Cheval de troie

Résolu/Fermé
genereux Messages postés 572 Date d'inscription   Statut Membre Dernière intervention   -  
 Utilisateur anonyme -
Bonjour,

J'ai fait une analyse de mon systeme avec eset nod32 en ligne et il me donne ca : Win32/TrojanDownloader.Agent.GQNGOQN cheval de troie qui est apparament sur ma memoire vive.
Que faire?

merci


A voir également:

34 réponses

  • 1
  • 2
Réponse 1 / 34
Utilisateur anonyme
 
bonjour,

* [*] Télécharger et enregistre RogueKiller sur le bureau
https://www.luanagames.com/index.fr.html (by tigzy)
[*] Quitter tous les programmes
[*] Lancer RogueKiller.exe.
[*] Attendre que le Prescan ait fini ...
[*] Cliquer sur Scan. Cliquer sur Rapport et copier coller le contenu du notepad

Note : Si Roguekiller ne se lance pas, change son nom en Winlogon.

3
genereux Messages postés 572 Date d'inscription   Statut Membre Dernière intervention   38
 
C'est en cours...
0
Réponse 2 / 34
Utilisateur anonyme
 
relance Roguekiller, clique sur supprimer, poste son rapport


1
Réponse 3 / 34
genereux Messages postés 572 Date d'inscription   Statut Membre Dernière intervention   38
 
merci pour ta reponse mais il est sur la memoire vive donc je n'ai pas acces au fichier et je precise que lors de l'analyse nod32 en ligne l'a detecté mais pas supprimé!

Voila ce que nod32 en ligne m'a sorti exactement : Mémoire vive une variante probable de Win32/TrojanDownloader.Agent.GQNGOQN cheval de troie
0
Réponse 4 / 34
genereux Messages postés 572 Date d'inscription   Statut Membre Dernière intervention   38
 
Voila pour roguekiller :

RogueKiller V7.3.3 [22/04/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com

Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur: Mister G [Droits d'admin]
Mode: Recherche -- Date: 29/04/2012 18:49:41

¤¤¤ Processus malicieux: 3 ¤¤¤
[SUSP PATH] conime.exe -- C:\Users\Public\AppData\eMuleMorphXT\conime.exe -> KILLED [TermProc]
[HJ NAME] ctfmon.exe -- C:\Users\Public\AppData\Shareobj\ctfmon.exe -> KILLED [TermProc]
[SUSP PATH] ctfldr.ExE -- C:\Users\Public\AppData\Aobj\ctfldr.exe -> KILLED [TermProc]

¤¤¤ Entrees de registre: 7 ¤¤¤
[BLACKLIST DLL] HKCU\[...]\Run : {981E21D5-C93E-43e8-8D8B-10AEFF84A564} (C:\Windows\system32\rundll32.exe "C:\Users\Public\{981E21D5-C93E-43e8-8D8B-10AEFF84A564}.dll",AppStartup UserRun) -> FOUND
[BLACKLIST DLL] HKUS\S-1-5-21-2551552227-4109404659-750056129-1001[...]\Run : {981E21D5-C93E-43e8-8D8B-10AEFF84A564} (C:\Windows\system32\rundll32.exe "C:\Users\Public\{981E21D5-C93E-43e8-8D8B-10AEFF84A564}.dll",AppStartup UserRun) -> FOUND
[BLACKLIST DLL] HKLM\[...]\RunOnceEx : (C:\Windows\System32\rundll32.exe C:\Windows\System32\iernonce.dll,RunOnceExProcess) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver: [CHARGE] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤


¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HD320KJ ATA Device +++++
--- User ---
[MBR] 8cd8e6afe7cf9d18d3e6f89f1851d2a0
[BSP] ba9c58702be0d309365494c5b8fb2b98 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 89900 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 184322048 | Size: 215242 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[1].txt >>
RKreport[1].txt
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 34
genereux Messages postés 572 Date d'inscription   Statut Membre Dernière intervention   38
 
Voila rapport apres suppression :

RogueKiller V7.3.3 [22/04/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com

Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur: Mister G [Droits d'admin]
Mode: Suppression -- Date: 29/04/2012 18:59:03

¤¤¤ Processus malicieux: 0 ¤¤¤

¤¤¤ Entrees de registre: 6 ¤¤¤
[BLACKLIST DLL] HKCU\[...]\Run : {981E21D5-C93E-43e8-8D8B-10AEFF84A564} (C:\Windows\system32\rundll32.exe "C:\Users\Public\{981E21D5-C93E-43e8-8D8B-10AEFF84A564}.dll",AppStartup UserRun) -> DELETED
[BLACKLIST DLL] HKLM\[...]\RunOnceEx : (C:\Windows\System32\rundll32.exe C:\Windows\System32\iernonce.dll,RunOnceExProcess) -> DELETED
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver: [CHARGE] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤


¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HD320KJ ATA Device +++++
--- User ---
[MBR] 8cd8e6afe7cf9d18d3e6f89f1851d2a0
[BSP] ba9c58702be0d309365494c5b8fb2b98 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 89900 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 184322048 | Size: 215242 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
0
Réponse 6 / 34
Utilisateur anonyme
 
super,

on va voir les entrailles de ton pc !

* Télécharge ZHPDiag sur ton bureau :


https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
ou
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
ou
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/

* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.

/!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »

* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur Cjoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :


https://www.cjoint.com/ => https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers

ou :
http://dl.free.fr
ou :
http://ww38.toofiles.com/fr/documents-upload.html
ou :
https://www.terafiles.net/


tuto zhpdiag :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html



0
Réponse 7 / 34
genereux Messages postés 572 Date d'inscription   Statut Membre Dernière intervention   38
 
Voila pour zhpdiag :

Rapport de ZHPDiag v1.30.17 par Nicolas Coolman, Update du 25/04/2012
Run by Mister G at 29/04/2012 19:21:06
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Web site : http://nicolascoolman.skyrock.com/
State : Version à jour.


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 4.0.1 v4.0.1
GCIE: Google Chrome v18.0.1025.162 (Defaut)

---\\ Windows Product Information
~ Langage: Français
Windows 7 Ultimate Edition, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : Absent (Not found)
Windows ID Activation : Inconnue (Unknown)
Windows Licence : Inconnue (Unknown)
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3070 MB (53% free)
System Restore: Activé (Enable)
System drive C: has 46 GB (51%) free of 88 GB

---\\ Logged in mode
~ Computer Name: MISTERG-PC
~ User Name: Mister G
~ All Users Names: Mister G, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Mister G\AppData\Roaming\
~ %Desktop% : C:\Users\Mister G\Desktop\
~ %Favorites% : C:\Users\Mister G\Favorites\
~ %LocalAppData% : C:\Users\Mister G\AppData\Local\
~ %StartMenu% : C:\Users\Mister G\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 46 Go of 88 Go)
D:\ CD-ROM drive (Not Inserted)
K:\ Hard drive, Flash drive, Thumb drive (Free 36 Go of 210 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.44465367256D1C72B58F5ABAA19E7016] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.28/02/2012 - 02:11:07.) -- C:\Windows\System32\wininet.dll [1127424]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 13:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.81189C3D7763838E55C397759D49007A] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 06:39:00.) -- C:\Windows\system32\Drivers\ntfs.sys [1211264]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 11:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : Non accessible (Not found)
~ Mes musiques (My Musics) : 22/624
~ Mes Videos (My Videos) : Non accessible (Not found)
~ Mes Favoris (My Favorites) : 2/53
~ Mes Documents (My Documents) : 4/45
~ Mon Bureau (My Desktop) : 1/34
~ Menu demarrer (Programs) : 8/68
~ Scan Hidden Files in 00mn 01s



