kingleroideskong

bonjour sous windows 7 pro sp1, mon DD externe WD de 500 GO en usb n'est plus reconnu . Il s'est installé correctement avec le bon pilote je le vois dans la gestion des peripheriques mais on ne me propose pas la possibilité de le renommer ni meme de l'initialiser dans la gestion des disques l'initialisation me renvoie a une fenetre " fonction imcorrecte " je l'ai desactivé et meme desinstallé---> rien n'y fait help !!!!!!!!!!!!!!!!!

bonsoir premier rapport adw cleaner: # AdwCleaner v2.304 - Rapport créé le 12/07/2013 à 18:26:15 # Mis à jour le 03/07/2013 par Xplode # Système d'exploitation : Windows 7 Starter Service Pack 1 (32 bits) # Nom d'utilisateur : philippe leclercq - INVISIBLE # Mode de démarrage : Normal # Exécuté depuis : C:\Users\philippe leclercq\Desktop\adwcleaner.exe # Option [suppression] ***** [services] ***** ***** [Fichiers / Dossiers] ***** Dossier Supprimé : C:\ProgramData\Babylon Dossier Supprimé : C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpagccpapmkpfihnflfkdcbmodnagcc Dossier Supprimé : C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbgifebndpepjpjlgdikeonfmmbdebpl Dossier Supprimé : C:\Users\philippe leclercq\AppData\Local\PackageAware Dossier Supprimé : C:\Users\philippe leclercq\AppData\LocalLow\Conduit Dossier Supprimé : C:\Users\philippe leclercq\AppData\Roaming\Babylon Fichier Supprimé : C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal Fichier Supprimé : C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fbtemplate.conduitapps.com_0.localstorage-journal Fichier Supprimé : C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_images.search.conduit.com_0.localstorage-journal Fichier Supprimé : C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal Supprimé au redémarrage : C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpagccpapmkpfihnflfkdcbmodnagcc Supprimé au redémarrage : C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbgifebndpepjpjlgdikeonfmmbdebpl ***** [Registre] ***** Clé Supprimée : HKCU\Software\1ClickDownload Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\ffpagccpapmkpfihnflfkdcbmodnagcc Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\mbgifebndpepjpjlgdikeonfmmbdebpl Clé Supprimée : HKCU\Software\InstallCore Clé Supprimée : HKCU\Software\YahooPartnerToolbar Clé Supprimée : HKLM\Software\Babylon Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Clé Supprimée : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1 Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\elhjaoldnkkbifioodjndkijecdeinld Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\ffpagccpapmkpfihnflfkdcbmodnagcc Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\mbgifebndpepjpjlgdikeonfmmbdebpl Clé Supprimée : HKLM\Software\Iminent Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107} Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi ***** [Navigateurs] ***** -\\ Internet Explorer v10.0.9200.16635 [OK] Le registre ne contient aucune entrée illégitime. -\\ Google Chrome v28.0.1500.71 Fichier : C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Preferences Supprimée [l.28] : icon_url = "hxxp://search.conduit.com/fav.ico", Supprimée [l.31] : keyword = "search.conduit.com", Supprimée [l.35] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2[...] ************************* AdwCleaner[s1].txt - [7105 octets] - [15/08/2012 18:40:28] AdwCleaner[s2].txt - [1019 octets] - [18/08/2012 09:39:21] AdwCleaner[s3].txt - [4605 octets] - [12/07/2013 18:26:15] ########## EOF - C:\AdwCleaner[s3].txt - [4665 octets] ########## deuxieme rapport JRT: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.0.7 (07.11.2013:1) OS: Windows 7 Starter x86 Ran by philippe leclercq on 12/07/2013 at 18:41:51,52 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasmancs ~~~ Files Successfully deleted: [File] C:\eula.1028.txt Successfully deleted: [File] C:\eula.1031.txt Successfully deleted: [File] C:\eula.1033.txt Successfully deleted: [File] C:\eula.1036.txt Successfully deleted: [File] C:\eula.1040.txt Successfully deleted: [File] C:\eula.1041.txt Successfully deleted: [File] C:\eula.1042.txt Successfully deleted: [File] C:\eula.2052.txt Successfully deleted: [File] C:\install.res.1028.dll Successfully deleted: [File] C:\install.res.1031.dll Successfully deleted: [File] C:\install.res.1033.dll Successfully deleted: [File] C:\install.res.1036.dll Successfully deleted: [File] C:\install.res.1040.dll Successfully deleted: [File] C:\install.res.1041.dll Successfully deleted: [File] C:\install.res.1042.dll Successfully deleted: [File] C:\install.res.2052.dll Successfully deleted: [File] C:\install.res.3082.dll ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 12/07/2013 at 18:48:24,94 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ troisieme rapport ZHP Diag : Rapport de ZHPDiag v2013.7.5.7 par Nicolas Coolman, Update du 05/07/2013 Run by philippe leclercq at 12/07/2013 18:54:50 WebSite: Home - Malicius Software Information State : Problème connexion internet WhiteList : Disable High Elevated Privileges : OK UAC : Deactivate by program ---\\ Web Browser MSIE: Internet Explorer v10.0.9200.16635 GCIE: Google Chrome v28.0.1500.71 (Defaut) ---\\ Windows Product Information ~ Langage: Français Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows® 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : YCJVG Windows License : OK ~ Windows Remaining Initializations Number : 2 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System Protection Avira AntiVir Personal - Free Antivirus Malwarebytes Anti-Malware version 1.65.1.1000 Windows Defender W7 ---\\ System Optimizer CCleaner v3.14 =>Piriform Ltd ---\\ Peer To Peer (P2P) µTorrent v3.1.2 =>P2P.µTorrent ---\\ Software Update Adobe Flash Player 11 Plugin Java 7 Update 21 ---\\ System Information ~ Processor: x86 Family 6 Model 28 Stepping 10, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 1014 MB (21% free) System Restore: Activé (Enable) System drive C: has 2 GB (2%) free of 80 GB ---\\ Logged in mode ~ Computer Name: INVISIBLE ~ User Name: philippe leclercq ~ All Users Names: philippe leclercq, Administrateur, ~ Unselected Option: O45,O61 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\philippe leclercq\AppData\Roaming\ ~ %Desktop% : C:\Users\philippe leclercq\Desktop\ ~ %Favorites% : C:\Users\philippe leclercq\Favorites\ ~ %LocalAppData% : C:\Users\philippe leclercq\AppData\Local\ ~ %StartMenu% : C:\Users\philippe leclercq\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 80 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 44 Go of 54 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: 34 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256] [MD5.9BF7C7654EFD098EE3A27B49492A382A] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.12/06/2013 - 00:43:37.) -- C:\Windows\System32\wininet.dll [1767936] [MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 13:17:54.) -- C:\Windows\System32\Winlogon.exe [286720] [MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536] [MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944] [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584] [MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656] [MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544] [MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336] [MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544] [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896] [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888] [MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904] [MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904] [MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 14:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752] [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360] [MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848] [MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168] [MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752] [MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632] ~ Generic Processes: Scanned in 00mn 02s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/2319 ~ Mes musiques (My Musics) : 1/3037 ~ Mes Videos (My Videos) : 1/192 ~ Mes Favoris (My Favorites) : 1/52 ~ Mes Documents (My Documents) : 2/46 ~ Mon Bureau (My Desktop) : 3/205 ~ Menu demarrer (Programs) : 1/30 ~ Hidden Files: Scanned in 00mn 28s ---\\ Processus lancés [MD5.8F5CFA5A497DB84ED792614BAC2D5AE0] - (.Check Point Software Technologies LTD - TrueVector Service.) -- C:\Windows\System32\ZoneLabs\vsmon.exe [2437176] [PID.1216] [MD5.0BA966FD5349BDF9895F40C045A7C7EC] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848] [PID.1916] [MD5.13B671D7253F29DA148569288CECF74B] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592] [PID.1932] [MD5.052F402E557C9EC01B188AD56E336029] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552] [PID.1940] [MD5.2477A2CC6D40FE623FD789D546CABD40] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11487848] [PID.1960] [MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816] [PID.1980] [MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289] [PID.1980] [MD5.2B3DB9C9D7E206CFCF3E327709BEF3AD] - (.Intel Corporation - igfxsrvc Module.) -- C:\windows\system32\igfxsrvc.exe [252952] [PID.1080] [MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089] [PID.1212] [MD5.C4FB2613D3C75364BB159B9C23A00E7A] - (...) -- C:\Windows\System32\AsusService.exe [219136] [PID.1160] [MD5.E56F39F6B7FDA0AC77A79B0FD3DE1A2F] - (.Microsoft Corporation - PresentationFontCache.exe.) -- C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [42856] [PID.2144] [MD5.09C87F376507122A5FE1CBE06E015512] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files\Google\Update\1.3.21.149\GoogleCrashHandler.exe [239496] [PID.2152] [MD5.85B16A92B117A5A800032ECD904B86DB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [399432] [PID.2524] [MD5.20E2469DB709FC675E655CEAA11BE312] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [676936] [PID.2548] [MD5.12E33DD823D74680DE6F33BFA359EFB3] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [766536] [PID.2652] [MD5.7548066DF68A8A1A56B043359F915F37] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840] [PID.2856] [MD5.C5A75EB48E2344ABDC162BDA79E16841] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384] [PID.3336] [MD5.1EC9CFB7C0309CC479D1C9ACB5744117] - (.Oleg N. Scherbakov - 7z Setup SFX.) -- C:\Users\philippe leclercq\Desktop\JRT.exe [559306] [PID.2488] [MD5.815FD68F8A6AF88827232C2B94622970] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [846288] [PID.2728] [MD5.E5A7EA8C5C063943231A071789956893] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7667712] [PID.3328] [MD5.CF87A1DE791347E75B98885214CED2B8] - (.Microsoft Corporation - Service de la plateforme de protection logi.) -- C:\windows\system32\sppsvc.exe [3179520] [PID.3432] ~ Processes Running: Scanned in 00mn 05s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [user Data\Default] Rechercher G2 - GCE: Preference [user Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé) G2 - GCE: Preference [user Data\Default] [aohghmighlieiainnegkcijnfilokake] Documents Google v.0.5 (Activé) G2 - GCE: Preference [user Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé) G2 - GCE: Preference [user Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé) G2 - GCE: Preference [user Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé) G2 - GCE: Preference [user Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé) G2 - GCE: Preference [user Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé) G2 - GCE: Preference [user Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé) G2 - GCE: Preference [user Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé) G2 - GCE: Preference [user Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé) ~ Google Browser: 11 Scanned in 00mn 32s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.21.