virus embêtant!! Fermé

Question

Bonjour, 

J'ai installé un anti-virus gratuit qui m'a été conseillé: Microsoft security Essentials.
Cet anti-virus me dit que mon ordinateur est en danger à chaque fois que j'allume l'ordi.
Il essaie alors de supprimer le virus, qui s'appelle "trojan:win32/Eyestye.C!cfg.
Mais à chaque fois, c'est la meme chose, il revient, et Microsoft security Essentials le supprime de nouveau.... enfin il ne le supprime pas vraiment apparemment...
Que puis-je faire pour supprimer ce virus de mon ordi?
Merci d'avance!! 



Configuration: Windows Vista / Firefox 7.0.1

loumax91 · Answer

Bonjour

Utilise ce logiciel de désinfection généraliste :

* Télécharge et installe Malwarebytes' Anti-Malware
* A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
* Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
* Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
* Sélectionne tes disques durs" puis clique sur "Lancer l'examen" 
* A la fin de l'analyse, clique sur Afficher les résultats
* Coche tous les éléments  détectés puis clique sur Supprimer la sélection
* Enregistre le rapport
* S'il t'est demandé de redémarrer l'ordinateur, clique sur Yes
* Poste dans ta prochaine réponse le rapport apparaissant après la suppression

  
Ensuite :
Peux-tu utiliser ce logiciel de diagnostic, ça me permettra de t'aider :

* Télécharge ZHPDiag (de Nicolas Coolman)
* Lance le (si tu es sous Windows Vista ou Windows 7, fais le par un clic-droit --> Exécuter en temps qu'administrateur)
* Laisse toi guider lors de l'installation (pense à cocher la case pour créer un raccourci sur le Bureau)
* Il se lancera automatiquement à la fin de l'installation
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Rends toi sur ce site, clique sur "Parcourir", sélectionne le rapport de ZHPDiag et clique sur Envoyer le fichier. Patiente pendant l'envoi du fichier, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.

fmounet007007 · Answer

ok je fais ça merci!

fmounet007007 · Answer

voici la copie du rapport après l'analyse. J'ai fait une analyse rapide... après deux essais d'analyse complète... mais malwarebytes bloquait à chaque fois...

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Version de la base de données: 7876

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19120

5/10/2011 17:04:10
mbam-log-2011-10-05 (17-04-10).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 171159
Temps écoulé: 14 minute(s), 58 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 9
Fichier(s) infecté(s): 13

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\QuestBrowse (Adware.QuestBrowse) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport2 (Adware.Hotbar) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT\exefile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: () Good: ("%1" %*) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
c:\program files\shoppingreport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\shoppingreport2\Bin (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\shoppingreport2\Bin\2.7.32 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0} (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0}\chrome (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0}\defaults (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0}\defaults\preferences (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\$recycle$ (Trojan.Spyeyes) -> Quarantined and deleted successfully.
c:\servi3e.bin (Trojan.SpyEyes) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\Users\FV\AppData\Local\Temp\jar_cache7048015542930257959.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\FV\AppData\Local\Temp\0.06143102847192994.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\FV\AppData\Local\Temp\WSBandoo.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\FV\AppData\Local\Temp\wsget.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\FV\AppData\Local\Temp\ppddfcfux.exxe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\FV\AppData\Local\Temp\w32rim_mem.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\FV\AppData\Local\Temp\wrfwe_di.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\FV\AppData\Local\Temp\dffuck.exe (Malware.Trace) -> Quarantined and deleted successfully.
c:\program files\shoppingreport2\Uninst.exe (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0}\chrome.manifest (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0}\install.rdf (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0}\chrome\questbrowse.jar (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0}\defaults\preferences\prefs.js (Adware.QuestBrowse) -> Quarantined and deleted successfully.

fmounet007007 · Answer

voici l'adresse du lien pour ZHPDIag:

https://pjjoint.malekal.com/files.php?id=ZHPDiag_f14e14u8y10g14n5z10h7j9d9s11l15k8v14p12r10w10h8z5k13

loumax91 · Answer

Bonjour,


Nous allons essayer de régler ton problème ensemble. D'abord, quelques rappels :

- N'ouvre pas d'autres sujets pour le même problème (que ce soit sur ce forum ou sur un autre)
- N'hésite pas à poser des questions en cas de besoin ;)
- Sois patient(e) quand tu postes un message, je ne réponds pas instantanément : je suis bénévole et je ne suis pas en permanence devant mon ordinateur. Mais rassure toi, je ne laisse jamais tomber personne ;)
- La désinfection (si nécessaire) va se dérouler en plusieurs étapes. Même si les symptômes de l'infection disparaissent, la désinfection ne sera terminée que quand je te le confirmerai --> Merci de revenir jusqu'au bout, sinon ce qu'on a fait n'aura servi à rien.



Téléchargez AdwCleaner ( d'Xplode ) sur votre bureau.
http://general-changelog-team.fr/telechargements/logiciels/viewdownload/75-outils-de-xplode/28-adwcleaner
Lancez le, cliquez sur [Suppression] puis patientez le temps du scan.
Une fois le scan fini, un rapport s'ouvrira.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt


A suivre :
utilise cet outil de désinfection spécifique aux logiciels publicitaires :

* Télécharge AD-Remover (de C_XX) sur ton Bureau.
/!\ Déconnecte toi et ferme toutes les applications en cours /!\
* Double-clique sur l'icône AD-Remover
* Au menu principal, clique sur "Nettoyer"
* Confirme le lancement de l'analyse et laisse l'outil travailler
* Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report.log )

*******************
*Poste ces deux rapports ici et refais une analyse ZHPDiag stp.

fmounet007007 · Answer

voici le rapport d'AdwCleaner.
Voici le 3ème truc "anti-virus" que j'installe sur mon pc. Et, suivant vos conseils, je vais installer un 4ème! Pourrez-vous m'indiquer à la fin de la procédure ceux que je pourrai désinstaller de mon pc. Encore merci pr tout!

le rapport:

# AdwCleaner v1.309 - Rapport créé le 05/10/2011 à 18:34:07
# Mis à jour le 29/09/11 à 20h par Xplode
# Système d'exploitation : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Nom d'utilisateur : FV - PC-DE-FV (Administrateur)
# Exécuté depuis : C:\Users\FV\Downloads\adwcleaner0.exe
# Option [Suppression]


***** [KillNav] *****

# firefox.exe [PID:2844] -> Tué

***** [Processus] *****


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\ProgramData\Babylon
Dossier Supprimé : C:\Users\FV\AppData\Roaming\Babylon
Dossier Supprimé : C:\Users\FV\AppData\Local\Babylon
Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml

***** [Registre] *****

Clé Supprimée : HKCU\Software\DataMngr
Clé Supprimée : HKCU\Software\AppDataLow\Software\searchqutb
Clé Supprimée : HKCU\Software\AppDataLow\Software\ShoppingReport2
Clé Supprimée : HKLM\SOFTWARE\Babylon
Clé Supprimée : HKLM\SOFTWARE\bandoo
Clé Supprimée : HKLM\SOFTWARE\DataMngr
Clé Supprimée : HKLM\SOFTWARE\SearchquMediabarTb
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{7FF99715-3016-4381-84CE-E4E4C9673020}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FF99715-3016-4381-84CE-E4E4C9673020}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7FF99715-3016-4381-84CE-E4E4C9673020}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FF99715-3016-4381-84CE-E4E4C9673020}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]

***** [Navigateurs] *****

-\ Internet Explorer v8.0.6001.19120

[OK] Le registre ne contient aucune entrée illégitime.

-\ Mozilla Firefox v7.0.1 (fr)

Profil : 7ezrw9ux.default
Fichier : C:\Users\FV\AppData\Roaming\Mozilla\Firefox\Profiles\7ezrw9ux.default\prefs.js

Supprimée : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Supprimée : user_pref("browser.startup.homepage", "hxxp://www.searchqu.com/402");
Supprimée : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");

-\ Google Chrome v [Impossible d'obtenir la version]

Fichier : C:\Users\FV\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[S1].txt - [4772 octets] - [05/10/2011 18:34:07]

*************************

Dossier Temporaire : 127 dossier(s) et 3499 fichier(s) supprimé(s)

########## EOF - C:\AdwCleaner[S1].txt - [4999 octets] ##########

fmounet007007 · Answer

Malgré 2 essais d'installation, impossible de démarrer"AD-Remover ".
LOrsque je double-clique sur l'icône du bureau, une fenêtre m'indique ceci: ERROR: NOT_ADMINISTRATOR

que faire maintenant? ùmerci encore

fmounet007007 · Answer

Ok ça fonctionne. Voici le rapport de AD-Remover:

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 19:20:46 le 05/10/2011, Mode normal

Microsoft® Windows Vista(TM) Édition Familiale Basique  Service Pack 2 (X86) 
FV@PC-DE-FV (eMachines, inc. eMG620) 
 
============== ACTION(S) ==============


Dossier supprimé: C:\Program Files\Windows Searchqu Toolbar
Dossier supprimé: C:\Users\FV\AppData\LocalLow\SearchquTB
Dossier supprimé: C:\Users\FV\AppData\LocalLow\ShoppingReport2
Dossier supprimé: C:\ProgramData\Trymedia

(!) -- Fichiers temporaires supprimés.


Clé supprimée: HKLM\Software\Classes\Toolbar.CT2542115
Clé supprimée: HKLM\Software\Trymedia Systems
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7402}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7402}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\QuestBrowse
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Searchqu MediaBar
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ShoppingReport2
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu MediaBar

Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{7FF99715-3016-4381-84CE-E4E4C9673020}


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [7.0.1 (fr)] ****

HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\@zylom.com/ZylomGamesPlayer (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
Searchplugins\bing.xml (    hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)

-- C:\Users\FV\AppData\Roaming\Mozilla\FireFox\Profiles\7ezrw9ux.default --
Prefs.js - browser.download.lastDir, C:\Users\FV\Pictures
Prefs.js - browser.search.defaultenginename, Search the web (Babylon)
Prefs.js - browser.search.selectedEngine, Web Search
Prefs.js - browser.startup.homepage_override.buildID, 20110928134238
Prefs.js - browser.startup.homepage_override.mstone, rv:7.0.1

========================================

**** Internet Explorer Version [8.0.6001.19120] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} - "Google Desktop" (hxxp://127.0.0.1:4664/search&s=fxPRSHX5qlkQ42inPfzse4SjObs?q={searchTerms})
HKLM_ElevationPolicy\{442E3CEB-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar1user.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)
HKLM_ElevationPolicy\{c6f2e56b-c2a2-43E8-abae-2bdb1e9fafd8} - c:\Program Files\Common Files\Symantec Shared\Support Controls\sshelper.exe (Symantec, Inc.)
BHO\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - "?" (c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll)
BHO\{7FF99715-3016-4381-84CE-E4E4C9673020} (?)

========================================

C:\Program Files\Ad-Remover\Quarantine: 497 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 13 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 05/10/2011 19:20:54 (4368 Octet(s)) 

Fin à: 19:22:56, 05/10/2011 
 
============== E.O.F ==============

fmounet007007 · Answer

J'ai fait une nouvelle analyse avec ZHPDiag, dont voici le rapport ( il est super long)

Rapport de ZHPDiag v1.28.1367 par Nicolas Coolman, Update du 05/10/2011
Run by FV at 5/10/2011 19:30:55
Web site :  http://www.premiumorange.com/zeb-help-process/zhpdiag.html
State : Version à jour.