---\\ Processus lancés
[MD5.2B3459B11CC3D9049D6C621F3D8B07E7] - (.Yuna Software - Messenger Plus! 5.) -- C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe [801792] [PID.2068]
[MD5.255E405D801CF01247390F38F92D8042] - (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe [17408] [PID.1692]
[MD5.5160FEBEAF60D2BC722C626EB8A80DB1] - (.Blabbers Communications LTD - Browser Companion Helper.) -- C:\Program Files\BrowserCompanion\BCHelper.exe [182576] [PID.4060]
[MD5.F15E6014E812A5E2CD469FCF5682C0E1] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe [296056] [PID.1696]
[MD5.5B969E6B43516628EFFA848EDCA31437] - (.FSPro Labs - My Lockbox.) -- C:\Program Files\My Lockbox\mylbx.exe [2138944] [PID.696]
[MD5.7746FF4871C7EE3C169D19B424A47710] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421736] [PID.1072]
[MD5.98A078F838A70F84E1BD490D7C7675F4] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696] [PID.3916]
[MD5.E98EA7471918E1987075815DC4C61001] - (.Yahoo! Inc. - Yahoo! Widgets.) -- C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe [4742184] [PID.3952]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ystem32\rundll32.exe [0] [PID.3920]
[MD5.D4605936921385CC8B8D69E60C87D5E3] - (.Advanced Micro Devices, Inc. - Load MMdriver application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe [49664] [PID.1868]
[MD5.904E13BA41AF2E353A32CF351CA53639] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [748336] [PID.2640]
[MD5.25413EF2A35590CD7FF13D2BBE5D1152] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_233_ActiveX.exe [353440] [PID.156]
[MD5.B4DAFB3C1E8D616761167F93065223C8] - (...) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [4509184] [PID.5532]
~ Scan Processes Running in 00mn 03s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Mister G\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Mister G\AppData\Roaming\Mozilla\Firefox\Profiles\u6wiuo0m.default\prefs.js
M3 - MFPP: Plugins - [Mister G] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Mister G] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Mister G] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Mister G] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Mister G] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Mister G] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Mister G] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Mister G - u6wiuo0m.default] https://fr.ask.com/
M2 - MFEP: prefs.js [Mister G - u6wiuo0m.default\bbrs_002@blabbers.com] [] Browser Companion Helper v1.0.5 (.Ginyas.)
P2 - FPN:Firefox Plugin Navigator . (.BitComet - BitCometAgent v1.27 for Firefox.) -- C:\Program Files\Mozilla Firefox\Plugins\npBitCometAgent.dll
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 15.0.0.198.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_31 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.1.10111.0.) -- C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3555.0308] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@pandasecurity.com/activescan] - (.Panda Security, S.L. - Panda ActiveScan 2.0 Plugin for Firefox.) -- C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=15.0.0.198] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- c:\program files\real\realplayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=15.0.0.198] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- c:\program files\real\realplayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprpchromebrowserrecordext;version=15.0.0.198] - (.RealNetworks, Inc. - RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserre
P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=15.0.0.198] - (.RealNetworks, Inc. - RealPlayer(tm) HTML5VideoShim Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=15.0.0.198] - (.RealNetworks, Inc. - 15.0.0.198.) -- c:\program files\real\realplayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKLM] [yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1] - (.Yahoo! Inc. - Yahoo! activeX Plug-in Bridge.) -- C:\Program Files\Yahoo!\Common\npyaxmpb.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Mister G\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Mister G\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
~ Scan Firefox Browser in 00mn 01s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 0