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\windows\system32\npDeployJava1.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.21.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.21.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20513.0.) -- C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 3.3.0f4.) -- C:\Users\philippe leclercq\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll ~ Firefox Browser: 8 Scanned in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Unity Technologies ApS - Unity Player 3.3.0f4.) (No version) -- (.not file.) R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ IE Browser: 9 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll ~ BHO: 4 Scanned in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>Piriform Ltd O4 - HKCU\..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (.not file.) O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-21-2091292328-1087205343-3181550619-1000\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKUS\S-1-5-21-2091292328-1087205343-3181550619-1000\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>Piriform Ltd O4 - HKUS\S-1-5-21-2091292328-1087205343-3181550619-1000\..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (.not file.) ~ Application: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\TaskBar: Google Chrome (2).lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O4 - GS\TaskBar: Internet Explorer (2).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\TaskBar: Internet Explorer (3).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\TaskBar: Internet Explorer (5).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\TaskBar: VLC media player.lnk . (...) -- C:\Program Files\VideoLAN\VLC\vlc.exe O4 - GS\TaskBar: Windows Explorer (2).lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\windows\explorer.exe O4 - GS\TaskBar: Windows Explorer (3).lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\windows\explorer.exe O4 - GS\TaskBar: Windows Explorer (4).lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\windows\explorer.exe O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\windows\explorer.exe O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch: Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\windows\system32\eudcedit.exe O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\windows\system32\WFS.exe O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O4 - GS\SendTo: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - Pas de description.) -- C:\Windows\System32\fsquirt.exe ~ Global Startup: Scanned in 00mn 02s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} . (.Microsoft Corporation - Synchronisation des favoris ActiveSync.) -- C:\windows\WindowsMobile\INetRepl.dll O9 - Extra button: @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -- Clé orpheline O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\windows\system32\wshbth.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\windows\system32\mswsock.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\system32\winrnr.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll ~ Winsock: 9 Scanned in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} ((no name)) - https://static.impots.gouv.fr/abos/static/securite/certdgi1_2-0.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ((no name)) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_5_2_1_0.cab ~ Objets ActiveX: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{5CBBC60F-00AF-41ED-9CA1-46055DD437ED}: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CCS\Services\Tcpip\..\{F537F381-17A3-443A-A90E-23BC2441989D}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{5CBBC60F-00AF-41ED-9CA1-46055DD437ED}: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{F537F381-17A3-443A-A90E-23BC2441989D}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{5CBBC60F-00AF-41ED-9CA1-46055DD437ED}: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CS2\Services\Tcpip\..\{F537F381-17A3-443A-A90E-23BC2441989D}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ SSODL: 1 Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Asus Launcher Service (AsusService) . (...) - C:\Windows\System32\AsusService.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\Windows\System32\ZoneLabs\vsmon.exe ~ Services: 9 Scanned in 00mn 17s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ BootExecute (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [1002] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1074] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1078] [MD5.9915504F602D277EE47FD843A677FD15] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [256904] [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [136176] [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [136176] [MD5.00000000000000000000000000000000] [APT] [{0E239B48-FA3C-4BEA-BAD2-5CAFD4FDA462}] (...) -- C:\Users\philippe leclercq\Downloads\autocad 2008\Setup.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{2108D66E-F86F-44DD-9BDD-065C7B705952}] (...) -- C:\Users\philippe leclercq\Downloads\installer_synccell_for_motorola_3_1_French.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{211E888F-31DD-4031-A9F2-08921C1AD3B5}] (...) -- C:\Users\philippe leclercq\Downloads\Paint.NET.3.5.10.Install.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{56CB5BB0-ED09-4FE4-A4BC-43585F37FD4A}] (...) -- c:\users\philippe leclercq\appdata\local\google\chrome\application\chrome.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{BED547A6-5A4E-401C-BC8A-08F31CE6A1F2}] (...) -- C:\Users\philippe leclercq\AppData\Local\Temp\Temp1_Adobe Acrobat 7.0 Professional + keygen.zip\Adobe Acrobat 7.0 Professional + keygen\instmsiw.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{D0D96B42-A3E0-4667-879C-CA3630CC2813}] (...) -- C:\Users\philippe leclercq\Downloads\OOo_3.3.0_Win_x86_install_fr.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{D50D554B-13BB-485F-B4F2-027CBB8EE4F3}] (...) -- C:\Users\philippe leclercq\AppData\Local\Temp\Temp1_Adobe Acrobat 7.0 Professional + keygen.zip\Adobe Acrobat 7.0 Professional + keygen\setup.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{F3EE7331-5BA0-4AB9-BA8B-67D9DE4FD993}] (...) -- C:\Users\philippe leclercq\Downloads\PSPP12_Corel_TBYB_EN_IE_FR_DE_ES_IT_NL_ESD.exe (.not file.) [0] ~ Scheduled Task: 15 Scanned in 00mn 13s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\28.0.1500.71\Installer\chrmstp.exe O40 - ASIC: Shockwave Flash Object - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 11.7 r700.) -- C:\windows\system32\Macromed\Flash\Flash32_11_7_700_224.ocx ~ Active Setup: 8 Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (AsUpIO) . (...) - C:\Windows\System32\drivers\AsUpIO.sys O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\System32\DRIVERS\avipbb.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (eusk2par) . (.Aladdin Knowledge Systems Ltd. - SmartKey Parallel Driver.) - C:\windows\system32\Drivers\eusk2par.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (Vsdatant) . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - C:\Windows\System32\DRIVERS\vsdatant.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys ~ Drivers: 78 Scanned in 00mn 02s ---\\ Logiciels installés (O42) O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {859D40CF-8491-44AD-8FA8-7389CB418C64} O42 - Logiciel: 7-Zip 9.20 - (...) [HKLM] -- 7-Zip O42 - Logiciel: ASUS WebStorage - (.eCareme Technologies, Inc..) [HKLM] -- ASUS WebStorage O42 - Logiciel: ASUSUpdate for Eee PC - (.ASUSTeK Computer Inc..) [HKLM] -- {587178E7-B1DF-494E-9838-FA4DD36E873C} O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40} O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723} O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: AsusVibe2.0 - (.ASUSTEK.) [HKLM] -- Asus Vibe2.0 O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] -- {28006915-2739-4EBE-B5E8-49B25D32EB33} O42 - Logiciel: Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549} O42 - Logiciel: AutoCAD 2008 - English - (.Autodesk.) [HKLM] -- AutoCAD 2008 - English O42 - Logiciel: Autodesk DWF Viewer 7 - (.Autodesk, Inc..) [HKLM] -- {9A346205-EA92-4406-B1AB-50379DA3F057} O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: Boingo Wi-Fi - (.Boingo Wireless, Inc..) [HKLM] -- {7E49ED48-B67E-4A27-839D-EE08590A96BB} O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>Piriform Ltd O42 - Logiciel: CapsHook - (.AsusTek Computer.) [HKLM] -- {4B5092B6-F231-4D18-83BC-2618B729CA45} O42 - Logiciel: E-Cam - (...) [HKLM] -- {185AFA7A-F63E-450B-94AA-011CAC18090E} O42 - Logiciel: Eee Docking 3.7.0 - (.ASUSTek Computer Inc..) [HKLM] -- Eee Docking_is1 O42 - Logiciel: EeeSplendid - (.ASUS.) [HKLM] -- {6333FC29-BFE5-4024-AC78-958A1A7555D1} O42 - Logiciel: FontResizer - (.ASUSTek.) [HKLM] -- InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8} O42 - Logiciel: FontResizer - (.ASUSTek.) [HKLM] -- {17780F99-A9DF-450B-81B3-6781B20A17A8} O42 - Logiciel: Gestionnaire pour appareils Windows Mobile - (.Microsoft Corporation.) [HKLM] -- {904CCF62-818D-4675-BC76-D37EB399F917} O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {468D22C0-8080-11E2-B86E-B8AC6F98CCE3} O42 - Logiciel: Hotkey Service - (.AsusTek Computer.) [HKLM] -- {71C0E38E-09F2-4386-9977-404D4F6640CD} O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} O42 - Logiciel: Java 7 Update 21 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217021FF} O42 - Logiciel: JavaFX 2.1.1 - (.Oracle Corporation.) [HKLM] -- {1111706F-666A-4037-7777-211328764D10} O42 - Logiciel: LiveUpdate - (.AsusTek Computer Inc..) [HKLM] -- {38E5A3B1-ADF1-47E0-8024-76310A30EB36} O42 - Logiciel: LocaleMe - (.ASUS.) [HKLM] -- {F58C1D44-4AC9-48E8-9049-7A6CDFCB415C} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2721691) - (.Microsoft Corporation.) [HKLM] -- {355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36} O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E} O42 - Logiciel: MSXML 4.0 SP3 Parser (KB973685) - (.Microsoft Corporation.) [HKLM] -- {859DFA95-E4A6-48CD-B88E-A3E483E89B44} O42 - Logiciel: Malwarebytes Anti-Malware version 1.65.1.1000 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {CFF8B8E8-E086-4DE0-935F-FE22CAB54F80} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: MotoHelper MergeModules - (.Motorola.) [HKLM] -- {6F3D2F66-F050-45E3-BEB1-6523FE6D6690} O42 - Logiciel: MotoHelper MergeModules - (.Motorola.) [HKLM] -- {94CAC2F1-C856-47F4-AF24-65A1E75AEDB9} O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} O42 - Logiciel: Ralink RT2860 Wireless LAN Card - (.Ralink.) [HKLM] -- {8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Skype™ 6.5 - (.Skype Technologies S.A..) [HKLM] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D} O42 - Logiciel: StarterBackgroundChanger - (.Renaud Gerson.) [HKLM] -- StarterBackgroundChanger O42 - Logiciel: Super Hybrid Engine - (.AsusTek Computer.) [HKLM] -- {88F08F98-12BC-4613-81A2-8F9B88CFC73E} O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey O42 - Logiciel: VLC media player 1.1.10 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver O42 - Logiciel: Windows Driver Package - Broadcom Bluetooth (07/17/2009 6.2.0.9403) - (.Broadcom.) [HKLM] -- B41C7C96D83162A676DA7365ADEFD6C1AF62A4EE O42 - Logiciel: Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0) - (.Broadcom.) [HKLM] -- B5C82F3814F82FB37F1513B3185399BD88892B08 O42 - Logiciel: Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) - (.Broadcom.) [HKLM] -- BF20603967CFDCB2BBF91950E8A56DFBC5C833FE O42 - Logiciel: ZoneAlarm - (.Check Point, Inc.) [HKLM] -- ZoneAlarm O42 - Logiciel: µTorrent - (...) [HKLM] -- uTorrent =>P2P.µTorrent ~ Logic: 96 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\7-Zip] [HKCU\Software\AC3Filter] [HKCU\Software\ASUS] [HKCU\Software\AVS4YOU] [HKCU\Software\Adobe] [HKCU\Software\Anonymous] [HKCU\Software\AppDataLow\Google] [HKCU\Software\AppDataLow\ISWVolatile] [HKCU\Software\AppDataLow\Software\JavaSoft] [HKCU\Software\AppDataLow\Software\Monitored] [HKCU\Software\AppDataLow\Software\Unity] [HKCU\Software\AppDataLow\Software\settings] [HKCU\Software\AppDataLow] [HKCU\Software\Autodesk] [HKCU\Software\Avira] [HKCU\Software\BIDCOM Technologies] [HKCU\Software\BVRP Software] [HKCU\Software\BackgroundChanger] [HKCU\Software\BitTorrent] =>P2P.BitTorrent [HKCU\Software\CheckPoint] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CompanionLink] [HKCU\Software\Cygnus Solutions] [HKCU\Software\DT Soft] [HKCU\Software\ECAREME] [HKCU\Software\Foxit Software] [HKCU\Software\GoBoingo] [HKCU\Software\Google] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\Laudrin] [HKCU\Software\Lexmark] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\Magicbit] [HKCU\Software\MainConcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Motorola Inc.] [HKCU\Software\Motorola] [HKCU\Software\MozillaPlugins] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\PDFCreator] [HKCU\Software\Paint.NET] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\PowerISO] [HKCU\Software\PowerPack] [HKCU\Software\Realtek] [HKCU\Software\Research In Motion] [HKCU\Software\Samsung] [HKCU\Software\Screamer Radio] [HKCU\Software\Skype] [HKCU\Software\StarterBackgroundChanger] [HKCU\Software\Synaptics] [HKCU\Software\Tomato] [HKCU\Software\Trolltech] [HKCU\Software\Unity] [HKCU\Software\VirtualDub.org] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Wow6432Node] [HKCU\Software\ZebHelpProcess Helper] [HKCU\Software\Zone Labs] [HKLM\Software\ASUS] [HKLM\Software\ATI Technologies] [HKLM\Software\AVS4YOU] [HKLM\Software\ActiveXperts] [HKLM\Software\Adobe] [HKLM\Software\AdwCleaner] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\AsusTek Computer] [HKLM\Software\Atheros Communications Inc.] [HKLM\Software\Atheros] [HKLM\Software\Autodesk] [HKLM\Software\AviSynth] [HKLM\Software\Avira] [HKLM\Software\CheckPoint] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CoreSecurity] [HKLM\Software\Cygnus Solutions] [HKLM\Software\DT Soft] [HKLM\Software\E-Cam] [HKLM\Software\ECAREME] [HKLM\Software\GoBoingo] [HKLM\Software\Google] [HKLM\Software\Hewlett-Packard] [HKLM\Software\IM Providers] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\LEXMARK] [HKLM\Software\Licenses] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Nero] [HKLM\Software\ODBC] [HKLM\Software\Oberon Media] [HKLM\Software\OldTimer Tools] [HKLM\Software\Oracle] [HKLM\Software\PDFCreator] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\PowerISO] [HKLM\Software\Ralink] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Research In Motion] [HKLM\Software\SAMSUNG] [HKLM\Software\SRS Labs] [HKLM\Software\Skype] [HKLM\Software\Synaptics] [HKLM\Software\Transtechnology] [HKLM\Software\VideoLAN] [HKLM\Software\Volatile] [HKLM\Software\WinRAR] [HKLM\Software\Windows] [HKLM\Software\Wow6432Node] [HKLM\Software\X-AVCSD] [HKLM\Software\Zone Labs] ~ Key Software: 172 Scanned in 00mn 01s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 05/12/2010 - 21:01:12 - [3,348] ----D C:\Program Files\7-Zip O43 - CFD: 04/12/2010 - 20:14:49 - [1,668] ----D C:\Program Files\Adobe O43 - CFD: 06/08/2011 - 22:16:18 - [130,200] ----D C:\Program Files\ASUS O43 - CFD: 24/06/2010 - 18:02:16 - [0,001] ----D C:\Program Files\Atheros O43 - CFD: 12/04/2011 - 13:59:01 - [538,933] ----D C:\Program Files\AutoCAD 2008 O43 - CFD: 12/04/2011 - 13:50:17 - [34,319] ----D C:\Program Files\Autodesk O43 - CFD: 04/12/2010 - 21:10:41 - [176,005] ----D C:\Program Files\Avira O43 - CFD: 20/04/2012 - 18:55:56 - [0,138] ----D C:\Program Files\AviSynth 2.5 O43 - CFD: 17/07/2012 - 14:42:18 - [0] ----D C:\Program Files\AVS4YOU O43 - CFD: 04/12/2010 - 19:18:29 - [4,157] ----D C:\Program Files\Boingo O43 - CFD: 13/01/2012 - 21:51:34 - [4,137] ----D C:\Program Files\CCleaner =>Piriform Ltd O43 - CFD: 04/12/2010 - 21:16:45 - [0,064] ----D C:\Program Files\CheckPoint O43 - CFD: 13/06/2013 - 19:56:06 - [429,108] ----D C:\Program Files\Common Files O43 - CFD: 24/06/2010 - 18:04:02 - [0,520] ----D C:\Program Files\DIFX O43 - CFD: 22/06/2011 - 23:30:31 - [3,997] ----D C:\Program Files\DVD Maker O43 - CFD: 04/12/2010 - 19:18:19 - [19,452] ----D C:\Program Files\E-Cam O43 - CFD: 24/06/2010 - 18:07:56 - [0,000] ----D C:\Program Files\EBI O43 - CFD: 24/06/2010 - 18:21:12 - [8,545] ----D C:\Program Files\EeePC O43 - CFD: 10/12/2010 - 22:28:09 - [10,669] ----D C:\Program Files\Foxit reader O43 - CFD: 05/05/2013 - 17:26:11 - [604,855] ----D C:\Program Files\Google O43 - CFD: 13/01/2012 - 19:48:22 - [74,734] --H-D C:\Program Files\InstallShield Installation Information O43 - CFD: 24/06/2010 - 18:00:53 - [58,942] ----D C:\Program Files\Intel O43 - CFD: 12/07/2013 - 16:56:59 - [5,223] ----D C:\Program Files\Internet Explorer O43 - CFD: 13/06/2013 - 19:53:30 - [122,325] ----D C:\Program Files\Java O43 - CFD: 24/01/2013 - 22:31:17 - [12,699] ----D C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 05/02/2011 - 14:59:33 - [2,447] ----D C:\Program Files\MarkAny O43 - CFD: 04/12/2010 - 19:21:49 - [2,541] ----D C:\Program Files\Microsoft O43 - CFD: 18/11/2011 - 08:56:17 - [562,925] ----D C:\Program Files\Microsoft Office O43 - CFD: 12/07/2013 - 16:58:01 - [40,851] ----D C:\Program Files\Microsoft Silverlight O43 - CFD: 06/03/2011 - 00:30:09 - [0,014] ----D C:\Program Files\Microsoft Visual Studio O43 - CFD: 06/03/2011 - 00:22:46 - [1,323] ----D C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 07/03/2011 - 09:24:36 - [3,554] ----D C:\Program Files\Microsoft Works O43 - CFD: 06/03/2011 - 00:28:03 - [7,789] ----D C:\Program Files\Microsoft.NET O43 - CFD: 09/05/2013 - 19:26:55 - [0,016] ----D C:\Program Files\Motorola O43 - CFD: 06/03/2011 - 00:30:34 - [0,025] ----D C:\Program Files\MSBuild O43 - CFD: 24/06/2010 - 19:02:50 - [0,147] ----D C:\Program Files\MSXML 4.0 O43 - CFD: 13/08/2011 - 15:45:37 - [0] ----D C:\Program Files\Naviextras O43 - CFD: 24/01/2013 - 20:57:47 - [0] ----D C:\Program Files\OnlineHD.TV O43 - CFD: 05/07/2012 - 12:51:59 - [33,205] ----D C:\Program Files\Oracle O43 - CFD: 24/01/2013 - 21:12:03 - [0] ----D C:\Program Files\Paint.NET O43 - CFD: 04/12/2010 - 23:12:09 - [24,289] ----D C:\Program Files\PDFCreator O43 - CFD: 10/12/2010 - 22:27:10 - [0,052] ----D C:\Program Files\plugins O43 - CFD: 04/12/2010 - 19:12:43 - [16,976] ----D C:\Program Files\Realtek O43 - CFD: 14/07/2009 - 06:52:30 - [37,357] ----D C:\Program Files\Reference Assemblies O43 - CFD: 05/02/2011 - 15:01:45 - [1,759] ----D C:\Program Files\Samsung O43 - CFD: 14/06/2013 - 20:22:34 - [18,953] R---D C:\Program Files\Skype O43 - CFD: 12/12/2010 - 13:43:17 - [1,259] ----D C:\Program Files\StarterBackgroundChanger O43 - CFD: 04/12/2010 - 19:14:25 - [28,744] ----D C:\Program Files\Synaptics O43 - CFD: 13/01/2012 - 19:52:38 - [0] --H-D C:\Program Files\Temp O43 - CFD: 14/07/2009 - 06:53:23 - [0] --H-D C:\Program Files\Uninstall Information O43 - CFD: 12/02/2012 - 21:04:42 - [0,924] ----D C:\Program Files\uTorrent =>P2P.