---\ Web Browser
MSIE: Internet Explorer v8.0.6001.19120
MFIE: Mozilla Firefox 7.0.1 v7.0.1 (Defaut)
GCIE: Google Chrome v14.0.835.202

---\ Windows Product Information
Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : P92J4
Windows License : OK
Windows Automatic Updates : OK

---\ System Information
~ Processor: x86 Family 17 Model 3 Stepping 1, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1789 MB (49% free)
System Restore: Activé (Enable)
System drive C: has 12 GB (17%) free of 70 GB

---\ Logged in mode
~ Computer Name: PC-DE-FV
~ User Name: FV
~ All Users Names: FV, Administrateur, 
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\FV\AppData\Roaming\
~ %Desktop% : C:\Users\FV\Desktop\
~ %Favorites% : C:\Users\FV\Favorites\
~ %LocalAppData% : C:\Users\FV\AppData\Local\
~ %StartMenu% : C:\Users\FV\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\

---\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 12 Go of 70 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 41 Go of 70 Go)
E:\ CD-ROM drive (Free 0 Go of 0 Go)



---\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc :  OK
~ Scan Security Center in 00mn 00s



---\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.17/01/2010 - 7:27:36.) -- C:\Windows\Explorer.exe [2926592] 
[MD5.4B555106290BD117334E9A08761C035A] - (....) (.2/11/2006 - 10:45:37.) -- C:\Windows\system32undll32.exe [44544]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 3:33:13.) -- C:\Windows\system32\Wininit.exe [96768] 
[MD5.8419DAE7205374F2CAA4C9CDBD0999E6] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.10/08/2011 - 12:04:29.) -- C:\Windows\system32\wininet.dll [916480] 
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.17/01/2010 - 7:28:13.) -- C:\Windows\system32\Winlogon.exe [314368] 
[MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.21/01/2008 - 8:20:47.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.16/06/2011 - 14:58:27.) -- C:\Windows\system32\drivers\AFD.sys [273408] 1916
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.17/01/2010 - 7:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944] 1836
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 3:33:23.) -- C:\Windows\system32\drivers\Cdfs.sys [70144] 1844
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.17/01/2010 - 5:39:17.) -- C:\Windows\system32\drivers\Cdrom.sys [67072] 1812
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/06/2011 - 15:59:03.) -- C:\Windows\system32\drivers\DfsC.sys [75264] 1884
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.17/01/2010 - 5:42:42.) -- C:\Windows\system32\drivers\HDAudBus.sys [561152] 1916
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 3:32:45.) -- C:\Windows\system32\drivers\i8042prt.sys [54784] 1900
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 3:34:06.) -- C:\Windows\system32\drivers\IpNat.sys [100864] 1868
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.16/06/2011 - 14:24:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [106496] 1852
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.17/01/2010 - 5:45:37.) -- C:\Windows\system32\drivers
etBT.sys [185856] 1820
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.17/01/2010 - 7:32:49.) -- C:\Windows\system32\drivers
tfs.sys [1083880] 1916
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.2/11/2006 - 9:51:30.) -- C:\Windows\system32\drivers\Parport.sys [79360] 1900
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 3:34:44.) -- C:\Windows\system32\drivers\Rasl2tp.sys [76288] 1916
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 3:32:22.) -- C:\Windows\system32\driversdpdr.sys [248832] 1868
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.17/01/2010 - 5:45:56.) -- C:\Windows\system32\drivers	dx.sys [72192] 1812
~ Scan Generic Processes in 00mn 00s



---\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/1284
~ Mes musiques (My Musics) : 1/3
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 2/42
~ Mes Documents (My Documents) : 20/1007
~ Mon Bureau (My Desktop) : 1/10
~ Menu demarrer (Programs) : 7/27
~ Scan Hidden Files in 00mn 03s



---\ Processus lancés
[MD5.19D93154C82FE39A99B269CED1056A92] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe   [1033512] [PID.2472]
[MD5.C459786D07FEAD5717DD1AC287BB2519] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe   [6265376] [PID.2484]
[MD5.6882D187F65ECA79110848A68FDEB2BF] - (.Pas de propriétaire - NTI Backup Now 5 Tray Module.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe   [34040] [PID.2576]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- C:\Windows\System32undll32.exe   [44544] [PID.]
[MD5.2F237AAB91497AAA03AF48EAE68758FC] - (.Symantec Corporation - Symantec Service Framework.) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe   [149352] [PID.]
[MD5.17ED0AE8DDEF1ABF12C106BBC245DC76] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files\Launch Manager\QtZyEmachine.EXE   [817672] [PID.2776]
[MD5.9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F] - (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe   [30192] [PID.2732]
[MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   [248552] [PID.3032]
[MD5.E616A6A6E91B0A86F2F6217CDE835FFE] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe   [68856] [PID.]
[MD5.20DF7B435393DAA9CD095B01A755F644] - (.MediaGet LLC - MediaGet torrent client.) -- C:\Users\FV\AppData\Local\MediaGet2\mediaget.exe   [8348672] [PID.3128]
[MD5.892699A6AEB910C58B726BD70BEA4F4B] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe   [95528] [PID.1516]
[MD5.4E5585800B561FBEF64B27425365A36F] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe   [924632] [PID.1620]
[MD5.83F4BA8B8CDA4F063AA2002955A508A9] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe   [16856] [PID.4848]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe   [53472] [PID.5048]
[MD5.7B2E3899314974CC40D93A6CD7C855C8] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [2134016] [PID.6020]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe   [69120] [PID.6084]
[MD5.6A4BB2DDFA34BC3C4D20478B1F0E335C] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 176.3.) -- C:\Windows\system32
vvsvc.exe   [196608] [PID.]
[MD5.CFCE43B70CA0CC4DCC8ADB62B792B173] - (.Microsoft Corporation - Antimalware Service Executable.) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe   [11736] [PID.]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe   [3408896] [PID.]
[MD5.23C3A0680042C0D1DE1F360F8B62BC57] - (.Microsoft Corporation - Infrastructure d'extensibilité pour les ser.) -- C:\Windows\system32\WLANExt.exe   [74240] [PID.]
[MD5.09E6AFFAE6C0E9158BF05C7D08D0107A] - (.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe   [16384] [PID.]
[MD5.4D06D9A26227AC485305133916888DF1] - (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe   [24576] [PID.]
[MD5.213822072085B5BBAD9AF30AB577D817] - (.InterVideo - RegMgr Module.) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe   [112152] [PID.]
[MD5.793FF718477345CD5D232C50BED1E452] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe   [61440] [PID.]
[MD5.CB76F68BA0D57C5D25B538981B1C611C] - (.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe   [50424] [PID.]
[MD5.DF1C10A75DF7E50195FC417F88A33227] - (...) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe   [131072] [PID.]
[MD5.AE9560C298D847AEF346BDD5FAD3B0E3] - (.Symantec Corporation - Automatic LiveUpdate Scheduler Service.) -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe   [238968] [PID.]
[MD5.A5CB074F34BBD89948E34A630D459C0C] - (.Microsoft Corporation - Microsoft Network Inspection System.) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe   [208944] [PID.]
[MD5.E44C7D6F8D665DA2D9385E5E15EDEEF7] - (.Microsoft Corporation - Interface utilisateur de consentement pour.) -- C:\Windows\system32\consent.exe   [81920] [PID.]
~ Scan Processes Running in 00mn 02s



---\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\FV\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
~ Scan Google Browser in 00mn 00s



---\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\FV\AppData\Roaming\Mozilla\Firefox\Profiles\7ezrw9ux.default\prefs.js
C:\Users\FV\AppData\Roaming\Mozilla\Firefox\Profiles\7ezrw9ux.default\user.js (.not file.)
M3 - MFPP: Plugins - [FV] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [FV] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [FV] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [FV] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [FV] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [FV] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [FV] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M2 - MFEP: prefs.js [FV - 7ezrw9ux.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins
p-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Zylom - Zylom Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins
pzylomgamesplayer.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\Windows\system32\Adobe\Director
p32dsw.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin
pgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_23 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin
ew_plugin
pjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60531.0
pctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files\Pando Networks\Media Booster
pPandoWebPlugin.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.69
pGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.69
pGoogleUpdate3.dll
P2 - FPN: [HKLM] [@zylom.com/ZylomGamesPlayer] - (.Zylom - Zylom Plugin.) -- C:\ProgramData\Zylom\ZylomGamesPlayer
pzylomgamesplayer.dll
P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files\Pando Networks\Media Booster
pPandoWebPlugin.dll
~ Scan Firefox Browser in 00mn 01s



---\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKUS\S-1-5-21-1424949869-300242620-2581555811-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
~ Scan IE Browser in 00mn 00s



---\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s



---\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s



---\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} Clé orpheline
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s



---\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Symantec Corporation - coIEPlugIn.) -- c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
~ Scan Toolbar in 00mn 00s



---\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe 
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe 
O4 - HKLM\..\Run: [ccApp] . (.Symantec Corporation - Symantec User Session.) -- c:\Program Files\Common Files\Symantec Shared\ccApp.exe 
O4 - HKLM\..\Run: [osCheck] . (.Symantec Corporation - Norton 360 Vista Migration Tool.) -- c:\Program Files\Norton 360\osCheck.exe 
O4 - HKLM\..\Run: [BkupTray] . (.Pas de propriétaire - NTI Backup Now 5 Tray Module.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe 
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll 
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll 
O4 - HKLM\..\Run: [WarReg_PopUp] . (.eMachines - WR_PopUp.) -- C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe 
O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\PROGRA~1\LAUNCH~1\QtZyEmachine.exe 
O4 - HKLM\..\Run: [eRecoveryService] Clé orpheline 
O4 - HKLM\..\Run: [Google Desktop Search] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe 
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe 
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe 
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe 
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice  Manager.) -- C:\Windows\Skytel.exe 
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe 
O4 - HKLM\..\Run: [SymLnch] C:\Program Files\Common Files\Symantec Shared\SymSetup\{2D617065-1C52-4240-B5BC-C0AE12157777}_2_0_0_242\Support\SymLnch\SymLnch.exe (.not file.) 
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe 
O4 - HKCU\..\Run: [WindowsWelcomeCenter]  oobefldr.dll 
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe 
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - Chargeur CTF.) -- C:\WINDOWS\system32\ctfmon.exe 
O4 - HKCU\..\Run: [MediaGet2] . (.MediaGet LLC - MediaGet torrent client.) -- C:\Users\FV\AppData\Local\MediaGet2\mediaget.exe 
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter]  oobefldr.dll 
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter]  oobefldr.dll 
O4 - HKUS\S-1-5-21-1424949869-300242620-2581555811-1000\..\Run: [WindowsWelcomeCenter]  oobefldr.dll 
O4 - HKUS\S-1-5-21-1424949869-300242620-2581555811-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 
O4 - HKUS\S-1-5-21-1424949869-300242620-2581555811-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe 
O4 - HKUS\S-1-5-21-1424949869-300242620-2581555811-1000\..\Run: [ctfmon.exe] . (.Microsoft Corporation - Chargeur CTF.) -- C:\WINDOWS\system32\ctfmon.exe 
O4 - HKUS\S-1-5-21-1424949869-300242620-2581555811-1000\..\Run: [MediaGet2] . (.MediaGet LLC - MediaGet torrent client.) -- C:\Users\FV\AppData\Local\MediaGet2\mediaget.exe 
~ Scan Application in 00mn 00s



---\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\FV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\FV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\FV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\FV\Desktop\Ad-Remover.lnk . (...)  -- C:\Program Files\Ad-Remover\main.exe
O4 - Global Startup: C:\Users\FV\Desktop\Bookin - Raccourci.lnk . (...)  -- C:\Users\FV\Downloads\Bookin.exe
O4 - Global Startup: C:\Users\FV\Desktop\EBP Business Plan 2007.lnk . (.European Business Products.)  -- C:\Program Files\Business Plan\PNegocio.exe
O4 - Global Startup: C:\Users\FV\Desktop\Launch GameShadow.lnk . (.InstallShield Software Corp..)  -- C:\Users\FV\AppData\Roaming\Microsoft\Installer\{5A2F371F-8B5D-46B4-833C-0612B065BEC7}\GameShadow.exe1_0A3DE514292C4EBA987823B82B0B2BA2.exe
O4 - Global Startup: C:\Users\FV\Desktop\Microsoft Office Word 2007.lnk . (...)  -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
O4 - Global Startup: C:\Users\FV\Desktop\Module de sécurité.lnk . (...)  -- C:\hb32.exe
O4 - Global Startup: C:\Users\FV\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.)  -- C:\Program Files\PhotoFiltre\PhotoFiltre.exe
O4 - Global Startup: C:\Users\FV\Desktop\Sweet Home 3D.lnk . (.eTeks.)  -- C:\Program Files\Sweet Home 3D\SweetHome3D.exe
O4 - Global Startup: C:\Users\FV\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..)  -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\FV\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\FV\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.)  -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\FV\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 13s



---\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll
~ Scan IE Menu Contextuel in 00mn 00s



---\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
~ Scan IE Extra Buttons in 00mn 00s



---\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32
apinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Scan Winsock in 00mn 00s



---\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Scan Objets ActiveX in 00mn 00s



---\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3AC2133A-2B21-4FED-AF14-CE9622EAAE99}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4D46F2E-1044-43A1-B8CC-80BFACB4F146}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{3AC2133A-2B21-4FED-AF14-CE9622EAAE99}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A4D46F2E-1044-43A1-B8CC-80BFACB4F146}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{3AC2133A-2B21-4FED-AF14-CE9622EAAE99}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{A4D46F2E-1044-43A1-B8CC-80BFACB4F146}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s



---\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s



---\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - c:\progra~1\wi9130~1\datamngr\datamngr.dll (.not file.)
~ Scan AppInit DLL in 00mn 00s



---\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ Scan SSODL in 00mn 00s



---\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s



---\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) . (.Symantec Corporation - Automatic LiveUpdate Scheduler Service.) - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) . (.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) . (.Symantec Corporation - Symantec Service Framework.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) . (.Symantec Corporation - Symantec Service Framework.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) . (.Symantec Corporation - Symantec Service Framework.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Empowering Technology Service (ETService) . (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IviRegMgr (IviRegMgr) . (.InterVideo - RegMgr Module.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice (LiveUpdate Notice) . (.Symantec Corporation - Symantec Service Framework.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) . (.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) . (...) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 176.3.) - C:\Windows\system32
vvsvc.exe
~ Scan Services in 00mn 00s



---\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe
~ Scan Desktop Component in 00mn 00s



---\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
~ Scan Scheduled Task in 00mn 05s