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} . (.Pas de propriétaire - Browser Companion Helper plug-in.) -- C:\Program Files\BrowserCompanion\jsloader.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} . (.Pas de propriétaire - Browser Companion Helper Verifier.) -- C:\Program Files\BrowserCompanion\updatebhoWin32.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} . (...) -- (.not file.)
~ Scan Toolbar in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [PlusService] . (.Yuna Software - Messenger Plus! 5.) -- C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [UnlockerAssistant] . (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe
O4 - HKLM\..\Run: [Browser companion helper] . (.Blabbers Communications LTD - Browser Companion Helper.) -- C:\Program Files\BrowserCompanion\BCHelper.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- c:\program files\real\realplayer\Update\realsched.exe
O4 - HKLM\..\Run: [mylbx] . (.FSPro Labs - My Lockbox.) -- C:\Program Files\My Lockbox\mylbx.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exeARQBNAEIAUgA"&"inst=NwA2AC0ANwAwADgANQAxADYANgAyADAALQBEADMAOAAxAEwAKwA1AC0AWABPADMANgArADEALQBQAEwAKwA5AC0ATgAxAEQAKwAxAC0ARABEAFQAKwAwAC0ASQA5ADAAKwAxAA"&"prod=54"&"ver=9.0.894
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Mister G\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-2551552227-4109404659-750056129-1001\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Mister G\AppData\Local\Google\Update\GoogleUpdate.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Mister G\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Mister G\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\adsl TV.lnk . (.adsl TV / FM.) -- C:\Program Files\adslTV\adsltv.exe
O4 - Global Startup: C:\Users\Mister G\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk . (.LIGHTNING UK!.) -- C:\Program Files\ImgBurn\ImgBurn.exe
O4 - Global Startup: C:\Users\Mister G\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Mister G\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url . (.Microsoft Corporation.) -- C:\Users\Mister G\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
O4 - Global Startup: C:\Users\Mister G\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk . (.BitTorrent, Inc..) -- C:\Program Files\uTorrent\uTorrent.exe
~ Scan Global Startup in 00mn 03s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files\MIF5BA~1\Office12\EXCEL.exe
O8 - Extra context menu item: Free YouTube Download . (...) -- C:\Users\Mister G\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter . (...) -- C:\Users\Mister G\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
~ Scan IE Menu Contextuel in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companion
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro
O9 - Extra button: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Uninstall BitDefender Online Scanner - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000009\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://www.ma-config.com/plugins/MaConfig_5_1_2_0.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Scan Objets ActiveX in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{9A083B65-5A7F-42D8-92D5-80D5EE0E416F}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{C6506900-2273-4D2C-9755-F64B7A68F1B5}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{9A083B65-5A7F-42D8-92D5-80D5EE0E416F}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{C6506900-2273-4D2C-9755-F64B7A68F1B5}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{9A083B65-5A7F-42D8-92D5-80D5EE0E416F}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{C6506900-2273-4D2C-9755-F64B7A68F1B5}: DhcpNameServer = 192.168.1.254
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} . (.Blabbers Communications Ltd - Blabbers data protacol for IE w/c.) -- C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} . (.Blabbers Communications Ltd - Blabbers data protacol for IE w/c.) -- C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} . (.Blabbers Communications Ltd - Blabbers data protacol for IE w/c.) -- C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll
~ Scan Protocole Additionnel in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: devolo Network Service (DevoloNetworkService) . (.devolo AG - devolo Network Service.) - C:\Program Files\devolo\dlan\devolonetsvc.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: C:\Program Files\Nero\Update\NASvc.exe (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: TeamViewer 6 (TeamViewer6) . (.TeamViewer GmbH - TeamViewer Remote Control Application.) - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
~ Scan Services in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2551552227-4109404659-750056129-1001Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2551552227-4109404659-750056129-1001UA.job
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-2551552227-4109404659-750056129-1001Core] (.Google Inc..) -- C:\Users\Mister G\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-2551552227-4109404659-750056129-1001UA] (.Google Inc..) -- C:\Users\Mister G\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.6CB49F640C31D8C27629B606E4EB1490] [APT] [RealCreateProcessScheduledTask2869045S-1-5-21-2551552227-4109404659-750056129-1001] (.RealNetworks, Inc..) -- c:\program files\real\realplayer\realplay.exe
[MD5.C10C57F42042781B9CE4F0F492B1D5C2] [APT] [RealUpgradeLogonTaskS-1-5-21-2551552227-4109404659-750056129-1001] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
[MD5.C10C57F42042781B9CE4F0F492B1D5C2] [APT] [RealUpgradeScheduledTaskS-1-5-21-2551552227-4109404659-750056129-1001] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
[MD5.00000000000000000000000000000000] [APT] [{548E9AC6-BD1B-4A75-95B0-3639B3375CFA}] (...) -- C:\Users\Mister G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\03MVGSJM\yahoo_installer[1].exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{6F20E992-D429-4914-8479-419D76E7122D}] (...) -- C:\Program Files\Skype\Phone\Skype.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{7CD35B85-F814-4A23-88DE-468E8434D84F}] (...) -- E:\Prog\eye toy\setup.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{9EFDD3EF-7B63-4407-9125-49600CA06079}] (...) -- D:\InstallerDartyBoxTHD.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{DA95BCD8-BF8B-45C0-BD1C-D91F0C0A59DD}] (...) -- C:\Users\Mister G\Desktop\Nod32 keygen\Nod32 keygen.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{E4A035BD-0FA4-4BE7-92C3-CE7E5C0563EE}] (...) -- C:\Users\Mister G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ORI2FROU\PB.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{F572466C-DF77-429A-AE57-BA65D3F45380}] (...) -- C:\Users\Mister G\Desktop\emule_emule_0.50a_francais_10876.exe (.not file.)
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 03s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player.) -- C:\Windows\System32\wmp.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Shockwave Flash Object - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 11.2 r202.) -- C:\Windows\system32\Macromed\Flash\Flash32_11_2_202_233.ocx
~ Scan Active Setup in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (MpKslf1e5a7e5) . (.Microsoft Corporation - KSLDriver.) - c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C9938225-D900-4F99-A887-25E0894CDEE4}\MpKslf1e5a7e5.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vpcnfltr) . (.Microsoft Corporation - Virtual PC Network Filter Driver.) - C:\Windows\System32\DRIVERS\vpcnfltr.sys
O41 - Driver: C:\Windows\System32\drivers\vpcvmm.sys (vpcvmm) . (.Microsoft Corporation - Moniteur d'ordinateur virtuel Virtual PC.) - C:\Windows\System32\drivers\vpcvmm.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 4.65 - (.Pas de propriétaire.) [HKLM] -- 7-Zip
O42 - Logiciel: AMCap - (.Noël Danjou.) [HKLM] -- AMCap
O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM] -- {A25FF1C0-80B6-4B8B-A551-DC525697A408}
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM] -- {A82B4C95-7E11-2367-6DD3-89CD06D2DD05}
O42 - Logiciel: AMD Drag and Drop Transcoding - (.ATI Technologies Inc..) [HKLM] -- {A81D3EB9-20E6-A6E3-2537-26964CE91417}
O42 - Logiciel: AMD Media Foundation Decoders - (.Advanced Micro Devices, Inc..) [HKLM] -- {C5B09388-4614-A43E-9835-1D362E26A22C}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {AFF7E080-1974-45BF-9310-10DE1A1F5ED0}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.4.6 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
O42 - Logiciel: Adobe SVG Viewer 3.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe SVG Viewer
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {EB879750-CCBD-4013-BFD5-0294D4DA5BD0}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {EFC04D3F-A152-47E7-8517-EE0F6201AFEF}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Audacity - (.audacity.sourceforge.net.) [HKLM] -- Audacity_is1
O42 - Logiciel: AutoWebCam - (.Pas de propriétaire.) [HKLM] -- AutoWebCam
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B}
O42 - Logiciel: BrowserCompanion - (.Pas de propriétaire.) [HKLM] -- BrowserCompanion
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {19A492A0-888F-44A0-9B21-D91700763F62}
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}
O42 - Logiciel: D-Link VGA Webcam - (.Pas de propriétaire.) [HKLM] -- D-Link VGA Webcam
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: ESET Online Scanner v3 - (.Pas de propriétaire.) [HKLM] -- ESET Online Scanner
O42 - Logiciel: FormatFactory 2.50 - (.Free Time.) [HKLM] -- FormatFactory
O42 - Logiciel: Free Studio version 5.0.2 - (.DVDVideoSoft Limited..) [HKLM] -- Free Studio_is1
O42 - Logiciel: GIF Movie Gear 4.2.3 - (.gamani productions.) [HKLM] -- GIF Movie Gear_is1
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome
O42 - Logiciel: High-Definition Video Playback 10 - (.Nero AG.) [HKLM] -- {237CCB62-8454-43E3-B158-3ACD0134852E}
O42 - Logiciel: ImgBurn - (.LIGHTNING UK!.) [HKLM] -- ImgBurn
O42 - Logiciel: JDownloader - (.AppWork UG (haftungsbeschränkt).) [HKLM] -- JDownloader
O42 - Logiciel: Java(TM) 6 Update 31 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216031FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: MSN Pictures Displayer 4.7 - (.Sébastien BEGOUIN.) [HKLM] -- MSN Pictures Displayer
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {E59DE072-ABE6-49E3-9115-3E18B2B47B01}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Messenger Plus! 5 - (.Yuna Software.) [HKLM] -- Messenger Plus!
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}
O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM] -- {F2508213-9989-4E85-A078-72BE483917EF}
O42 - Logiciel: Microsoft Games for Windows Marketplace - (.Microsoft Corporation.) [HKLM] -- {4CB0307C-565E-4441-86BE-0DF2E4FB828C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95140000-007A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Primary Interoperability Assemblies 2005 - (.Microsoft Corporation.) [HKLM] -- {D24DB8B9-BB6C-4334-9619-BA1C650E13D3}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {0F842B77-56EA-4AAF-8295-81A022350B5E}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {50779A29-834E-4E36-BBEB-B7CABC67A825}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
O42 - Logiciel: Mozilla Firefox 4.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0.1 (x86 fr)
O42 - Logiciel: My Lockbox 2.7.7 Christmas Edition - (.Pas de propriétaire.) [HKLM] -- My Lockbox_is1
O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: Nero 10 Menu TemplatePack Basic - (.Nero AG.) [HKLM] -- {63AA3EAB-23BB-48B2-9AD0-44F878075604}
O42 - Logiciel: Nero 10 Movie ThemePack Basic - (.Nero AG.) [HKLM] -- {F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}
O42 - Logiciel: Nero BackItUp 10 Help (CHM) - (.Nero AG.) [HKLM] -- {08C8666B-C502-4AB3-B4CB-D74AC42D14FE}
O42 - Logiciel: Nero BurnRights 10 - (.Nero AG.) [HKLM] -- {943CFD7D-5336-47AF-9418-E02473A5A517}
O42 - Logiciel: Nero BurnRights 10 Help (CHM) - (.Nero AG.) [HKLM] -- {555868C6-49FB-484F-BB43-8980651A1B00}
O42 - Logiciel: Nero Burning ROM 10 - (.Nero AG.) [HKLM] -- {7A5D731D-B4B3-490E-B339-75685712BAAB}
O42 - Logiciel: Nero BurningROM 10 Help (CHM) - (.Nero AG.) [HKLM] -- {9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}
O42 - Logiciel: Nero Control Center 10 - (.Nero AG.) [HKLM] -- {6DFB899F-17A2-48F0-A533-ED8D6866CF38}
O42 - Logiciel: Nero ControlCenter 10 Help (CHM) - (.Nero AG.) [HKLM] -- {523B2B1B-D8DB-4B41-90FF-C4D799E2758A}
O42 - Logiciel: Nero Core Components 10 - (.Nero AG.) [HKLM] -- {2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}
O42 - Logiciel: Nero CoverDesigner 10 - (.Nero AG.) [HKLM] -- {FCF00A6E-FB58-477A-ABE9-232907105521}
O42 - Logiciel: Nero CoverDesigner 10 Help (CHM) - (.Nero AG.) [HKLM] -- {C3273C55-E1E4-41FF-8D69-0158090DB8D8}
O42 - Logiciel: Nero DiscCopy Gadget 10 - (.Nero AG.) [HKLM] -- {92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}
O42 - Logiciel: Nero DiscCopyGadget 10 Help (CHM) - (.Nero AG.) [HKLM] -- {5F548A02-80BC-404D-BAE6-F05F9BF6B449}
O42 - Logiciel: Nero DiscSpeed 10 - (.Nero AG.) [HKLM] -- {34490F4E-48D0-492E-8249-B48BECF0537C}
O42 - Logiciel: Nero DiscSpeed 10 Help (CHM) - (.Nero AG.) [HKLM] -- {C18A0418-442A-4186-AF98-D08F5054A2FC}
O42 - Logiciel: Nero Dolby Files 10 - (.Nero AG.) [HKLM] -- {C3580AC4-C827-4332-B935-9A282ED5BB97}
O42 - Logiciel: Nero Express 10 - (.Nero AG.) [HKLM] -- {70550193-1C22-445C-8FA4-564E155DB1A7}
O42 - Logiciel: Nero Express 10 Help (CHM) - (.Nero AG.) [HKLM] -- {33643918-7957-4839-92C7-EA96CB621A98}
O42 - Logiciel: Nero InfoTool 10 - (.Nero AG.) [HKLM] -- {F412B4AF-388C-4FF5-9B2F-33DB1C536953}
O42 - Logiciel: Nero InfoTool 10 Help (CHM) - (.Nero AG.) [HKLM] -- {66049135-9659-4AAD-9169-9CCA269EBB3E}
O42 - Logiciel: Nero MediaHub 10 - (.Nero AG.) [HKLM] -- {1F7FB68F-52F6-46A3-B42F-38CE46295AE5}
O42 - Logiciel: Nero MediaHub 10 Help (CHM) - (.Nero AG.) [HKLM] -- {F467862A-D9CA-47ED-8D81-B4B3C9399272}
O42 - Logiciel: Nero Multimedia Suite 10 - (.Nero AG.) [HKLM] -- {277C1559-4CF7-44FF-8D07-98AA9C13AABD}
O42 - Logiciel: Nero Recode 10 - (.Nero AG.) [HKLM] -- {8ECEC853-5C3D-4B10-B5C7-FF11FF724807}
O42 - Logiciel: Nero Recode 10 Help (CHM) - (.Nero AG.) [HKLM] -- {DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}
O42 - Logiciel: Nero RescueAgent 10 - (.Nero AG.) [HKLM] -- {E337E787-CF61-4B7B-B84F-509202A54023}
O42 - Logiciel: Nero RescueAgent 10 Help (CHM) - (.Nero AG.) [HKLM] -- {92E25238-61A3-4ACD-A407-3C480EEF47A7}
O42 - Logiciel: Nero SoundTrax 10 - (.Nero AG.) [HKLM] -- {E1EE5339-5D32-458F-BAAB-B19F6301BCE2}
O42 - Logiciel: Nero SoundTrax 10 Help (CHM) - (.Nero AG.) [HKLM] -- {16987E99-C95C-4513-9239-7B44A0A71DB5}
O42 - Logiciel: Nero StartSmart 10 - (.Nero AG.) [HKLM] -- {F61D489E-6C44-49AC-AD02-7DA8ACA73A65}
O42 - Logiciel: Nero StartSmart 10 Help (CHM) - (.Nero AG.) [HKLM] -- {F6117F9C-ADB5-4590-9BE4-12C7B
0
Réponse 8 / 34
genereux Messages postés 572 Date d'inscription   Statut Membre Dernière intervention   38
 
