifique aux logiciels publicitaires :

    * Télécharge AD-Remover (de C_XX) sur ton Bureau.
    /!\ Déconnecte toi et ferme toutes les applications en cours /!\
    * Double-clique sur l'icône AD-Remover
    * Au menu principal, clique sur "Nettoyer"
    * Confirme le lancement de l'analyse et laisse l'outil travailler
    * Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report.log )

    *******************
    *Poste ces deux rapports ici et refais une analyse ZHPDiag stp.
    0
  6. fmounet007007 Messages postés 23 Statut Membre
     
    voici le rapport d'AdwCleaner.
    Voici le 3ème truc "anti-virus" que j'installe sur mon pc. Et, suivant vos conseils, je vais installer un 4ème! Pourrez-vous m'indiquer à la fin de la procédure ceux que je pourrai désinstaller de mon pc. Encore merci pr tout!

    le rapport:

    # AdwCleaner v1.309 - Rapport créé le 05/10/2011 à 18:34:07
    # Mis à jour le 29/09/11 à 20h par Xplode
    # Système d'exploitation : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
    # Nom d'utilisateur : FV - PC-DE-FV (Administrateur)
    # Exécuté depuis : C:\Users\FV\Downloads\adwcleaner0.exe
    # Option [Suppression]

    ***** [KillNav] *****

    # firefox.exe [PID:2844] -> Tué

    ***** [Processus] *****

    ***** [Services] *****

    ***** [Fichiers / Dossiers] *****

    Dossier Supprimé : C:\ProgramData\Babylon
    Dossier Supprimé : C:\Users\FV\AppData\Roaming\Babylon
    Dossier Supprimé : C:\Users\FV\AppData\Local\Babylon
    Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml

    ***** [Registre] *****

    Clé Supprimée : HKCU\Software\DataMngr
    Clé Supprimée : HKCU\Software\AppDataLow\Software\searchqutb
    Clé Supprimée : HKCU\Software\AppDataLow\Software\ShoppingReport2
    Clé Supprimée : HKLM\SOFTWARE\Babylon
    Clé Supprimée : HKLM\SOFTWARE\bandoo
    Clé Supprimée : HKLM\SOFTWARE\DataMngr
    Clé Supprimée : HKLM\SOFTWARE\SearchquMediabarTb
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{7FF99715-3016-4381-84CE-E4E4C9673020}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
    Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FF99715-3016-4381-84CE-E4E4C9673020}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7FF99715-3016-4381-84CE-E4E4C9673020}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FF99715-3016-4381-84CE-E4E4C9673020}
    Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]

    ***** [Navigateurs] *****

    -\\ Internet Explorer v8.0.6001.19120

    [OK] Le registre ne contient aucune entrée illégitime.

    -\\ Mozilla Firefox v7.0.1 (fr)

    Profil : 7ezrw9ux.default
    Fichier : C:\Users\FV\AppData\Roaming\Mozilla\Firefox\Profiles\7ezrw9ux.default\prefs.js

    Supprimée : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
    Supprimée : user_pref("browser.startup.homepage", "hxxp://www.searchqu.com/402");
    Supprimée : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");

    -\\ Google Chrome v [Impossible d'obtenir la version]

    Fichier : C:\Users\FV\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] Le fichier ne contient aucune entrée illégitime.

    *************************

    AdwCleaner[S1].txt - [4772 octets] - [05/10/2011 18:34:07]

    *************************

    Dossier Temporaire : 127 dossier(s) et 3499 fichier(s) supprimé(s)

    ########## EOF - C:\AdwCleaner[S1].txt - [4999 octets] ##########
    0
  7. fmounet007007 Messages postés 23 Statut Membre
     
    Malgré 2 essais d'installation, impossible de démarrer"AD-Remover ".
    LOrsque je double-clique sur l'icône du bureau, une fenêtre m'indique ceci: ERROR: NOT_ADMINISTRATOR

    que faire maintenant? ùmerci encore
    0
    1. loumax91 Messages postés 14 Date d'inscription   Statut Contributeur sécurité Dernière intervention   483
       
      Essaies clique droit sur l'icône Ad-R => exécuter en tant qu'administrateur
      0
  8. fmounet007007 Messages postés 23 Statut Membre
     
    Ok ça fonctionne. Voici le rapport de AD-Remover:

    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 12/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 19:20:46 le 05/10/2011, Mode normal

    Microsoft® Windows Vista(TM) Édition Familiale Basique Service Pack 2 (X86)
    FV@PC-DE-FV (eMachines, inc. eMG620)

    ============== ACTION(S) ==============

    Dossier supprimé: C:\Program Files\Windows Searchqu Toolbar
    Dossier supprimé: C:\Users\FV\AppData\LocalLow\SearchquTB
    Dossier supprimé: C:\Users\FV\AppData\LocalLow\ShoppingReport2
    Dossier supprimé: C:\ProgramData\Trymedia

    (!) -- Fichiers temporaires supprimés.

    Clé supprimée: HKLM\Software\Classes\Toolbar.CT2542115
    Clé supprimée: HKLM\Software\Trymedia Systems
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7402}
    Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7402}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\QuestBrowse
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Searchqu MediaBar
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ShoppingReport2
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu MediaBar

    Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{7FF99715-3016-4381-84CE-E4E4C9673020}

    ============== SCAN ADDITIONNEL ==============

    **** Mozilla Firefox Version [7.0.1 (fr)] ****

    HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
    HKLM_MozillaPlugins\@zylom.com/ZylomGamesPlayer (x)
    HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
    Searchplugins\bing.xml ( hxxp://www.bing.com/search)
    Components\browsercomps.dll (Mozilla Foundation)

    -- C:\Users\FV\AppData\Roaming\Mozilla\FireFox\Profiles\7ezrw9ux.default --
    Prefs.js - browser.download.lastDir, C:\\Users\\FV\\Pictures
    Prefs.js - browser.search.defaultenginename, Search the web (Babylon)
    Prefs.js - browser.search.selectedEngine, Web Search
    Prefs.js - browser.startup.homepage_override.buildID, 20110928134238
    Prefs.js - browser.startup.homepage_override.mstone, rv:7.0.1

    ========================================

    **** Internet Explorer Version [8.0.6001.19120] ****

    HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKCU_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Start Page - hxxp://fr.msn.com/
    HKCU_SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} - "Google Desktop" (hxxp://127.0.0.1:4664/search&s=fxPRSHX5qlkQ42inPfzse4SjObs?q={searchTerms})
    HKLM_ElevationPolicy\{442E3CEB-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar1user.exe (x)
    HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
    HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
    HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)
    HKLM_ElevationPolicy\{c6f2e56b-c2a2-43E8-abae-2bdb1e9fafd8} - c:\Program Files\Common Files\Symantec Shared\Support Controls\sshelper.exe (Symantec, Inc.)
    BHO\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - "?" (c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll)
    BHO\{7FF99715-3016-4381-84CE-E4E4C9673020} (?)

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 497 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 13 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 05/10/2011 19:20:54 (4368 Octet(s))

    Fin à: 19:22:56, 05/10/2011

    ============== E.O.F ==============
    0
    1. loumax91 Messages postés 14 Date d'inscription   Statut Contributeur sécurité Dernière intervention   483
       
      Les outils on bien travaillés, comment se comporte le PC ?
      Ne t'inquiète pas, nous supprimerons tous les outils le moment venu.
      J'attends ton lien pour le rapport ZHPDiag, suis la même procédure décrite dans mon premier message.
      0
  9. fmounet007007 Messages postés 23 Statut Membre
     
    J'ai fait une nouvelle analyse avec ZHPDiag, dont voici le rapport ( il est super long)

    Rapport de ZHPDiag v1.28.1367 par Nicolas Coolman, Update du 05/10/2011
    Run by FV at 5/10/2011 19:30:55
    Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
    State : Version à jour.

    ---\\ Web Browser
    MSIE: Internet Explorer v8.0.6001.19120
    MFIE: Mozilla Firefox 7.0.1 v7.0.1 (Defaut)
    GCIE: Google Chrome v14.0.835.202

    ---\\ Windows Product Information
    Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002)
    Windows Server License Manager Script : OK
    ~ Vista, OEM_SLP channel
    System Locked Preinstallation (OEM_SLP) : OK
    Windows ID Activation : OK
    ~ Windows Partial Key : P92J4
    Windows License : OK
    Windows Automatic Updates : OK

    ---\\ System Information
    ~ Processor: x86 Family 17 Model 3 Stepping 1, AuthenticAMD
    ~ Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 1789 MB (49% free)
    System Restore: Activé (Enable)
    System drive C: has 12 GB (17%) free of 70 GB

    ---\\ Logged in mode
    ~ Computer Name: PC-DE-FV
    ~ User Name: FV
    ~ All Users Names: FV, Administrateur,
    ~ Unselected Option: O45,O61,O62,O65,O66,O82
    Logged in as Administrator

    ---\\ Environnement Variables
    ~ System Unit : C:\
    ~ %AppData% : C:\Users\FV\AppData\Roaming\
    ~ %Desktop% : C:\Users\FV\Desktop\
    ~ %Favorites% : C:\Users\FV\Favorites\
    ~ %LocalAppData% : C:\Users\FV\AppData\Local\
    ~ %StartMenu% : C:\Users\FV\AppData\Roaming\Microsoft\Windows\Start Menu\
    ~ %Windir% : C:\Windows\
    ~ %System% : C:\Windows\system32\

    ---\\ DOS/Devices
    C:\ Hard drive, Flash drive, Thumb drive (Free 12 Go of 70 Go)
    D:\ Hard drive, Flash drive, Thumb drive (Free 41 Go of 70 Go)
    E:\ CD-ROM drive (Free 0 Go of 0 Go)

    ---\\ Security Center & Tools Informations
    [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
    [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
    [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
    ~ Scan Security Center in 00mn 00s

    ---\\ Recherche particulière de fichiers génériques
    [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.17/01/2010 - 7:27:36.) -- C:\Windows\Explorer.exe [2926592]
    [MD5.4B555106290BD117334E9A08761C035A] - (....) (.2/11/2006 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544]
    [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 3:33:13.) -- C:\Windows\system32\Wininit.exe [96768]
    [MD5.8419DAE7205374F2CAA4C9CDBD0999E6] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.10/08/2011 - 12:04:29.) -- C:\Windows\system32\wininet.dll [916480]
    [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.17/01/2010 - 7:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]
    [MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.21/01/2008 - 8:20:47.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]
    [MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.16/06/2011 - 14:58:27.) -- C:\Windows\system32\drivers\AFD.sys [273408] 1916
    [MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.17/01/2010 - 7:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944] 1836
    [MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 3:33:23.) -- C:\Windows\system32\drivers\Cdfs.sys [70144] 1844
    [MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.17/01/2010 - 5:39:17.) -- C:\Windows\system32\drivers\Cdrom.sys [67072] 1812
    [MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/06/2011 - 15:59:03.) -- C:\Windows\system32\drivers\DfsC.sys [75264] 1884
    [MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.17/01/2010 - 5:42:42.) -- C:\Windows\system32\drivers\HDAudBus.sys [561152] 1916
    [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 3:32:45.) -- C:\Windows\system32\drivers\i8042prt.sys [54784] 1900
    [MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 3:34:06.) -- C:\Windows\system32\drivers\IpNat.sys [100864] 1868
    [MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.16/06/2011 - 14:24:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [106496] 1852
    [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.17/01/2010 - 5:45:37.) -- C:\Windows\system32\drivers\netBT.sys [185856] 1820
    [MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.17/01/2010 - 7:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880] 1916
    [MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.2/11/2006 - 9:51:30.) -- C:\Windows\system32\drivers\Parport.sys [79360] 1900
    [MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 3:34:44.) -- C:\Windows\system32\drivers\Rasl2tp.sys [76288] 1916
    [MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 3:32:22.) -- C:\Windows\system32\drivers\rdpdr.sys [248832] 1868
    [MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.17/01/2010 - 5:45:56.) -- C:\Windows\system32\drivers\tdx.sys [72192] 1812
    ~ Scan Generic Processes in 00mn 00s

    ---\\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 1/1284
    ~ Mes musiques (My Musics) : 1/3
    ~ Mes Videos (My Videos) : 1/2
    ~ Mes Favoris (My Favorites) : 2/42
    ~ Mes Documents (My Documents) : 20/1007
    ~ Mon Bureau (My Desktop) : 1/10
    ~ Menu demarrer (Programs) : 7/27
    ~ Scan Hidden Files in 00mn 03s