---\ Pilotes lancés au démarrage (O41)
O41 - Driver:  (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver:  (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
O41 - Driver:  (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys
O41 - Driver:  (IDSvix86) . (.Symantec Corporation - IDS Core Driver.) - C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20090811.002\IDSvix86.sys
O41 - Driver:  (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys
O41 - Driver:  (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys
O41 - Driver:  (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\Windows\system32\DRIVERS\MpFilter.sys
O41 - Driver: (MpKsl6560e668) . (.Microsoft Corporation - KSLDriver.) - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3BBB11A0-8D90-4AE2-BD27-E37931FB285F}\MpKsl6560e668.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS
etbios.sys
O41 - Driver:  (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS
etbt.sys
O41 - Driver:  (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers
siproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver:  (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERSasacd.sys
O41 - Driver:  (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERSdbss.sys
O41 - Driver:  (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver:  (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\driversdpencdd.sys
O41 - Driver: C:\Windows\system32	cpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys
O41 - Driver:  (SPBBCDrv) . (.Symantec Corporation - SPBBC Driver.) - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
O41 - Driver:  (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\Drivers\SRTSPX.sys
O41 - Driver:  (SymIM) . (.Symantec Corporation - NDIS 6.0 Filter Driver for Windows Vista.) - C:\Windows\system32\DRIVERS\SymIMv.sys
O41 - Driver:  (SYMTDI) . (.Symantec Corporation - Network Dispatch Driver.) - C:\Windows\system32\Drivers\SYMTDI.sys
O41 - Driver: C:\Windows\system32	cpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS	dx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS	ermdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver:  (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Scan Drivers in 00mn 01s



---\ Logiciels installés (O42)
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {77DCDCE3-2DED-62F3-8154-05E745472D07}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {00203668-8170-44A0-BE44-B632FA4D780F}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA0000000001}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Agatha Christie Death on the Nile - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}
O42 - Logiciel: Age of Empires III - (.Microsoft Game Studios.) [HKLM] -- InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}
O42 - Logiciel: Alice Greenfingers - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}
O42 - Logiciel: Amazing Adventures The Lost Tomb - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113772953}
O42 - Logiciel: AppCore - (.Symantec Corporation.) [HKLM] -- {EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
O42 - Logiciel: Azada - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}
O42 - Logiciel: Backup - (.Symantec Corporation.) [HKLM] -- {24DF7221-644B-4C3A-A478-459502D40522}
O42 - Logiciel: Bejeweled 2 Deluxe - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110265407}
O42 - Logiciel: Bookworm Deluxe - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233}
O42 - Logiciel: Bricks of Egypt - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}
O42 - Logiciel: Build-a-lot - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113537610}
O42 - Logiciel: Cake Mania - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}
O42 - Logiciel: Canon SELPHY CP760 - (.Pas de propriétaire.) [HKLM] -- Canon SELPHY CP760
O42 - Logiciel: Chuzzle - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}
O42 - Logiciel: Codec Pack de ELISOFT v14.0 - (.Elisoft.) [HKLM] -- Codec Pack de ELISOFT v14.0
O42 - Logiciel: Company of Heroes - FAKEMSI - (.THQ Inc..) [HKLM] -- {25724802-CC14-4B90-9F3B-3D6955EE27B1}
O42 - Logiciel: Company of Heroes - FAKEMSI - (.THQ Inc..) [HKLM] -- {99A7722D-9ACB-43F3-A222-ABC7133F159E}
O42 - Logiciel: Diner Dash - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110305887}
O42 - Logiciel: Dream Day First Home - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}
O42 - Logiciel: EBP Business Plan 2007 - (.European Business Products.) [HKLM] -- EBP Business Plan_is1
O42 - Logiciel: Farm Frenzy - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11386547}
O42 - Logiciel: Galapago - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}
O42 - Logiciel: GameShadow - (.GameShadow Ltd.) [HKLM] -- {5A2F371F-8B5D-46B4-833C-0612B065BEC7}
O42 - Logiciel: GearDrvs - (.GEAR Software.) [HKLM] -- {CB84F0F2-927B-458D-9DC5-87832E3DC653}
O42 - Logiciel: GearDrvs - (.Symantec Corporation.) [HKLM] -- {206FD69B-F9FE-4164-81BD-D52552BC9C23}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {B3FED300-806C-11E0-A0D0-B8AC6F97B88E}
O42 - Logiciel: Home'Bank Light 3.3.3 - (.ING Belguim.) [HKLM] -- Home'Bank Light_is1
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: InterVideo WinDVD 8 - (.InterVideo Inc..) [HKLM] -- InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}
O42 - Logiciel: Java(TM) 6 Update 23 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216017FF}
O42 - Logiciel: Launch Manager - (.Pas de propriétaire.) [HKLM] -- LManager
O42 - Logiciel: Little Shop World Traveler - (.Denda Games.) [HKLM] -- Denda Games Little Shop World Traveler
O42 - Logiciel: LiveUpdate (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- PsuedoLiveUpdate
O42 - Logiciel: LiveUpdate (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- {E80F62FF-5D3C-4A19-8409-9721F2928206}
O42 - Logiciel: Luxor - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111265347}
O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Mahjong Escape Ancient China - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Antimalware - (.Microsoft Corporation.) [HKLM] -- {05BFB060-4F22-4710-B0A2-2801A1B606C5}
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {50779A29-834E-4E36-BBEB-B7CABC67A825}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox 7.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 7.0.1 (x86 fr)
O42 - Logiciel: MySQL Connector/ODBC 3.51 - (.MySQL AB.) [HKLM] -- {0CB3C535-1171-4A20-B549-E2CB5DEB9723}
O42 - Logiciel: Mystery Case Files - Huntsville - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}
O42 - Logiciel: Mystery Solitaire - Secret Island - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}
O42 - Logiciel: NTI Backup Now 5 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}
O42 - Logiciel: NTI Media Maker 8 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}
O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: Norton 360 (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- SymSetup.{2D617065-1C52-4240-B5BC-C0AE12157777}
O42 - Logiciel: Norton 360 - (.Symantec Corporation.) [HKLM] -- {21829177-4DED-4209-AD08-490B3AC9C01A}
O42 - Logiciel: Norton 360 - (.Symantec Corporation.) [HKLM] -- {2D617065-1C52-4240-B5BC-C0AE12157777}
O42 - Logiciel: Norton 360 HTMLHelp - (.Symantec Corporation.) [HKLM] -- {0BDD3FAD-61CD-4BF3-B9C4-4CEFD43F53F8}
O42 - Logiciel: Norton Confidential Core - (.Symantec Corporation.) [HKLM] -- {55A6283C-638A-4EE0-B491-51118554BDA2}
O42 - Logiciel: OGA Notifier 2.0.0048.0 - (.Microsoft Corporation.) [HKLM] -- {B2544A03-10D0-4E5E-BA69-0362FFC20D18}
O42 - Logiciel: Pando Media Booster - (.Pando Networks Inc..) [HKLM] -- {980A182F-E0A2-4A40-94C1-AE0C1235902E}
O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre
O42 - Logiciel: Quick Zip 4.60.019 - (.Joseph Leung.) [HKLM] -- Quick Zip_is1
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: SPBBC 32bit - (.Symantec Corporation.) [HKLM] -- {77772678-817F-4401-9301-ED1D01A8DA56}
O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553074) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5729F1AE-5895-468F-9165-BAD161C9E982}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553089) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553090) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{643C12A2-AF9A-4712-B8BE-3B7650AFE00A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2584063) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E

fmounet007007 · Answer

il est tellement long que je ne sais pas le mettre dans un seul message!!!

fmounet007007 · Answer

voici la suite:

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553074) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5729F1AE-5895-468F-9165-BAD161C9E982}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553089) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553090) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{643C12A2-AF9A-4712-B8BE-3B7650AFE00A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2584063) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2553073) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{65EA4836-B5A3-4C1D-8883-0C35E471003A}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5D930261-AA5B-48D1-931F-425C9D767490}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870
O42 - Logiciel: Sunset Studios - Love on the High Seas - (.Denda Games.) [HKLM] -- Denda Games Sunset Studios - Love on the High Seas
O42 - Logiciel: Sweet Home 3D version 2.4 - (.eTeks.) [HKLM] -- Sweet Home 3D_is1
O42 - Logiciel: Symantec Real Time Storage Protection Component - (.Symantec Corporation.) [HKLM] -- {D6E6FA4A-5445-4850-8365-CF216C1CBB7A}
O42 - Logiciel: Symantec Technical Support Controls - (.Symantec Corporation.) [HKLM] -- {45690715-80A6-4445-B61D-ADEC5888E8CD}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Tomb Raider: Legend 1.2 - (.Pas de propriétaire.) [HKLM] -- Tomb Raider: Legend
O42 - Logiciel: Turbo Pizza - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2583910) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BDC21583-5601-4B2B-88F3-7919F6DE8FB1}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2553110) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{05D27A23-8E87-46B5-9EAF-F5B4DE7CCCA0}
O42 - Logiciel: VLC media player 1.1.5 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
O42 - Logiciel: Zuma Deluxe - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}
O42 - Logiciel: Zylom Games Player Plugin - (.Zylom Games.) [HKLM] -- Zylom Games Player Plugin
O42 - Logiciel: ccCommon - (.Symantec.) [HKLM] -- {B24E05CC-46FF-4787-BBB8-5CD516AFB118}
O42 - Logiciel: eMachines - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11019760}
O42 - Logiciel: eMachines Recovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: eMachines ScreenSaver - (.Acer Incorporated.) [HKLM] -- {79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}

---\ HKCU & HKLM Software Keys
[HKCU\Software\3ivx]
[HKCU\Software\AC3Filter]
[HKCU\Software\AcerUtil]
[HKCU\Software\Adobe]
[HKCU\Software\AnalogX]
[HKCU\Software\AppDataLow\Google]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Aware]
[HKCU\Software\BBL]
[HKCU\Software\Big Fish Games]
[HKCU\Software\Borland]
[HKCU\Software\Bugsplat]
[HKCU\Software\ClassesB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CoreAAC]
[HKCU\Software\CoreVorbis]
[HKCU\Software\Crystal Dynamics]
[HKCU\Software\CyberLink]
[HKCU\Software\DVDXStudios]
[HKCU\Software\DanniDin]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EBP]
[HKCU\Software\Elecard]
[HKCU\Software\Freeware]
[HKCU\Software\GNU]
[HKCU\Software\GSpot Appliance Corp]
[HKCU\Software\Gabest]
[HKCU\Software\GameHouse]
[HKCU\Software\Google]
[HKCU\Software\I-Media]
[HKCU\Software\INCAInternet]
[HKCU\Software\InterVideo]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Ligos]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Macrovision]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MatrixMixer]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Oberon Media]
[HKCU\Software\Oshima Technology laboratory]
[HKCU\Software\Pando Networks]
[HKCU\Software\Paradigm Matrix]
[HKCU\Software\PegasusImaging]
[HKCU\Software\Policies]
[HKCU\Software\QDesign Corporation]
[HKCU\Software\Quanta]
[HKCU\Software\ReClock]
[HKCU\Software\Realtek]
[HKCU\Software\Samsung]
[HKCU\Software\SecuROM]
[HKCU\Software\Softonic]
[HKCU\Software\Symantec]
[HKCU\Software\Synaptics]
[HKCU\Software\TFM]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Valve]
[HKCU\Software\WhiteSmoke]
[HKCU\Software\XviD MPEG4 Codec]
[HKCU\Software\YMPEG]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Zylom]
[HKCU\Software\keyhole.com]
[HKCU\Software\mpa2mka-wxgui]
[HKLM\Software\3ivx]
[HKLM\Software\Aardwork]
[HKLM\Software\Acer Incorporated]
[HKLM\Software\Acer]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\AppDataLow]
[HKLM\Software\Borland]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CDDB]
[HKLM\Software\COMON]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Crystal Dynamics]
[HKLM\Software\Denda Games]
[HKLM\Software\Digital River]
[HKLM\Software\DivXNetworks]
[HKLM\Software\EBP]
[HKLM\Software\Elisoft]
[HKLM\Software\Firefly Studios]
[HKLM\Software\Fraunhofer]
[HKLM\Software\GNU]
[HKLM\Software\GameInstaller]
[HKLM\Software\Gateway]
[HKLM\Software\Google]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\LightScribe]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\MySQL AB]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\NewTech Infosystems]
[HKLM\Software\ODBC]
[HKLM\Software\Oberon Media]
[HKLM\Software\OemSetup]
[HKLM\Software\On2 Technologies]
[HKLM\Software\OnNet]
[HKLM\Software\PRR]
[HKLM\Software\Pando Networks]
[HKLM\Software\PegasusImaging]
[HKLM\Software\Policies]
[HKLM\Software\Quanta]
[HKLM\Software\ReClock]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\SymDebug]
[HKLM\Software\Symantec Technical Support]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\THQ]
[HKLM\Software\Trad-FR]
[HKLM\Software\VideoLAN]
[HKLM\Software\VobSub]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Waterlily Games]
[HKLM\Software\Waves Audio]
[HKLM\Software\WhiteSmoke]
[HKLM\Software\WholeSecurity]
[HKLM\Software\Windows]
[HKLM\Software\mozilla.org]
[HKLM\Software\muvee Technologies]
~ Scan Softwares in 00mn 01s