Bon j'ai encore un virus ou pas?
0
Réponse 9 / 34
Utilisateur anonyme
 
le rapport n'est pas complet,

il est trop long et ça ne passe pas sir le forum d'ou ma demande de l'héberger sur Cjoint !


* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur Cjoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :


https://www.cjoint.com/ => https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers


0
Réponse 10 / 34
genereux Messages postés 572 Date d'inscription   Statut Membre Dernière intervention   38
 
Salut

En faite apres avoir fait tout c'que tu m'as demande je refait une analyse la et j'ai 2 virus win32 cheval de troie!
0
Réponse 11 / 34
Utilisateur anonyme
 
bonjour,

pour le moment, je n'ai pas eu de rapport de zhpdiag pour voir ce qu'il a ton pc !


envoie moi le rapport complet de zhpdiag et je te dirais ce qu'il reste à faire :D

https://forums.commentcamarche.net/forum/affich-25064304-cheval-de-troie#18

0
genereux Messages postés 572 Date d'inscription   Statut Membre Dernière intervention   38
 
Je fais ca des que possible et je poste
0
Réponse 12 / 34
genereux Messages postés 572 Date d'inscription   Statut Membre Dernière intervention   38
 
Voila pour le lien ZHP : https://www.cjoint.com/?BDEnQSEQmrI
0
Réponse 13 / 34
Utilisateur anonyme
 
tu as une version dite "non officielle" de window !


installe la version 10 X de Adobe depuis son site dédié, avant l'installation, décoche la barre goole :

https://get2.adobe.com/fr/reader/otherversions/



attention au P2P !