µTorrent O43 - CFD: 04/12/2010 - 22:02:39 - [80,873] ----D C:\Program Files\VideoLAN O43 - CFD: 12/07/2013 - 16:56:52 - [2,909] ----D C:\Program Files\Windows Defender O43 - CFD: 09/05/2013 - 14:37:21 - [2,786] ----D C:\Program Files\Windows Live O43 - CFD: 04/12/2010 - 19:21:32 - [0,234] ----D C:\Program Files\Windows Live SkyDrive O43 - CFD: 22/06/2011 - 23:30:32 - [5,895] ----D C:\Program Files\Windows Mail O43 - CFD: 14/07/2009 - 06:52:30 - [11,632] ----D C:\Program Files\Windows NT O43 - CFD: 22/06/2011 - 23:30:29 - [4,213] ----D C:\Program Files\Windows Photo Viewer O43 - CFD: 22/06/2011 - 23:30:30 - [0,181] ----D C:\Program Files\Windows Portable Devices O43 - CFD: 22/06/2011 - 23:30:31 - [5,717] ----D C:\Program Files\Windows Sidebar O43 - CFD: 30/05/2013 - 20:31:23 - [4,131] ----D C:\Program Files\WinRAR O43 - CFD: 12/07/2013 - 18:56:19 - [17,048] ----D C:\Program Files\ZHPDiag O43 - CFD: 04/12/2010 - 21:16:09 - [18,609] ----D C:\Program Files\Zone Labs O43 - CFD: 24/06/2010 - 18:08:23 - [30,668] ----D C:\Program Files\Common Files\Adobe AIR O43 - CFD: 24/01/2013 - 21:00:26 - [44,663] ----D C:\Program Files\Common Files\Autodesk Shared O43 - CFD: 17/07/2012 - 14:42:19 - [0,171] ----D C:\Program Files\Common Files\AVSMedia O43 - CFD: 12/04/2011 - 13:48:01 - [0,187] ----D C:\Program Files\Common Files\DESIGNER O43 - CFD: 12/04/2011 - 13:51:24 - [6,816] ----D C:\Program Files\Common Files\InstallShield O43 - CFD: 13/06/2013 - 19:56:06 - [1,189] ----D C:\Program Files\Common Files\Java O43 - CFD: 17/07/2012 - 17:08:14 - [244,996] ----D C:\Program Files\Common Files\microsoft shared O43 - CFD: 21/06/2011 - 20:19:10 - [0,176] ----D C:\Program Files\Common Files\Motorola Shared O43 - CFD: 21/06/2011 - 20:18:44 - [0,675] ----D C:\Program Files\Common Files\MSSoap O43 - CFD: 21/06/2011 - 23:12:51 - [5,338] ----D C:\Program Files\Common Files\Nero O43 - CFD: 24/06/2010 - 18:10:24 - [0,338] ----D C:\Program Files\Common Files\Oberon Media O43 - CFD: 14/07/2009 - 04:37:05 - [0,003] ----D C:\Program Files\Common Files\Services O43 - CFD: 03/05/2013 - 20:48:49 - [1,904] ----D C:\Program Files\Common Files\Skype O43 - CFD: 14/07/2009 - 04:37:05 - [39,200] ----D C:\Program Files\Common Files\SpeechEngines O43 - CFD: 11/07/2012 - 19:16:20 - [45,388] ----D C:\Program Files\Common Files\System O43 - CFD: 15/12/2011 - 22:04:46 - [7,397] ----D C:\Program Files\Common Files\Tomato O43 - CFD: 04/12/2010 - 19:18:48 - [0] ----D C:\Program Files\Common Files\Windows Live O43 - CFD: 04/12/2010 - 20:14:41 - [0,000] ----D C:\ProgramData\Adobe O43 - CFD: 14/07/2009 - 06:53:55 - [0] ----D C:\ProgramData\Application Data O43 - CFD: 24/06/2010 - 18:02:31 - [0,009] ----D C:\ProgramData\Atheros O43 - CFD: 23/04/2011 - 13:45:56 - [33,347] ----D C:\ProgramData\Autodesk O43 - CFD: 04/12/2010 - 21:10:41 - [11,641] ----D C:\ProgramData\Avira O43 - CFD: 19/03/2011 - 13:41:14 - [0] ----D C:\ProgramData\AVS4YOU O43 - CFD: 04/07/2011 - 23:09:22 - [32,753] ----D C:\ProgramData\BVRP Software O43 - CFD: 04/12/2010 - 21:15:25 - [0,004] ----D C:\ProgramData\CheckPoint O43 - CFD: 10/02/2011 - 23:31:22 - [0] ----D C:\ProgramData\CorelDRAW Graphics Suite X5 O43 - CFD: 05/12/2010 - 19:53:18 - [0,001] ----D C:\ProgramData\DAEMON Tools Lite O43 - CFD: 14/07/2009 - 06:53:55 - [0] ----D C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 06:53:55 - [0] ----D C:\ProgramData\Documents O43 - CFD: 24/06/2010 - 18:08:02 - [0] ----D C:\ProgramData\EBI O43 - CFD: 14/07/2009 - 06:53:55 - [0] ----D C:\ProgramData\Favorites O43 - CFD: 04/12/2010 - 19:18:29 - [21,354] ----D C:\ProgramData\GoBoingo O43 - CFD: 15/08/2012 - 19:22:23 - [17,093] ----D C:\ProgramData\Malwarebytes O43 - CFD: 17/07/2012 - 17:07:56 - [256,265] ----D C:\ProgramData\Microsoft O43 - CFD: 12/07/2013 - 16:29:16 - [0,066] ----D C:\ProgramData\Microsoft Help O43 - CFD: 21/06/2011 - 23:15:28 - [8,230] ----D C:\ProgramData\Motorola O43 - CFD: 25/11/2011 - 20:22:52 - [0] ----D C:\ProgramData\Motorola Media Link O43 - CFD: 01/06/2012 - 21:30:26 - [0,742] ----D C:\ProgramData\Nero O43 - CFD: 05/02/2011 - 14:36:16 - [0,000] ----D C:\ProgramData\PC Drivers HeadQuarters O43 - CFD: 30/12/2011 - 20:54:31 - [0,003] ----D C:\ProgramData\philippe leclercq O43 - CFD: 24/06/2010 - 18:02:59 - [2,199] ----D C:\ProgramData\Ralink Driver O43 - CFD: 24/06/2010 - 18:08:02 - [0] ----D C:\ProgramData\RSMR O43 - CFD: 06/06/2011 - 11:28:37 - [0,437] ----D C:\ProgramData\Samsung O43 - CFD: 14/06/2013 - 20:22:40 - [59,682] ----D C:\ProgramData\Skype O43 - CFD: 14/07/2009 - 06:53:55 - [0] ----D C:\ProgramData\Start Menu O43 - CFD: 05/12/2010 - 19:24:42 - [0,000] ----D C:\ProgramData\Sun O43 - CFD: 30/12/2011 - 22:28:32 - [0] ----D C:\ProgramData\TEMP O43 - CFD: 14/07/2009 - 06:53:55 - [0] ----D C:\ProgramData\Templates O43 - CFD: 24/06/2010 - 18:55:21 - [20,289] ----D C:\Users\philippe leclercq\AppData\Roaming\Adobe O43 - CFD: 08/10/2011 - 09:16:30 - [5,827] ----D C:\Users\philippe leclercq\AppData\Roaming\ASUS WebStorage O43 - CFD: 06/08/2011 - 17:17:27 - [9,121] ----D C:\Users\philippe leclercq\AppData\Roaming\Autodesk O43 - CFD: 20/04/2012 - 18:47:31 - [0,062] ----D C:\Users\philippe leclercq\AppData\Roaming\AVS4YOU O43 - CFD: 04/12/2010 - 21:17:12 - [0,111] ----D C:\Users\philippe leclercq\AppData\Roaming\CheckPoint O43 - CFD: 10/04/2012 - 11:56:08 - [0,001] ----D C:\Users\philippe leclercq\AppData\Roaming\com.adobe.example.widget.F826D533138FC008516DC0DE4625BA08DCDBC443.1 O43 - CFD: 04/01/2012 - 00:42:25 - [0,015] ----D C:\Users\philippe leclercq\AppData\Roaming\CompanionLink O43 - CFD: 05/12/2010 - 19:53:08 - [0] ----D C:\Users\philippe leclercq\AppData\Roaming\DAEMON Tools Lite O43 - CFD: 04/02/2011 - 19:32:07 - [0,000] ----D C:\Users\philippe leclercq\AppData\Roaming\dvdcss O43 - CFD: 04/12/2010 - 19:17:29 - [0,000] ----D C:\Users\philippe leclercq\AppData\Roaming\E-Cam O43 - CFD: 04/12/2010 - 22:06:28 - [0,222] ----D C:\Users\philippe leclercq\AppData\Roaming\Foxit Software O43 - CFD: 22/11/2011 - 23:17:17 - [0] ----D C:\Users\philippe leclercq\AppData\Roaming\GoBoingo O43 - CFD: 14/07/2009 - 06:54:12 - [0] ----D C:\Users\philippe leclercq\AppData\Roaming\Identities O43 - CFD: 24/06/2010 - 18:00:39 - [0] ----D C:\Users\philippe leclercq\AppData\Roaming\InstallShield O43 - CFD: 24/06/2010 - 18:08:17 - [0,001] ----D C:\Users\philippe leclercq\AppData\Roaming\Macromedia O43 - CFD: 15/08/2012 - 19:22:49 - [0,008] ----D C:\Users\philippe leclercq\AppData\Roaming\Malwarebytes O43 - CFD: 16/07/2012 - 21:39:29 - [1,999] -S--D C:\Users\philippe leclercq\AppData\Roaming\Microsoft O43 - CFD: 17/02/2012 - 11:14:53 - [0,000] ----D C:\Users\philippe leclercq\AppData\Roaming\motorola O43 - CFD: 06/12/2011 - 20:58:29 - [0,000] ----D C:\Users\philippe leclercq\AppData\Roaming\Mozilla O43 - CFD: 05/12/2010 - 19:31:12 - [2,521] ----D C:\Users\philippe leclercq\AppData\Roaming\OpenOffice.org O43 - CFD: 12/12/2010 - 13:43:33 - [0,215] ----D C:\Users\philippe leclercq\AppData\Roaming\RGE O43 - CFD: 06/06/2011 - 11:28:37 - [0] ----D C:\Users\philippe leclercq\AppData\Roaming\Samsung O43 - CFD: 18/06/2013 - 23:42:09 - [4,224] ----D C:\Users\philippe leclercq\AppData\Roaming\Skype O43 - CFD: 30/12/2011 - 20:54:34 - [0,008] ----D C:\Users\philippe leclercq\AppData\Roaming\SyncCell O43 - CFD: 06/12/2010 - 13:57:26 - [14,488] ----D C:\Users\philippe leclercq\AppData\Roaming\Thunderbird O43 - CFD: 15/12/2011 - 22:10:04 - [0,052] ----D C:\Users\philippe leclercq\AppData\Roaming\Tomato O43 - CFD: 05/03/2013 - 18:54:43 - [2,470] ----D C:\Users\philippe leclercq\AppData\Roaming\uTorrent =>P2P.µTorrent O43 - CFD: 10/02/2013 - 00:14:54 - [1,556] ----D C:\Users\philippe leclercq\AppData\Roaming\vlc O43 - CFD: 30/05/2013 - 20:31:57 - [0,000] ----D C:\Users\philippe leclercq\AppData\Roaming\WinRAR O43 - CFD: 04/12/2010 - 20:14:20 - [0,120] ----D C:\Users\philippe leclercq\AppData\Local\Adobe O43 - CFD: 04/12/2010 - 19:11:35 - [0] ----D C:\Users\philippe leclercq\AppData\Local\Application Data O43 - CFD: 04/12/2010 - 21:46:31 - [1,173] ----D C:\Users\philippe leclercq\AppData\Local\Apps O43 - CFD: 17/12/2010 - 23:59:34 - [0,001] ----D C:\Users\philippe leclercq\AppData\Local\ASUS O43 - CFD: 12/04/2011 - 13:53:45 - [3,137] ----D C:\Users\philippe leclercq\AppData\Local\Autodesk O43 - CFD: 02/07/2011 - 14:30:30 - [0] ----D C:\Users\philippe leclercq\AppData\Local\BVRP Software O43 - CFD: 05/05/2013 - 19:55:04 - [3,685] ----D C:\Users\philippe leclercq\AppData\Local\CRE O43 - CFD: 04/12/2010 - 21:46:48 - [0] ----D C:\Users\philippe leclercq\AppData\Local\Deployment O43 - CFD: 20/06/2013 - 23:57:56 - [0] ----D C:\Users\philippe leclercq\AppData\Local\Diagnostics O43 - CFD: 28/06/2011 - 22:30:53 - [134,687] ----D C:\Users\philippe leclercq\AppData\Local\Downloaded Installations O43 - CFD: 05/05/2013 - 17:40:42 - [126,255] ----D C:\Users\philippe leclercq\AppData\Local\Google O43 - CFD: 04/12/2010 - 19:11:35 - [0] ----D C:\Users\philippe leclercq\AppData\Local\Historique O43 - CFD: 01/12/2012 - 16:12:06 - [1107,514] ----D C:\Users\philippe leclercq\AppData\Local\Microsoft O43 - CFD: 12/03/2012 - 20:24:30 - [0,194] ----D C:\Users\philippe leclercq\AppData\Local\Microsoft Help O43 - CFD: 01/02/2012 - 00:00:44 - [0] ----D C:\Users\philippe leclercq\AppData\Local\MigWiz O43 - CFD: 01/06/2012 - 21:31:48 - [0] ----D C:\Users\philippe leclercq\AppData\Local\Motorola O43 - CFD: 04/01/2013 - 21:59:24 - [0] ----D C:\Users\philippe leclercq\AppData\Local\Paint.NET O43 - CFD: 06/06/2011 - 11:28:37 - [0,000] ----D C:\Users\philippe leclercq\AppData\Local\Samsung O43 - CFD: 05/12/2010 - 11:18:13 - [2,902] ----D C:\Users\philippe leclercq\AppData\Local\Screamer Radio O43 - CFD: 12/07/2013 - 18:52:52 - [2,136] ----D C:\Users\philippe leclercq\AppData\Local\Temp O43 - CFD: 04/12/2010 - 19:11:35 - [0] ----D C:\Users\philippe leclercq\AppData\Local\Temporary Internet Files O43 - CFD: 06/12/2010 - 13:57:26 - [5,182] ----D C:\Users\philippe leclercq\AppData\Local\Thunderbird O43 - CFD: 12/06/2011 - 20:48:06 - [0,200] ----D C:\Users\philippe leclercq\AppData\Local\Unity O43 - CFD: 27/06/2011 - 22:31:04 - [0,048] ----D C:\Users\philippe leclercq\AppData\Local\VirtualStore O43 - CFD: 05/12/2010 - 11:37:06 - [0] ----D C:\Users\philippe leclercq\AppData\Local\Windows Live O43 - CFD: 29/12/2011 - 23:32:53 - [0] ----D C:\Users\philippe leclercq\AppData\Local\WMTools Downloaded Files O43 - CFD: 14/07/2009 - 06:42:04 - [0,014] R---D C:\Users\philippe leclercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 17/05/2013 - 18:49:27 - [0,000] R---D C:\Users\philippe leclercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 14/07/2009 - 06:37:42 - [0,001] R---D C:\Users\philippe leclercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 04/12/2010 - 23:14:05 - [0,006] ----D C:\Users\philippe leclercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screamer Radio O43 - CFD: 17/05/2013 - 18:49:27 - [0,000] R---D C:\Users\philippe leclercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 30/05/2013 - 20:31:24 - [0,003] ----D C:\Users\philippe leclercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ~ Program Folder: 172 Scanned in 00mn 32s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.6B059283E9344CAC7D45D86B1E076193] - 12/07/2013 - 17:40:09 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1022349] O44 - LFC:[MD5.6DA42E2D10C12D667147631DA4D9B1DE] - 12/07/2013 - 17:30:53 ---A- . (...) -- C:\Windows\setupact.log [1624] O44 - LFC:[MD5.C19A939A219640E0C007ED891E3449A3] - 12/07/2013 - 17:30:51 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.1BCC404D2F62607414C27394AD739897] - 12/07/2013 - 17:28:19 ---A- . (...) -- C:\AdwCleaner[s3].txt [4734] O44 - LFC:[MD5.D53D7C51394130D101A1E624144DFB0D] - 12/07/2013 - 17:28:19 ---A- . (...) -- C:\Windows\DeleteOnReboot.bat [316] O44 - LFC:[MD5.19645C0C25514796F8329AE8A7C37CB5] - 12/07/2013 - 16:47:58 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1549936] O44 - LFC:[MD5.98FD9A711FF2C1B7DEC2FBE3BDF0D7DE] - 12/07/2013 - 16:47:58 ---A- . (...) -- C:\Windows\System32\perfc009.dat [106622] O44 - LFC:[MD5.0CC33ED9F88A95A61073F7198B8B525D] - 12/07/2013 - 16:47:58 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [130988] O44 - LFC:[MD5.8B204C37BB1F9CE9394E372FD77B3FD5] - 12/07/2013 - 16:47:58 ---A- . (...) -- C:\Windows\System32\perfh009.dat [616242] O44 - LFC:[MD5.081CEF23C9CBBE22B4A7F9F3F4D409D4] - 12/07/2013 - 16:47:58 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [704714] O44 - LFC:[MD5.88F2AD0A8DDEC95BEDD2DBFC47874D49] - 12/07/2013 - 16:00:07 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [524096] O44 - LFC:[MD5.BF1D2CFAE91C1E835902ECA27F8F7470] - 12/07/2013 - 15:30:15 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2706432] O44 - LFC:[MD5.52F71A5790E1B6FFC34648F3B311EEE1] - 12/07/2013 - 15:30:14 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript.dll [690688] O44 - LFC:[MD5.CB811C14C225DD07B98E676DFB0221E6] - 12/07/2013 - 15:30:11 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript9.dll [2877440] O44 - LFC:[MD5.AC9A9B64AF7005E488390E38AE00D117] - 12/07/2013 - 15:30:10 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [39424] O44 - LFC:[MD5.B6A67646BD7E3A0AF2515703CBBD9A1C] - 12/07/2013 - 15:30:09 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll [61440] O44 - LFC:[MD5.6A32A12A2C76B729D6485D04FCFB2175] - 12/07/2013 - 15:30:08 ---A- . (.Microsoft Corporation - Moteur de l’interface utilisateur d’Interne.) -- C:\Windows\System32\ieui.dll [391168] O44 - LFC:[MD5.DED7DCF831A05D21F49510EA03F8F2C5] - 12/07/2013 - 15:30:06 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\System32\iesysprep.dll [109056] O44 - LFC:[MD5.EED047A0C528813D6AAF4F4F8B2C40C4] - 12/07/2013 - 15:30:06 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [493056] O44 - LFC:[MD5.0D2F075863C2FA4F84FB95AC00B95151] - 12/07/2013 - 15:30:06 ---A- . (.Microsoft Corporation - Registers custom PKEYs for IE.) -- C:\Windows\System32\RegisterIEPKEYs.exe [71680] O44 - LFC:[MD5.F4A608A800C1BB6838797390CBBC1269] - 12/07/2013 - 15:30:06 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\System32\iernonce.dll [33280] O44 - LFC:[MD5.6D404DDC4D0C13350E8EF0DD0421A7ED] - 12/07/2013 - 15:30:06 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe [42496] O44 - LFC:[MD5.225D276C730DF08CC83EABAC407F0D75] - 12/07/2013 - 15:30:05 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1141248] O44 - LFC:[MD5.FE29131E35902038066C924CF9C59DF8] - 12/07/2013 - 15:30:03 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [2046976] O44 - LFC:[MD5.9BF7C7654EFD098EE3A27B49492A382A] - 12/07/2013 - 15:29:58 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [1767936] O44 - LFC:[MD5.CC3FD6DEEE458D0BE9A69241E0749717] - 12/07/2013 - 15:29:52 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [13760512] O44 - LFC:[MD5.AF31E7D2C385F647ADFD5F5736B3BA64] - 12/07/2013 - 15:29:45 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll [14329856] O44 - LFC:[MD5.1C0E369575F387460E2A5F28269B2CC4] - 11/07/2013 - 20:05:25 ---A- . (.Microsoft Corporation - Services de typographie Microsoft DirectX.) -- C:\Windows\System32\DWrite.dll [1247744] O44 - LFC:[MD5.56D61BE56DA22334829E14CDE6A8C1FE] - 11/07/2013 - 20:05:22 ---A- . (.Microsoft Corporation - Windows Media Video Decoder.) -- C:\Windows\System32\WMVDECOD.DLL [1620480] O44 - LFC:[MD5.674EB817CF6E43B7DF3EC26E06E98D98] - 11/07/2013 - 20:05:20 ---A- . (.Microsoft Corporation - Édition DirectShow..) -- C:\Windows\System32\qedit.dll [509440] O44 - LFC:[MD5.4D52150FC35E333F6CBBB6B6E6D9366D] - 11/07/2013 - 20:05:18 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [2347520] O44 - LFC:[MD5.2E0FF281FFFA4289E504716629B2C48B] - 07/07/2013 - 00:12:06 ---A- . (...) -- C:\Windows\PFRO.log [866] O44 - LFC:[MD5.54C9C26A5CAFAC3E724E433D9DC2053D] - 06/07/2013 - 20:44:39 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] ~ Files: 33 Scanned in 02mn 33s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll ~ LSA: 9 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ CSB: 13 Scanned in 00mn 00s ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{65e1d9b1-9c22-11e0-baf0-20cf30426731}\AutoRun\command. (...) -- E:\setup.exe (.not file.) O51 - MPSK:{ef9af0ed-85e2-11e2-ac19-20cf30426731}\AutoRun\command. (...) -- E:\setup.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"vidc.i420"="i420vfw.dll" . (.www.helixcommunity.org - Helix I420 YUV Codec.) -- C:\Windows\System32\i420vfw.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.yv12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\Windows\System32\yv12vfw.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ TDSD: 5 Scanned in 00mn 01s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0 ~ MWPS: 18 Scanned in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 ~ MWPE Keys: 1 Scanned in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029] ~ Drivers: Scanned in 00mn 00s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ ADS: Scanned in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 25/04/2011 - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - 09/02/2011 - Pas de propriétaire (AsUpIO) .(...) - LEGACY_ASUPIO O64 - Services: CurCS - 13/02/2009 - C:\Program Files\Avira\AntiVir Desktop\avgio.sys (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO O64 - Services: CurCS - 25/11/2009 - C:\Windows\System32\DRIVERS\avgntflt.sys (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - 30/03/2009 - C:\Windows\System32\DRIVERS\avipbb.sys (avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\Beep.sys (Beep) .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP O64 - Services: CurCS - 04/07/2012 - C:\Windows\system32\browser.dll (bowser) .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\cdfs.sys (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\cng.sys (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE O64 - Services: CurCS - 10/04/2013 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL O64 - Services: CurCS - 18/12/2008 - C:\windows\system32\Drivers\eusk2par.sys (eusk2par) .(.Aladdin Knowledge Systems Ltd. - SmartKey Parallel Driver.) - LEGACY_EUSK2PAR O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\fastfat.sys (fastfat) .(.Microsoft Corporation - Fast FAT File System Driver.) - LEGACY_FASTFAT O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR O64 - Services: CurCS - 24/01/2013 - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecpkg.sys (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV O64 - Services: CurCS - 29/09/2012 - C:\windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\webclnt.dll (MRxDAV) .(.Microsoft Corporation - Fichier DLL du service DAV pour le Web.) - LEGACY_MRXDAV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10 O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20 O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\nwifi.sys (NativeWifiP) .(.Microsoft Corporation - Pilote de miniport WiFi natif.) - LEGACY_NATIVEWIFIP O64 - Services: CurCS - 22/08/2012 - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\DRIVERS\ndisuio.sys (Ndisuio) .(.Microsoft Corporation - Pilote d’E/S du mode utilisateur NDIS.) - LEGACY_NDISUIO O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pcw.sys (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\peauth.sys (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\spldr.sys (spldr) .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR O64 - Services: CurCS - 05/12/2010 - C:\Windows\System32\Drivers\sptd.sys (sptd) .(.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) - LEGACY_SPTD O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2 O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET O64 - Services: CurCS - 11/05/2009 - C:\Windows\System32\DRIVERS\ssmdrv.sys (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP O64 - Services: CurCS - 03/10/2012 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP O64 - Services: CurCS - 15/05/2010 - C:\Windows\System32\DRIVERS\vsdatant.sys (Vsdatant) .(.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - LEGACY_VSDATANT O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\vwififlt.sys (vwififlt) .(.Microsoft Corporation - Virtual WiFi Filter Driver.) - LEGACY_VWIFIFLT O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6 O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000) .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000 O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\wfplwf.sys (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\WudfPf.sys (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF ~ Legacy: 74 Scanned in 00mn 01s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ FASS Keys: 19 Scanned in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - Bing ~ Keys: Scanned in 00mn 00s ---\\ Crack & Keygen Files (O82) C:\Users\philippe leclercq\AppData\Roaming\uTorrent\Adobe Acrobat 7.0 Professional + keygen.zip.torrent =>P2P.µTorrent C:\Users\philippe leclercq\AppData\Roaming\uTorrent\Adobe Acrobat 7.0 Professional + keygen.zip.torrent =>P2P.