---\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 13/08/2009 - 11:36:08 - [0] ----D- C:\Program Files\Acer Incorporated
O43 - CFD: 5/10/2011 - 19:20:48 - [110405289] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 1/01/2011 - 11:55:24 - [115404622] ----D- C:\Program Files\Adobe
O43 - CFD: 4/01/2010 - 14:49:32 - [15784542] ----D- C:\Program Files\Business Plan
O43 - CFD: 15/10/2009 - 16:12:02 - [53191858] ----D- C:\Program Files\Codec Pack de ELISOFT
O43 - CFD: 4/05/2011 - 10:12:48 - [696404246] ----D- C:\Program Files\Common Files
O43 - CFD: 29/08/2011 - 13:24:44 - [170213959] ----D- C:\Program Files\Denda Games
O43 - CFD: 13/08/2009 - 11:32:14 - [49179642] ----D- C:\Program Files\eMachines
O43 - CFD: 9/09/2008 - 17:18:34 - [881233771] ----D- C:\Program Files\eMachines GameZone
O43 - CFD: 13/08/2009 - 11:22:28 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 17/02/2010 - 17:16:00 - [6351210] ----D- C:\Program Files\GameShadow
O43 - CFD: 29/05/2011 - 16:51:48 - [421713084] ----D- C:\Program Files\Google
O43 - CFD: 13/01/2010 - 22:07:36 - [0] ----D- C:\Program Files\ING
O43 - CFD: 28/07/2011 - 9:08:28 - [67272250] ----D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 11/08/2011 - 11:41:30 - [4566386] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 13/08/2009 - 11:42:40 - [114679234] ----D- C:\Program Files\InterVideo
O43 - CFD: 1/02/2011 - 10:05:22 - [88538965] ----D- C:\Program Files\Java
O43 - CFD: 13/08/2009 - 11:31:34 - [2632285] ----D- C:\Program Files\Launch Manager
O43 - CFD: 5/10/2011 - 13:45:02 - [7022422] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 6/11/2009 - 19:15:36 - [2225728885] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 13/10/2009 - 16:35:52 - [580533370] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 9/09/2008 - 17:36:10 - [7791803] ----D- C:\Program Files\Microsoft Office Suite Activation Assistant
O43 - CFD: 2/10/2011 - 11:56:34 - [18701221] ----D- C:\Program Files\Microsoft Security Client
O43 - CFD: 15/06/2011 - 19:12:08 - [38411899] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 13/10/2009 - 16:35:48 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 13/10/2009 - 16:29:46 - [1387249] ----D- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 17/12/2010 - 19:22:46 - [146453974] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 26/06/2010 - 7:05:46 - [8167779] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 1/02/2011 - 11:11:46 - [20470054] ----D- C:\Program Files\Movie Maker
O43 - CFD: 2/10/2011 - 11:07:08 - [36235233] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 13/10/2009 - 16:36:10 - [26521] ----D- C:\Program Files\MSBuild
O43 - CFD: 21/08/2009 - 18:20:10 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 9/09/2008 - 17:23:06 - [222145920] ----D- C:\Program Files\NewTech Infosystems
O43 - CFD: 29/03/2010 - 10:41:50 - [140851597] ----D- C:\Program Files\Norton 360
O43 - CFD: 9/09/2008 - 17:06:18 - [204492] ----D- C:\Program Files\Oberon Media
O43 - CFD: 4/05/2011 - 9:42:38 - [7460142] ----D- C:\Program Files\Pando Networks
O43 - CFD: 25/03/2010 - 16:14:16 - [3688680] ----D- C:\Program Files\PhotoFiltre
O43 - CFD: 7/03/2010 - 18:16:16 - [11763652] ----D- C:\Program Files\QuickZip4
O43 - CFD: 28/07/2011 - 9:01:32 - [3259675] ----D- C:\Program Files\RealArcade
O43 - CFD: 9/09/2008 - 16:56:14 - [23238719] ----D- C:\Program Files\Realtek
O43 - CFD: 2/11/2006 - 14:35:52 - [38694657] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 13/08/2009 - 12:37:48 - [5228544] ----D- C:\Program Files\Samsung
O43 - CFD: 19/06/2010 - 18:48:38 - [102045677] ----D- C:\Program Files\Sweet Home 3D
O43 - CFD: 27/03/2010 - 7:42:28 - [27102029] ----D- C:\Program Files\Symantec
O43 - CFD: 9/09/2008 - 16:57:00 - [14715569] ----D- C:\Program Files\Synaptics
O43 - CFD: 16/02/2010 - 16:48:44 - [721917] ----D- C:\Program Files\THQ
O43 - CFD: 5/08/2011 - 14:11:50 - [7680929093] ----D- C:\Program Files\Tomb Raider - Legend
O43 - CFD: 2/11/2006 - 14:58:20 - [0] ----D- C:\Program Files\Uninstall Information
O43 - CFD: 8/09/2010 - 11:16:26 - [80529230] ----D- C:\Program Files\VideoLAN
O43 - CFD: 1/02/2011 - 9:11:16 - [1822720] ----D- C:\Program Files\WhiteSmoke
O43 - CFD: 1/02/2011 - 11:11:46 - [1016832] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 1/02/2011 - 11:11:44 - [2737152] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 1/02/2011 - 11:11:44 - [4490624] ----D- C:\Program Files\Windows Defender
O43 - CFD: 17/09/2011 - 12:46:52 - [8935608] ----D- C:\Program Files\Windows Mail
O43 - CFD: 1/02/2011 - 11:11:46 - [4498121] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 13/08/2009 - 11:22:28 - [7957544] ----D- C:\Program Files\Windows NT
O43 - CFD: 1/02/2011 - 11:11:44 - [8228002] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 3/02/2011 - 7:19:06 - [134144] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 1/02/2011 - 11:11:46 - [6655183] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 5/10/2010 - 17:12:40 - [175] ----D- C:\Program Files\Zero G Registry
O43 - CFD: 5/10/2011 - 19:31:22 - [5436750] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 24/03/2011 - 14:14:06 - [510480] ----D- C:\Program Files\Zylom Games
O43 - CFD: 1/01/2011 - 11:55:42 - [3601646] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 9/09/2008 - 17:25:36 - [25438758] ----D- C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 17/03/2010 - 14:01:20 - [12500] ----D- C:\Program Files\Common Files\Canon
O43 - CFD: 13/10/2009 - 16:35:48 - [92976] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 4/05/2011 - 10:12:48 - [0] ----D- C:\Program Files\Common Files\INCA Shared
O43 - CFD: 6/11/2009 - 19:12:04 - [2033069] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 13/08/2009 - 11:42:38 - [179248] ----D- C:\Program Files\Common Files\InterVideo
O43 - CFD: 8/09/2010 - 8:20:24 - [1243079] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 9/09/2008 - 17:22:30 - [7178034] ----D- C:\Program Files\Common Files\LightScribe
O43 - CFD: 13/01/2010 - 7:25:42 - [246765145] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 9/09/2008 - 17:20:24 - [9706600] ----D- C:\Program Files\Common Files\muvee Technologies
O43 - CFD: 9/09/2008 - 17:06:30 - [354896] ----D- C:\Program Files\Common Files\Oberon Media
O43 - CFD: 2/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 2/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 29/03/2010 - 10:41:50 - [315893724] ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 1/02/2011 - 11:11:44 - [42800134] ----D- C:\Program Files\Common Files\System
O43 - CFD: 6/01/2011 - 16:27:18 - [124467961] ----D- C:\ProgramData\Adobe
O43 - CFD: 6/11/2009 - 19:36:52 - [0] ----D- C:\ProgramData\Age of Empires 3
O43 - CFD: 13/08/2009 - 11:26:58 - [13092162682] ----D- C:\ProgramData\Application Data
O43 - CFD: 23/08/2009 - 13:14:40 - [1017811] ----D- C:\ProgramData\Arcade Lab
O43 - CFD: 13/08/2009 - 11:22:28 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 17/03/2010 - 14:03:36 - [213560] ----D- C:\ProgramData\CanonCP
O43 - CFD: 2/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 2/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 9/09/2011 - 14:39:44 - [144] ----D- C:\ProgramData\Driver Whiz
O43 - CFD: 23/10/2009 - 20:21:02 - [22405] ----D- C:\ProgramData\DVD X Studios
O43 - CFD: 13/08/2009 - 11:22:28 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 2/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 13/05/2010 - 10:56:02 - [0] ----D- C:\ProgramData\Firefly Studios
O43 - CFD: 9/09/2008 - 17:10:54 - [0] ----D- C:\ProgramData\FloodLightGames
O43 - CFD: 26/07/2011 - 15:55:40 - [134810] ----D- C:\ProgramData\GameHouse
O43 - CFD: 8/11/2009 - 18:13:18 - [536147] ----D- C:\ProgramData\Google
O43 - CFD: 29/05/2011 - 16:37:40 - [16697636] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 1/01/2011 - 11:51:40 - [2444] ----D- C:\ProgramData\McAfee
O43 - CFD: 29/07/2011 - 19:54:26 - [853] ----D- C:\ProgramData\Media Get LLC
O43 - CFD: 13/08/2009 - 11:22:28 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 2/10/2011 - 11:56:16 - [424901333] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 17/09/2011 - 12:47:56 - [112090] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 13/08/2009 - 11:22:28 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 13/08/2009 - 11:27:36 - [189645] ----D- C:\ProgramData\NVIDIA
O43 - CFD: 12/09/2010 - 17:15:28 - [1204] ----D- C:\ProgramData\Office Genuine Advantage
O43 - CFD: 4/05/2011 - 9:43:46 - [427] ----D- C:\ProgramData\PMB Files
O43 - CFD: 5/10/2010 - 17:17:44 - [6360] ----D- C:\ProgramData\Sports Interactive
O43 - CFD: 2/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 28/04/2010 - 20:28:48 - [224] ----D- C:\ProgramData\Sun
O43 - CFD: 27/03/2010 - 7:40:34 - [615789074] ----D- C:\ProgramData\Symantec
O43 - CFD: 25/03/2011 - 17:25:06 - [0] ---AD- C:\ProgramData\TEMP
O43 - CFD: 2/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 24/03/2011 - 14:18:52 - [6491461] ----D- C:\ProgramData\Zylom
O43 - CFD: 15/08/2009 - 15:46:34 - [1357039] ----D- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
O43 - CFD: 5/10/2011 - 14:51:30 - [0] ----D- C:\Users\FV\AppData\Roaming\6876836
O43 - CFD: 3/01/2011 - 22:21:28 - [6636107] ----D- C:\Users\FV\AppData\Roaming\Adobe
O43 - CFD: 4/09/2009 - 19:05:26 - [1997919] ----D- C:\Users\FV\AppData\Roaming\Big Fish Games
O43 - CFD: 26/09/2010 - 17:40:04 - [199] ----D- C:\Users\FV\AppData\Roaming\dvdcss
O43 - CFD: 7/03/2010 - 20:17:34 - [5871665] ----D- C:\Users\FV\AppData\Roaming\ElementalsTheMagicKey
O43 - CFD: 19/06/2010 - 19:09:24 - [726497] ----D- C:\Users\FV\AppData\Roaming\eTeks
O43 - CFD: 23/08/2009 - 13:17:52 - [23172] ----D- C:\Users\FV\AppData\Roaming\FloodLightGames
O43 - CFD: 15/03/2011 - 14:39:30 - [134227] ----D- C:\Users\FV\AppData\Roaming\FlyWheelGames
O43 - CFD: 19/06/2011 - 17:46:40 - [9450] ----D- C:\Users\FV\AppData\Roaming\Gogii
O43 - CFD: 15/08/2009 - 15:18:44 - [49448] ----D- C:\Users\FV\AppData\Roaming\Google
O43 - CFD: 7/03/2010 - 20:12:52 - [1162] ----D- C:\Users\FV\AppData\Roaming\Identities
O43 - CFD: 15/08/2009 - 15:26:16 - [0] ----D- C:\Users\FV\AppData\Roaming\InterVideo
O43 - CFD: 13/08/2009 - 11:36:08 - [280575] ----D- C:\Users\FV\AppData\Roaming\Macromedia
O43 - CFD: 29/05/2011 - 16:37:48 - [751061] ----D- C:\Users\FV\AppData\Roaming\Malwarebytes
O43 - CFD: 29/07/2011 - 19:54:26 - [2738] ----D- C:\Users\FV\AppData\Roaming\Media Get LLC
O43 - CFD: 1/02/2011 - 9:42:14 - [21103257] -S--D- C:\Users\FV\AppData\Roaming\Microsoft
O43 - CFD: 1/02/2011 - 13:46:44 - [15781302] ----D- C:\Users\FV\AppData\Roaming\Mozilla
O43 - CFD: 25/03/2010 - 16:14:22 - [918] ----D- C:\Users\FV\AppData\Roaming\PhotoFiltre
O43 - CFD: 28/07/2011 - 9:08:26 - [0] ----D- C:\Users\FV\AppData\Roaming\Samsung
O43 - CFD: 7/10/2009 - 18:51:58 - [14952] R---D- C:\Users\FV\AppData\Roaming\SecuROM
O43 - CFD: 5/10/2010 - 17:16:32 - [12793608] ----D- C:\Users\FV\AppData\Roaming\Sports Interactive
O43 - CFD: 15/08/2009 - 15:51:42 - [3089] ----D- C:\Users\FV\AppData\Roaming\Symantec
O43 - CFD: 17/08/2011 - 10:24:12 - [0] ----D- C:\Users\FV\AppData\Roaming\System
O43 - CFD: 13/08/2009 - 12:20:42 - [13824] ----D- C:\Users\FV\AppData\Roaming\Template
O43 - CFD: 30/01/2011 - 20:22:28 - [0] ----D- C:\Users\FV\AppData\Roaming\U3
O43 - CFD: 2/10/2011 - 18:47:14 - [1464196] ----D- C:\Users\FV\AppData\Roaming\vlc
O43 - CFD: 18/10/2010 - 14:01:22 - [16063] ----D- C:\Users\FV\AppData\Roaming\W
O43 - CFD: 29/12/2010 - 7:28:44 - [14138] ----D- C:\Users\FV\AppData\Roaming\wargaming.net
O43 - CFD: 1/02/2011 - 9:11:10 - [360] ----D- C:\Users\FV\AppData\Roaming\WhiteSmoke
O43 - CFD: 9/03/2011 - 17:31:08 - [0] ----D- C:\Users\FV\AppData\Roaming\WinRAR
O43 - CFD: 7/03/2010 - 20:12:52 - [264516] ----D- C:\Users\FV\AppData\Roaming\Zylom
O43 - CFD: 1/01/2011 - 11:55:00 - [16997052] ----D- C:\Users\FV\AppData\Local\Adobe
O43 - CFD: 13/08/2009 - 11:25:26 - [0] -SH-D- C:\Users\FV\AppData\Local\Application Data
O43 - CFD: 6/12/2010 - 14:47:14 - [58158756] ----D- C:\Users\FV\AppData\Local\Google
O43 - CFD: 13/08/2009 - 11:25:26 - [0] -SH-D- C:\Users\FV\AppData\Local\Historique
O43 - CFD: 9/03/2011 - 17:40:40 - [4292] ----D- C:\Users\FV\AppData\Local\LostKing
O43 - CFD: 29/07/2011 - 19:49:20 - [5174299] ----D- C:\Users\FV\AppData\Local\Media Get LLC
O43 - CFD: 5/10/2011 - 17:10:44 - [22859177] ----D- C:\Users\FV\AppData\Local\MediaGet2
O43 - CFD: 17/08/2011 - 9:54:20 - [1623640] ----D- C:\Users\FV\AppData\Local\MesLivres
O43 - CFD: 9/09/2011 - 14:34:34 - [2317817111] ----D- C:\Users\FV\AppData\Local\Microsoft
O43 - CFD: 28/08/2009 - 14:19:18 - [1228235] ----D- C:\Users\FV\AppData\Local\Microsoft Games
O43 - CFD: 17/08/2009 - 9:48:50 - [96764] ----D- C:\Users\FV\AppData\Local\Microsoft Help
O43 - CFD: 13/08/2009 - 11:46:14 - [51375] ----D- C:\Users\FV\AppData\Local\MigWiz
O43 - CFD: 1/02/2011 - 13:46:28 - [58139434] ----D- C:\Users\FV\AppData\Local\Mozilla
O43 - CFD: 23/08/2009 - 13:16:52 - [5243228] ----D- C:\Users\FV\AppData\Local\Oberon Games
O43 - CFD: 4/05/2011 - 10:42:24 - [178395] ----D- C:\Users\FV\AppData\Local\PMB Files
O43 - CFD: 5/10/2011 - 19:31:10 - [82531] ----D- C:\Users\FV\AppData\Local\Temp
O43 - CFD: 13/08/2009 - 11:25:26 - [0] -SH-D- C:\Users\FV\AppData\Local\Temporary Internet Files
O43 - CFD: 4/09/2009 - 19:13:10 - [34094834] ----D- C:\Users\FV\AppData\Local\VirtualStore
O43 - CFD: 28/07/2011 - 9:07:14 - [0] ----D- C:\Users\FV\AppData\Local\Zylom Games
~ Scan Program Folder in 00mn 35s