    ---\\ Processus lancés
    [MD5.19D93154C82FE39A99B269CED1056A92] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1033512] [PID.2472]
    [MD5.C459786D07FEAD5717DD1AC287BB2519] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6265376] [PID.2484]
    [MD5.6882D187F65ECA79110848A68FDEB2BF] - (.Pas de propriétaire - NTI Backup Now 5 Tray Module.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [34040] [PID.2576]
    [MD5.4B555106290BD117334E9A08761C035A] - (...) -- C:\Windows\System32\rundll32.exe [44544] [PID.]
    [MD5.2F237AAB91497AAA03AF48EAE68758FC] - (.Symantec Corporation - Symantec Service Framework.) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149352] [PID.]
    [MD5.17ED0AE8DDEF1ABF12C106BBC245DC76] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files\Launch Manager\QtZyEmachine.EXE [817672] [PID.2776]
    [MD5.9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F] - (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192] [PID.2732]
    [MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552] [PID.3032]
    [MD5.E616A6A6E91B0A86F2F6217CDE835FFE] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856] [PID.]
    [MD5.20DF7B435393DAA9CD095B01A755F644] - (.MediaGet LLC - MediaGet torrent client.) -- C:\Users\FV\AppData\Local\MediaGet2\mediaget.exe [8348672] [PID.3128]
    [MD5.892699A6AEB910C58B726BD70BEA4F4B] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [95528] [PID.1516]
    [MD5.4E5585800B561FBEF64B27425365A36F] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632] [PID.1620]
    [MD5.83F4BA8B8CDA4F063AA2002955A508A9] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [PID.4848]
    [MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53472] [PID.5048]
    [MD5.7B2E3899314974CC40D93A6CD7C855C8] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [2134016] [PID.6020]
    [MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.6084]
    [MD5.6A4BB2DDFA34BC3C4D20478B1F0E335C] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 176.3.) -- C:\Windows\system32\nvvsvc.exe [196608] [PID.]
    [MD5.CFCE43B70CA0CC4DCC8ADB62B792B173] - (.Microsoft Corporation - Antimalware Service Executable.) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736] [PID.]
    [MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.]
    [MD5.23C3A0680042C0D1DE1F360F8B62BC57] - (.Microsoft Corporation - Infrastructure d'extensibilité pour les ser.) -- C:\Windows\system32\WLANExt.exe [74240] [PID.]
    [MD5.09E6AFFAE6C0E9158BF05C7D08D0107A] - (.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [16384] [PID.]
    [MD5.4D06D9A26227AC485305133916888DF1] - (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe [24576] [PID.]
    [MD5.213822072085B5BBAD9AF30AB577D817] - (.InterVideo - RegMgr Module.) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [112152] [PID.]
    [MD5.793FF718477345CD5D232C50BED1E452] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440] [PID.]
    [MD5.CB76F68BA0D57C5D25B538981B1C611C] - (.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [50424] [PID.]
    [MD5.DF1C10A75DF7E50195FC417F88A33227] - (...) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072] [PID.]
    [MD5.AE9560C298D847AEF346BDD5FAD3B0E3] - (.Symantec Corporation - Automatic LiveUpdate Scheduler Service.) -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [238968] [PID.]
    [MD5.A5CB074F34BBD89948E34A630D459C0C] - (.Microsoft Corporation - Microsoft Network Inspection System.) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [208944] [PID.]
    [MD5.E44C7D6F8D665DA2D9385E5E15EDEEF7] - (.Microsoft Corporation - Interface utilisateur de consentement pour.) -- C:\Windows\system32\consent.exe [81920] [PID.]
    ~ Scan Processes Running in 00mn 02s

    ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:\Users\FV\AppData\Local\Google\Chrome\User Data\Default\Preferences
    G1 - GCS: Preference [User Data\Default] None
    G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
    ~ Scan Google Browser in 00mn 00s

    ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    C:\Users\FV\AppData\Roaming\Mozilla\Firefox\Profiles\7ezrw9ux.default\prefs.js
    C:\Users\FV\AppData\Roaming\Mozilla\Firefox\Profiles\7ezrw9ux.default\user.js (.not file.)
    M3 - MFPP: Plugins - [FV] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
    M3 - MFPP: Plugins - [FV] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
    M3 - MFPP: Plugins - [FV] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
    M3 - MFPP: Plugins - [FV] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
    M3 - MFPP: Plugins - [FV] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
    M3 - MFPP: Plugins - [FV] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
    M3 - MFPP: Plugins - [FV] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
    M2 - MFEP: prefs.js [FV - 7ezrw9ux.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)
    P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
    P2 - FPN:Firefox Plugin Navigator . (.Zylom - Zylom Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\npzylomgamesplayer.dll
    P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
    P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
    P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
    P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_23 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
    P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
    P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
    P2 - FPN: [HKLM] [@pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
    P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
    P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
    P2 - FPN: [HKLM] [@zylom.com/ZylomGamesPlayer] - (.Zylom - Zylom Plugin.) -- C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
    P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
    ~ Scan Firefox Browser in 00mn 01s

    ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R0 - HKUS\S-1-5-21-1424949869-300242620-2581555811-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
    R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll
    R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
    ~ Scan IE Browser in 00mn 00s

    ---\\ Internet Explorer, Proxy Management (R5)
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
    ~ Scan Proxy management in 00mn 00s

    ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
    F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
    F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
    ~ Scan Keys in 00mn 00s

    ---\\ Redirection du fichier Hosts (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Scan Hosts File in 00mn 00s

    ---\\ Browser Helper Objects de navigateur (O2)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} Clé orpheline
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
    ~ Scan BHO in 00mn 00s

    ---\\ Internet Explorer Toolbars (O3)
    O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Symantec Corporation - coIEPlugIn.) -- c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    ~ Scan Toolbar in 00mn 00s

    ---\\ Applications démarrées par registre & par dossier (O4)
    O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
    O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
    O4 - HKLM\..\Run: [ccApp] . (.Symantec Corporation - Symantec User Session.) -- c:\Program Files\Common Files\Symantec Shared\ccApp.exe
    O4 - HKLM\..\Run: [osCheck] . (.Symantec Corporation - Norton 360 Vista Migration Tool.) -- c:\Program Files\Norton 360\osCheck.exe
    O4 - HKLM\..\Run: [BkupTray] . (.Pas de propriétaire - NTI Backup Now 5 Tray Module.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
    O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll
    O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll
    O4 - HKLM\..\Run: [WarReg_PopUp] . (.eMachines - WR_PopUp.) -- C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\PROGRA~1\LAUNCH~1\QtZyEmachine.exe
    O4 - HKLM\..\Run: [eRecoveryService] Clé orpheline
    O4 - HKLM\..\Run: [Google Desktop Search] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe
    O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    O4 - HKLM\..\Run: [SymLnch] C:\Program Files\Common Files\Symantec Shared\SymSetup\{2D617065-1C52-4240-B5BC-C0AE12157777}_2_0_0_242\Support\SymLnch\SymLnch.exe (.not file.)
    O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
    O4 - HKCU\..\Run: [WindowsWelcomeCenter] oobefldr.dll
    O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - Chargeur CTF.) -- C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MediaGet2] . (.MediaGet LLC - MediaGet torrent client.) -- C:\Users\FV\AppData\Local\MediaGet2\mediaget.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
    O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
    O4 - HKUS\S-1-5-21-1424949869-300242620-2581555811-1000\..\Run: [WindowsWelcomeCenter] oobefldr.dll
    O4 - HKUS\S-1-5-21-1424949869-300242620-2581555811-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-21-1424949869-300242620-2581555811-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-21-1424949869-300242620-2581555811-1000\..\Run: [ctfmon.exe] . (.Microsoft Corporation - Chargeur CTF.) -- C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-21-1424949869-300242620-2581555811-1000\..\Run: [MediaGet2] . (.MediaGet LLC - MediaGet torrent client.) -- C:\Users\FV\AppData\Local\MediaGet2\mediaget.exe
    ~ Scan Application in 00mn 00s

    ---\\ Autres liens utilisateurs (O4)
    O4 - Global Startup: C:\Users\FV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
    O4 - Global Startup: C:\Users\FV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
    O4 - Global Startup: C:\Users\FV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
    O4 - Global Startup: C:\Users\FV\Desktop\Ad-Remover.lnk . (...) -- C:\Program Files\Ad-Remover\main.exe
    O4 - Global Startup: C:\Users\FV\Desktop\Bookin - Raccourci.lnk . (...) -- C:\Users\FV\Downloads\Bookin.exe
    O4 - Global Startup: C:\Users\FV\Desktop\EBP Business Plan 2007.lnk . (.European Business Products.) -- C:\Program Files\Business Plan\PNegocio.exe
    O4 - Global Startup: C:\Users\FV\Desktop\Launch GameShadow.lnk . (.InstallShield Software Corp..) -- C:\Users\FV\AppData\Roaming\Microsoft\Installer\{5A2F371F-8B5D-46B4-833C-0612B065BEC7}\GameShadow.exe1_0A3DE514292C4EBA987823B82B0B2BA2.exe
    O4 - Global Startup: C:\Users\FV\Desktop\Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
    O4 - Global Startup: C:\Users\FV\Desktop\Module de sécurité.lnk . (...) -- C:\hb32.exe
    O4 - Global Startup: C:\Users\FV\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files\PhotoFiltre\PhotoFiltre.exe
    O4 - Global Startup: C:\Users\FV\Desktop\Sweet Home 3D.lnk . (.eTeks.) -- C:\Program Files\Sweet Home 3D\SweetHome3D.exe
    O4 - Global Startup: C:\Users\FV\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe
    O4 - Global Startup: C:\Users\FV\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
    O4 - Global Startup: C:\Users\FV\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
    O4 - Global Startup: C:\Users\FV\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
    ~ Scan Global Startup in 00mn 13s

    ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
    O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
    O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll
    ~ Scan IE Menu Contextuel in 00mn 00s

    ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
    ~ Scan IE Extra Buttons in 00mn 00s

    ---\\ Winsock hijacker (Layered Service Provider) (O10)
    O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
    O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
    O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
    O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
    O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
    O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
    ~ Scan Winsock in 00mn 00s

    ---\\ Objets ActiveX (Downloaded Program Files)(O16)
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    ~ Scan Objets ActiveX in 00mn 00s

    ---\\ Modification Domaine/Adresses DNS (O17)
    O17 - HKLM\System\CCS\Services\Tcpip\..\{3AC2133A-2B21-4FED-AF14-CE9622EAAE99}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A4D46F2E-1044-43A1-B8CC-80BFACB4F146}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{3AC2133A-2B21-4FED-AF14-CE9622EAAE99}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{A4D46F2E-1044-43A1-B8CC-80BFACB4F146}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS3\Services\Tcpip\..\{3AC2133A-2B21-4FED-AF14-CE9622EAAE99}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS3\Services\Tcpip\..\{A4D46F2E-1044-43A1-B8CC-80BFACB4F146}: DhcpNameServer = 192.168.1.1
    ~ Scan Domain in 00mn 00s

    ---\\ Protocole additionnel (O18)
    O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
    O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
    O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
    O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
    O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
    O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
    O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
    O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
    O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
    O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
    O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
    O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
    O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
    O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
    O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
    O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
    O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
    O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
    O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
    O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
    O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
    O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
    O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
    O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
    O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    ~ Scan Protocole Additionnel in 00mn 00s

    ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 - AppInit_DLLs: . (...) - c:\progra~1\wi9130~1\datamngr\datamngr.dll (.not file.)
    ~ Scan AppInit DLL in 00mn 00s

    ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
    ~ Scan SSODL in 00mn 00s

    ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
    O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
    ~ Scan STS/SSO in 00mn 00s

    ---\\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) . (.Symantec Corporation - Automatic LiveUpdate Scheduler Service.) - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) . (.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) . (.Symantec Corporation - Symantec Service Framework.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) . (.Symantec Corporation - Symantec Service Framework.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) . (.Symantec Corporation - Symantec Service Framework.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Empowering Technology Service (ETService) . (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
    O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: IviRegMgr (IviRegMgr) . (.InterVideo - RegMgr Module.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate Notice (LiveUpdate Notice) . (.Symantec Corporation - Symantec Service Framework.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) . (.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
    O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) . (...) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 176.3.) - C:\Windows\system32\nvvsvc.exe
    ~ Scan Services in 00mn 00s

    ---\\ Enumération Active Desktop & MHTML Editor (O24)
    O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe
    ~ Scan Desktop Component in 00mn 00s

    ---\\ Tâches planifiées en automatique (O39)
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
    [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
    ~ Scan Scheduled Task in 00mn 05s

    ---\\ Pilotes lancés au démarrage (O41)
    O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
    O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
    O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
    O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
    O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys
    O41 - Driver: (IDSvix86) . (.Symantec Corporation - IDS Core Driver.) - C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20090811.002\IDSvix86.sys
    O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys
    O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys
    O41 - Driver: (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\Windows\system32\DRIVERS\MpFilter.sys
    O41 - Driver: (MpKsl6560e668) . (.Microsoft Corporation - KSLDriver.) - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3BBB11A0-8D90-4AE2-BD27-E37931FB285F}\MpKsl6560e668.sys
    O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
    O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
    O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
    O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
    O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys
    O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys
    O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
    O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
    O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys
    O41 - Driver: (SPBBCDrv) . (.Symantec Corporation - SPBBC Driver.) - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
    O41 - Driver: (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\Drivers\SRTSPX.sys
    O41 - Driver: (SymIM) . (.Symantec Corporation - NDIS 6.0 Filter Driver for Windows Vista.) - C:\Windows\system32\DRIVERS\SymIMv.sys
    O41 - Driver: (SYMTDI) . (.Symantec Corporation - Network Dispatch Driver.) - C:\Windows\system32\Drivers\SYMTDI.sys
    O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
    O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
    O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
    O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
    ~ Scan Drivers in 00mn 01s