* Lance ZHPFix via le raccourci sur ton Bureau



Clique sur l'icone représentant la lettre H (« coller les lignes Helper »)


ouvre ce document et fais un copier coller de la totalité du contenu, dans la fenêtre de zhpfix :

https://www.cjoint.com/?BDEofilTbUa


----------------------------------------------------------

- Clique sur le bouton « GO » pour lancer le nettoyage,
- Copie/colle la totalité du rapport dans ta prochaine réponse
Tuto :

http://www.premiumorange.com/zeb-help-process/zhpfix.html












tu as déjà MBAM sur ton pc,

lance le,


. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
. Une fois la mise à jour terminé
. rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, cliques sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. rends toi dans l'onglet rapport/log
. tu cliques dessus pour l'afficher une fois affiché
. tu cliques sur edition en haut du boc notes,et puis sur sélectionner tous
. tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. Tu cliques droit dans le cadre de la réponse et coller
. À la fin du scan, il se peut que MBAM ait besoin de redémarrer le pc pour finaliser la suppression, donc pas de panique, redémarre ton pc !!!

Si tu as besoin d'aide regarde ce tutoriel :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/


0
Réponse 14 / 34
genereux Messages postés 572 Date d'inscription   Statut Membre Dernière intervention   38
 
Ok je vais le faire mais peut etre pas la peine d'ecrire que j'ai une version non officiel de windows.

Alors c'est quoi ce virus que j'ai?
0
Réponse 15 / 34
Utilisateur anonyme
 
Ok je vais le faire mais peut etre pas la peine d'ecrire que j'ai une version non officiel de windows.



justement, je te dis ou s'en est ton pc, puisque tu me le demandes :D


Alors c'est quoi ce virus que j'ai?


une infection que tu as choppé via P2P + une faille de sécurité pour Adobe qui n'était pas à jour + quelques adwares !



rien de bien méchant, ais plus tu en sais, mieux c'est :D


tu ne feras (j'espère) pas la même erreur 2 fois :D


0
Réponse 16 / 34
genereux Messages postés 572 Date d'inscription   Statut Membre Dernière intervention   38
 
Dit comme ca c'est mieux merci !! Je fais ca et je post! Jaimerai aussi apprendre a lire les logs
0
Réponse 17 / 34
Utilisateur anonyme
 
voilà ce qu'il y avait à dire est dit :D



j'attends les rapports de zhpfix et MBAM :

https://forums.commentcamarche.net/forum/affich-25064304-cheval-de-troie#23
0
Réponse 18 / 34
genereux Messages postés 572 Date d'inscription   Statut Membre Dernière intervention   38
 
Rapport ZHPFIX :

Rapport de ZHPFix 1.12.3372 par Nicolas Coolman, Update du 22/11/2011
Fichier d'export Registre :
Run by Mister G at 30/04/2012 14:43:58
Windows 7 Ultimate Edition, 32-bit Service Pack 1 (Build 7601)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Logiciel(s) ==========
ABSENT Uninstall Process: c:\program files\eset\eset online scanner\onlinescanneruninstaller.exe
ABSENT Uninstall Process: c:\program files\panda security\activescan 2.0\as2uninst.exe

========== Processus mémoire ==========
SUPPRIME Memory Process: C:\Users\Mister G\AppData\Local\Temp\a529dd60.exe

========== Clé(s) du Registre ==========
SUPPRIME [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ESET Online Scanner]
SUPPRIME Key: Mozilla Plugin: @pandasecurity.com/activescan
SUPPRIME Key: HKCU\Software\ESET
SUPPRIME Key: HKLM\Software\Eset
SUPPRIME Key: HKLM\Software\Panda Software
SUPPRIME Key: HKCU\Software\AppDataLow\Software\Conduit
SUPPRIME Key*: SearchScopes :{afdbddaa-5d3f-42ee-b79c-185a7020515b}
ABSENT SearchScopes :{afdbddaa-5d3f-42ee-b79c-185a7020515b}
SUPPRIME Key: HKCU\Software\OfferBox
SUPPRIME Key: HKLM\Software\Classes\Toolbar.CT2544287
ABSENT Key: HKCU\Software\OfferBox
SUPPRIME Key: HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}

========== Valeur(s) du Registre ==========
SUPPRIME Toolbar: {10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
SUPPRIME [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{32099aac-c132-4136-9e9a-4e364a424e17}
SUPPRIME [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440}
SUPPRIME RunValue: AvgUninstallURL
SUPPRIME RunValue: QuickTime Task
SUPPRIME RunValue: TkBellExe