---\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.1BC86B5A281AC76F0CC597FA24A73A11] - 1/10/2011 - 18:01:33 ---A- . (...) -- C:\Windows
tbtlog.txt   [350968]
O44 - LFC:[MD5.B412A5393E9BF796D97B12E0BDD1E12A] - 18/09/2011 - 9:47:00 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\system32\FlashPlayerCPLApp.cpl   [404640]
O44 - LFC:[MD5.E185BDA84E5F03F4E1D8DCA30E209277] - 2/10/2011 - 10:56:37 ---A- . (...) -- C:\Windows\epplauncher.mif   [1912]
O44 - LFC:[MD5.E8D05CBA1615AA584A23B9CBA6702AFF] - 4/10/2011 - 16:57:12 ---A- . (...) -- C:\Windows\srun.log   [12]
O44 - LFC:[MD5.64041651F535AAF1EE6DE472CA5ABAA5] - 5/10/2011 - 16:29:11 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin   [512]
O44 - LFC:[MD5.363473132B9EF02FAA8266FE6AB15B8E] - 5/10/2011 - 17:35:01 ---A- . (...) -- C:\AdwCleaner[S1].txt   [5000]
O44 - LFC:[MD5.9E1FB6B4F58B4850687356BD34373820] - 5/10/2011 - 18:22:58 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt   [4507]
O44 - LFC:[MD5.310C715B61097EE21DF25AA01AAF075A] - 5/10/2011 - 18:25:18 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.CEAF98D916D2B75B8704BEE7680EE0B5] - 5/10/2011 - 18:25:46 ---A- . (...) -- C:\Windows\system32\agent.log   [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 5/10/2011 - 18:25:57 ---A- . (...) -- C:\Windows\system32\LogConfigTemp.xml   [0]
O44 - LFC:[MD5.A2A3D9CCE8E32A9369A61A9800B136F9] - 5/10/2011 - 18:29:07 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1251168]
O44 - LFC:[MD5.E5802E6F9CC1B05E8E5230900DAFB1C3] - 5/10/2011 - 18:30:27 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI   [1502476]
O44 - LFC:[MD5.0501041328E2B2AA483B3C7DBF567807] - 5/10/2011 - 18:30:27 ---A- . (...) -- C:\Windows\system32\perfc009.dat   [105070]
O44 - LFC:[MD5.098F8816C1BB4D7C82D8D18923371CE3] - 5/10/2011 - 18:30:27 ---A- . (...) -- C:\Windows\system32\perfc00C.dat   [127626]
O44 - LFC:[MD5.5EDA333333FAD2FB1FD7C6C47A51AA39] - 5/10/2011 - 18:30:27 ---A- . (...) -- C:\Windows\system32\perfh009.dat   [598096]
O44 - LFC:[MD5.C1145BDC23EE16DAF0B9D2163A5E60BA] - 5/10/2011 - 18:30:27 ---A- . (...) -- C:\Windows\system32\perfh00C.dat   [681142]
~ Scan Files in 00mn 46s



---\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network
siproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers
siproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Networkdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\system32\Driversdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s



---\ MountPoints2 Shell Key (O51)
O51 - MPSK:{120c524d-881d-11de-9afd-806e6f6e6963}\AutoRun\command. (.Linasoft - AutoPlay Menu Loader.) -- E:\autorun.exe
O51 - MPSK:{c86ec8b6-906d-11de-ab57-00238b8aeb66}\AutoRun\command. (...) -- G:\LaunchU3.exe (.not file.)
~ Scan Keys in 00mn 09s



---\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"vidc.i420"="c:\progra~1\codecp~1\i263\i263_32.drv" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.l3acm"="s¸ö" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.DIV3"="c:\progra~1\codecp~1\divx3\divxc32.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.DIV4"="c:\progra~1\codecp~1\divx412\divx.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.DIVX"="c:\progra~1\codecp~1\divx511\divx.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.xvid"="c:\progra~1\codecp~1\xvid\xvid.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.fvfw"="c:\progra~1\codecp~1\ffvfw\ffvfw.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.avis"="c:\progra~1\codecp~1\ffvfw\ffvfw.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.MPG4"="c:\progra~1\codecp~1\mpeg4\mpg4c32.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.MP42"="c:\progra~1\codecp~1\mpeg4\mpg4c32.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.MP43"="c:\progra~1\codecp~1\mpeg4\mpg4c32.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"VIDC.MJPG"="c:\progra~1\codecp~1\picvideo\pvmjpg21.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"VIDC.PIMJ"="c:\progra~1\codecp~1\picvideo\pvljpg20.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"VIDC.PVW2"="c:\progra~1\codecp~1\picvideo\pvwv220.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"VIDC.SJPG"="c:\progra~1\codecp~1\pmmjpeg\pmmjpeg.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.MJPX"="c:\progra~1\codecp~1\m3jpegv3\m3jpeg32.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.dmb1"="c:\progra~1\codecp~1\m3jpegv3\m3jpeg32.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"VIDC.HFYU"="c:\progra~1\codecp~1\huffyuv\huffyuv.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"VIDC.ZLIB"="c:\progra~1\codecp~1\lcljp\avizlib.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"VIDC.MSZH"="c:\progra~1\codecp~1\lcljp\avimszh.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.MVW1"="c:\progra~1\codecp~1\aware\icmw_32.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.dvmc"="c:\progra~1\codecp~1\mcdv\mcdvd_32.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.VP31"="c:\progra~1\codecp~1\on2vp3\vp31vfw.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.VP60"="c:\progra~1\codecp~1\on2vp6\vp6vfw.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.VP61"="c:\progra~1\codecp~1\on2vp6\vp6vfw.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.3IV2"="c:\progra~1\codecp~1\3ivx\3ivxvf~1.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.I263"="c:\progra~1\codecp~1\i263\i263_32.drv" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.imc"="c:\progra~1\codecp~1\i263\imc32.acm" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"VIDC.YMPG"="c:\progra~1\codecp~1\ympeg\ympgcdc.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.ympgacm"="c:\progra~1\codecp~1\ympeg\ympgacm.acm" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"VIDC.WMV3"="c:\progra~1\codecp~1\wm9\wmv9vcm.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.lameacm"="c:\progra~1\codecp~1\mp3lame\lameacm.acm" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.atrac3"="c:\progra~1\codecp~1\atrac3\atrac3.acm" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.qmpeg"="c:\progra~1\codecp~1\qmpeg\qmpeg.acm" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.uleaddv"="c:\progra~1\codecp~1\uleaddv\dvacm.acm" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.vorbis"="c:\progra~1\codecp~1\vorbis\vorbis.acm" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.divxa32"="c:\progra~1\codecp~1\wma\divxa32.acm" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.msaudio2"="c:\progra~1\codecp~1\wma\msaud32h.acm" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.msaudio1"="s¸ö" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\divx3\divxc32.dll"="DivX ;-) 3.20a VKI Video Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\divx412\divx.dll"="DivX 4.12 Video Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\divx511\divx.dll"="DivX 5.1.1 Pro Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\xvid\xvid.dll"="XviD MPEG-4 Video Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\ffvfw\ffvfw.dll"="makeAVIS - FFvfw" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\mpeg4\mpg4c32.dll"="Microcrap MPEG-4 Video Codec V3" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\picvideo\pvmjpg21.dll"="PICVideo MJPEG Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\picvideo\pvljpg20.dll"="PICVideo Lossless JPEG Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\picvideo\pvwv220.dll"="PICVideo Wavelet 2000 Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\pmmjpeg\pmmjpeg.dll"="Paradigm Matrix M-JPEG Codec 1.11N" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\m3jpegv3\m3jpeg32.dll"="Morgan MJPEG 32-bits codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\huffyuv\huffyuv.dll"="Huffyuv lossless codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\lcljp\avizlib.dll"="AVIzlib Loss-Less Codec v2.23" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\lcljp\avimszh.dll"="AVImszh Loss-Less Codec v2.23" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\aware\icmw_32.dll"="Aware MotionWavelets v1.70.4.2" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\mcdv\mcdvd_32.dll"="MainConcept DV Codec v2.04" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\on2vp3\vp31vfw.dll"="On2 VP3 Video Codec v3.2.6.1" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\on2vp6\vp6vfw.dll"="On2 VP61 Advanced Profile" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\3ivx\3ivxvf~1.dll"="3ivx D4 Video Codec v4.5" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\i263\i263_32.drv"="Intel I263/I420 Video Driver v2.55.016" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\i263\imc32.acm"="Intel Music Coder" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\ympeg\ympgcdc.dll"="YMPEG Video codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\ympeg\ympgacm.acm"="YMPEG Audio codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\wm9\wmv9vcm.dll"="Windows Media Video 9 VCM" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"s¸ö"="Windows Media Audio" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\mp3lame\lameacm.acm"="Lame ACM MP3 Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\atrac3\atrac3.acm"="Sony ATRAC3 Audio Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\qmpeg\qmpeg.acm"="QDesign MPEG Audio Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\uleaddv\dvacm.acm"="Ulead DV Audio Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\vorbis\vorbis.acm"="Ogg Vorbis Audio CODEC" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\wma\divxa32.acm"="DivX WMA Audio Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"c:\progra~1\codecp~1\wma\msaud32h.acm"="Micro$oft WMA Audio V2" . (...) -- (.not file.)
~ Scan Keys in 00mn 00s



---\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
~ Scan Keys in 00mn 00s



---\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ Scan Keys in 00mn 00s



---\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
~ Scan Keys in 00mn 00s