    ---\\ Logiciels installés (O42)
    O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {77DCDCE3-2DED-62F3-8154-05E745472D07}
    O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
    O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {00203668-8170-44A0-BE44-B632FA4D780F}
    O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
    O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
    O42 - Logiciel: Adobe Reader X - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA0000000001}
    O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
    O42 - Logiciel: Agatha Christie Death on the Nile - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}
    O42 - Logiciel: Age of Empires III - (.Microsoft Game Studios.) [HKLM] -- InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}
    O42 - Logiciel: Alice Greenfingers - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}
    O42 - Logiciel: Amazing Adventures The Lost Tomb - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113772953}
    O42 - Logiciel: AppCore - (.Symantec Corporation.) [HKLM] -- {EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
    O42 - Logiciel: Azada - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}
    O42 - Logiciel: Backup - (.Symantec Corporation.) [HKLM] -- {24DF7221-644B-4C3A-A478-459502D40522}
    O42 - Logiciel: Bejeweled 2 Deluxe - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110265407}
    O42 - Logiciel: Bookworm Deluxe - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233}
    O42 - Logiciel: Bricks of Egypt - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}
    O42 - Logiciel: Build-a-lot - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113537610}
    O42 - Logiciel: Cake Mania - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}
    O42 - Logiciel: Canon SELPHY CP760 - (.Pas de propriétaire.) [HKLM] -- Canon SELPHY CP760
    O42 - Logiciel: Chuzzle - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}
    O42 - Logiciel: Codec Pack de ELISOFT v14.0 - (.Elisoft.) [HKLM] -- Codec Pack de ELISOFT v14.0
    O42 - Logiciel: Company of Heroes - FAKEMSI - (.THQ Inc..) [HKLM] -- {25724802-CC14-4B90-9F3B-3D6955EE27B1}
    O42 - Logiciel: Company of Heroes - FAKEMSI - (.THQ Inc..) [HKLM] -- {99A7722D-9ACB-43F3-A222-ABC7133F159E}
    O42 - Logiciel: Diner Dash - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110305887}
    O42 - Logiciel: Dream Day First Home - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}
    O42 - Logiciel: EBP Business Plan 2007 - (.European Business Products.) [HKLM] -- EBP Business Plan_is1
    O42 - Logiciel: Farm Frenzy - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11386547}
    O42 - Logiciel: Galapago - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}
    O42 - Logiciel: GameShadow - (.GameShadow Ltd.) [HKLM] -- {5A2F371F-8B5D-46B4-833C-0612B065BEC7}
    O42 - Logiciel: GearDrvs - (.GEAR Software.) [HKLM] -- {CB84F0F2-927B-458D-9DC5-87832E3DC653}
    O42 - Logiciel: GearDrvs - (.Symantec Corporation.) [HKLM] -- {206FD69B-F9FE-4164-81BD-D52552BC9C23}
    O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
    O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop
    O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
    O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
    O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {B3FED300-806C-11E0-A0D0-B8AC6F97B88E}
    O42 - Logiciel: Home'Bank Light 3.3.3 - (.ING Belguim.) [HKLM] -- Home'Bank Light_is1
    O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
    O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
    O42 - Logiciel: InterVideo WinDVD 8 - (.InterVideo Inc..) [HKLM] -- InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}
    O42 - Logiciel: Java(TM) 6 Update 23 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216017FF}
    O42 - Logiciel: Launch Manager - (.Pas de propriétaire.) [HKLM] -- LManager
    O42 - Logiciel: Little Shop World Traveler - (.Denda Games.) [HKLM] -- Denda Games Little Shop World Traveler
    O42 - Logiciel: LiveUpdate (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- PsuedoLiveUpdate
    O42 - Logiciel: LiveUpdate (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- {E80F62FF-5D3C-4A19-8409-9721F2928206}
    O42 - Logiciel: Luxor - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111265347}
    O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}
    O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    O42 - Logiciel: Mahjong Escape Ancient China - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}
    O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
    O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
    O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
    O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
    O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
    O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
    O42 - Logiciel: Microsoft Antimalware - (.Microsoft Corporation.) [HKLM] -- {05BFB060-4F22-4710-B0A2-2801A1B606C5}
    O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}
    O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
    O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
    O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS
    O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
    O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}
    O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
    O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}
    O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
    O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
    O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
    O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}
    O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {50779A29-834E-4E36-BBEB-B7CABC67A825}
    O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
    O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
    O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
    O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
    O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
    O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
    O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
    O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
    O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
    O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673}
    O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
    O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
    O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
    O42 - Logiciel: Mozilla Firefox 7.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 7.0.1 (x86 fr)
    O42 - Logiciel: MySQL Connector/ODBC 3.51 - (.MySQL AB.) [HKLM] -- {0CB3C535-1171-4A20-B549-E2CB5DEB9723}
    O42 - Logiciel: Mystery Case Files - Huntsville - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}
    O42 - Logiciel: Mystery Solitaire - Secret Island - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}
    O42 - Logiciel: NTI Backup Now 5 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}
    O42 - Logiciel: NTI Media Maker 8 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}
    O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers
    O42 - Logiciel: Norton 360 (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- SymSetup.{2D617065-1C52-4240-B5BC-C0AE12157777}
    O42 - Logiciel: Norton 360 - (.Symantec Corporation.) [HKLM] -- {21829177-4DED-4209-AD08-490B3AC9C01A}
    O42 - Logiciel: Norton 360 - (.Symantec Corporation.) [HKLM] -- {2D617065-1C52-4240-B5BC-C0AE12157777}
    O42 - Logiciel: Norton 360 HTMLHelp - (.Symantec Corporation.) [HKLM] -- {0BDD3FAD-61CD-4BF3-B9C4-4CEFD43F53F8}
    O42 - Logiciel: Norton Confidential Core - (.Symantec Corporation.) [HKLM] -- {55A6283C-638A-4EE0-B491-51118554BDA2}
    O42 - Logiciel: OGA Notifier 2.0.0048.0 - (.Microsoft Corporation.) [HKLM] -- {B2544A03-10D0-4E5E-BA69-0362FFC20D18}
    O42 - Logiciel: Pando Media Booster - (.Pando Networks Inc..) [HKLM] -- {980A182F-E0A2-4A40-94C1-AE0C1235902E}
    O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre
    O42 - Logiciel: Quick Zip 4.60.019 - (.Joseph Leung.) [HKLM] -- Quick Zip_is1
    O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
    O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem
    O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
    O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem
    O42 - Logiciel: SPBBC 32bit - (.Symantec Corporation.) [HKLM] -- {77772678-817F-4401-9301-ED1D01A8DA56}
    O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263}
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B}
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553074) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5729F1AE-5895-468F-9165-BAD161C9E982}
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553089) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553090) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{643C12A2-AF9A-4712-B8BE-3B7650AFE00A}
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2584063) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}
    O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
    O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
    O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E
    0
  10. fmounet007007 Messages postés 23 Statut Membre
     
    il est tellement long que je ne sais pas le mettre dans un seul message!!!
    0
    1. loumax91 Messages postés 14 Date d'inscription   Statut Contributeur sécurité Dernière intervention   483
       
      Trop long, poste le ici :
      http://pjjoint.malekal.com/
      0
  11. fmounet007007 Messages postés 23 Statut Membre
     
    voici la suite:

    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263}
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B}
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553074) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5729F1AE-5895-468F-9165-BAD161C9E982}
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553089) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553090) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{643C12A2-AF9A-4712-B8BE-3B7650AFE00A}
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2584063) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}
    O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
    O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
    O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663
    O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
    O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636
    O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
    O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
    O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2553073) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{65EA4836-B5A3-4C1D-8883-0C35E471003A}
    O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5D930261-AA5B-48D1-931F-425C9D767490}
    O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
    O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
    O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
    O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
    O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF}
    O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
    O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
    O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}
    O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
    O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663
    O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870
    O42 - Logiciel: Sunset Studios - Love on the High Seas - (.Denda Games.) [HKLM] -- Denda Games Sunset Studios - Love on the High Seas
    O42 - Logiciel: Sweet Home 3D version 2.4 - (.eTeks.) [HKLM] -- Sweet Home 3D_is1
    O42 - Logiciel: Symantec Real Time Storage Protection Component - (.Symantec Corporation.) [HKLM] -- {D6E6FA4A-5445-4850-8365-CF216C1CBB7A}
    O42 - Logiciel: Symantec Technical Support Controls - (.Symantec Corporation.) [HKLM] -- {45690715-80A6-4445-B61D-ADEC5888E8CD}
    O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
    O42 - Logiciel: Tomb Raider: Legend 1.2 - (.Pas de propriétaire.) [HKLM] -- Tomb Raider: Legend
    O42 - Logiciel: Turbo Pizza - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}
    O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
    O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
    O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871
    O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523
    O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
    O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
    O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2583910) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BDC21583-5601-4B2B-88F3-7919F6DE8FB1}
    O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2553110) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{05D27A23-8E87-46B5-9EAF-F5B4DE7CCCA0}
    O42 - Logiciel: VLC media player 1.1.5 - (.VideoLAN.) [HKLM] -- VLC media player
    O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    O42 - Logiciel: Zuma Deluxe - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}
    O42 - Logiciel: Zylom Games Player Plugin - (.Zylom Games.) [HKLM] -- Zylom Games Player Plugin
    O42 - Logiciel: ccCommon - (.Symantec.) [HKLM] -- {B24E05CC-46FF-4787-BBB8-5CD516AFB118}
    O42 - Logiciel: eMachines - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11019760}
    O42 - Logiciel: eMachines Recovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
    O42 - Logiciel: eMachines ScreenSaver - (.Acer Incorporated.) [HKLM] -- {79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}

    ---\\ HKCU & HKLM Software Keys
    [HKCU\Software\3ivx]
    [HKCU\Software\AC3Filter]
    [HKCU\Software\AcerUtil]
    [HKCU\Software\Adobe]
    [HKCU\Software\AnalogX]
    [HKCU\Software\AppDataLow\Google]
    [HKCU\Software\AppDataLow\Software\Adobe]
    [HKCU\Software\AppDataLow\Software\Google]
    [HKCU\Software\AppDataLow\Software\Macromedia]
    [HKCU\Software\AppDataLow\Software\Microsoft]
    [HKCU\Software\AppDataLow\Software\Monitored]
    [HKCU\Software\AppDataLow\Software\settings]
    [HKCU\Software\AppDataLow\Software]
    [HKCU\Software\AppDataLow]
    [HKCU\Software\Aware]
    [HKCU\Software\BBL]
    [HKCU\Software\Big Fish Games]
    [HKCU\Software\Borland]
    [HKCU\Software\Bugsplat]
    [HKCU\Software\ClassesB]
    [HKCU\Software\Classes]
    [HKCU\Software\Clients]
    [HKCU\Software\CoreAAC]
    [HKCU\Software\CoreVorbis]
    [HKCU\Software\Crystal Dynamics]
    [HKCU\Software\CyberLink]
    [HKCU\Software\DVDXStudios]
    [HKCU\Software\DanniDin]
    [HKCU\Software\DivXNetworks]
    [HKCU\Software\EBP]
    [HKCU\Software\Elecard]
    [HKCU\Software\Freeware]
    [HKCU\Software\GNU]
    [HKCU\Software\GSpot Appliance Corp]
    [HKCU\Software\Gabest]
    [HKCU\Software\GameHouse]
    [HKCU\Software\Google]
    [HKCU\Software\I-Media]
    [HKCU\Software\INCAInternet]
    [HKCU\Software\InterVideo]
    [HKCU\Software\JEDI-VCL]
    [HKCU\Software\JavaSoft]
    [HKCU\Software\Ligos]
    [HKCU\Software\Local AppWizard-Generated Applications]
    [HKCU\Software\Macromedia]
    [HKCU\Software\Macrovision]
    [HKCU\Software\MainConcept]
    [HKCU\Software\Malwarebytes' Anti-Malware]
    [HKCU\Software\MatrixMixer]
    [HKCU\Software\MozillaPlugins]
    [HKCU\Software\Mozilla]
    [HKCU\Software\NVIDIA Corporation]
    [HKCU\Software\Netscape]
    [HKCU\Software\ODBC]
    [HKCU\Software\Oberon Media]
    [HKCU\Software\Oshima Technology laboratory]
    [HKCU\Software\Pando Networks]
    [HKCU\Software\Paradigm Matrix]
    [HKCU\Software\PegasusImaging]
    [HKCU\Software\Policies]
    [HKCU\Software\QDesign Corporation]
    [HKCU\Software\Quanta]
    [HKCU\Software\ReClock]
    [HKCU\Software\Realtek]
    [HKCU\Software\Samsung]
    [HKCU\Software\SecuROM]
    [HKCU\Software\Softonic]
    [HKCU\Software\Symantec]
    [HKCU\Software\Synaptics]
    [HKCU\Software\TFM]
    [HKCU\Software\Trolltech]
    [HKCU\Software\VB and VBA Program Settings]
    [HKCU\Software\Valve]
    [HKCU\Software\WhiteSmoke]
    [HKCU\Software\XviD MPEG4 Codec]
    [HKCU\Software\YMPEG]
    [HKCU\Software\YahooPartnerToolbar]
    [HKCU\Software\Zylom]
    [HKCU\Software\keyhole.com]
    [HKCU\Software\mpa2mka-wxgui]
    [HKLM\Software\3ivx]
    [HKLM\Software\Aardwork]
    [HKLM\Software\Acer Incorporated]
    [HKLM\Software\Acer]
    [HKLM\Software\Adobe]
    [HKLM\Software\AdwCleaner]
    [HKLM\Software\AppDataLow]
    [HKLM\Software\Borland]
    [HKLM\Software\BrowserChoice]
    [HKLM\Software\CDDB]
    [HKLM\Software\COMON]
    [HKLM\Software\Canon]
    [HKLM\Software\Classes]
    [HKLM\Software\Clients]
    [HKLM\Software\Crystal Dynamics]
    [HKLM\Software\Denda Games]
    [HKLM\Software\Digital River]
    [HKLM\Software\DivXNetworks]
    [HKLM\Software\EBP]
    [HKLM\Software\Elisoft]
    [HKLM\Software\Firefly Studios]
    [HKLM\Software\Fraunhofer]
    [HKLM\Software\GNU]
    [HKLM\Software\GameInstaller]
    [HKLM\Software\Gateway]
    [HKLM\Software\Google]
    [HKLM\Software\InstalledOptions]
    [HKLM\Software\Intel]
    [HKLM\Software\InterVideo]
    [HKLM\Software\JavaSoft]
    [HKLM\Software\JreMetrics]
    [HKLM\Software\LightScribe]
    [HKLM\Software\MCCI]
    [HKLM\Software\Macromedia]
    [HKLM\Software\Malwarebytes' Anti-Malware]
    [HKLM\Software\MozillaPlugins]
    [HKLM\Software\Mozilla]
    [HKLM\Software\MySQL AB]
    [HKLM\Software\NVIDIA Corporation]
    [HKLM\Software\NewTech Infosystems]
    [HKLM\Software\ODBC]
    [HKLM\Software\Oberon Media]
    [HKLM\Software\OemSetup]
    [HKLM\Software\On2 Technologies]
    [HKLM\Software\OnNet]
    [HKLM\Software\PRR]
    [HKLM\Software\Pando Networks]
    [HKLM\Software\PegasusImaging]
    [HKLM\Software\Policies]
    [HKLM\Software\Quanta]
    [HKLM\Software\ReClock]
    [HKLM\Software\Realtek Semiconductor Corp.]
    [HKLM\Software\Realtek]
    [HKLM\Software\RegisteredApplications]
    [HKLM\Software\SRS Labs]
    [HKLM\Software\SymDebug]
    [HKLM\Software\Symantec Technical Support]
    [HKLM\Software\Symantec]
    [HKLM\Software\Synaptics]
    [HKLM\Software\THQ]
    [HKLM\Software\Trad-FR]
    [HKLM\Software\VideoLAN]
    [HKLM\Software\VobSub]
    [HKLM\Software\WOW6432Node]
    [HKLM\Software\Waterlily Games]
    [HKLM\Software\Waves Audio]
    [HKLM\Software\WhiteSmoke]
    [HKLM\Software\WholeSecurity]
    [HKLM\Software\Windows]
    [HKLM\Software\mozilla.org]
    [HKLM\Software\muvee Technologies]
    ~ Scan Softwares in 00mn 01s

    ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 - CFD: 13/08/2009 - 11:36:08 - [0] ----D- C:\Program Files\Acer Incorporated
    O43 - CFD: 5/10/2011 - 19:20:48 - [110405289] ----D- C:\Program Files\Ad-Remover
    O43 - CFD: 1/01/2011 - 11:55:24 - [115404622] ----D- C:\Program Files\Adobe
    O43 - CFD: 4/01/2010 - 14:49:32 - [15784542] ----D- C:\Program Files\Business Plan
    O43 - CFD: 15/10/2009 - 16:12:02 - [53191858] ----D- C:\Program Files\Codec Pack de ELISOFT
    O43 - CFD: 4/05/2011 - 10:12:48 - [696404246] ----D- C:\Program Files\Common Files
    O43 - CFD: 29/08/2011 - 13:24:44 - [170213959] ----D- C:\Program Files\Denda Games
    O43 - CFD: 13/08/2009 - 11:32:14 - [49179642] ----D- C:\Program Files\eMachines
    O43 - CFD: 9/09/2008 - 17:18:34 - [881233771] ----D- C:\Program Files\eMachines GameZone
    O43 - CFD: 13/08/2009 - 11:22:28 - [0] -SH-D- C:\Program Files\Fichiers communs
    O43 - CFD: 17/02/2010 - 17:16:00 - [6351210] ----D- C:\Program Files\GameShadow
    O43 - CFD: 29/05/2011 - 16:51:48 - [421713084] ----D- C:\Program Files\Google
    O43 - CFD: 13/01/2010 - 22:07:36 - [0] ----D- C:\Program Files\ING
    O43 - CFD: 28/07/2011 - 9:08:28 - [67272250] ----D- C:\Program Files\InstallShield Installation Information
    O43 - CFD: 11/08/2011 - 11:41:30 - [4566386] ----D- C:\Program Files\Internet Explorer
    O43 - CFD: 13/08/2009 - 11:42:40 - [114679234] ----D- C:\Program Files\InterVideo
    O43 - CFD: 1/02/2011 - 10:05:22 - [88538965] ----D- C:\Program Files\Java
    O43 - CFD: 13/08/2009 - 11:31:34 - [2632285] ----D- C:\Program Files\Launch Manager
    O43 - CFD: 5/10/2011 - 13:45:02 - [7022422] ----D- C:\Program Files\Malwarebytes' Anti-Malware
    O43 - CFD: 6/11/2009 - 19:15:36 - [2225728885] ----D- C:\Program Files\Microsoft Games
    O43 - CFD: 13/10/2009 - 16:35:52 - [580533370] ----D- C:\Program Files\Microsoft Office
    O43 - CFD: 9/09/2008 - 17:36:10 - [7791803] ----D- C:\Program Files\Microsoft Office Suite Activation Assistant
    O43 - CFD: 2/10/2011 - 11:56:34 - [18701221] ----D- C:\Program Files\Microsoft Security Client
    O43 - CFD: 15/06/2011 - 19:12:08 - [38411899] ----D- C:\Program Files\Microsoft Silverlight
    O43 - CFD: 13/10/2009 - 16:35:48 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
    O43 - CFD: 13/10/2009 - 16:29:46 - [1387249] ----D- C:\Program Files\Microsoft Visual Studio 8
    O43 - CFD: 17/12/2010 - 19:22:46 - [146453974] ----D- C:\Program Files\Microsoft Works
    O43 - CFD: 26/06/2010 - 7:05:46 - [8167779] ----D- C:\Program Files\Microsoft.NET
    O43 - CFD: 1/02/2011 - 11:11:46 - [20470054] ----D- C:\Program Files\Movie Maker
    O43 - CFD: 2/10/2011 - 11:07:08 - [36235233] ----D- C:\Program Files\Mozilla Firefox
    O43 - CFD: 13/10/2009 - 16:36:10 - [26521] ----D- C:\Program Files\MSBuild
    O43 - CFD: 21/08/2009 - 18:20:10 - [0] ----D- C:\Program Files\MSXML 4.0
    O43 - CFD: 9/09/2008 - 17:23:06 - [222145920] ----D- C:\Program Files\NewTech Infosystems
    O43 - CFD: 29/03/2010 - 10:41:50 - [140851597] ----D- C:\Program Files\Norton 360
    O43 - CFD: 9/09/2008 - 17:06:18 - [204492] ----D- C:\Program Files\Oberon Media
    O43 - CFD: 4/05/2011 - 9:42:38 - [7460142] ----D- C:\Program Files\Pando Networks
    O43 - CFD: 25/03/2010 - 16:14:16 - [3688680] ----D- C:\Program Files\PhotoFiltre
    O43 - CFD: 7/03/2010 - 18:16:16 - [11763652] ----D- C:\Program Files\QuickZip4
    O43 - CFD: 28/07/2011 - 9:01:32 - [3259675] ----D- C:\Program Files\RealArcade
    O43 - CFD: 9/09/2008 - 16:56:14 - [23238719] ----D- C:\Program Files\Realtek
    O43 - CFD: 2/11/2006 - 14:35:52 - [38694657] ----D- C:\Program Files\Reference Assemblies
    O43 - CFD: 13/08/2009 - 12:37:48 - [5228544] ----D- C:\Program Files\Samsung
    O43 - CFD: 19/06/2010 - 18:48:38 - [102045677] ----D- C:\Program Files\Sweet Home 3D
    O43 - CFD: 27/03/2010 - 7:42:28 - [27102029] ----D- C:\Program Files\Symantec
    O43 - CFD: 9/09/2008 - 16:57:00 - [14715569] ----D- C:\Program Files\Synaptics
    O43 - CFD: 16/02/2010 - 16:48:44 - [721917] ----D- C:\Program Files\THQ
    O43 - CFD: 5/08/2011 - 14:11:50 - [7680929093] ----D- C:\Program Files\Tomb Raider - Legend
    O43 - CFD: 2/11/2006 - 14:58:20 - [0] ----D- C:\Program Files\Uninstall Information
    O43 - CFD: 8/09/2010 - 11:16:26 - [80529230] ----D- C:\Program Files\VideoLAN
    O43 - CFD: 1/02/2011 - 9:11:16 - [1822720] ----D- C:\Program Files\WhiteSmoke
    O43 - CFD: 1/02/2011 - 11:11:46 - [1016832] ----D- C:\Program Files\Windows Calendar
    O43 - CFD: 1/02/2011 - 11:11:44 - [2737152] ----D- C:\Program Files\Windows Collaboration
    O43 - CFD: 1/02/2011 - 11:11:44 - [4490624] ----D- C:\Program Files\Windows Defender
    O43 - CFD: 17/09/2011 - 12:46:52 - [8935608] ----D- C:\Program Files\Windows Mail
    O43 - CFD: 1/02/2011 - 11:11:46 - [4498121] ----D- C:\Program Files\Windows Media Player
    O43 - CFD: 13/08/2009 - 11:22:28 - [7957544] ----D- C:\Program Files\Windows NT
    O43 - CFD: 1/02/2011 - 11:11:44 - [8228002] ----D- C:\Program Files\Windows Photo Gallery
    O43 - CFD: 3/02/2011 - 7:19:06 - [134144] ----D- C:\Program Files\Windows Portable Devices
    O43 - CFD: 1/02/2011 - 11:11:46 - [6655183] ----D- C:\Program Files\Windows Sidebar
    O43 - CFD: 5/10/2010 - 17:12:40 - [175] ----D- C:\Program Files\Zero G Registry
    O43 - CFD: 5/10/2011 - 19:31:22 - [5436750] ----D- C:\Program Files\ZHPDiag
    O43 - CFD: 24/03/2011 - 14:14:06 - [510480] ----D- C:\Program Files\Zylom Games
    O43 - CFD: 1/01/2011 - 11:55:42 - [3601646] ----D- C:\Program Files\Common Files\Adobe
    O43 - CFD: 9/09/2008 - 17:25:36 - [25438758] ----D- C:\Program Files\Common Files\Adobe AIR
    O43 - CFD: 17/03/2010 - 14:01:20 - [12500] ----D- C:\Program Files\Common Files\Canon
    O43 - CFD: 13/10/2009 - 16:35:48 - [92976] ----D- C:\Program Files\Common Files\DESIGNER
    O43 - CFD: 4/05/2011 - 10:12:48 - [0] ----D- C:\Program Files\Common Files\INCA Shared
    O43 - CFD: 6/11/2009 - 19:12:04 - [2033069] ----D- C:\Program Files\Common Files\InstallShield
    O43 - CFD: 13/08/2009 - 11:42:38 - [179248] ----D- C:\Program Files\Common Files\InterVideo
    O43 - CFD: 8/09/2010 - 8:20:24 - [1243079] ----D- C:\Program Files\Common Files\Java
    O43 - CFD: 9/09/2008 - 17:22:30 - [7178034] ----D- C:\Program Files\Common Files\LightScribe
    O43 - CFD: 13/01/2010 - 7:25:42 - [246765145] ----D- C:\Program Files\Common Files\microsoft shared
    O43 - CFD: 9/09/2008 - 17:20:24 - [9706600] ----D- C:\Program Files\Common Files\muvee Technologies
    O43 - CFD: 9/09/2008 - 17:06:30 - [354896] ----D- C:\Program Files\Common Files\Oberon Media
    O43 - CFD: 2/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services
    O43 - CFD: 2/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines
    O43 - CFD: 29/03/2010 - 10:41:50 - [315893724] ----D- C:\Program Files\Common Files\Symantec Shared
    O43 - CFD: 1/02/2011 - 11:11:44 - [42800134] ----D- C:\Program Files\Common Files\System
    O43 - CFD: 6/01/2011 - 16:27:18 - [124467961] ----D- C:\ProgramData\Adobe
    O43 - CFD: 6/11/2009 - 19:36:52 - [0] ----D- C:\ProgramData\Age of Empires 3
    O43 - CFD: 13/08/2009 - 11:26:58 - [13092162682] ----D- C:\ProgramData\Application Data
    O43 - CFD: 23/08/2009 - 13:14:40 - [1017811] ----D- C:\ProgramData\Arcade Lab
    O43 - CFD: 13/08/2009 - 11:22:28 - [0] -SH-D- C:\ProgramData\Bureau
    O43 - CFD: 17/03/2010 - 14:03:36 - [213560] ----D- C:\ProgramData\CanonCP
    O43 - CFD: 2/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Desktop
    O43 - CFD: 2/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Documents
    O43 - CFD: 9/09/2011 - 14:39:44 - [144] ----D- C:\ProgramData\Driver Whiz
    O43 - CFD: 23/10/2009 - 20:21:02 - [22405] ----D- C:\ProgramData\DVD X Studios
    O43 - CFD: 13/08/2009 - 11:22:28 - [0] -SH-D- C:\ProgramData\Favoris
    O43 - CFD: 2/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Favorites
    O43 - CFD: 13/05/2010 - 10:56:02 - [0] ----D- C:\ProgramData\Firefly Studios
    O43 - CFD: 9/09/2008 - 17:10:54 - [0] ----D- C:\ProgramData\FloodLightGames
    O43 - CFD: 26/07/2011 - 15:55:40 - [134810] ----D- C:\ProgramData\GameHouse
    O43 - CFD: 8/11/2009 - 18:13:18 - [536147] ----D- C:\ProgramData\Google
    O43 - CFD: 29/05/2011 - 16:37:40 - [16697636] ----D- C:\ProgramData\Malwarebytes
    O43 - CFD: 1/01/2011 - 11:51:40 - [2444] ----D- C:\ProgramData\McAfee
    O43 - CFD: 29/07/2011 - 19:54:26 - [853] ----D- C:\ProgramData\Media Get LLC
    O43 - CFD: 13/08/2009 - 11:22:28 - [0] -SH-D- C:\ProgramData\Menu Démarrer
    O43 - CFD: 2/10/2011 - 11:56:16 - [424901333] -S--D- C:\ProgramData\Microsoft
    O43 - CFD: 17/09/2011 - 12:47:56 - [112090] ----D- C:\ProgramData\Microsoft Help
    O43 - CFD: 13/08/2009 - 11:22:28 - [0] -SH-D- C:\ProgramData\Modèles
    O43 - CFD: 13/08/2009 - 11:27:36 - [189645] ----D- C:\ProgramData\NVIDIA
    O43 - CFD: 12/09/2010 - 17:15:28 - [1204] ----D- C:\ProgramData\Office Genuine Advantage
    O43 - CFD: 4/05/2011 - 9:43:46 - [427] ----D- C:\ProgramData\PMB Files
    O43 - CFD: 5/10/2010 - 17:17:44 - [6360] ----D- C:\ProgramData\Sports Interactive
    O43 - CFD: 2/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Start Menu
    O43 - CFD: 28/04/2010 - 20:28:48 - [224] ----D- C:\ProgramData\Sun
    O43 - CFD: 27/03/2010 - 7:40:34 - [615789074] ----D- C:\ProgramData\Symantec
    O43 - CFD: 25/03/2011 - 17:25:06 - [0] ---AD- C:\ProgramData\TEMP
    O43 - CFD: 2/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Templates
    O43 - CFD: 24/03/2011 - 14:18:52 - [6491461] ----D- C:\ProgramData\Zylom
    O43 - CFD: 15/08/2009 - 15:46:34 - [1357039] ----D- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    O43 - CFD: 5/10/2011 - 14:51:30 - [0] ----D- C:\Users\FV\AppData\Roaming\6876836
    O43 - CFD: 3/01/2011 - 22:21:28 - [6636107] ----D- C:\Users\FV\AppData\Roaming\Adobe
    O43 - CFD: 4/09/2009 - 19:05:26 - [1997919] ----D- C:\Users\FV\AppData\Roaming\Big Fish Games
    O43 - CFD: 26/09/2010 - 17:40:04 - [199] ----D- C:\Users\FV\AppData\Roaming\dvdcss
    O43 - CFD: 7/03/2010 - 20:17:34 - [5871665] ----D- C:\Users\FV\AppData\Roaming\ElementalsTheMagicKey
    O43 - CFD: 19/06/2010 - 19:09:24 - [726497] ----D- C:\Users\FV\AppData\Roaming\eTeks
    O43 - CFD: 23/08/2009 - 13:17:52 - [23172] ----D- C:\Users\FV\AppData\Roaming\FloodLightGames
    O43 - CFD: 15/03/2011 - 14:39:30 - [134227] ----D- C:\Users\FV\AppData\Roaming\FlyWheelGames
    O43 - CFD: 19/06/2011 - 17:46:40 - [9450] ----D- C:\Users\FV\AppData\Roaming\Gogii
    O43 - CFD: 15/08/2009 - 15:18:44 - [49448] ----D- C:\Users\FV\AppData\Roaming\Google
    O43 - CFD: 7/03/2010 - 20:12:52 - [1162] ----D- C:\Users\FV\AppData\Roaming\Identities
    O43 - CFD: 15/08/2009 - 15:26:16 - [0] ----D- C:\Users\FV\AppData\Roaming\InterVideo
    O43 - CFD: 13/08/2009 - 11:36:08 - [280575] ----D- C:\Users\FV\AppData\Roaming\Macromedia
    O43 - CFD: 29/05/2011 - 16:37:48 - [751061] ----D- C:\Users\FV\AppData\Roaming\Malwarebytes
    O43 - CFD: 29/07/2011 - 19:54:26 - [2738] ----D- C:\Users\FV\AppData\Roaming\Media Get LLC
    O43 - CFD: 1/02/2011 - 9:42:14 - [21103257] -S--D- C:\Users\FV\AppData\Roaming\Microsoft
    O43 - CFD: 1/02/2011 - 13:46:44 - [15781302] ----D- C:\Users\FV\AppData\Roaming\Mozilla
    O43 - CFD: 25/03/2010 - 16:14:22 - [918] ----D- C:\Users\FV\AppData\Roaming\PhotoFiltre
    O43 - CFD: 28/07/2011 - 9:08:26 - [0] ----D- C:\Users\FV\AppData\Roaming\Samsung
    O43 - CFD: 7/10/2009 - 18:51:58 - [14952] R---D- C:\Users\FV\AppData\Roaming\SecuROM
    O43 - CFD: 5/10/2010 - 17:16:32 - [12793608] ----D- C:\Users\FV\AppData\Roaming\Sports Interactive
    O43 - CFD: 15/08/2009 - 15:51:42 - [3089] ----D- C:\Users\FV\AppData\Roaming\Symantec
    O43 - CFD: 17/08/2011 - 10:24:12 - [0] ----D- C:\Users\FV\AppData\Roaming\System
    O43 - CFD: 13/08/2009 - 12:20:42 - [13824] ----D- C:\Users\FV\AppData\Roaming\Template
    O43 - CFD: 30/01/2011 - 20:22:28 - [0] ----D- C:\Users\FV\AppData\Roaming\U3
    O43 - CFD: 2/10/2011 - 18:47:14 - [1464196] ----D- C:\Users\FV\AppData\Roaming\vlc
    O43 - CFD: 18/10/2010 - 14:01:22 - [16063] ----D- C:\Users\FV\AppData\Roaming\W
    O43 - CFD: 29/12/2010 - 7:28:44 - [14138] ----D- C:\Users\FV\AppData\Roaming\wargaming.net
    O43 - CFD: 1/02/2011 - 9:11:10 - [360] ----D- C:\Users\FV\AppData\Roaming\WhiteSmoke
    O43 - CFD: 9/03/2011 - 17:31:08 - [0] ----D- C:\Users\FV\AppData\Roaming\WinRAR
    O43 - CFD: 7/03/2010 - 20:12:52 - [264516] ----D- C:\Users\FV\AppData\Roaming\Zylom
    O43 - CFD: 1/01/2011 - 11:55:00 - [16997052] ----D- C:\Users\FV\AppData\Local\Adobe
    O43 - CFD: 13/08/2009 - 11:25:26 - [0] -SH-D- C:\Users\FV\AppData\Local\Application Data
    O43 - CFD: 6/12/2010 - 14:47:14 - [58158756] ----D- C:\Users\FV\AppData\Local\Google
    O43 - CFD: 13/08/2009 - 11:25:26 - [0] -SH-D- C:\Users\FV\AppData\Local\Historique
    O43 - CFD: 9/03/2011 - 17:40:40 - [4292] ----D- C:\Users\FV\AppData\Local\LostKing
    O43 - CFD: 29/07/2011 - 19:49:20 - [5174299] ----D- C:\Users\FV\AppData\Local\Media Get LLC
    O43 - CFD: 5/10/2011 - 17:10:44 - [22859177] ----D- C:\Users\FV\AppData\Local\MediaGet2
    O43 - CFD: 17/08/2011 - 9:54:20 - [1623640] ----D- C:\Users\FV\AppData\Local\MesLivres
    O43 - CFD: 9/09/2011 - 14:34:34 - [2317817111] ----D- C:\Users\FV\AppData\Local\Microsoft
    O43 - CFD: 28/08/2009 - 14:19:18 - [1228235] ----D- C:\Users\FV\AppData\Local\Microsoft Games
    O43 - CFD: 17/08/2009 - 9:48:50 - [96764] ----D- C:\Users\FV\AppData\Local\Microsoft Help
    O43 - CFD: 13/08/2009 - 11:46:14 - [51375] ----D- C:\Users\FV\AppData\Local\MigWiz
    O43 - CFD: 1/02/2011 - 13:46:28 - [58139434] ----D- C:\Users\FV\AppData\Local\Mozilla
    O43 - CFD: 23/08/2009 - 13:16:52 - [5243228] ----D- C:\Users\FV\AppData\Local\Oberon Games
    O43 - CFD: 4/05/2011 - 10:42:24 - [178395] ----D- C:\Users\FV\AppData\Local\PMB Files
    O43 - CFD: 5/10/2011 - 19:31:10 - [82531] ----D- C:\Users\FV\AppData\Local\Temp
    O43 - CFD: 13/08/2009 - 11:25:26 - [0] -SH-D- C:\Users\FV\AppData\Local\Temporary Internet Files
    O43 - CFD: 4/09/2009 - 19:13:10 - [34094834] ----D- C:\Users\FV\AppData\Local\VirtualStore
    O43 - CFD: 28/07/2011 - 9:07:14 - [0] ----D- C:\Users\FV\AppData\Local\Zylom Games
    ~ Scan Program Folder in 00mn 35s

    ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 - LFC:[MD5.1BC86B5A281AC76F0CC597FA24A73A11] - 1/10/2011 - 18:01:33 ---A- . (...) -- C:\Windows\ntbtlog.txt [350968]
    O44 - LFC:[MD5.B412A5393E9BF796D97B12E0BDD1E12A] - 18/09/2011 - 9:47:00 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\system32\FlashPlayerCPLApp.cpl [404640]
    O44 - LFC:[MD5.E185BDA84E5F03F4E1D8DCA30E209277] - 2/10/2011 - 10:56:37 ---A- . (...) -- C:\Windows\epplauncher.mif [1912]
    O44 - LFC:[MD5.E8D05CBA1615AA584A23B9CBA6702AFF] - 4/10/2011 - 16:57:12 ---A- . (...) -- C:\Windows\srun.log [12]
    O44 - LFC:[MD5.64041651F535AAF1EE6DE472CA5ABAA5] - 5/10/2011 - 16:29:11 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
    O44 - LFC:[MD5.363473132B9EF02FAA8266FE6AB15B8E] - 5/10/2011 - 17:35:01 ---A- . (...) -- C:\AdwCleaner[S1].txt [5000]
    O44 - LFC:[MD5.9E1FB6B4F58B4850687356BD34373820] - 5/10/2011 - 18:22:58 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [4507]
    O44 - LFC:[MD5.310C715B61097EE21DF25AA01AAF075A] - 5/10/2011 - 18:25:18 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
    O44 - LFC:[MD5.CEAF98D916D2B75B8704BEE7680EE0B5] - 5/10/2011 - 18:25:46 ---A- . (...) -- C:\Windows\system32\agent.log [0]
    O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 5/10/2011 - 18:25:57 ---A- . (...) -- C:\Windows\system32\LogConfigTemp.xml [0]
    O44 - LFC:[MD5.A2A3D9CCE8E32A9369A61A9800B136F9] - 5/10/2011 - 18:29:07 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1251168]
    O44 - LFC:[MD5.E5802E6F9CC1B05E8E5230900DAFB1C3] - 5/10/2011 - 18:30:27 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1502476]
    O44 - LFC:[MD5.0501041328E2B2AA483B3C7DBF567807] - 5/10/2011 - 18:30:27 ---A- . (...) -- C:\Windows\system32\perfc009.dat [105070]
    O44 - LFC:[MD5.098F8816C1BB4D7C82D8D18923371CE3] - 5/10/2011 - 18:30:27 ---A- . (...) -- C:\Windows\system32\perfc00C.dat [127626]
    O44 - LFC:[MD5.5EDA333333FAD2FB1FD7C6C47A51AA39] - 5/10/2011 - 18:30:27 ---A- . (...) -- C:\Windows\system32\perfh009.dat [598096]
    O44 - LFC:[MD5.C1145BDC23EE16DAF0B9D2163A5E60BA] - 5/10/2011 - 18:30:27 ---A- . (...) -- C:\Windows\system32\perfh00C.dat [681142]
    ~ Scan Files in 00mn 46s

    ---\\ Contrôle du Safe Boot (CSB) (O49)
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys
    ~ Scan CSB in 00mn 00s

    ---\\ MountPoints2 Shell Key (O51)
    O51 - MPSK:{120c524d-881d-11de-9afd-806e6f6e6963}\AutoRun\command. (.Linasoft - AutoPlay Menu Loader.) -- E:\autorun.exe
    O51 - MPSK:{c86ec8b6-906d-11de-ab57-00238b8aeb66}\AutoRun\command. (...) -- G:\LaunchU3.exe (.not file.)
    ~ Scan Keys in 00mn 09s