µTorrent ~ Files: Scanned in 01mn 31s ---\\ Recherche des services démarrés par Svchost (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [62464] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [168960] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [593408] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [674304] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [473600] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [286208] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [75264] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [49664] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [300544] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [242176] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [521216] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [1933848] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [585728] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [328192] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [499712] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [21504] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [47104] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [49664] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [61440] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [98304] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164352] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [750592] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [71168] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [113664] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [102912] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [37376] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [76800] ~ Services: 32 Scanned in 00mn 01s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.0D3B680986310AE5540578C0E481C6A0] [sPRF][02/03/2010] (...) -- C:\ProgramData\FullRemove.exe [131984] [MD5.CA3EDB923F1E762D820EA3D3830E88D5] [sPRF][09/07/2013] (...) -- C:\Users\philippe leclercq\AppData\Local\Temp\ICReinstall_VuuPC_Setup.exe [591904] [MD5.1078C8BD8C62CF4DEE6FE1058C3D56A7] [sPRF][12/07/2013] (...) -- C:\Users\philippe leclercq\Desktop\adwcleaner.exe [650027] [MD5.1EC9CFB7C0309CC479D1C9ACB5744117] [sPRF][12/07/2013] (.Oleg N. Scherbakov - 7z Setup SFX.) -- C:\Users\philippe leclercq\Desktop\JRT.exe [559306] [MD5.585CAD98B9DCFD8FFDB55B99946D5597] [sPRF][06/07/2013] (.Pas de propriétaire - Nettoyage des fichiers temporaires.) -- C:\Users\philippe leclercq\Desktop\SFTGC.exe [1064342] [MD5.CA3EDB923F1E762D820EA3D3830E88D5] [sPRF][09/07/2013] (...) -- C:\Users\philippe leclercq\Desktop\VuuPC_Setup.exe [591904] [MD5.C4B0A988EBF817CB52BA2E8979771772] [sPRF][06/07/2013] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\philippe leclercq\Desktop\ZHPDiag2.exe [5701171] [MD5.279BE2F0827082F7F5BA149290CE0F69] [sPRF][20/12/2010] (.Direction Générale des Impôts - Module de délivrance de certificat MINEFI.) -- C:\Windows\Downloaded Program Files\CERTDGI1.dll [105944] [MD5.92149D7FC2B90B189F8AEECC2F9DDCEE] [sPRF][12/02/2007] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\Windows\Downloaded Program Files\IDropENU.dll [114792] ~ Files: Scanned in 00mn 02s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "FPS-LLMNR-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-TCP-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "{0C356285-224D-4988-B599-382E3E366D14}" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{25DE5CF8-8540-4AF7-B7B7-82379F794AB3}" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{4FA3ECBA-F511-4A77-8364-02B56B7D75C6}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{F0817109-B2C2-4C0F-BB5F-EF61F1DCDF6C}" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{1CB5EB54-520B-4144-9C65-9F74D464D437}" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{20F9C29D-6E5B-4C20-80CC-6E7A0E7F0352}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe ~ Firewall: 117 Scanned in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : v2.12676 - (05/07/2013) Clés trouvées (Keys found) : 7 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 [HKLM\Software\Classes\CLSID\{AC6240AE-33B6-40D3-8683-31BBE86049A0}] =>Toolbar.Conduit [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6240AE-33B6-40D3-8683-31BBE86049A0}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ef79f67a-6ad7-4715-a0f8-932fca442023}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ef79f67a-6ad7-4715-a0f8-932fca442023}] =>Toolbar.Conduit [HKLM\Software\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF79F67A-6AD7-4715-A0F8-932FCA442023}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF79F67A-6AD7-4715-A0F8-932FCA442023}] =>Toolbar.Conduit ~ Additionnel Scan: 207206 Items scanned in 00mn 50s ---\\ Product Upgrade Codes (O90) O90 - PUC: "0C22D86408082E118BE68BCAF689CC3E" . (.Google Earth.) -- C:\windows\Installer\{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}\ARPPRODUCTICON.exe O90 - PUC: "1B3A5E831FDA0E7408426713A003BE63" . (.LiveUpdate.) -- C:\windows\Installer\{38E5A3B1-ADF1-47E0-8024-76310A30EB36}\ARPPRODUCTICON.exe O90 - PUC: "26FCC409D8185764CB673DE73B999F71" . (.Gestionnaire pour appareils Windows Mobile.) -- C:\windows\Installer\{904CCF62-818D-4675-BC76-D37EB399F917}\wmdc.exe O90 - PUC: "44D1C85F9CA48E840994A7C6FDBC14C5" . (.LocaleMe.) -- C:\windows\Installer\{F58C1D44-4AC9-48E8-9049-7A6CDFCB415C}\ARPPRODUCTICON.exe O90 - PUC: "502643A929AE60441BBA0573D93A0F75" . (.Autodesk DWF Viewer 7.) -- C:\windows\Installer\{9A346205-EA92-4406-B1AB-50379DA3F057}\ARPPRODUCTICON.exe O90 - PUC: "84DE94E7E76B72A438D9EE8095A069BB" . (.Boingo Wi-Fi.) -- C:\windows\Installer\{7E49ED48-B67E-4A27-839D-EE08590A96BB}\BoingoIco.exe O90 - PUC: "907018673D7AD86419761A87C0E167C6" . (.Windows Live FolderShare.) -- C:\windows\Installer\{76810709-A7D3-468D-9167-A1780C1E766C}\FolderShare48x48.ico O90 - PUC: "99F08771FD9AB054183B76182BA0718A" . (.FontResizer.) -- C:\windows\Installer\{17780F99-A9DF-450B-81B3-6781B20A17A8}\ARPPRODUCTICON.exe O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon O90 - PUC: "DDB6C50237B7ED245850A990F3532A83" . (.Outil de téléchargement Windows Live.) -- C:\windows\Installer\{205C6BDD-7B73-42DE-8505-9A093F35A238}\RichUpload.ico O90 - PUC: "E7FF67E4ABEA78C47B88DC745E24B5D9" . (.Skype™ 6.5.) -- C:\windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe O90 - PUC: "F6071111A6667304777712318267D401" . (.JavaFX 2.1.1.) -- C:\windows\Installer\{1111706F-666A-4037-7777-211328764D10}\javaIcon.ico ~ Update Products: 57 Scanned in 00mn 00s ---\\ MyComputer Name Space (O92) O92 - MNS: ASUS WebStorage Drive - {d6044399-0b9e-4084-a9ac-c4b7c7800fcf} ~ MNS: 1 Scanned in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 14/06/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 13/05/2009 108289 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe SR - | Auto 21/07/2009 185089 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe SR - | Auto 219136 | (AsusService) . (...) - C:\Windows\System32\AsusService.exe SS - | Demand 12/04/2011 85096 | (Autodesk Licensing Service) . (.Autodesk.) - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe SS - | Auto 04/12/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 04/12/2010 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SR - | Auto 05/06/2009 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe SR - | Auto 29/09/2012 399432 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe SR - | Auto 29/09/2012 676936 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe SR - | Auto 14/07/2009 20992 | C:\windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SR - | Auto 14/07/2009 20992 | C:\windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SR - | Auto 22/09/2010 249136 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe SS - | Auto 03/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe SR - | Auto 20/05/2010 2437176 | (vsmon) . (.Check Point Software Technologies LTD.) - C:\Windows\System32\ZoneLabs\vsmon.exe SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 04s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover ~ MBR: 1 Scanned in 00mn 02s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by philippe leclercq at 12/07/2013 19:03:09 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 04s ---\\ Malicius Software Information ~ Toolbar.Conduit - Malicius Software Information =>Toolbar.Conduit ~ MSI: 1 link(s) detected in 00mn 07s End of the scan (1314 lines in 08mn 22s)(2) merci encore

bonsoir quand je clic sur : Téléchargements - Outils de Xplode - AdwCleaner j arrive sur une page où la seule proposition de telechargement est située à droite dans un écran et j'obtiens " VuuPC_Setup.exe ".Je n'ose pas le lancer puisqu'il ne s'agit pas à priori de ADWCleaner

rapport zhp diag: © CJoint.com, 2012 rapport sft : © CJoint.com, 2012

bonjour monpc estlent et les pages internet plantent souvent aidez moi svp

deuxieme rapport : # AdwCleaner v2.105 - Rapport créé le 13/01/2013 à 18:53:55 # Mis à jour le 08/01/2013 par Xplode # Système d'exploitation : Windows 7 Home Premium (64 bits) # Nom d'utilisateur : elisabeth - ELISABETH-TOSH # Mode de démarrage : Normal # Exécuté depuis : C:\Users\elisabeth\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U5AJEL6A\adwcleaner (1).exe # Option [suppression] ***** [services] ***** ***** [Fichiers / Dossiers] ***** ***** [Registre] ***** ***** [Navigateurs] ***** -\\ Internet Explorer v9.0.8112.16457 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v18.0 (fr) Fichier : C:\Users\elisabeth\AppData\Roaming\Mozilla\Firefox\Profiles\4qxhj5sx.default\prefs.js [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[R1].txt - [1050 octets] - [13/01/2013 18:34:21] AdwCleaner[R2].txt - [1094 octets] - [13/01/2013 18:51:08] AdwCleaner[s1].txt - [1115 octets] - [13/01/2013 18:37:32] AdwCleaner[s2].txt - [1028 octets] - [13/01/2013 18:53:55] ########## EOF - C:\AdwCleaner[s2].txt - [1088 octets] ##########

rapport : # AdwCleaner v2.105 - Rapport créé le 13/01/2013 à 18:51:08 # Mis à jour le 08/01/2013 par Xplode # Système d'exploitation : Windows 7 Home Premium (64 bits) # Nom d'utilisateur : elisabeth - ELISABETH-TOSH # Mode de démarrage : Normal # Exécuté depuis : C:\Users\elisabeth\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U5AJEL6A\adwcleaner (1).exe # Option [Recherche] ***** [services] ***** ***** [Fichiers / Dossiers] ***** ***** [Registre] ***** ***** [Navigateurs] ***** -\\ Internet Explorer v9.0.8112.16457 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v18.0 (fr) Fichier : C:\Users\elisabeth\AppData\Roaming\Mozilla\Firefox\Profiles\4qxhj5sx.default\prefs.js [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[R1].txt - [1050 octets] - [13/01/2013 18:34:21] AdwCleaner[R2].txt - [906 octets] - [13/01/2013 18:51:08] AdwCleaner[s1].txt - [1115 octets] - [13/01/2013 18:37:32] ########## EOF - C:\AdwCleaner[R2].txt - [1025 octets] ##########

voici le rapport : http://cjoint.com/?CAntaSPGRXA ___________________ EDIT ______________________ Ce genre de rapport, par sa longueur, est susceptible de bloquer le sujet et de le rendre ainsi inaccessible pour toi, comme pour le Helper qui t'a pris en charge. Il convient d'héberger les documents volumineux, par exemple chez . C'est que je viens de faire ici. Merci - Tonton.

bonjour mon pc est anormalement lent et se bloque sur firefox pouvez vous m aider ?