---\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 3:32:46 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys   [422968]
O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 3:32:51 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys   [300600]
O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 3:32:52 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys   [101432]
O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 3:32:53 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys   [149560]
O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 21/01/2008 - 3:32:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys   [17464]
O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 3:32:49 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys   [79416]
O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 3:32:50 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys   [79928]
O58 - SDL:[MD5.997E25F5B7D53C94C0AD2DC080F6868E] - 10/09/2008 - 9:59:00 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athr.sys   [912384]
O58 - SDL:[MD5.6FB43F0DADB3FDC287D080C19666AF8D] - 10/09/2008 - 9:39:42 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60x.sys   [212992]
O58 - SDL:[MD5.C38077D14ADF896EE1E1DBBCBCF77E14] - 10/09/2008 - 12:18:28 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\system32\drivers\BCMWL6.SYS   [1187320]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 2/11/2006 - 9:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys   [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 2/11/2006 - 9:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys   [5248]
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 2/11/2006 - 9:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys   [71808]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 2/11/2006 - 9:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys   [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 2/11/2006 - 9:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys   [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 2/11/2006 - 9:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys   [11904]
O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 21/01/2008 - 3:32:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys   [19000]
O58 - SDL:[MD5.6186B6B953BDC884F0F379B84B3E3A98] - 9/09/2008 - 16:42:12 ---A- . (.Symantec Corporation - Confidence Online v6.1 WDM driver (6,1,4,10).) -- C:\Windows\system32\drivers\COH_Mon.sys   [23888]
O58 - SDL:[MD5.73F5D6835BFA66019C03E316D99649DA] - 9/09/2008 - 3:39:02 ---A- . (.Symantec Corporation - Behavior Blocker v2007.1 WDM driver (2007.1.1.99).) -- C:\Windows\system32\drivers\CO_Mon.sys   [36056]
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 2/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys   [71272]
O58 - SDL:[MD5.73BAF270D24FE726B9CD7F80BB17A23D] - 10/09/2008 - 14:29:36 ---A- . (.Dritek System Inc. - Dritek PS2 Keyboard Filter Driver.) -- C:\Windows\system32\drivers\DKbFltr.sys   [21264]
O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 3:32:50 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel(R) PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys   [118784]
O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 3:32:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys   [342584]
O58 - SDL:[MD5.AB8A6A87D9D7255C3884D5B9541A6E80] - 15/08/2009 - 12:12:54 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys   [15464]
O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 3:32:52 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys   [40504]
O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 3:32:49 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys   [235064]
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 2/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys   [41576]
O58 - SDL:[MD5.C6E5276C00EBDEB096BB5EF4B797D1B6] - 13/08/2009 - 10:13:24 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\system32\drivers\int15.sys   [15392]
O58 - SDL:[MD5.8C7FA71CB1EBCD3EDE8958D27B1BF0B4] - 13/08/2009 - 10:13:24 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\system32\drivers\int15_64.sys   [17952]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 2/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys   [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 2/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys   [35944]
O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 3:32:49 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys   [96312]
O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 3:32:51 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys   [89656]
O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 3:32:48 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys   [96312]
O58 - SDL:[MD5.69A6268D7F81E53D568AB4E7E991CAF3] - 29/05/2011 - 16:00:50 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys   [22216]
O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 3:32:53 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys   [31288]
O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 3:32:52 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys   [386616]
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 2/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys   [33384]
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 2/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers
frd960.sys   [45160]
O58 - SDL:[MD5.2757D2BA59AEE155209E24942AB127C9] - 9/09/2008 - 10:52:06 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\Windows\system32\drivers\NTIDrvr.sys   [14848]
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 2/11/2006 - 8:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers
trigdigi.sys   [20608]
O58 - SDL:[MD5.EC0E8BC4CA37007DDB51F0DCC0C5472F] - 10/09/2008 - 3:12:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 176.) -- C:\Windows\system32\drivers
vlddmkm.sys   [7546080]
O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 3:32:47 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers
vraid.sys   [102968]
O58 - SDL:[MD5.736054614AB962D4EC01EF4ABCE115F1] - 22/07/2008 - 3:21:08 ---A- . (.NVIDIA Corporation - NVIDIA nForce(TM) SMU Microcontroller Driver.) -- C:\Windows\system32\drivers
vsmu.sys   [15872]
O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 3:32:47 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers
vstor.sys   [45112]
O58 - SDL:[MD5.1199B2052F7861C1D39C2318E70904C9] - 21/07/2008 - 9:12:22 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers
vstor32.sys   [145952]
O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 3:32:50 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys   [1122360]
O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 2/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys   [106088]
O58 - SDL:[MD5.001B4278407F4303EFC902A2B16F2453] - 13/08/2009 - 19:09:28 ---A- . (.InterVideo - regi driver.) -- C:\Windows\system32\driversegi.sys   [11032]
O58 - SDL:[MD5.FE912E4A9719A9792669DEBB403CB9B1] - 9/09/2008 - 10:11:06 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys   [2164248]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 2/11/2006 - 7:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys   [20480]
O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 3:32:52 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys   [74808]
O58 - SDL:[MD5.E0E54A571D4323567E95E11FE76A5FF3] - 9/09/2008 - 3:51:00 ---A- . (.Symantec Corporation - Symantec AutoProtect.) -- C:\Windows\system32\drivers\srtsp.sys   [279088]
O58 - SDL:[MD5.4E44F0E22DF824D318988CAA6F321C30] - 9/09/2008 - 3:51:00 ---A- . (.Symantec Corporation - Symantec AutoProtect.) -- C:\Windows\system32\drivers\srtspl.sys   [317616]
O58 - SDL:[MD5.D3BB40427CF3D02E56BBA97FEDA0A3AA] - 9/09/2008 - 3:51:00 ---A- . (.Symantec Corporation - Symantec AutoProtect.) -- C:\Windows\system32\drivers\srtspx.sys   [43696]
O58 - SDL:[MD5.5A1D0CA8A5F1E7B4EC50B9D76C001F0E] - 13/08/2009 - 10:11:16 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Device 1.0 Driver.) -- C:\Windows\system32\drivers\ss_bus.sys   [83592]
O58 - SDL:[MD5.A251AEE642F64B8BC5E2CBFEBB437A1D] - 13/08/2009 - 10:11:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_cm.sys   [12424]
O58 - SDL:[MD5.A251AEE642F64B8BC5E2CBFEBB437A1D] - 13/08/2009 - 10:11:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_cmnt.sys   [12424]
O58 - SDL:[MD5.F0A85580E36A3A85059037D39A9CF079] - 13/08/2009 - 10:11:18 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Modem 1.0 Filter Driver.) -- C:\Windows\system32\drivers\ss_mdfl.sys   [15112]
O58 - SDL:[MD5.84C3DBFD1BFA4ADC0A950B3D5506CB00] - 13/08/2009 - 10:11:18 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Modem 1.0 Driver.) -- C:\Windows\system32\drivers\ss_mdm.sys   [109704]
O58 - SDL:[MD5.09104A5FE22B716571E90E11B73A042C] - 13/08/2009 - 10:11:18 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_wh.sys   [12424]
O58 - SDL:[MD5.09104A5FE22B716571E90E11B73A042C] - 13/08/2009 - 10:11:18 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_whnt.sys   [12424]
O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 13/08/2009 - 15:05:00 ---A- . (...) -- C:\Windows\system32\drivers\StarOpen.sys   [5632]
O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 2/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys   [35944]
O58 - SDL:[MD5.FE9F8B3A8BC22D85332B42E92308DDF9] - 27/03/2010 - 12:31:16 ---A- . (.Symantec Corporation - DNS Filter Driver.) -- C:\Windows\system32\drivers\symdns.sys   [13616]
O58 - SDL:[MD5.06B95820DF51502099A8A15C93E87986] - 9/09/2008 - 6:42:22 ---A- . (.Symantec Corporation - Symantec Event Library.) -- C:\Windows\system32\drivers\SYMEVENT.SYS   [124464]
O58 - SDL:[MD5.A0EA9D273889E53CFAABF2444692CCBF] - 27/03/2010 - 12:31:16 ---A- . (.Symantec Corporation - Firewall Filter Driver.) -- C:\Windows\system32\drivers\symfw.sys   [96560]
O58 - SDL:[MD5.23527B9CD4F7B9E31160E98D340E7E85] - 27/03/2010 - 12:31:16 ---A- . (.Symantec Corporation - IDS Filter Driver.) -- C:\Windows\system32\drivers\symids.sys   [38576]
O58 - SDL:[MD5.8EAB28DD6CD25355B951AE460FA86B48] - 27/03/2010 - 12:31:42 ---A- . (.Symantec Corporation - NDIS 6.0 Filter Driver for Windows Vista.) -- C:\Windows\system32\drivers\SymIMV.sys   [24112]
O58 - SDL:[MD5.C94EACA4B522012EE0691F1E79C42A7D] - 27/03/2010 - 12:31:18 ---A- . (.Symantec Corporation - NDIS Filter Driver.) -- C:\Windows\system32\drivers\symndisv.sys   [41008]
O58 - SDL:[MD5.7C6505EA598E58099D3B7E1F70426864] - 27/03/2010 - 12:31:16 ---A- . (.Symantec Corporation - Redirector Filter Driver.) -- C:\Windows\system32\drivers\symredrv.sys   [22320]
O58 - SDL:[MD5.E6FF7ACE71D07CA90119F2C6AB592BA4] - 27/03/2010 - 12:31:16 ---A- . (.Symantec Corporation - Network Dispatch Driver.) -- C:\Windows\system32\drivers\symtdi.sys   [184496]
O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 2/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys   [31848]
O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 2/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys   [34920]
O58 - SDL:[MD5.BF7AA84D5AF0FAA0978C840E63B17DBF] - 10/09/2008 - 2:45:00 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys   [196784]
O58 - SDL:[MD5.F763E070843EE2803DE1395002B42938] - 9/09/2008 - 10:51:50 ---A- . (.NewTech Infosystems Corporation - NTI CDROM Filter Driver.) -- C:\Windows\system32\drivers\UBHelper.sys   [13824]
O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 3:32:45 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys   [238648]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 2/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys   [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 3:32:49 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys   [115816]
O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 21/01/2008 - 3:32:21 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys   [20024]
O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 3:32:49 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys   [130616]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 2/11/2006 - 8:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS   [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 2/11/2006 - 8:09:45 ---A- . (...) -- C:\Windows\system32\country.sys   [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 2/11/2006 - 8:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS   [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 2/11/2006 - 8:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS   [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 2/11/2006 - 8:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS   [42537]
O58 - SDL:[MD5.9131FE60ADFAB595C8DA53AD6A06AA31] - 4/05/2011 - 7:43:08 ---A- . (.INCA Internet Co., Ltd. - nProtect NPSC Kernel Mode Driver for NT.) -- C:\Windows\system32
pptNT2.sys   [4682]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 2/11/2006 - 8:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS   [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 2/11/2006 - 8:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS   [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 2/11/2006 - 8:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS   [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 2/11/2006 - 8:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS   [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 2/11/2006 - 8:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS   [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 2/11/2006 - 8:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS   [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 2/11/2006 - 8:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS   [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 2/11/2006 - 8:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS   [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 2/11/2006 - 8:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS   [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 2/11/2006 - 8:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS   [34672]
~ Scan Drivers in 00mn 08s



---\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
O63 - Logiciel: Ad-Remover - (.Pas de propriétaire.) [HKCU] -- Ad-Remover
~ Scan ADS in 00mn 00s



---\ Liste des services Legacy (O64)
O64 - Services: CurCS - 30/07/2008 - C:\Windows\system32\Drivers\COH_Mon.sys - COH_Mon(COH_Mon)  .(.Symantec Corporation - Confidence Online v6.1 WDM driver (6,1,4,10.) - LEGACY_COH_MON
O64 - Services: CurCS - 21/08/2007 - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe - comHost(comHost)  .(.Symantec Corporation - COM Aggregation Host.) - LEGACY_COMHOST
O64 - Services: CurCS - 8/08/2007 - C:\Windows\system32\drivers\CO_Mon.sys - CO_Mon(CO_Mon)  .(.Symantec Corporation - Behavior Blocker