    ---\\ Trojan Driver Search Data (HKLM) (O52)
    O52 - TDSD: \Drivers32\"vidc.i420"="c:\progra~1\codecp~1\i263\i263_32.drv" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"msacm.l3acm"="s¸ö" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll
    O52 - TDSD: \Drivers32\"vidc.DIV3"="c:\progra~1\codecp~1\divx3\divxc32.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"vidc.DIV4"="c:\progra~1\codecp~1\divx412\divx.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"vidc.DIVX"="c:\progra~1\codecp~1\divx511\divx.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"vidc.xvid"="c:\progra~1\codecp~1\xvid\xvid.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"vidc.fvfw"="c:\progra~1\codecp~1\ffvfw\ffvfw.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"msacm.avis"="c:\progra~1\codecp~1\ffvfw\ffvfw.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"vidc.MPG4"="c:\progra~1\codecp~1\mpeg4\mpg4c32.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"vidc.MP42"="c:\progra~1\codecp~1\mpeg4\mpg4c32.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"vidc.MP43"="c:\progra~1\codecp~1\mpeg4\mpg4c32.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"VIDC.MJPG"="c:\progra~1\codecp~1\picvideo\pvmjpg21.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"VIDC.PIMJ"="c:\progra~1\codecp~1\picvideo\pvljpg20.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"VIDC.PVW2"="c:\progra~1\codecp~1\picvideo\pvwv220.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"VIDC.SJPG"="c:\progra~1\codecp~1\pmmjpeg\pmmjpeg.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"vidc.MJPX"="c:\progra~1\codecp~1\m3jpegv3\m3jpeg32.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"vidc.dmb1"="c:\progra~1\codecp~1\m3jpegv3\m3jpeg32.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"VIDC.HFYU"="c:\progra~1\codecp~1\huffyuv\huffyuv.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"VIDC.ZLIB"="c:\progra~1\codecp~1\lcljp\avizlib.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"VIDC.MSZH"="c:\progra~1\codecp~1\lcljp\avimszh.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"vidc.MVW1"="c:\progra~1\codecp~1\aware\icmw_32.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"vidc.dvmc"="c:\progra~1\codecp~1\mcdv\mcdvd_32.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"vidc.VP31"="c:\progra~1\codecp~1\on2vp3\vp31vfw.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"vidc.VP60"="c:\progra~1\codecp~1\on2vp6\vp6vfw.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"vidc.VP61"="c:\progra~1\codecp~1\on2vp6\vp6vfw.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"vidc.3IV2"="c:\progra~1\codecp~1\3ivx\3ivxvf~1.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"vidc.I263"="c:\progra~1\codecp~1\i263\i263_32.drv" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"msacm.imc"="c:\progra~1\codecp~1\i263\imc32.acm" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"VIDC.YMPG"="c:\progra~1\codecp~1\ympeg\ympgcdc.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"msacm.ympgacm"="c:\progra~1\codecp~1\ympeg\ympgacm.acm" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"VIDC.WMV3"="c:\progra~1\codecp~1\wm9\wmv9vcm.dll" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"msacm.lameacm"="c:\progra~1\codecp~1\mp3lame\lameacm.acm" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"msacm.atrac3"="c:\progra~1\codecp~1\atrac3\atrac3.acm" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"msacm.qmpeg"="c:\progra~1\codecp~1\qmpeg\qmpeg.acm" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"msacm.uleaddv"="c:\progra~1\codecp~1\uleaddv\dvacm.acm" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"msacm.vorbis"="c:\progra~1\codecp~1\vorbis\vorbis.acm" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"msacm.divxa32"="c:\progra~1\codecp~1\wma\divxa32.acm" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"msacm.msaudio2"="c:\progra~1\codecp~1\wma\msaud32h.acm" . (...) -- (.not file.)
    O52 - TDSD: \Drivers32\"msacm.msaudio1"="s¸ö" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\divx3\divxc32.dll"="DivX ;-) 3.20a VKI Video Codec" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\divx412\divx.dll"="DivX 4.12 Video Codec" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\divx511\divx.dll"="DivX 5.1.1 Pro Codec" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\xvid\xvid.dll"="XviD MPEG-4 Video Codec" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\ffvfw\ffvfw.dll"="makeAVIS - FFvfw" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\mpeg4\mpg4c32.dll"="Microcrap MPEG-4 Video Codec V3" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\picvideo\pvmjpg21.dll"="PICVideo MJPEG Codec" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\picvideo\pvljpg20.dll"="PICVideo Lossless JPEG Codec" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\picvideo\pvwv220.dll"="PICVideo Wavelet 2000 Codec" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\pmmjpeg\pmmjpeg.dll"="Paradigm Matrix M-JPEG Codec 1.11N" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\m3jpegv3\m3jpeg32.dll"="Morgan MJPEG 32-bits codec" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\huffyuv\huffyuv.dll"="Huffyuv lossless codec" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\lcljp\avizlib.dll"="AVIzlib Loss-Less Codec v2.23" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\lcljp\avimszh.dll"="AVImszh Loss-Less Codec v2.23" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\aware\icmw_32.dll"="Aware MotionWavelets v1.70.4.2" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\mcdv\mcdvd_32.dll"="MainConcept DV Codec v2.04" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\on2vp3\vp31vfw.dll"="On2 VP3 Video Codec v3.2.6.1" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\on2vp6\vp6vfw.dll"="On2 VP61 Advanced Profile" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\3ivx\3ivxvf~1.dll"="3ivx D4 Video Codec v4.5" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\i263\i263_32.drv"="Intel I263/I420 Video Driver v2.55.016" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\i263\imc32.acm"="Intel Music Coder" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\ympeg\ympgcdc.dll"="YMPEG Video codec" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\ympeg\ympgacm.acm"="YMPEG Audio codec" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\wm9\wmv9vcm.dll"="Windows Media Video 9 VCM" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"s¸ö"="Windows Media Audio" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\mp3lame\lameacm.acm"="Lame ACM MP3 Codec" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\atrac3\atrac3.acm"="Sony ATRAC3 Audio Codec" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\qmpeg\qmpeg.acm"="QDesign MPEG Audio Codec" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\uleaddv\dvacm.acm"="Ulead DV Audio Codec" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\vorbis\vorbis.acm"="Ogg Vorbis Audio CODEC" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\wma\divxa32.acm"="DivX WMA Audio Codec" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\wma\msaud32h.acm"="Micro$oft WMA Audio V2" . (...) -- (.not file.)
    ~ Scan Keys in 00mn 00s

    ---\\ Microsoft Control Security Providers (O54)
    O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
    O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
    ~ Scan Keys in 00mn 00s

    ---\\ Microsoft Windows Policies System (O55)
    O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
    O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
    O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
    O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
    ~ Scan Keys in 00mn 00s

    ---\\ Microsoft Windows Policies Explorer (O56)
    O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
    ~ Scan Keys in 00mn 00s

    ---\\ Liste des Drivers Système (O58)
    O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 3:32:46 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968]
    O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 3:32:51 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600]
    O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 3:32:52 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432]
    O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 3:32:53 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560]
    O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 21/01/2008 - 3:32:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17464]
    O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 3:32:49 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416]
    O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 3:32:50 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928]
    O58 - SDL:[MD5.997E25F5B7D53C94C0AD2DC080F6868E] - 10/09/2008 - 9:59:00 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athr.sys [912384]
    O58 - SDL:[MD5.6FB43F0DADB3FDC287D080C19666AF8D] - 10/09/2008 - 9:39:42 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60x.sys [212992]
    O58 - SDL:[MD5.C38077D14ADF896EE1E1DBBCBCF77E14] - 10/09/2008 - 12:18:28 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\system32\drivers\BCMWL6.SYS [1187320]
    O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 2/11/2006 - 9:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]
    O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 2/11/2006 - 9:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]
    O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 2/11/2006 - 9:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]
    O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 2/11/2006 - 9:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]
    O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 2/11/2006 - 9:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]
    O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 2/11/2006 - 9:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]
    O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 21/01/2008 - 3:32:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19000]
    O58 - SDL:[MD5.6186B6B953BDC884F0F379B84B3E3A98] - 9/09/2008 - 16:42:12 ---A- . (.Symantec Corporation - Confidence Online v6.1 WDM driver (6,1,4,10).) -- C:\Windows\system32\drivers\COH_Mon.sys [23888]
    O58 - SDL:[MD5.73F5D6835BFA66019C03E316D99649DA] - 9/09/2008 - 3:39:02 ---A- . (.Symantec Corporation - Behavior Blocker v2007.1 WDM driver (2007.1.1.99).) -- C:\Windows\system32\drivers\CO_Mon.sys [36056]
    O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 2/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]
    O58 - SDL:[MD5.73BAF270D24FE726B9CD7F80BB17A23D] - 10/09/2008 - 14:29:36 ---A- . (.Dritek System Inc. - Dritek PS2 Keyboard Filter Driver.) -- C:\Windows\system32\drivers\DKbFltr.sys [21264]
    O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 3:32:50 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel(R) PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784]
    O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 3:32:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584]
    O58 - SDL:[MD5.AB8A6A87D9D7255C3884D5B9541A6E80] - 15/08/2009 - 12:12:54 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [15464]
    O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 3:32:52 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504]
    O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 3:32:49 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064]
    O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 2/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]
    O58 - SDL:[MD5.C6E5276C00EBDEB096BB5EF4B797D1B6] - 13/08/2009 - 10:13:24 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\system32\drivers\int15.sys [15392]
    O58 - SDL:[MD5.8C7FA71CB1EBCD3EDE8958D27B1BF0B4] - 13/08/2009 - 10:13:24 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\system32\drivers\int15_64.sys [17952]
    O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 2/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]
    O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 2/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]
    O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 3:32:49 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312]
    O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 3:32:51 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656]
    O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 3:32:48 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312]
    O58 - SDL:[MD5.69A6268D7F81E53D568AB4E7E991CAF3] - 29/05/2011 - 16:00:50 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [22216]
    O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 3:32:53 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288]
    O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 3:32:52 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616]
    O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 2/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]
    O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 2/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]
    O58 - SDL:[MD5.2757D2BA59AEE155209E24942AB127C9] - 9/09/2008 - 10:52:06 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\Windows\system32\drivers\NTIDrvr.sys [14848]
    O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 2/11/2006 - 8:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]
    O58 - SDL:[MD5.EC0E8BC4CA37007DDB51F0DCC0C5472F] - 10/09/2008 - 3:12:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 176.) -- C:\Windows\system32\drivers\nvlddmkm.sys [7546080]
    O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 3:32:47 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968]
    O58 - SDL:[MD5.736054614AB962D4EC01EF4ABCE115F1] - 22/07/2008 - 3:21:08 ---A- . (.NVIDIA Corporation - NVIDIA nForce(TM) SMU Microcontroller Driver.) -- C:\Windows\system32\drivers\nvsmu.sys [15872]
    O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 3:32:47 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112]
    O58 - SDL:[MD5.1199B2052F7861C1D39C2318E70904C9] - 21/07/2008 - 9:12:22 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor32.sys [145952]
    O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 3:32:50 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360]
    O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 2/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]
    O58 - SDL:[MD5.001B4278407F4303EFC902A2B16F2453] - 13/08/2009 - 19:09:28 ---A- . (.InterVideo - regi driver.) -- C:\Windows\system32\drivers\regi.sys [11032]
    O58 - SDL:[MD5.FE912E4A9719A9792669DEBB403CB9B1] - 9/09/2008 - 10:11:06 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2164248]
    O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 2/11/2006 - 7:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]
    O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 3:32:52 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808]
    O58 - SDL:[MD5.E0E54A571D4323567E95E11FE76A5FF3] - 9/09/2008 - 3:51:00 ---A- . (.Symantec Corporation - Symantec AutoProtect.) -- C:\Windows\system32\drivers\srtsp.sys [279088]
    O58 - SDL:[MD5.4E44F0E22DF824D318988CAA6F321C30] - 9/09/2008 - 3:51:00 ---A- . (.Symantec Corporation - Symantec AutoProtect.) -- C:\Windows\system32\drivers\srtspl.sys [317616]
    O58 - SDL:[MD5.D3BB40427CF3D02E56BBA97FEDA0A3AA] - 9/09/2008 - 3:51:00 ---A- . (.Symantec Corporation - Symantec AutoProtect.) -- C:\Windows\system32\drivers\srtspx.sys [43696]
    O58 - SDL:[MD5.5A1D0CA8A5F1E7B4EC50B9D76C001F0E] - 13/08/2009 - 10:11:16 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Device 1.0 Driver.) -- C:\Windows\system32\drivers\ss_bus.sys [83592]
    O58 - SDL:[MD5.A251AEE642F64B8BC5E2CBFEBB437A1D] - 13/08/2009 - 10:11:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_cm.sys [12424]
    O58 - SDL:[MD5.A251AEE642F64B8BC5E2CBFEBB437A1D] - 13/08/2009 - 10:11:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_cmnt.sys [12424]
    O58 - SDL:[MD5.F0A85580E36A3A85059037D39A9CF079] - 13/08/2009 - 10:11:18 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Modem 1.0 Filter Driver.) -- C:\Windows\system32\drivers\ss_mdfl.sys [15112]
    O58 - SDL:[MD5.84C3DBFD1BFA4ADC0A950B3D5506CB00] - 13/08/2009 - 10:11:18 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Modem 1.0 Driver.) -- C:\Windows\system32\drivers\ss_mdm.sys [109704]
    O58 - SDL:[MD5.09104A5FE22B716571E90E11B73A042C] - 13/08/2009 - 10:11:18 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_wh.sys [12424]
    O58 - SDL:[MD5.09104A5FE22B716571E90E11B73A042C] - 13/08/2009 - 10:11:18 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_whnt.sys [12424]
    O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 13/08/2009 - 15:05:00 ---A- . (...) -- C:\Windows\system32\drivers\StarOpen.sys [5632]
    O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 2/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]
    O58 - SDL:[MD5.FE9F8B3A8BC22D85332B42E92308DDF9] - 27/03/2010 - 12:31:16 ---A- . (.Symantec Corporation - DNS Filter Driver.) -- C:\Windows\system32\drivers\symdns.sys [13616]
    O58 - SDL:[MD5.06B95820DF51502099A8A15C93E87986] - 9/09/2008 - 6:42:22 ---A- . (.Symantec Corporation - Symantec Event Library.) -- C:\Windows\system32\drivers\SYMEVENT.SYS [124464]
    O58 - SDL:[MD5.A0EA9D273889E53CFAABF2444692CCBF] - 27/03/2010 - 12:31:16 ---A- . (.Symantec Corporation - Firewall Filter Driver.) -- C:\Windows\system32\drivers\symfw.sys [96560]
    O58 - SDL:[MD5.23527B9CD4F7B9E31160E98D340E7E85] - 27/03/2010 - 12:31:16 ---A- . (.Symantec Corporation - IDS Filter Driver.) -- C:\Windows\system32\drivers\symids.sys [38576]
    O58 - SDL:[MD5.8EAB28DD6CD25355B951AE460FA86B48] - 27/03/2010 - 12:31:42 ---A- . (.Symantec Corporation - NDIS 6.0 Filter Driver for Windows Vista.) -- C:\Windows\system32\drivers\SymIMV.sys [24112]
    O58 - SDL:[MD5.C94EACA4B522012EE0691F1E79C42A7D] - 27/03/2010 - 12:31:18 ---A- . (.Symantec Corporation - NDIS Filter Driver.) -- C:\Windows\system32\drivers\symndisv.sys [41008]
    O58 - SDL:[MD5.7C6505EA598E58099D3B7E1F70426864] - 27/03/2010 - 12:31:16 ---A- . (.Symantec Corporation - Redirector Filter Driver.) -- C:\Windows\system32\drivers\symredrv.sys [22320]
    O58 - SDL:[MD5.E6FF7ACE71D07CA90119F2C6AB592BA4] - 27/03/2010 - 12:31:16 ---A- . (.Symantec Corporation - Network Dispatch Driver.) -- C:\Windows\system32\drivers\symtdi.sys [184496]
    O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 2/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]
    O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 2/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]
    O58 - SDL:[MD5.BF7AA84D5AF0FAA0978C840E63B17DBF] - 10/09/2008 - 2:45:00 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [196784]
    O58 - SDL:[MD5.F763E070843EE2803DE1395002B42938] - 9/09/2008 - 10:51:50 ---A- . (.NewTech Infosystems Corporation - NTI CDROM Filter Driver.) -- C:\Windows\system32\drivers\UBHelper.sys [13824]
    O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 3:32:45 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648]
    O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 2/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]
    O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 3:32:49 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]
    O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 21/01/2008 - 3:32:21 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20024]
    O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 3:32:49 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616]
    O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 2/11/2006 - 8:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]
    O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 2/11/2006 - 8:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097]
    O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 2/11/2006 - 8:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]
    O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 2/11/2006 - 8:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]
    O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 2/11/2006 - 8:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]
    O58 - SDL:[MD5.9131FE60ADFAB595C8DA53AD6A06AA31] - 4/05/2011 - 7:43:08 ---A- . (.INCA Internet Co., Ltd. - nProtect NPSC Kernel Mode Driver for NT.) -- C:\Windows\system32\npptNT2.sys [4682]
    O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 2/11/2006 - 8:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]
    O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 2/11/2006 - 8:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]
    O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 2/11/2006 - 8:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]
    O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 2/11/2006 - 8:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]
    O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 2/11/2006 - 8:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]
    O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 2/11/2006 - 8:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]
    O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 2/11/2006 - 8:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]
    O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 2/11/2006 - 8:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]
    O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 2/11/2006 - 8:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]
    O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 2/11/2006 - 8:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]
    ~ Scan Drivers in 00mn 08s