========== Dossier(s) ==========
SUPPRIME Folder: C:\Program Files\ESET
SUPPRIME Folder: C:\ProgramData\avg9
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{006F90AC-8950-4CE1-AFCD-D23AEC95FE42}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{01DDCD5C-9A5E-4EC7-A690-5A7C1CF84909}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{0222B828-8453-4EC9-B244-A80B1C81A932}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{02499450-1A33-4F05-979D-22DCA4E6236E}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{0356041E-B9AF-4100-BD16-FDEBDF258AB1}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{037AE21E-0476-4281-8ACD-8539C6875891}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{0381279E-6086-4FEA-9052-7C190781B1B2}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{041E20CF-946A-480E-8396-212F78C55A58}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{0466616F-40FA-4761-AB50-2214D3F847F3}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{04F51DAE-8347-408A-9BEE-B7D698B397A1}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{05499ABE-964E-42F6-845C-683F142033AD}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{05B95D46-93C4-42D7-8499-8A1F181D8666}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{06B42033-E4EE-4486-98BB-6EC2E814C782}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{074F9201-B0F5-4B28-9204-EEE53743F28D}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{08693538-7BE3-4D8E-8152-1EF93D55EE0B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{0891C3B2-9B92-4D61-8FA6-B078A67EE627}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{0A79FD2C-4F57-4B41-9899-58FE69BA2095}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{0C4D32F6-930C-4EC8-B783-F2E3377A6E78}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{0C4FCBB9-9356-4A33-9787-7A5924FC8A31}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{0D08D473-6EBE-4B4E-A829-8E28E423C1CB}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{0E3D68FF-2865-45E6-94A9-E4EFEDF2521C}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{0EAF1F49-59CD-4787-887A-07D42805200A}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{1150C1CB-D1A1-4529-B2E7-92947EB6A37A}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{115DBEC2-FEF1-4C2A-8C42-59AC96316F41}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{11EA4D19-F21F-40EC-9A1A-1F8EEB719123}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{141980A3-4640-41A9-8DEF-091A431BD790}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{15CD6418-B0CF-4FF2-940D-C98688517497}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{17D040ED-ADBF-4714-BC43-5ACA5151CE49}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{19D1A027-1BF5-4DEB-957A-E2AA0E9F7133}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{1A2AE656-5D0E-4B64-A09C-5D785C7B2386}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{1A7ECE4A-26A6-4857-B62A-AA91246F2A69}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{1C8CB81D-7DC8-4E05-8F03-43A1BC28FA1B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{1CB71E0C-5779-405F-9C53-4797FEF7C83F}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{1CF9229C-B1A9-41BF-94C6-C0A4D8127F90}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{1D2ACF9C-769E-46D9-B0CD-FF2CCA2CB00B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{1D792DFB-01F1-4D6C-9FFE-D75DBE3BFA56}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{1E8866B3-5A86-40E2-BBCD-FB20D8BCA126}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{1EF16532-476F-4C4A-8B5A-3FB97CE48776}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{1F2396C4-3F33-40E7-B974-9F7A8920D4AE}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{1FD53CFB-FD22-4EAD-B9E1-C75EE12E23C7}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{21814218-9B67-47A7-9DBD-E5ADAD128FC7}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{218DF55B-2DD2-45A6-90D3-81F6FCC3DE9A}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{21FC9962-509B-4C28-B226-8738C4D965DA}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{22399F44-9B23-49E2-A19D-E9E38B9D9E1B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{2305986C-CAD0-4383-A8F9-80A4DCA30BAB}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{240AFF86-7C9D-433C-98A0-506E611C4A5A}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{26122298-74B2-42B4-9865-53EC3CE1BCE0}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{2950555B-BB25-4664-AE58-A6B5BDDAF8EF}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{2BE8196F-3713-4AB7-9466-CDEF402E601A}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{2C07B213-106E-42FA-A297-DC2D9E43074D}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{2D11CD7D-8999-450F-A222-0D29EB46700C}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{30942C9A-447F-4CF5-AD58-807248870A55}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{3150FF76-B52B-48E6-A502-BB111AD60237}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{31861A95-7CB1-44DA-BDDF-D087C735A3F2}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{31C5F0E7-66FF-4008-A68A-354448BFEA55}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{33615909-CAB1-4DF4-B46B-82024A306D0E}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{3598D1A9-A3A6-4188-854E-9B1C80A413E8}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{3677D9BD-6D0F-481D-B01A-78AA2209CB59}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{367DD939-D87C-4C6B-B490-43FE61F051EF}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{3867F936-E064-4761-AE93-0240058FF34B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{39B1056F-68DB-493A-A5C3-FDD31366D3C8}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{39C30283-C039-4D12-B33E-7E1BE45C39E5}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{3A141877-C93E-4D73-8A93-27073E1FCA3B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{3B85A0EB-1B86-4491-B773-B89861FA27E5}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{3BF95412-2668-4522-95EF-87CA2582C51B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{3E451905-D272-4FF8-B221-6034147225D1}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{3EFDEF29-D131-4A89-AAFD-91D518AF46F3}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{4045C613-B58D-4ADD-8CD0-A06C3340E856}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{4216A546-B83F-4A13-AA9F-54BA33B519EB}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{42608DA7-C40F-4020-9BF8-F5A711F603B2}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{42FAD6C3-CE55-4979-A4F5-4604D59A5EA9}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{45EB5506-9688-43D7-90FD-AC9442C1EBD4}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{4619DA5A-6A16-40DD-A68E-B0187438C3EB}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{461FBCBD-EEC5-4674-ACDD-8B006367449E}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{477A4AE5-4465-4206-9A0F-67578DE0C222}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{477D80C1-F551-4D60-849F-DDE7A8864740}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{487EFD2E-B079-48FD-96AB-83B43A228D55}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{48820A14-8E8E-45C9-900A-C1530BDDE4FD}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{48864D2E-CF54-42AF-ADA6-5BA94A1F454B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{48C5F50D-75D4-4F99-A70E-335F5FBFBD44}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{491E6879-EBB3-4637-BB16-8EDC94F0F8E6}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{49DC8B49-4D8F-4244-ABDE-DAA32F626613}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{4B6C938F-164F-42FF-A49D-57A4FB732F0D}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{5228C6CC-B5DE-47FD-BAA7-F6160DF31EE8}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{52B80CB9-87E6-4BC1-9A34-C7CB563450FB}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{52E8E931-708B-4C8E-B86E-D61C68BAAFD1}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{54E8A5D2-B820-4485-9735-5E8D000BB053}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{551C54A8-A3FF-4EFC-9FBC-56B193CBFB7B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{5532E717-EB23-4ED1-8242-2338A55F612B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{55507766-9FAB-4342-B36C-5B02B348ABDE}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{55719890-1A67-4D1F-A8BB-5DA8CE74652A}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{55D42242-30B3-45BF-AE77-7CBDDE6780A8}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{566E6305-AA53-4989-A51C-B5EDAB519D09}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{569C32B5-623F-4178-AF70-E285F1D8AA3A}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{577DBDE0-04EB-4835-965F-76B60FBB7671}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{59B39AAD-69CD-42F2-A19D-F0773D8C18A7}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{5A0D915B-33E3-4343-9D6C-4DEFB680509D}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{5A68E2E4-07ED-4190-9125-C4BB4BDE2409}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{5B94ABD7-8CB0-4C0D-A1C9-FA86B57DD96A}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{5BC9A960-4BC5-40A8-8820-5E2140F9A8E0}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{5BF57891-B243-4CB7-8BFB-55C4CB606CAC}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{5C328CA2-D821-4B16-B5EF-8102A444E6D0}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{5C83DA33-1274-434B-A5C2-33C3D55528D5}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{5CAE3BEC-142A-4FF0-B161-C47AFB6A2496}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{5EC23C5B-55AA-4D5E-A708-6A5C5ABDBD30}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{5EF5795E-38B8-424E-95B8-2792FACD4352}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{5F256470-53E8-4389-9F53-CBC67286F6DD}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{5F354FEE-315C-4430-848F-FC364A10C84D}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{6098245F-F806-48FA-9772-ACAECFFAA011}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{61594A29-AAC7-447F-A831-3D6D983B5046}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{619DC9C7-ABC0-4E88-9E60-8CC2ADF914FA}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{61D4F069-6009-4EB0-B814-4C68BE7B7A71}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{630C026D-7A67-4EBA-8EED-A984EFD991F8}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{6479284B-6474-405A-AD4C-66078BD30B58}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{64ED6C43-18E9-489D-BA6D-BA4B351398FC}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{66F7F8A9-528F-4883-9543-08F6353572AC}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{6807BAF7-9C51-466F-BA99-E9857667AF8D}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{68252A34-3B27-4737-B2DC-D7941C247CDF}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{6840521D-D067-4BF8-903E-8AADD3F4F6CD}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{68F4C4E4-AF95-4D68-AF92-D83F4589B92B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{6A4530B6-931D-47DE-96ED-3342D5E7BBF2}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{6ACD435B-2882-4D68-9AEA-8B3D714507DB}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{6AE62DBD-875D-445B-A89F-97A8FB1CBAD2}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{6C744408-BA16-4EA8-B5DF-AF892125B079}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{6ED906B0-E3B9-4338-9B82-64C746FC23FB}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{70045578-D630-4889-A91D-7895E039CAED}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{700DF0D8-B86F-475C-863E-F95CC7048A95}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{71A28B97-D786-465B-8D0F-48A077FC8883}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{75E53401-93FE-4BDA-B1DA-5E04163F5552}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{766F8A88-2532-4BA5-808D-AF088B2448A9}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{782809DF-3668-4567-9C0E-2C190D481144}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{7853DC13-D95D-41F2-ADB7-CF1AF71044A1}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{79873A4D-E1A0-40E7-B21D-4986E0994506}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{79C976B0-2BBD-4A6C-BE08-E1B573624804}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{7A0E972C-F2A4-4DA6-AD4B-EB0F026CF93B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{7A20BEB0-4A60-409C-AA5A-6CE97AFA38BF}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{7A3D6F11-884B-41B7-BE81-691E77F1BDF8}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{7AD8E719-B676-4095-956C-D765782848CB}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{7B64C22E-5126-49ED-A51E-3DDF3AF51E85}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{7CDC6144-CBCD-4569-8E1E-2858A928CDAF}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{7D408175-90CE-4CFF-92FF-69966D923D6E}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{7E0D1C09-3A25-48B4-AE89-D798AD3703BF}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{7EDA7B24-F650-4B50-918A-0DA101A0BC28}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{7FAF8932-0ACC-4192-8152-FC415FB8427A}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{8135A5E6-372D-445E-8B04-6CEA926B6AC8}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{82106CE9-24C8-450B-990F-61A482DEE4D6}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{82C1B591-5A64-4537-A76D-BFE603A17F1E}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{84B2A3F8-8DAA-4701-8D5D-BDE38F294971}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{8512959F-6FD5-4644-ABA5-05FA73775EFC}