fmounet007007 · Answer

et la suite et fin: ---\ Liste des services Legacy (O64) O64 - Services: CurCS - 30/07/2008 - C:\Windows\system32\Drivers\COH_Mon.sys - COH_Mon(COH_Mon) .(.Symantec Corporation - Confidence Online v6.1 WDM driver (6,1,4,10.) - LEGACY_COH_MON O64 - Services: CurCS - 21/08/2007 - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe - comHost(comHost) .(.Symantec Corporation - COM Aggregation Host.) - LEGACY_COMHOST O64 - Services: CurCS - 8/08/2007 - C:\Windows\system32\drivers\CO_Mon.sys - CO_Mon(CO_Mon) .(.Symantec Corporation - Behavior Blocker v2007.1 WDM driver (2007.1.) - LEGACY_CO_MON O64 - Services: CurCS - 15/07/2009 - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - Symantec Eraser Control driver(eeCtrl) .(.Symantec Corporation - Symantec Eraser Control Driver.) - LEGACY_EECTRL O64 - Services: CurCS - 15/07/2009 - C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - EraserUtilRebootDrv(EraserUtilRebootDrv) .(.Symantec Corporation - Symantec Eraser Utility Driver.) - LEGACY_ERASERUTILREBOOTDRV O64 - Services: CurCS - 22/07/2009 - C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20090811.002\IDSvix86.sys - Symantec Intrusion Prevention Driver(IDSvix86) .(.Symantec Corporation - IDS Core Driver.) - LEGACY_IDSVIX86 O64 - Services: CurCS - 11/06/2008 - C:\Windows\system32\drivers\int15.sys - int15(int15) .(.Acer, Inc. - int15.) - LEGACY_INT15 O64 - Services: CurCS - ??/??/???? - C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090818.021\NAVENG.sys (.not file.) - NAVENG (NAVENG) .(...) - LEGACY_NAVENG O64 - Services: CurCS - ??/??/???? - C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090818.021\NAVEX15.sys (.not file.) - NAVEX15 (NAVEX15) .(...) - LEGACY_NAVEX15 O64 - Services: CurCS - 17/04/2007 - C:\Windows\system32\drivers egi.sys - regi(regi) .(.InterVideo - regi driver.) - LEGACY_REGI O64 - Services: CurCS - 17/03/2009 - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys - SPBBCDrv(SPBBCDrv) .(.Symantec Corporation - SPBBC Driver.) - LEGACY_SPBBCDRV O64 - Services: CurCS - 31/01/2008 - C:\Windows\system32\Drivers\SRTSP.sys - SRTSP(SRTSP) .(.Symantec Corporation - Symantec AutoProtect.) - LEGACY_SRTSP O64 - Services: CurCS - 31/01/2008 - C:\Windows\system32\Drivers\SRTSPX.sys - SRTSPX(SRTSPX) .(.Symantec Corporation - Symantec AutoProtect.) - LEGACY_SRTSPX O64 - Services: CurCS - 19/02/2009 - C:\Windows\system32\Drivers\SYMDNS.sys - SYMDNS(SYMDNS) .(.Symantec Corporation - DNS Filter Driver.) - LEGACY_SYMDNS O64 - Services: CurCS - 27/03/2010 - C:\Windows\system32\Drivers\SYMEVENT.sys - SymEvent(SymEvent) .(.Symantec Corporation - Symantec Event Library.) - LEGACY_SYMEVENT O64 - Services: CurCS - 19/02/2009 - C:\Windows\system32\Drivers\SYMFW.sys - SYMFW(SYMFW) .(.Symantec Corporation - Firewall Filter Driver.) - LEGACY_SYMFW O64 - Services: CurCS - 19/02/2009 - C:\Windows\system32\DRIVERS\SymIMv.sys - Symantec Network Security Intermediate Filter Driver(SymIM) .(.Symantec Corporation - NDIS 6.0 Filter Driver for Windows Vista.) - LEGACY_SYMIM O64 - Services: CurCS - 19/02/2009 - C:\Windows\system32\Drivers\SYMNDISV.sys - SYMNDISV(SYMNDISV) .(.Symantec Corporation - NDIS Filter Driver.) - LEGACY_SYMNDISV O64 - Services: CurCS - 19/02/2009 - C:\Windows\system32\Drivers\SYMREDRV.sys - SYMREDRV(SYMREDRV) .(.Symantec Corporation - Redirector Filter Driver.) - LEGACY_SYMREDRV O64 - Services: CurCS - 19/02/2009 - C:\Windows\system32\Drivers\SYMTDI.sys - SYMTDI(SYMTDI) .(.Symantec Corporation - Network Dispatch Driver.) - LEGACY_SYMTDI ~ Scan Services in 00mn 04s ---\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows egedit.exe O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows egedit.exe ~ Scan Keys in 00mn 00s ---\ Start Menu Internet (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8 O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8 O69 - SBI: SearchScopes [HKCU] {0DA8DAC9-F5A3-4D21-BEE5-80914B132F5C} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - https://www.google.com/?gws_rd=ssl O69 - SBI: SearchScopes [HKCU] {70D46D94-BF1E-45ED-B567-48701376298E} - (Google Desktop) - http://127.0.0.1:4664/search&s=fxPRSHX5qlkQ42inPfzse4SjObs?q={searchTerms} ~ Scan Keys in 00mn 00s ---\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.7FAF5222EEB546E1DC0F348DCB314B0B] [SPRF][29/08/2006] (.Zylom Games - Zylom Games Player.) -- C:\Windows\Downloaded Program Files\zylomgamesplayer.dll [161976] ~ Scan Files in 00mn 00s ---\ Recherche d'infection Rogue (O86) C:\Users\FV\AppData\Roaming\6876836 ~ Scan Files in 00mn 00s ---\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{1AD7AEB3-A381-42D9-A6D3-0FA399F69ED3}" | In - Public - P6 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O87 - FAEL: "{A1850EFA-F017-4143-BADE-53CBCF94ED57}" | In - Public - P6 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O87 - FAEL: "{73D814D8-7916-47ED-934C-4C7D03A01410}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O87 - FAEL: "{AB0CE66F-1493-484A-B348-E022240DFC42}" | In - Public - P17 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O87 - FAEL: "{9F15E43A-7BD9-4A78-B805-2DAB7C143170}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O87 - FAEL: "{F26EC160-5339-42B7-8BFD-80479D1FD445}" | In - Public - P17 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O87 - FAEL: "{0C799FFF-7FD9-43B0-AC91-5F4AE49B3869}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Ubisoft\THE SETTLERS - Bâtisseurs d'Empire\base\bin\Settlers6.exe (.not file.) O87 - FAEL: "{1E0B1FC4-FD42-4244-A52C-6F3E105AC18D}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Ubisoft\THE SETTLERS - Bâtisseurs d'Empire\base\bin\Settlers6.exe (.not file.) O87 - FAEL: "{A1A99002-1273-4BB1-9DF4-C21624EAE302}" |In - Private - P6 - FALSE | .(...) -- C:\Program Files\Sports Interactive\Football Manager 2010\fm.exe (.not file.) O87 - FAEL: "{2152B171-562B-42CA-BF7E-D8246B3F6FE2}" |In - Private - P17 - FALSE | .(...) -- C:\Program Files\Sports Interactive\Football Manager 2010\fm.exe (.not file.) O87 - FAEL: "{5EB1664F-A7DF-4379-BA01-8641A9953B8E}" | In - Domain - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{C65C8C66-2AE8-4D18-B956-1F491490ED68}" | In - Domain - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{0AB5E8BC-3B41-4F1F-8834-CF9D2CE43970}" | In - Private - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{422B37FB-EBD4-482E-B75B-B34B86C0EFC5}" | In - Private - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{AAE3E47D-8EF8-4297-9109-324E6C6605A2}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "TCP Query User{F64282FB-DBE8-43C2-96E9-0631EC48C12A}C:\program files\google\google earth\client\googleearth.exe" | In - Private - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe O87 - FAEL: "UDP Query User{38B15C61-AA4E-43C3-9177-B38F9C78D2E0}C:\program files\google\google earth\client\googleearth.exe" | In - Private - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe O87 - FAEL: "TCP Query User{7CE7B74E-CE03-49DC-A9DD-10A1B31D7A72}C:\games\world_of_tanks_closed_beta\wotlauncher.exe" |In - Private - P6 - TRUE | .(...) -- C:\games\world_of_tanks_closed_beta\wotlauncher.exe (.not file.) O87 - FAEL: "UDP Query User{0E6B60F7-1893-4DF3-B46F-FD2361FDE20A}C:\games\world_of_tanks_closed_beta\wotlauncher.exe" |In - Private - P17 - TRUE | .(...) -- C:\games\world_of_tanks_closed_beta\wotlauncher.exe (.not file.) O87 - FAEL: "TCP Query User{B201ECF6-9A1F-487A-B95B-9AA8E6DC1BA5}C:\program files\mozilla firefox\firefox.exe" | In - Private - P6 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe O87 - FAEL: "UDP Query User{F8B7AD32-F21E-420B-AF80-D39ABE2EA7AD}C:\program files\mozilla firefox\firefox.exe" | In - Private - P17 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe O87 - FAEL: "TCP Query User{5D26C831-0FFD-4A3C-936C-5C92BAE4ECF5}C:\users\fv\appdata\local\mediaget2\mediaget.exe" | In - Private - P6 - TRUE | .(.MediaGet LLC - MediaGet torrent client.) -- C:\users\fv\appdata\local\mediaget2\mediaget.exe O87 - FAEL: "UDP Query User{A26A48B0-BAB1-4B3D-A6F8-9FD55F62230A}C:\users\fv\appdata\local\mediaget2\mediaget.exe" | In - Private - P17 - TRUE | .(.MediaGet LLC - MediaGet torrent client.) -- C:\users\fv\appdata\local\mediaget2\mediaget.exe ~ Scan Firewall in 00mn 02s ---\ Scan Additionnel (O88) Database Version : 8700 - (05/10/2011) Clés trouvées (Keys found) : 0 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 8 Fichiers trouvés (Files found) : 0 C:\Program Files\WhiteSmoke =>PUP.Whitesmoke C:\ProgramData\Media Get LLC =>PUP.MediaGet C:\Users\FV\AppData\Roaming\Media Get LLC =>PUP.MediaGet C:\Users\FV\AppData\Roaming\WhiteSmoke =>PUP.Whitesmoke C:\Users\FV\AppData\Local\Media Get LLC =>PUP.MediaGet C:\Users\FV\AppData\Local\MediaGet2 =>PUP.MediaGet ~ Scan Additionnel in 00mn 55s ---\ Recherche détournement de DNS routeur (O89) Serveur : UnKnown Address: 192.168.1.1 Nom : www.l.google.com Addresses: 209.85.148.106 209.85.148.104 209.85.148.103 209.85.148.99 209.85.148.147 209.85.148.105 Aliases: www.google.fr www.google.com ~ Scan DNS in 00mn 03s ---\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 9/09/2008 238968 | (Automatic LiveUpdate Scheduler) . (.Symantec Corporation.) - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe SR - | Auto 9/09/2008 16384 | (BUNAgentSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe SR - | Auto 17/10/2008 149352 | (ccEvtMgr) . (.Symantec Corporation.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe SR - | Auto 17/10/2008 149352 | (ccSetMgr) . (.Symantec Corporation.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe SR - | Auto 17/10/2008 149352 | (CLTNetCnService) . (.Symantec Corporation.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe SS - | Demand 9/09/2008 55640 | (comHost) . (.Symantec Corporation.) - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe SR - | Auto 24576 | (ETService) . (...) - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe SS - | Demand 24/08/2010 30192 | Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe SS - | Auto 21/01/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 21/01/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 8/11/2009 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Auto 13/08/2009 112152 | (IviRegMgr) . (.InterVideo.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe SR - | Auto 9/09/2008 61440 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe SS - | Demand 15/08/2009 3220856 | (LiveUpdate) . (.Symantec Corporation.) - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.exe SR - | Auto 17/10/2008 149352 | (LiveUpdate Notice) . (.Symantec Corporation.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe SS - | Demand 4/05/2011 4032992 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\Windows\system32\GameMon.des SR - | Auto 9/09/2008 50424 | (NTIBackupSvc) . (.NewTech InfoSystems, Inc..) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe SR - | Auto 131072 | (NTISchedulerSvc) . (...) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe SR - | Auto 10/09/2008 196608 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32 vvsvc.exe SS - | Demand 1245064 | (Symantec Core LC) . (...) - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe SR - | Auto 21/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ~ Scan Services in 00mn 04s ---\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net ~ Scan MBR in 00mn 06s ---\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by FV at 5/10/2011 19:34:44 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 08s End of the scan (1420 lines in 03mn 49s)(0)

fmounet007007 · Answer

dsl pas vu ton message pour le poster ailleurs!

fmounet007007 · Answer

mon pc se comporte bien, "microsoft security essentials" ne m'a plus indiqué que mon pc était malade!

fmounet007007 · Answer

pardon,mais un autre message vient d'apparaitre 3 fois d'affilée alors que cela n'apparaissait jamais auparavant: "Symantec Service Framework a cessé de fonctionner.

loumax91 · Answer

Tu as deux antivirus d'installés sur ton PC, choisi l'un des deux et désinstalle l'autre.

Si tu désinstalle Norton : http://service1.symantec.com/SUPPORT/INTER/norton360intl.nsf/fr_docid/20070214094739989
Si c'est MSE passe par : ajout/suppression des programmes



Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement : 

* Télécharge Defogger (de jpshortstuff) sur ton Bureau 
http://www.jpshortstuff.247fixes.com/Defogger.exe 
* Lance le 
* Une fenêtre apparait : clique sur "Disable" 
* Fais redémarrer l'ordinateur si l'outil te le demande 
* Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable" 

Ensuite suis la procédure déjà décrite et relance :
-AdwCleaner
-Ad-Remover et poste les deux rapports

Quand tu as fini, refais un ZHPDiag et poste le rapport ici : http://pjjoint.malekal.com/

fmounet007007 · Answer

voici le rapport d'AdwCleaner:

# AdwCleaner v1.309 - Rapport créé le 06/10/2011 à 12:58:22
# Mis à jour le 29/09/11 à 20h par Xplode
# Système d'exploitation : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Nom d'utilisateur : FV - PC-DE-FV (Administrateur)
# Exécuté depuis : C:\Users\FV\Downloads\adwcleaner0.exe
# Option [Suppression]


***** [KillNav] *****

# firefox.exe [PID:1540] -> Tué

***** [Processus] *****


***** [Services] *****


***** [Fichiers / Dossiers] *****


***** [Registre] *****

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FF99715-3016-4381-84CE-E4E4C9673020}

***** [Navigateurs] *****

-\ Internet Explorer v8.0.6001.19120

[OK] Le registre ne contient aucune entrée illégitime.