    ---\\ Liste des outils de nettoyage (O63)
    O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
    O63 - Logiciel: Ad-Remover - (.Pas de propriétaire.) [HKCU] -- Ad-Remover
    ~ Scan ADS in 00mn 00s

    ---\\ Liste des services Legacy (O64)
    O64 - Services: CurCS - 30/07/2008 - C:\Windows\system32\Drivers\COH_Mon.sys - COH_Mon(COH_Mon) .(.Symantec Corporation - Confidence Online v6.1 WDM driver (6,1,4,10.) - LEGACY_COH_MON
    O64 - Services: CurCS - 21/08/2007 - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe - comHost(comHost) .(.Symantec Corporation - COM Aggregation Host.) - LEGACY_COMHOST
    O64 - Services: CurCS - 8/08/2007 - C:\Windows\system32\drivers\CO_Mon.sys - CO_Mon(CO_Mon) .(.Symantec Corporation - Behavior Blocker
    0
  12. fmounet007007 Messages postés 23 Statut Membre
     
    et la suite et fin:

    ---\\ Liste des services Legacy (O64)
    O64 - Services: CurCS - 30/07/2008 - C:\Windows\system32\Drivers\COH_Mon.sys - COH_Mon(COH_Mon) .(.Symantec Corporation - Confidence Online v6.1 WDM driver (6,1,4,10.) - LEGACY_COH_MON
    O64 - Services: CurCS - 21/08/2007 - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe - comHost(comHost) .(.Symantec Corporation - COM Aggregation Host.) - LEGACY_COMHOST
    O64 - Services: CurCS - 8/08/2007 - C:\Windows\system32\drivers\CO_Mon.sys - CO_Mon(CO_Mon) .(.Symantec Corporation - Behavior Blocker v2007.1 WDM driver (2007.1.) - LEGACY_CO_MON
    O64 - Services: CurCS - 15/07/2009 - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - Symantec Eraser Control driver(eeCtrl) .(.Symantec Corporation - Symantec Eraser Control Driver.) - LEGACY_EECTRL
    O64 - Services: CurCS - 15/07/2009 - C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - EraserUtilRebootDrv(EraserUtilRebootDrv) .(.Symantec Corporation - Symantec Eraser Utility Driver.) - LEGACY_ERASERUTILREBOOTDRV
    O64 - Services: CurCS - 22/07/2009 - C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20090811.002\IDSvix86.sys - Symantec Intrusion Prevention Driver(IDSvix86) .(.Symantec Corporation - IDS Core Driver.) - LEGACY_IDSVIX86
    O64 - Services: CurCS - 11/06/2008 - C:\Windows\system32\drivers\int15.sys - int15(int15) .(.Acer, Inc. - int15.) - LEGACY_INT15
    O64 - Services: CurCS - ??/??/???? - C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090818.021\NAVENG.sys (.not file.) - NAVENG (NAVENG) .(...) - LEGACY_NAVENG
    O64 - Services: CurCS - ??/??/???? - C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090818.021\NAVEX15.sys (.not file.) - NAVEX15 (NAVEX15) .(...) - LEGACY_NAVEX15
    O64 - Services: CurCS - 17/04/2007 - C:\Windows\system32\drivers\regi.sys - regi(regi) .(.InterVideo - regi driver.) - LEGACY_REGI
    O64 - Services: CurCS - 17/03/2009 - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys - SPBBCDrv(SPBBCDrv) .(.Symantec Corporation - SPBBC Driver.) - LEGACY_SPBBCDRV
    O64 - Services: CurCS - 31/01/2008 - C:\Windows\system32\Drivers\SRTSP.sys - SRTSP(SRTSP) .(.Symantec Corporation - Symantec AutoProtect.) - LEGACY_SRTSP
    O64 - Services: CurCS - 31/01/2008 - C:\Windows\system32\Drivers\SRTSPX.sys - SRTSPX(SRTSPX) .(.Symantec Corporation - Symantec AutoProtect.) - LEGACY_SRTSPX
    O64 - Services: CurCS - 19/02/2009 - C:\Windows\system32\Drivers\SYMDNS.sys - SYMDNS(SYMDNS) .(.Symantec Corporation - DNS Filter Driver.) - LEGACY_SYMDNS
    O64 - Services: CurCS - 27/03/2010 - C:\Windows\system32\Drivers\SYMEVENT.sys - SymEvent(SymEvent) .(.Symantec Corporation - Symantec Event Library.) - LEGACY_SYMEVENT
    O64 - Services: CurCS - 19/02/2009 - C:\Windows\system32\Drivers\SYMFW.sys - SYMFW(SYMFW) .(.Symantec Corporation - Firewall Filter Driver.) - LEGACY_SYMFW
    O64 - Services: CurCS - 19/02/2009 - C:\Windows\system32\DRIVERS\SymIMv.sys - Symantec Network Security Intermediate Filter Driver(SymIM) .(.Symantec Corporation - NDIS 6.0 Filter Driver for Windows Vista.) - LEGACY_SYMIM
    O64 - Services: CurCS - 19/02/2009 - C:\Windows\system32\Drivers\SYMNDISV.sys - SYMNDISV(SYMNDISV) .(.Symantec Corporation - NDIS Filter Driver.) - LEGACY_SYMNDISV
    O64 - Services: CurCS - 19/02/2009 - C:\Windows\system32\Drivers\SYMREDRV.sys - SYMREDRV(SYMREDRV) .(.Symantec Corporation - Redirector Filter Driver.) - LEGACY_SYMREDRV
    O64 - Services: CurCS - 19/02/2009 - C:\Windows\system32\Drivers\SYMTDI.sys - SYMTDI(SYMTDI) .(.Symantec Corporation - Network Dispatch Driver.) - LEGACY_SYMTDI
    ~ Scan Services in 00mn 04s

    ---\\ File Associations Shell Spawning (O67)
    O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
    O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
    O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
    O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
    O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
    O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
    O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
    O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
    O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
    O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
    O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
    O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
    O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
    O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
    O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
    O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
    O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
    ~ Scan Keys in 00mn 00s

    ---\\ Start Menu Internet (O68)
    O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
    O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
    O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
    ~ Scan Keys in 00mn 00s

    ---\\ Search Browser Infection (O69)
    O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
    O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
    O69 - SBI: SearchScopes [HKCU] {0DA8DAC9-F5A3-4D21-BEE5-80914B132F5C} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl
    O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - https://www.google.com/?gws_rd=ssl
    O69 - SBI: SearchScopes [HKCU] {70D46D94-BF1E-45ED-B567-48701376298E} - (Google Desktop) - http://127.0.0.1:4664/search&s=fxPRSHX5qlkQ42inPfzse4SjObs?q={searchTerms}
    ~ Scan Keys in 00mn 00s

    ---\\ Recherche particuliere à la racine de certains dossiers (O84)
    [MD5.7FAF5222EEB546E1DC0F348DCB314B0B] [SPRF][29/08/2006] (.Zylom Games - Zylom Games Player.) -- C:\Windows\Downloaded Program Files\zylomgamesplayer.dll [161976]
    ~ Scan Files in 00mn 00s

    ---\\ Recherche d'infection Rogue (O86)
    C:\Users\FV\AppData\Roaming\6876836
    ~ Scan Files in 00mn 00s