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{858D9CD1-8A01-45B4-A71E-27A50F85C5F2}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{862B471A-D146-42AC-8A6A-A559DDC38C39}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{8649B8E9-79FB-4EDF-9E57-83BF455324B5}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{865F98FE-564C-4C94-801A-BDFA2D8C567D}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{8A0D79CB-9EFA-4B86-AF29-676EA31615AB}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{8A23130A-E9C8-4CD9-AB81-8AD0C0B9CA45}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{8A339BF9-C918-46B9-A898-FEFDCAD7B61E}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{8C375913-00B3-4258-A0A2-55654E15D83B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{8D1874FD-2E58-41C0-9165-0D0879D10927}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{8D75503D-7920-404C-B869-D102078A2B2B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{8E9428E1-7586-49C6-8F38-E5399E4094C4}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{8E9A72C1-8B60-4824-9E38-B2FCED1994D1}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{8EB75F6C-5DBD-4363-A899-8E42276078EF}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{8FA64879-0E89-493F-8809-E711FF9685B5}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{8FE5ACE1-311E-4701-BA66-39F9281BD5DE}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{8FE7B460-C1A9-4F92-B3FD-593BED7A8643}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{8FE80215-F8B6-47C3-9809-DF45896F5B4B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{909E0B55-6776-472B-A398-547F71DDEFF0}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{9167AE6F-C505-49E3-8319-95A42FC43561}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{9424699E-864A-4533-8B63-9EF9F60AF5D1}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{960FA81E-B9F5-4207-8F0B-BC159BE1C9AF}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{963A6CC1-DD99-4EE7-89E0-37414C0D5D4B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{963A866B-7FC4-403A-B8D1-E73272B37579}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{969F0089-AF8C-4641-B2F6-FDAF402AC673}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{96E7E0B5-B727-4A82-8E26-6DB138803F15}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{97AE3B39-F16F-42D1-9AC1-ED1ED475E152}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{983BFCA2-001B-439D-B986-06EC2C0CE6BE}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{997CA5E2-CC05-4AFC-90E4-C3767E21AC3F}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{99AC3306-D82B-4BE6-8F05-36DA4AEFEEA3}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{99DF6F91-E81F-475E-8CE4-181B9B64666F}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{9B7F4B3B-149B-4EC5-892B-3D0F6ACF9884}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{9CFCC34E-F37D-450A-AA8F-B369DE32985B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{9E7C9165-06E1-4849-A938-E16A4C3BF95B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{9E976E96-940E-4826-A324-9520B2814535}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{9F27961E-1C7D-4F52-AEB9-0A342E6FAD37}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{A3F5F140-5213-47A5-AB15-7BBCC68FDB50}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{A412A842-4082-44D5-BFE4-47F6FE53BFA4}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{A517372B-D7E4-4DEB-BA6B-357D0B600D3C}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{A529A842-9888-4FEC-936E-74FED1F5A12E}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{A7C9176C-0056-4DE4-9C31-125FF99AE4CC}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{A86C6B1D-1367-473C-8686-16A747CF9ABE}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{A88287A9-05A2-409C-B17B-7773E22B32E2}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{A8A60582-5954-41D6-83E9-FEC877C5BE2F}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{A90DC619-CBF4-4349-A314-E7715F3A920F}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{AA2A0AC7-7D99-4207-AD84-7C004DC776E7}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{AAD6B4C7-2BC6-4B33-BD4F-7DE49442B367}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{AB68E9EF-4C89-4D56-8EE7-4DBCDD05A60D}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{AC21472B-3034-41F1-97E6-6873A57FF679}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{AD718BAA-DE36-4326-B3D7-6B33099503A5}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{B04204E0-B0DC-4DCB-81DA-7D61EA641333}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{B1819A63-D28C-4264-AD24-5572426A0900}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{B211D4E8-07FF-4B88-9E42-CEC4F3945E45}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{B29A4346-F80F-4213-9F38-EAF83027FA68}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{B472EF38-4823-4C1A-ADA4-C4AC3C9D0203}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{B4AC21A8-140D-438B-8444-308C599406B9}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{B4AE54CA-5200-46DF-AC86-E51C6ABD5406}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{B4B54FF3-092B-45B1-AFF4-94AFB56EA403}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{B5A5743C-F4CB-4501-8E33-53BA1B302FC9}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{B5D6DB68-AC0A-4DA2-B328-39CAE263DECA}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{B6A19CF5-D2EC-4805-957E-B7D652E5BB13}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{B96A04BA-7783-4713-BBF0-FEE41DC5E49D}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{B9A54022-4D7D-45F7-AD77-2C04AC63A409}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{BA23FB71-48DD-49C5-AF2A-3DFC13B98BDD}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{BA6D8C51-2187-4C92-8369-515DEF74A37B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{BA7EB8B5-3202-49C9-AFC9-BA70B3D5999F}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{BB4C09A3-5332-4491-B1FF-ABCD7D0C5235}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{BB672C96-EFD8-4408-A2B1-E60D6A948B7E}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{BCA1D76E-6274-4967-859A-C5B3FCD241BD}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{BD4C98BE-05C4-42F2-B10E-D3DEB6463E6A}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{BD71BD17-B127-4E17-8545-A6CD408A47B1}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{BD8D89C5-9201-4A52-B4E5-44FFAFA35D81}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{BDE9E326-34D0-4505-B78F-8689261932AE}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{C17ACB84-A1BA-474E-BE36-90341733E80F}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{C31E0CB4-C56A-4B2C-A31B-8CAD44771800}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{C42DB994-E62D-461F-9BFC-94DBCB6E409E}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{C53A9437-B29E-4192-800A-A3EE2F8E1BF9}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{C65B6EAB-EE14-45E1-8FAA-3575DA56399C}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{C83E1DBA-E6BD-42F9-B615-A48FE2C159FB}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{C9E00593-DB5F-4053-8663-E50CC90967B7}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{CA40CE92-29A0-4670-925A-EA8CD986F048}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{CBDA6F70-4247-4A11-BFB3-C8C0D934A6C0}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{CCC625F0-2552-4E3F-A7F4-443ADE1EDF3F}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{CD7C7A37-AEB6-47AE-830B-C29EE5E2BB61}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{CDA41B69-7626-42D4-953E-4E627ACF08F8}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{CDDA2EA5-06EF-4766-B50B-70D32A253ED5}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{CE4C7D12-7E56-428C-8E2F-9EBEFE65E63F}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{CFABC59D-1CA2-4FB2-A96B-DE6219ECBA3B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{CFB3C0C0-B731-4258-A70E-EEDCE922DB84}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{D0554A0E-5836-4EEE-B64F-98FF5FC60562}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{D1611520-7FCC-419C-902F-3225D4ABB3FE}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{D1B462ED-C8EF-4FCF-AA4D-C7CA16FD7EBB}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{D380ECEE-99DC-4583-AFBB-8A426CFF0D73}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{D542E3DE-39FD-4B3B-8FC0-94656B6F1379}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{D6E21954-33E6-4D11-8E98-6D63D01B5FB6}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{D824ECD8-9752-447F-98BA-9B52D2E2EC81}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{D8E84467-803A-44E7-A6D5-D6BFB4050B34}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{D92AE269-CB24-47D0-BAAB-02F2ED72619D}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{DADD43CC-9345-4421-9A74-E7F86CB1AEFD}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{DBC2CDCC-07E0-4127-B45D-F552A70DEAFF}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{DBF5B5FC-1369-45D3-9B1A-0C812ACF03C4}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{DC3E6A67-95EB-4A7A-8197-E72F94C95DB0}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{DD1EC414-FBA1-47A0-97B0-8584CDD62399}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{DE0FC30F-6F1C-4DC7-B138-48F82B546866}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{DE80EDF0-BA46-4F4A-81C4-24F47CF0336B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{DEAC0490-8C8D-4E68-9B9F-C43025F72FAE}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{DEB063A5-1621-459D-A317-9D4E142A717F}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{DF0A1811-26DB-4E05-8FD3-B69BD8800B5B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{DF4A0E95-8548-4347-8CEF-123F582CF430}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{DFB77B9B-810D-4751-8305-A0F7393BABF4}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{DFCCC18A-1EED-40BE-A1D9-6EB97B34518B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{E0F1C982-8DC2-4A06-9D82-BF656338317E}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{E1DC3ACC-8F4B-49EB-870C-B4742D4F869D}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{E2CDEC9F-4335-48A7-B360-88C0FC232031}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{E4BF98E9-6DFE-4180-8D71-E81DBE7FC988}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{E4FC46CC-6A1A-4E81-A629-0499E72DED47}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{E5A9E503-0E4C-4896-963A-C4333F4EC21D}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{E5AED2C3-CD3F-41A4-9B66-AB5F3ACAED42}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{E5C1DA0B-47EF-4BD8-B151-F362DB1F0ED9}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{E685D0A9-6829-47BE-A256-DA119830560F}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{E6942D54-1E31-4D8B-8CF1-FEA666C63A6F}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{E7F98792-C3D1-4B0C-A66B-EC5C8E6A9419}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{E870D1EA-9267-4EFB-8F7B-C528038260D6}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{E9AF0BF0-A312-4887-94CA-7006FA0E3C8B}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{EB7CCB97-716D-4676-A9A0-23F972F3911F}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{ED3A8F01-1FED-4671-8CCE-4D174AE51907}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{ED9E1173-6008-4100-B366-7908E3EAD065}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{EE248877-ED24-407D-B6E4-8D8F28073446}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{EE9BAB69-A5D7-4D91-A9C8-DE53B85F89FB}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{EEF7E31A-E3D7-4F2D-A6FF-2E3873EC6DDC}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{F2358030-03AB-40D8-86EF-53E280929DEB}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{F28BF07B-03D3-4CA2-BB33-E58F15587568}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{F2BCEA7E-6C74-4F67-9D17-A9A39ED6D2E3}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{F309D87D-38CB-4158-9A39-1260E45583B2}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{F3287F34-7887-4691-8557-51E38D79B5D2}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{F37B4C9C-650A-4F36-AF07-71BE08701820}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{F4E2D5E0-84CA-486D-875B-E77E04B900A4}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{F5A30CC9-D210-4700-974B-9BAB5727E65F}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{F6F906B7-3D81-4736-BC8A-F154ACC03FBD}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{F7A50D0C-3EE6-498E-B903-49110A56F65E}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{F7F6E707-FA5F-4508-9904-878203898791}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{F852258E-2A91-47B2-8A3A-CBAA8D509751}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{F9678363-C9F7-4877-8D92-5C0B9F57DB75}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{FA79C047-78C7-4C84-85F1-C229A8D74C49}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{FA7FD34D-D448-492B-89AF-6584A3E3EA8E}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{FADB9D15-FB76-4CCA-ADED-2AC47FBEA405}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{FB85C0DD-FFAD-4BD2-B613-D0DBC36F213E}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{FE49346A-4E8D-47FD-94BC-17C0816EC7A0}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{FE8322B9-921D-493C-A1B5-B1CFBADA8C26}
SUPPRIME Folder: C:\Users\Mister G\AppData\Local\{FF2C8066-F1C7-43C6-AAC6-69014885613A}
SUPPRIME Folder: C:\Program Files\DAEMON Tools Toolbar
SUPPRIME Folder: c:\users\mister g\appdata\locallow\conduit
SUPPRIME Temporaires Windows: : 85