-\ Mozilla Firefox v7.0.1 (fr)

Profil : 7ezrw9ux.default
Fichier : C:\Users\FV\AppData\Roaming\Mozilla\Firefox\Profiles\7ezrw9ux.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.

-\ Google Chrome v [Impossible d'obtenir la version]

Fichier : C:\Users\FV\AppData\Local\Google\Chrome\User Data\Default\Preferences

fmounet007007 · Answer

voici le rapport d'Ad-remover:

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 13:00:26 le 06/10/2011, Mode normal

Microsoft® Windows Vista(TM) Édition Familiale Basique  Service Pack 2 (X86) 
FV@PC-DE-FV (eMachines, inc. eMG620) 
 
============== ACTION(S) ==============



(!) -- Fichiers temporaires supprimés.




============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [7.0.1 (fr)] ****

HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\@zylom.com/ZylomGamesPlayer (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
Searchplugins\bing.xml (    hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)

-- C:\Users\FV\AppData\Roaming\Mozilla\FireFox\Profiles\7ezrw9ux.default --
Prefs.js - browser.download.lastDir, C:\Users\FV\Pictures
Prefs.js - browser.search.defaultenginename, Search the web (Babylon)
Prefs.js - browser.search.selectedEngine, Web Search
Prefs.js - browser.startup.homepage_override.buildID, 20110928134238
Prefs.js - browser.startup.homepage_override.mstone, rv:7.0.1

========================================

**** Internet Explorer Version [8.0.6001.19120] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} - "Google Desktop" (hxxp://127.0.0.1:4664/search&s=fxPRSHX5qlkQ42inPfzse4SjObs?q={searchTerms})
HKLM_ElevationPolicy\{442E3CEB-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar1user.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)
BHO\{7FF99715-3016-4381-84CE-E4E4C9673020} (?)

========================================

C:\Program Files\Ad-Remover\Quarantine: 497 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 28 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 05/10/2011 19:20:54 (4507 Octet(s)) 
C:\Ad-Report-CLEAN[2].txt - 06/10/2011 13:00:32 (2979 Octet(s)) 

Fin à: 13:02:15, 06/10/2011 
 
============== E.O.F ==============

fmounet007007 · Answer

le lien pour le rapport de ZHPDiag:

https://pjjoint.malekal.com/files.php?id=ZHPDiag_z8z11i58m11l12i8o9s7u6k6v9d11n9l11u15j6q12q14y12

J'avais une autre question:Maintenant j'ai un truc qui s'ouvre au démarrage: le programme Media Get. Je ne me souviens pas l'avoir télécharger! Et j'arrive pas à le supprimer via le panneau de configuration puisqu'il ne s'y trouve pas... comment le virer?
Encore merci pour tout!

loumax91 · Answer

On va s'en occuper ! 

Ce script va cibler certains éléments à supprimer : 

* Ouvre ce lien, sélectionne le script en entier et copie le (Edition --> Copier) 
http://www.cijoint.fr/cjlink.php?file=cj201110/cij7H4Azwq.txt 
* Fais un clic-droit sur le raccourci de ZHPFix et choisis "Exécuter en temps qu'administrateur" 
* Clique sur l'icone représentant la lettre H (« coller les lignes Helper ») 
* Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes 
* Clique sur le bouton « GO » pour lancer le nettoyage, 
* Copie/colle la totalité du rapport dans ta prochaine réponse 


Ensuite : 
* Lance MBAM et fais les Mises à jour 
* Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher" 
* Sélectionne tes disques durs" puis clique sur "Lancer l'examen" 
* A la fin de l'analyse, clique sur Afficher les résultats 
* Coche tous les éléments détectés puis clique sur Supprimer la sélection 
* Enregistre le rapport 
* S'il t'est demandé de redémarrer l'ordinateur, clique sur Yes 
* Poste dans ta prochaine réponse le rapport apparaissant après la suppression  

Pour terminer refais un scan ZHPDiag et poste le rapport sur : http://pjjoint.malekal.com/  

"Celui qui aime à apprendre est bien près du savoir" (Confucius)

fmounet007007 · Answer

voici le rapport de ZHPFix:

Rapport de ZHPFix 1.12.3363 par Nicolas Coolman, Update du 05/10/2011
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-6-10-2011-14-49-50.txt
Run by FV at 6/10/2011 14:49:50
Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Clé(s) du Registre ==========
ABSENT Key: CLSID BHO: {7FF99715-3016-4381-84CE-E4E4C9673020}
ABSENT Key: HKCU\Software\WhiteSmoke
ABSENT Key: HKLM\Software\WhiteSmoke

========== Valeur(s) du Registre ==========
ABSENT RunValue: MediaGet2
ABSENT TCP Query User{5D26C831-0FFD-4A3C-936C-5C92BAE4ECF5}C:/users/fv/appdata/local/mediaget2/mediaget.exe
ABSENT UDP Query User{A26A48B0-BAB1-4B3D-A6F8-9FD55F62230A}C:/users/fv/appdata/local/mediaget2/mediaget.exe
ABSENT RunValue: eRecoveryService
ABSENT Valeur Standard Profile: FirewallRaz : 
ABSENT Valeur Domain Profile: FirewallRaz : 

========== Elément(s) de donnée du Registre ==========
SUPPRIME AppInit: \progra~1\wi9130~1\datamngr\datamngr.dll

========== Dossier(s) ==========
ABSENT C:\Program Files\WhiteSmoke
ABSENT C:\ProgramData\Media Get LLC
ABSENT C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
ABSENT C:\Users\FV\AppData\Roaming\Media Get LLC
ABSENT C:\Users\FV\AppData\Roaming\WhiteSmoke
ABSENT C:\Users\FV\AppData\Local\Media Get LLC
ABSENT C:\Users\FV\AppData\Local\MediaGet2
SUPPRIME Temporaires Windows: : 1

========== Fichier(s) ==========
ABSENT Folder/File: c:\users\fv\appdata\local\mediaget2\mediaget.exe   3804]
ABSENT File: c:\users\fv\appdata\local\mediaget2\mediaget.exe
ABSENT File: \progra~1\wi9130~1\datamngr\datamngr.dll
ABSENT Folder/File: c:\program files\whitesmoke
ABSENT Folder/File: c:\programdata\media get llc
ABSENT Folder/File: c:\users\fv\appdata\roaming\media get llc
ABSENT Folder/File: c:\users\fv\appdata\roaming\whitesmoke
ABSENT Folder/File: c:\users\fv\appdata\local\media get llc
ABSENT Folder/File: c:\users\fv\appdata\local\mediaget2
SUPPRIME Temporaires Windows: : 5


========== Récapitulatif ==========
3 : Clé(s) du Registre
6 : Valeur(s) du Registre
1 : Elément(s) de donnée du Registre
8 : Dossier(s)
10 : Fichier(s)


End of clean in 00mn 00s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 6/10/2011 13:45:48 [3041]
C:\ZHP\ZHPFix[R2].txt - 6/10/2011 14:49:50 [2294]

fmounet007007 · Answer

voici le rapport de Malwarebytes Anti-Malware....
D'après ce que j'ai pu y lire.... ça a l'air d'etre tout bon non?

fmounet007007 · Answer

oups.... le rapport:

Version de la base de données: 7884

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19120

6/10/2011 16:38:48
mbam-log-2011-10-06 (16-38-48).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 294421
Temps écoulé: 1 heure(s), 43 minute(s), 31 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

loumax91 · Answer

Tu avais désactivé les logiciels d'émulation comme je te l'avais indiqué avec Defogger ?

Il manque le rapport ZHPDiag.

fmounet007007 · Answer

bonjour,

oui j'avais cliqué sur "disable"

voici le lien pour le rapport:

merci!
https://pjjoint.malekal.com/files.php?id=ZHPDiag_l13k14z715e15k14q6f9j11v11m7v5o9l1415y7s11t12g11w10

loumax91 · Answer

Bon la suppression ZHPFix n'a pas fonctionné !

As-tu bien lancé ZHPFix avec un clique droit => exécuter en tant qu'administrateur ?

Refais la procédure ZHPFix (avec le même script) en "mode sans échec" :
https://www.commentcamarche.net/informatique/windows/113-demarrer-windows-10-en-mode-sans-echec/

Voici le lien du script :
http://www.cijoint.fr/cjlink.php?file=cj201110/cij7H4Azwq.txt

kristof78400 · Answer

je sais que personne n'aime l'utiliser alors qu'il est efficace (meme tres efficace) et ultra facile d' utilisation: combofix

fmounet007007 · Answer

voici le rapport de ZHPFix, ouvert en tant qu'administrateur en mode sans échec.
Ce qui est bizarre, c'est qu'à la fin de l'analyse, mon explorer windows disparait ( c'était déjà arrivé lorsque je l'ai utilisé la première fois)

FichieRapport de ZHPFix 1.12.3363 par Nicolas Coolman, Update du 05/10/2011
r d'export Registre : C:\ZHP\ZHPExportRegistry-7-10-2011-14-29-00.txt
Run by FV at 7/10/2011 14:29:00
Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Clé(s) du Registre ==========
ABSENT Key: CLSID BHO: {7FF99715-3016-4381-84CE-E4E4C9673020}
ABSENT Key: HKCU\Software\WhiteSmoke
ABSENT Key: HKLM\Software\WhiteSmoke

========== Valeur(s) du Registre ==========
ABSENT RunValue: MediaGet2
ABSENT TCP Query User{5D26C831-0FFD-4A3C-936C-5C92BAE4ECF5}C:/users/fv/appdata/local/mediaget2/mediaget.exe
ABSENT UDP Query User{A26A48B0-BAB1-4B3D-A6F8-9FD55F62230A}C:/users/fv/appdata/local/mediaget2/mediaget.exe
ABSENT RunValue: eRecoveryService
ABSENT Valeur Standard Profile: FirewallRaz : 
ABSENT Valeur Domain Profile: FirewallRaz : 

========== Elément(s) de donnée du Registre ==========
SUPPRIME AppInit: \progra~1\wi9130~1\datamngr\datamngr.dll

========== Dossier(s) ==========
ABSENT C:\Program Files\WhiteSmoke
ABSENT C:\ProgramData\Media Get LLC
ABSENT C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
ABSENT C:\Users\FV\AppData\Roaming\Media Get LLC
ABSENT C:\Users\FV\AppData\Roaming\WhiteSmoke
ABSENT C:\Users\FV\AppData\Local\Media Get LLC
ABSENT C:\Users\FV\AppData\Local\MediaGet2
SUPPRIME Temporaires Windows: : 73

========== Fichier(s) ==========
ABSENT Folder/File: c:\users\fv\appdata\local\mediaget2\mediaget.exe   3804]
ABSENT File: c:\users\fv\appdata\local\mediaget2\mediaget.exe
ABSENT File: \progra~1\wi9130~1\datamngr\datamngr.dll
ABSENT Folder/File: c:\program files\whitesmoke
ABSENT Folder/File: c:\programdata\media get llc
ABSENT Folder/File: c:\users\fv\appdata\roaming\media get llc
ABSENT Folder/File: c:\users\fv\appdata\roaming\whitesmoke
ABSENT Folder/File: c:\users\fv\appdata\local\media get llc
ABSENT Folder/File: c:\users\fv\appdata\local\mediaget2
SUPPRIME Temporaires Windows: : 60


========== Récapitulatif ==========
3 : Clé(s) du Registre
6 : Valeur(s) du Registre
1 : Elément(s) de donnée du Registre
8 : Dossier(s)
10 : Fichier(s)


End of clean in 00mn 00s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 6/10/2011 13:45:48 [3041]
C:\ZHP\ZHPFix[R2].txt - 6/10/2011 13:49:50 [2345]
C:\ZHP\ZHPFix[R3].txt - 7/10/2011 14:29:00 [2347]

loumax91 · Answer

Essaie la désinstallation :
https://assistance.orange.fr/ordinateurs-peripheriques/installer-et-utiliser/la-prise-en-main-d-un-systeme-d-exploitation/windows-vista/windows-vista-desinstaller-un-programme_25978-26595
Désinstalle tous les "MediaGet" que tu verras.

S'il n'apparait pas dans la liste des programmes, essaie la même chose en mode sans échec, tiens moi au courant :)

Désinstalle aussi ZHPDiag on va tenter une réinstallation, si cela ne fonctionne pas on passera à un autre outil.
Téléchargement : https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Installe le logiciel clique droit "en tant qu'administrateur"

fmounet007007 · Answer

dans les programmes et fonctionnalités, il n'y a pas de trace de "mediaget". 
Je n'ai donc rien désinstallé. 
Par contre, mon ordi met un temps dingue à charger "programmes et fonctionnalités", ce qui m'étonne vu qu'il n'y a pas 1000000 de programmes... 
De plus, mon ordi commence à ramer.... alors qu'il ne le faisait pas avant... 
bizarre... pourtant "microsoft security essentials" me dit toujours que mon ordi est sain. 
Bon j'arrête la pour aujourd'hui, je revérifierai pour médiaget en mode sans échec demain, ainsi que pour la réinstallation de ZHPDiag! 
Bonne soirée et encore merci!

loumax91 · Answer

Toujours là ?

fmounet007007 · Answer

oui oui toujours là mais le w-end, difficile de passer du temps devant le pc.... boulot de boulanger oblige... je n'abandonne pas du tout la procédure!  
merci d'etre toujours la.

Virus embêtant!!

32 réponses

Discussions similaires