    ---\\ Firewall Active Exception List (FirewallRules) (O87)
    O87 - FAEL: "{1AD7AEB3-A381-42D9-A6D3-0FA399F69ED3}" | In - Public - P6 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
    O87 - FAEL: "{A1850EFA-F017-4143-BADE-53CBCF94ED57}" | In - Public - P6 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
    O87 - FAEL: "{73D814D8-7916-47ED-934C-4C7D03A01410}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    O87 - FAEL: "{AB0CE66F-1493-484A-B348-E022240DFC42}" | In - Public - P17 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
    O87 - FAEL: "{9F15E43A-7BD9-4A78-B805-2DAB7C143170}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    O87 - FAEL: "{F26EC160-5339-42B7-8BFD-80479D1FD445}" | In - Public - P17 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
    O87 - FAEL: "{0C799FFF-7FD9-43B0-AC91-5F4AE49B3869}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Ubisoft\THE SETTLERS - Bâtisseurs d'Empire\base\bin\Settlers6.exe (.not file.)
    O87 - FAEL: "{1E0B1FC4-FD42-4244-A52C-6F3E105AC18D}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Ubisoft\THE SETTLERS - Bâtisseurs d'Empire\base\bin\Settlers6.exe (.not file.)
    O87 - FAEL: "{A1A99002-1273-4BB1-9DF4-C21624EAE302}" |In - Private - P6 - FALSE | .(...) -- C:\Program Files\Sports Interactive\Football Manager 2010\fm.exe (.not file.)
    O87 - FAEL: "{2152B171-562B-42CA-BF7E-D8246B3F6FE2}" |In - Private - P17 - FALSE | .(...) -- C:\Program Files\Sports Interactive\Football Manager 2010\fm.exe (.not file.)
    O87 - FAEL: "{5EB1664F-A7DF-4379-BA01-8641A9953B8E}" | In - Domain - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
    O87 - FAEL: "{C65C8C66-2AE8-4D18-B956-1F491490ED68}" | In - Domain - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
    O87 - FAEL: "{0AB5E8BC-3B41-4F1F-8834-CF9D2CE43970}" | In - Private - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
    O87 - FAEL: "{422B37FB-EBD4-482E-B75B-B34B86C0EFC5}" | In - Private - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
    O87 - FAEL: "{AAE3E47D-8EF8-4297-9109-324E6C6605A2}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
    O87 - FAEL: "TCP Query User{F64282FB-DBE8-43C2-96E9-0631EC48C12A}C:\program files\google\google earth\client\googleearth.exe" | In - Private - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe
    O87 - FAEL: "UDP Query User{38B15C61-AA4E-43C3-9177-B38F9C78D2E0}C:\program files\google\google earth\client\googleearth.exe" | In - Private - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe
    O87 - FAEL: "TCP Query User{7CE7B74E-CE03-49DC-A9DD-10A1B31D7A72}C:\games\world_of_tanks_closed_beta\wotlauncher.exe" |In - Private - P6 - TRUE | .(...) -- C:\games\world_of_tanks_closed_beta\wotlauncher.exe (.not file.)
    O87 - FAEL: "UDP Query User{0E6B60F7-1893-4DF3-B46F-FD2361FDE20A}C:\games\world_of_tanks_closed_beta\wotlauncher.exe" |In - Private - P17 - TRUE | .(...) -- C:\games\world_of_tanks_closed_beta\wotlauncher.exe (.not file.)
    O87 - FAEL: "TCP Query User{B201ECF6-9A1F-487A-B95B-9AA8E6DC1BA5}C:\program files\mozilla firefox\firefox.exe" | In - Private - P6 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe
    O87 - FAEL: "UDP Query User{F8B7AD32-F21E-420B-AF80-D39ABE2EA7AD}C:\program files\mozilla firefox\firefox.exe" | In - Private - P17 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe
    O87 - FAEL: "TCP Query User{5D26C831-0FFD-4A3C-936C-5C92BAE4ECF5}C:\users\fv\appdata\local\mediaget2\mediaget.exe" | In - Private - P6 - TRUE | .(.MediaGet LLC - MediaGet torrent client.) -- C:\users\fv\appdata\local\mediaget2\mediaget.exe
    O87 - FAEL: "UDP Query User{A26A48B0-BAB1-4B3D-A6F8-9FD55F62230A}C:\users\fv\appdata\local\mediaget2\mediaget.exe" | In - Private - P17 - TRUE | .(.MediaGet LLC - MediaGet torrent client.) -- C:\users\fv\appdata\local\mediaget2\mediaget.exe
    ~ Scan Firewall in 00mn 02s

    ---\\ Scan Additionnel (O88)
    Database Version : 8700 - (05/10/2011)
    Clés trouvées (Keys found) : 0
    Valeurs trouvées (Values found) : 0
    Dossiers trouvés (Folders found) : 8
    Fichiers trouvés (Files found) : 0

    C:\Program Files\WhiteSmoke =>PUP.Whitesmoke
    C:\ProgramData\Media Get LLC =>PUP.MediaGet
    C:\Users\FV\AppData\Roaming\Media Get LLC =>PUP.MediaGet
    C:\Users\FV\AppData\Roaming\WhiteSmoke =>PUP.Whitesmoke
    C:\Users\FV\AppData\Local\Media Get LLC =>PUP.MediaGet
    C:\Users\FV\AppData\Local\MediaGet2 =>PUP.MediaGet
    ~ Scan Additionnel in 00mn 55s

    ---\\ Recherche détournement de DNS routeur (O89)
    Serveur : UnKnown
    Address: 192.168.1.1
    Nom : www.l.google.com
    Addresses: 209.85.148.106
    209.85.148.104
    209.85.148.103
    209.85.148.99
    209.85.148.147
    209.85.148.105
    Aliases: www.google.fr
    www.google.com
    ~ Scan DNS in 00mn 03s

    ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SR - | Auto 9/09/2008 238968 | (Automatic LiveUpdate Scheduler) . (.Symantec Corporation.) - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    SR - | Auto 9/09/2008 16384 | (BUNAgentSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
    SR - | Auto 17/10/2008 149352 | (ccEvtMgr) . (.Symantec Corporation.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    SR - | Auto 17/10/2008 149352 | (ccSetMgr) . (.Symantec Corporation.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    SR - | Auto 17/10/2008 149352 | (CLTNetCnService) . (.Symantec Corporation.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    SS - | Demand 9/09/2008 55640 | (comHost) . (.Symantec Corporation.) - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    SR - | Auto 24576 | (ETService) . (...) - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
    SS - | Demand 24/08/2010 30192 | Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    SS - | Auto 21/01/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
    SS - | Demand 21/01/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
    SS - | Demand 8/11/2009 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    SR - | Auto 13/08/2009 112152 | (IviRegMgr) . (.InterVideo.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    SR - | Auto 9/09/2008 61440 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    SS - | Demand 15/08/2009 3220856 | (LiveUpdate) . (.Symantec Corporation.) - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.exe
    SR - | Auto 17/10/2008 149352 | (LiveUpdate Notice) . (.Symantec Corporation.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    SS - | Demand 4/05/2011 4032992 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\Windows\system32\GameMon.des
    SR - | Auto 9/09/2008 50424 | (NTIBackupSvc) . (.NewTech InfoSystems, Inc..) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
    SR - | Auto 131072 | (NTISchedulerSvc) . (...) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    SR - | Auto 10/09/2008 196608 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
    SS - | Demand 1245064 | (Symantec Core LC) . (...) - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    SR - | Auto 21/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe
    ~ Scan Services in 00mn 04s

    ---\\ Recherche Master Boot Record Infection (MBR)(O80)
    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
    ~ Scan MBR in 00mn 06s

    ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog
    Run by FV at 5/10/2011 19:34:44

    ********* Dump file Name *********
    C:\PhysicalDisk0_MBR.bin
    ~ Scan MBR in 00mn 08s

    End of the scan (1420 lines in 03mn 49s)(0)
    0
  13. fmounet007007 Messages postés 23 Statut Membre
     
    dsl pas vu ton message pour le poster ailleurs!
    0
  14. fmounet007007 Messages postés 23 Statut Membre
     
    mon pc se comporte bien, "microsoft security essentials" ne m'a plus indiqué que mon pc était malade!
    0
  15. fmounet007007 Messages postés 23 Statut Membre
     
    pardon,mais un autre message vient d'apparaitre 3 fois d'affilée alors que cela n'apparaissait jamais auparavant: "Symantec Service Framework a cessé de fonctionner.
    0
  16. loumax91 Messages postés 14 Date d'inscription   Statut Contributeur sécurité Dernière intervention   483
     
    Tu as deux antivirus d'installés sur ton PC, choisi l'un des deux et désinstalle l'autre.

    Si tu désinstalle Norton : http://service1.symantec.com/SUPPORT/INTER/norton360intl.nsf/fr_docid/20070214094739989
    Si c'est MSE passe par : ajout/suppression des programmes

    Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement :

    * Télécharge Defogger (de jpshortstuff) sur ton Bureau
    http://www.jpshortstuff.247fixes.com/Defogger.exe
    * Lance le
    * Une fenêtre apparait : clique sur "Disable"
    * Fais redémarrer l'ordinateur si l'outil te le demande
    * Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable"

    Ensuite suis la procédure déjà décrite et relance :
    -AdwCleaner
    -Ad-Remover et poste les deux rapports

    Quand tu as fini, refais un ZHPDiag et poste le rapport ici : http://pjjoint.malekal.com/

    0
  17. fmounet007007 Messages postés 23 Statut Membre
     
    voici le rapport d'AdwCleaner:

    # AdwCleaner v1.309 - Rapport créé le 06/10/2011 à 12:58:22
    # Mis à jour le 29/09/11 à 20h par Xplode
    # Système d'exploitation : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
    # Nom d'utilisateur : FV - PC-DE-FV (Administrateur)
    # Exécuté depuis : C:\Users\FV\Downloads\adwcleaner0.exe
    # Option [Suppression]

    ***** [KillNav] *****

    # firefox.exe [PID:1540] -> Tué

    ***** [Processus] *****

    ***** [Services] *****

    ***** [Fichiers / Dossiers] *****

    ***** [Registre] *****

    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FF99715-3016-4381-84CE-E4E4C9673020}

    ***** [Navigateurs] *****

    -\\ Internet Explorer v8.0.6001.19120

    [OK] Le registre ne contient aucune entrée illégitime.

    -\\ Mozilla Firefox v7.0.1 (fr)

    Profil : 7ezrw9ux.default
    Fichier : C:\Users\FV\AppData\Roaming\Mozilla\Firefox\Profiles\7ezrw9ux.default\prefs.js

    [OK] Le fichier ne contient aucune entrée illégitime.

    -\\ Google Chrome v [Impossible d'obtenir la version]

    Fichier : C:\Users\FV\AppData\Local\Google\Chrome\User Data\Default\Preferences
    0
  18. fmounet007007 Messages postés 23 Statut Membre
     
    voici le rapport d'Ad-remover:

    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 12/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 13:00:26 le 06/10/2011, Mode normal

    Microsoft® Windows Vista(TM) Édition Familiale Basique Service Pack 2 (X86)
    FV@PC-DE-FV (eMachines, inc. eMG620)

    ============== ACTION(S) ==============

    (!) -- Fichiers temporaires supprimés.

    ============== SCAN ADDITIONNEL ==============

    **** Mozilla Firefox Version [7.0.1 (fr)] ****

    HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
    HKLM_MozillaPlugins\@zylom.com/ZylomGamesPlayer (x)
    HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
    Searchplugins\bing.xml ( hxxp://www.bing.com/search)
    Components\browsercomps.dll (Mozilla Foundation)

    -- C:\Users\FV\AppData\Roaming\Mozilla\FireFox\Profiles\7ezrw9ux.default --
    Prefs.js - browser.download.lastDir, C:\\Users\\FV\\Pictures
    Prefs.js - browser.search.defaultenginename, Search the web (Babylon)
    Prefs.js - browser.search.selectedEngine, Web Search
    Prefs.js - browser.startup.homepage_override.buildID, 20110928134238
    Prefs.js - browser.startup.homepage_override.mstone, rv:7.0.1

    ========================================

    **** Internet Explorer Version [8.0.6001.19120] ****

    HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKCU_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Start Page - hxxp://fr.msn.com/
    HKCU_SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} - "Google Desktop" (hxxp://127.0.0.1:4664/search&s=fxPRSHX5qlkQ42inPfzse4SjObs?q={searchTerms})
    HKLM_ElevationPolicy\{442E3CEB-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar1user.exe (x)
    HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
    HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
    HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)
    BHO\{7FF99715-3016-4381-84CE-E4E4C9673020} (?)

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 497 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 28 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 05/10/2011 19:20:54 (4507 Octet(s))
    C:\Ad-Report-CLEAN[2].txt - 06/10/2011 13:00:32 (2979 Octet(s))

    Fin à: 13:02:15, 06/10/2011

    ============== E.O.F ==============
    0
  19. fmounet007007 Messages postés 23 Statut Membre
     
    le lien pour le rapport de ZHPDiag:

    https://pjjoint.malekal.com/files.php?id=ZHPDiag_z8z11i58m11l12i8o9s7u6k6v9d11n9l11u15j6q12q14y12

    J'avais une autre question:Maintenant j'ai un truc qui s'ouvre au démarrage: le programme Media Get. Je ne me souviens pas l'avoir télécharger! Et j'arrive pas à le supprimer via le panneau de configuration puisqu'il ne s'y trouve pas... comment le virer?
    Encore merci pour tout!
    0
  20. loumax91 Messages postés 14 Date d'inscription   Statut Contributeur sécurité Dernière intervention   483
     
    On va s'en occuper !

    Ce script va cibler certains éléments à supprimer :

    * Ouvre ce lien, sélectionne le script en entier et copie le (Edition --> Copier)
    http://www.cijoint.fr/cjlink.php?file=cj201110/cij7H4Azwq.txt
    * Fais un clic-droit sur le raccourci de ZHPFix et choisis "Exécuter en temps qu'administrateur"
    * Clique sur l'icone représentant la lettre H (« coller les lignes Helper »)
    * Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes
    * Clique sur le bouton « GO » pour lancer le nettoyage,
    * Copie/colle la totalité du rapport dans ta prochaine réponse

    Ensuite :
    * Lance MBAM et fais les Mises à jour
    * Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
    * Sélectionne tes disques durs" puis clique sur "Lancer l'examen"
    * A la fin de l'analyse, clique sur Afficher les résultats
    * Coche tous les éléments détectés puis clique sur Supprimer la sélection
    * Enregistre le rapport
    * S'il t'est demandé de redémarrer l'ordinateur, clique sur Yes
    * Poste dans ta prochaine réponse le rapport apparaissant après la suppression

    Pour terminer refais un scan ZHPDiag et poste le rapport sur : http://pjjoint.malekal.com/

    "Celui qui aime à apprendre est bien près du savoir" (Confucius)
    0
  • 1
  • 2