========== Fichier(s) ==========
SUPPRIME File: c:\program files\panda security\activescan 2.0\npwrapper.dll
ABSENT File: cmd.exeaakwaxaa"&"prod=54"&"ver=9.0.894
SUPPRIME File***: c:\users\mister g\appdata\local\temp\a529dd60.exe
ABSENT Folder/File: c:\program files\daemon tools toolbar
SUPPRIME Temporaires Windows: : 66


========== Récapitulatif ==========
1 : Processus mémoire
12 : Clé(s) du Registre
6 : Valeur(s) du Registre
303 : Dossier(s)
5 : Fichier(s)
2 : Logiciel(s)


End of clean in 01mn 07s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 30/04/2012 14:43:58 [29129]
0
Réponse 19 / 34
Utilisateur anonyme
 
super,

passe à MBAM :D

0
genereux Messages postés 572 Date d'inscription   Statut Membre Dernière intervention   38
 
MBAM est en cours..
0
Réponse 20 / 34
Utilisateur anonyme
 
magnifique ;-)

0

Discussions similaires

expressions francaises
bifaka -
lanonyme -

4 réponses
Cheval de troie comment le supprimer?
sonia -
^^Marie^^ -

28 réponses
virus: comment supprimer ccxprocess (virus cheval de troie)
grrlesang -
bazfile -

1 réponse
cheval dans oblivion
sernaldo53 -
sernaldo53 -

12 réponses
comment se debarasser d un cheval de troie
jennyfer1 -
MrMaDGaME -

66 réponses