bonjour ca a l air d aller. Je n ai plus de fenetre qui s affiche toute seule merci pour tout

bonjour All processes killed ========== OTL ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully! Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\ not found. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{ef79f67a-6ad7-4715-a0f8-932fca442023} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ef79f67a-6ad7-4715-a0f8-932fca442023}\ not found. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{704F44C6-BB9D-4C0F-BB50-CD99876C35EC}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{704F44C6-BB9D-4C0F-BB50-CD99876C35EC}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DBE038AB-ABB8-4DD2-88CC-1271944A1BB9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBE038AB-ABB8-4DD2-88CC-1271944A1BB9}\ not found. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\searchplugin folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\modules folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\META-INF folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\defaults folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\components folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\chrome folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{ef79f67a-6ad7-4715-a0f8-932fca442023}\searchplugin folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{ef79f67a-6ad7-4715-a0f8-932fca442023}\modules folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{ef79f67a-6ad7-4715-a0f8-932fca442023}\META-INF folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{ef79f67a-6ad7-4715-a0f8-932fca442023}\defaults folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{ef79f67a-6ad7-4715-a0f8-932fca442023}\components folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{ef79f67a-6ad7-4715-a0f8-932fca442023}\chrome folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{ef79f67a-6ad7-4715-a0f8-932fca442023} folder moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 321 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: philippe leclercq ->Temp folder emptied: 1514806 bytes ->Temporary Internet Files folder emptied: 3541725 bytes ->Java cache emptied: 517339 bytes ->Google Chrome cache emptied: 115480278 bytes ->Flash cache emptied: 42152 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 5 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 121699787 bytes RecycleBin emptied: 40960 bytes Total Files Cleaned = 232.00 mb OTL by OldTimer - Version 3.2.57.0 log created on 08202012_121858 Files\Folders moved on Reboot... C:\windows\temp\TMP0000000824DC9173D9B75C4B moved successfully. C:\windows\temp\ZLT07b5b.TMP moved successfully. PendingFileRenameOperations files... File C:\windows\temp\TMP0000000824DC9173D9B75C4B not found! File C:\windows\temp\ZLT07b5b.TMP not found! Registry entries deleted on Reboot...

bonjour # AdwCleaner v1.801 - Rapport créé le 18/08/2012 à 09:39:21 # Mis à jour le 14/08/2012 par Xplode # Système d'exploitation : Windows 7 Starter Service Pack 1 (32 bits) # Nom d'utilisateur : philippe leclercq - INVISIBLE # Mode de démarrage : Normal # Exécuté depuis : C:\Users\philippe leclercq\Downloads\adwcleaner.exe # Option [suppression] ***** [services] ***** ***** [Fichiers / Dossiers] ***** ***** [Registre] ***** ***** [Registre - GUID] ***** ***** [Navigateurs] ***** -\\ Internet Explorer v8.0.7601.17514 [OK] Le registre ne contient aucune entrée illégitime. -\\ Google Chrome v21.0.1180.79 Fichier : C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[s1].txt - [7105 octets] - [15/08/2012 18:40:28] AdwCleaner[s2].txt - [891 octets] - [18/08/2012 09:39:21] ########## EOF - C:\AdwCleaner[s2].txt - [1018 octets] ########## Malwarebytes Anti-Malware (Essai) 1.62.0.1300 www.malwarebytes.org Version de la base de données: v2012.08.17.06 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 8.0.7601.17514 philippe leclercq :: INVISIBLE [administrateur] Protection: Activé 18/08/2012 10:25:49 mbam-log-2012-08-18 (10-25-49).txt Type d'examen: Examen complet (C:\|D:\|) Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 319064 Temps écoulé: 1 heure(s), 56 minute(s), 15 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 0 (Aucun élément nuisible détecté) (fin) OTL logfile created on: 8/18/2012 1:57:26 PM - Run 1 OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\philippe leclercq\Downloads Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000409 | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1014.18 Mb Total Physical Memory | 100.38 Mb Available Physical Memory | 9.90% Memory free 1.55 Gb Paging File | 0.15 Gb Available in Paging File | 10.01% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 80.00 Gb Total Space | 0.70 Gb Free Space | 0.87% Space Free | Partition Type: NTFS Drive D: | 54.03 Gb Total Space | 0.01 Gb Free Space | 0.01% Space Free | Partition Type: NTFS Computer Name: INVISIBLE | User Name: philippe leclercq | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\philippe leclercq\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe () PRC - C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe () PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD) PRC - C:\Windows\System32\AsusService.exe () PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) ========== Modules (No Company Name) ========== MOD - C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll () MOD - C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll () MOD - C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll () MOD - C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\21.0.1180.79\libglesv2.dll () MOD - C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\21.0.1180.79\libegl.dll () MOD - C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\21.0.1180.79\avutil-51.dll () MOD - C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\21.0.1180.79\avformat-54.dll () MOD - C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\21.0.1180.79\avcodec-54.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll () MOD - C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe () MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\PROGRA~1\ASUS\ASUSWE~1\3084~1.161\ASUSWS~1.DLL () ========== Win32 Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MotoHelper) -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe () SRV - (Autodesk Licensing Service) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk) SRV - (vsmon) -- C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD) SRV - (AsusService) -- C:\Windows\System32\AsusService.exe () SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (RimUsb) -- System32\Drivers\RimUsb.sys File not found DRV - (motusbdevice) -- system32\DRIVERS\motusbdevice.sys File not found DRV - (Motousbnet) -- system32\DRIVERS\Motousbnet.sys File not found DRV - (MotoSwitchService) -- system32\DRIVERS\motswch.sys File not found DRV - (motmodem) -- system32\DRIVERS\motmodem.sys File not found DRV - (motccgpfl) -- system32\DRIVERS\motccgpfl.sys File not found DRV - (motccgp) -- system32\DRIVERS\motccgp.sys File not found DRV - (motandroidusb) -- System32\Drivers\motoandroid.sys File not found DRV - (btwrchid) -- C:\windows\system32\DRIVERS\btwrchid.sys File not found DRV - (btwl2cap) -- system32\DRIVERS\btwl2cap.sys File not found DRV - (btwavdt) -- C:\windows\system32\DRIVERS\btwavdt.sys File not found DRV - (btwaudio) -- system32\drivers\btwaudio.sys File not found DRV - (BTCFilterService) -- system32\DRIVERS\motfilt.sys File not found DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (AsUpIO) -- C:\Windows\System32\drivers\AsUpIO.sys () DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (Vsdatant) -- C:\Windows\System32\drivers\vsdatant.sys (Check Point Software Technologies LTD) DRV - (L1C) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.) DRV - (btusbflt) -- C:\Windows\System32\drivers\btusbflt.sys (Broadcom Corporation.) DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( ) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation) DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = {searchTerms} - Bing IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = ASUS Eee Family | Easy to Learn, Work and Play [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - No CLSID value found IE - HKCU\..\URLSearchHook: {ef79f67a-6ad7-4715-a0f8-932fca442023} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = {searchTerms} - Bing IE - HKCU\..\SearchScopes\{704F44C6-BB9D-4C0F-BB50-CD99876C35EC}: "URL" = {searchTerms} - Yahoo! France Résultats de recherche IE - HKCU\..\SearchScopes\{DBE038AB-ABB8-4DD2-88CC-1271944A1BB9}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=KSO&o=41647939&src=crm&q={searchTerms}&locale=fr_FR&apn_ptnrs=7R&apn_dtid=YYYYYYYYFR&apn_uid=3f59661f-8d64-4990-a477-ee220244000c&apn_sauid=B9D17693-229C-49E0-9EE7-BC0392703FBC& IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {e2fda1a4-762b-4020-b5ad-a41df1933103}:1.0b2 FF - prefs.js..extensions.enabledItems: fr-classique-reforme1990@dictionaries.addons.mozilla.org:3.9.2 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\philippe leclercq\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\philippe leclercq\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\philippe leclercq\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) [2010/12/06 13:57:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\philippe leclercq\AppData\Roaming\mozilla\Extensions [2010/12/06 13:57:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\philippe leclercq\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012/01/01 21:59:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions [2011/12/06 20:58:32 | 000,000,000 | ---D | M] (uTorrentBar_FR Community Toolbar) -- C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} [2012/01/01 21:59:20 | 000,000,000 | ---D | M] (BittorrentBar_FR Community Toolbar) -- C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{ef79f67a-6ad7-4715-a0f8-932fca442023} [2010/12/07 22:44:09 | 000,000,000 | ---D | M] (Lightning) -- C:\USERS\PHILIPPE LECLERCQ\APPDATA\ROAMING\THUNDERBIRD\PROFILES\N1R7AGUE.DEFAULT\EXTENSIONS\{E2FDA1A4-762B-4020-B5AD-A41DF1933103} [2010/12/07 22:58:39 | 000,000,000 | ---D | M] (Dictionnaire français «Classique & Réforme 1990») -- C:\USERS\PHILIPPE LECLERCQ\APPDATA\ROAMING\THUNDERBIRD\PROFILES\N1R7AGUE.DEFAULT\EXTENSIONS\FR-CLASSIQUE-REFORME1990@DICTIONARIES.ADDONS.MOZILLA.ORG ========== Chrome ========== CHR - homepage: Google CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: Google CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\21.0.1180.79\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Java Platform SE 7 U2 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Ma-Config.com plugin (Enabled) = C:\Program Files\ma-config.com\nphardwaredetection.dll CHR - Extension: YouTube = C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Recherche Google = C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: FD Plugin = C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaankaoacjlcnkdfagcnnncmeojkoeai\1.0.2_1\ CHR - Extension: Gmail = C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found. O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKCU..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} https://static.impots.gouv.fr/abos/static/securite/certdgi1_2-0.cab (Module de délivrance de certificat MINEFI) O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_5_2_1_0.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5CBBC60F-00AF-41ED-9CA1-46055DD437ED}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F537F381-17A3-443A-A90E-23BC2441989D}: NameServer = 172.16.48.242,172.16.48.244 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{65e1d9b1-9c22-11e0-baf0-20cf30426731}\Shell - "" = AutoRun O33 - MountPoints2\{65e1d9b1-9c22-11e0-baf0-20cf30426731}\Shell\AutoRun\command - "" = E:\setup.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.i420 - C:\windows\System32\i420vfw.dll (www.helixcommunity.org) Drivers32: vidc.yv12 - C:\windows\System32\yv12vfw.dll (www.helixcommunity.org) PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: vsmon - C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD) SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {69E9D29D-482A-4DDA-D1CB-7E1A9A07A627} - Offline Browsing Pack ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {9A9B7981-608F-76B3-2831-FCB18EEF7CA5} - Themes Setup ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CACB6E31-8047-3D19-C342-5C33695EE5AA} - Browser Customizations ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Reg Error: Value error. ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.i420 - C:\windows\System32\i420vfw.dll (www.helixcommunity.org) Drivers32: vidc.yv12 - C:\windows\System32\yv12vfw.dll (www.helixcommunity.org) ========== Files/Folders - Created Within 30 Days ========== [2012/08/18 09:37:46 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys [2012/08/15 19:22:49 | 000,000,000 | ---D | C] -- C:\Users\philippe leclercq\AppData\Roaming\Malwarebytes [2012/08/15 19:22:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/08/15 19:22:20 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2012/08/15 19:22:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012/08/15 18:40:36 | 000,627,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll [2012/08/15 18:40:33 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2012/08/15 18:40:32 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2012/08/15 18:40:31 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2012/08/15 18:40:31 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll [2012/08/15 18:40:23 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\srcore.dll [2012/08/15 18:40:17 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys [2012/08/15 18:40:04 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\browcli.dll [2012/08/01 09:15:48 | 000,000,000 | ---D | C] -- C:\Users\philippe leclercq\Desktop\contenu motorola defy [2012/07/31 19:42:20 | 000,000,000 | ---D | C] -- C:\Users\philippe leclercq\Desktop\Nouveau dossier [2012/07/25 10:38:25 | 000,000,000 | ---D | C] -- C:\Users\philippe leclercq\Desktop\Camera [2011/07/02 14:16:07 | 000,092,064 | ---- | C] (MCCI) -- C:\Users\philippe leclercq\mqdmmdm.sys [2011/07/02 14:16:07 | 000,079,328 | ---- | C] (MCCI) -- C:\Users\philippe leclercq\mqdmserd.sys [2011/07/02 14:16:07 | 000,066,656 | ---- | C] (MCCI) -- C:\Users\philippe leclercq\mqdmbus.sys [2011/07/02 14:16:07 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Users\philippe leclercq\usbsermptxp.sys [2011/07/02 14:16:07 | 000,022,768 | ---- | C] (Microsoft Corporation) -- C:\Users\philippe leclercq\usbsermpt.sys [2011/07/02 14:16:07 | 000,009,232 | ---- | C] (MCCI) -- C:\Users\philippe leclercq\mqdmmdfl.sys [2011/07/02 14:16:07 | 000,006,208 | ---- | C] (MCCI) -- C:\Users\philippe leclercq\mqdmcmnt.sys [2011/07/02 14:16:07 | 000,005,936 | ---- | C] (MCCI) -- C:\Users\philippe leclercq\mqdmwhnt.sys [2011/07/02 14:16:07 | 000,004,048 | ---- | C] (MCCI) -- C:\Users\philippe leclercq\mqdmcr.sys [1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/08/18 14:02:13 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2012/08/18 13:53:00 | 000,001,078 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2012/08/18 13:48:00 | 000,001,002 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2012/08/18 13:39:01 | 000,001,126 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2091292328-1087205343-3181550619-1000UA.job [2012/08/18 11:39:11 | 000,001,074 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2091292328-1087205343-3181550619-1000Core.job [2012/08/18 10:25:34 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys [2012/08/18 10:25:34 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/08/18 10:25:34 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/08/18 10:17:36 | 000,001,074 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2012/08/18 10:17:02 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2012/08/18 10:16:57 | 797,581,312 | -HS- | M] () -- C:\hiberfil.sys [2012/08/17 09:22:56 | 000,522,016 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2012/08/15 18:48:29 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe [2012/08/15 18:48:29 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl [2012/08/14 14:24:07 | 000,704,508 | ---- | M] () -- C:\windows\System32\perfh00C.dat [2012/08/14 14:24:07 | 000,616,036 | ---- | M] () -- C:\windows\System32\perfh009.dat [2012/08/14 14:24:07 | 000,130,782 | ---- | M] () -- C:\windows\System32\perfc00C.dat [2012/08/14 14:24:07 | 000,106,416 | ---- | M] () -- C:\windows\System32\perfc009.dat [2012/08/12 12:32:06 | 000,405,828 | ---- | M] () -- C:\Users\philippe leclercq\Desktop\100_6421.JPG [2012/08/09 08:44:02 | 000,401,274 | ---- | M] () -- C:\Users\philippe leclercq\Desktop\100_6420.JPG [2012/07/29 20:41:00 | 004,334,592 | ---- | M] () -- C:\Users\philippe leclercq\Desktop\contacts outlook.pst [1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/08/18 14:02:13 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2012/08/12 17:05:30 | 000,401,274 | ---- | C] () -- C:\Users\philippe leclercq\Desktop\100_6420.JPG [2012/08/12 16:56:58 | 000,405,828 | ---- | C] () -- C:\Users\philippe leclercq\Desktop\100_6421.JPG [2012/07/29 20:39:51 | 004,334,592 | ---- | C] () -- C:\Users\philippe leclercq\Desktop\contacts outlook.pst [2012/04/20 18:56:05 | 000,027,648 | ---- | C] () -- C:\windows\System32\AVSredirect.dll [2012/01/13 19:48:45 | 000,200,468 | ---- | C] () -- C:\windows\System32\drivers\RTAIODAT.DAT [2011/12/30 20:53:19 | 000,000,019 | ---- | C] () -- C:\windows\info9.ini [2011/12/30 20:53:19 | 000,000,019 | ---- | C] () -- C:\windows\info7.ini [2011/12/30 20:53:19 | 000,000,019 | ---- | C] () -- C:\windows\info4.ini [2011/12/30 20:53:19 | 000,000,019 | ---- | C] () -- C:\windows\info10.ini [2011/07/02 16:31:00 | 000,038,458 | ---- | C] () -- C:\Users\philippe leclercq\AppData\Roaming\Valeurs séparées par une virgule (Windows).ADR [2011/07/02 16:22:12 | 000,038,443 | ---- | C] () -- C:\Users\philippe leclercq\AppData\Roaming\Microsoft Excel 97-2003.ADR [2011/07/02 14:16:07 | 000,009,913 | ---- | C] () -- C:\Users\philippe leclercq\MCCI_MDM.INF [2011/07/02 14:16:07 | 000,009,232 | ---- | C] () -- C:\Users\philippe leclercq\USB_MOT_BRIT.INF [2011/07/02 14:16:07 | 000,007,201 | ---- | C] () -- C:\Users\philippe leclercq\USBMOT2000.INF [2011/07/02 14:16:07 | 000,006,989 | ---- | C] () -- C:\Users\philippe leclercq\MCCI_BUS.INF [2011/07/02 14:16:07 | 000,006,141 | ---- | C] () -- C:\Users\philippe leclercq\USBMOT2000XP.INF [2011/07/02 14:16:07 | 000,005,960 | ---- | C] () -- C:\Users\philippe leclercq\USB_MOT_A1000.INF [2011/07/02 14:16:07 | 000,005,880 | ---- | C] () -- C:\Users\philippe leclercq\USB_CMCS_2000.INF [2011/07/02 14:16:07 | 000,004,477 | ---- | C] () -- C:\Users\philippe leclercq\MCCI_SDM.INF [2011/07/02 14:15:51 | 000,114,656 | ---- | C] () -- C:\Users\philippe leclercq\1309608951-(null) - Copie [2011/07/02 14:15:51 | 000,067,229 | ---- | C] () -- C:\Users\philippe leclercq\1309608951-(null) [2011/06/28 22:36:23 | 000,000,069 | ---- | C] () -- C:\windows\NeroDigital.ini [2011/01/29 18:00:22 | 000,974,848 | ---- | C] () -- C:\windows\System32\cis-2.4.dll [2011/01/29 18:00:22 | 000,081,920 | ---- | C] () -- C:\windows\System32\issacapi_bs-2.3.dll [2011/01/29 18:00:22 | 000,065,536 | ---- | C] () -- C:\windows\System32\issacapi_pe-2.3.dll [2011/01/29 18:00:22 | 000,057,344 | ---- | C] () -- C:\windows\System32\issacapi_se-2.3.dll [2010/12/09 22:59:29 | 000,000,000 | ---- | C] () -- C:\windows\mtstack.INI [2010/12/08 00:01:30 | 000,000,376 | ---- | C] () -- C:\windows\ODBC.INI [2010/12/07 23:34:10 | 000,033,134 | ---- | C] () -- C:\Users\philippe leclercq\AppData\Roaming\UserTile.png [2010/12/07 23:25:38 | 000,015,872 | ---- | C] () -- C:\Users\philippe leclercq\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/12/07 22:26:48 | 000,045,056 | ---- | C] () -- C:\windows\System32\mtstack.exe [2010/12/04 23:11:02 | 000,116,224 | ---- | C] () -- C:\windows\System32\pdfcmnnt.dll [2010/12/04 20:42:50 | 000,006,144 | ---- | C] () -- C:\windows\System32\drivers\ASUSHWIO.SYS [2010/12/04 19:29:57 | 000,000,117 | ---- | C] () -- C:\windows\TmPfw.ini [2010/12/04 19:12:53 | 000,004,692 | ---- | C] () -- C:\windows\System32\drivers\SamSfPa.dat [2010/12/04 19:12:53 | 000,000,008 | ---- | C] () -- C:\windows\System32\drivers\rtkhdaud.dat [2010/06/24 18:10:26 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== Custom Scans ========== < HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl|FEATURE_BROWSER_EMULATION /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\prevhost.exe: 8000 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\sllauncher.exe: 8000 < HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs > < HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs > < hklm\software\clients\startmenuinternet|command /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/08/14 06:31:01 | 001,229,848 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/08/14 06:31:01 | 001,229,848 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/08/14 06:31:01 | 001,229,848 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/08/14 06:31:01 | 001,229,848 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2010/11/20 14:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2010/11/20 14:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2010/11/20 14:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2010/11/20 14:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2010/11/20 14:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) < hklm\software\clients\startmenuinternet|command /64 /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/08/14 06:31:01 | 001,229,848 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/08/14 06:31:01 | 001,229,848 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/08/14 06:31:01 | 001,229,848 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/08/14 06:31:01 | 001,229,848 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2010/11/20 14:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2010/11/20 14:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2010/11/20 14:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2010/11/20 14:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2010/11/20 14:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) < HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers /s > "timer" = timer.drv -- [2009/07/13 23:41:39 | 000,004,048 | ---- | M] (Microsoft Corporation) < HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc /s > "C:\Windows\System32\l3codeca.acm" = Fraunhofer IIS MPEG Layer-3 Codec "wdmaud.drv" = Realtek High Definition Audio "vfwwdm32.dll" = WDM Video For Windows Capture Driver (Win32) "sirenacm.dll" = Messenger Audio Codec < %temp%\smtmp\1\*.* /s > < %temp%\smtmp\2\*.* /s > < %temp%\smtmp\4\*.* /s > < nslookup Google /c > DNS request timed out. timeout was 2 seconds. Serveur : UnKnown Address: 172.16.48.242 < %systemroot%\system32\drivers\*.sys /lockedfiles > [2010/05/15 17:30:50 | 000,461,400 | ---- | M] (Check Point Software Technologies LTD) Unable to obtain MD5 -- C:\windows\system32\drivers\vsdatant.sys < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009/07/14 03:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\windows\system32\LocationApi.dll [1 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < End of report >

Bonjour J'ai en permanence des fenêtres qui s'ouvrent d'une façon intempestive de chez ACTU: Comment gagner de l'argent facile avec les options binaires pouvez vous m'aider ? Merci

# AdwCleaner v1.703 - Rapport créé le 27/07/2012 à 20:08:13 # Mis à jour le 20/07/2012 par Xplode # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits) # Nom d'utilisateur : marion - PORTABLEAMARION # Exécuté depuis : C:\Users\marion\Downloads\adwcleaner.exe # Option [suppression] ***** [services] ***** Arrêté & Supprimé : supdate ***** [Fichiers / Dossiers] ***** Dossier Supprimé : C:\Users\marion\AppData\Local\Babylon Dossier Supprimé : C:\Users\marion\AppData\Local\Conduit Dossier Supprimé : C:\Users\marion\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_mpfapcdfbbledbojijcbcclmlieaoogk_0 Dossier Supprimé : C:\Users\marion\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn Dossier Supprimé : C:\Users\marion\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaihkehdlhkocphopopahkfjcfcphef Dossier Supprimé : C:\Users\marion\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} Dossier Supprimé : C:\Users\marion\AppData\Local\I Want This Dossier Supprimé : C:\Users\marion\AppData\Local\Ilivid Player Dossier Supprimé : C:\Users\marion\AppData\LocalLow\BabylonToolbar Dossier Supprimé : C:\Users\marion\AppData\LocalLow\Conduit Dossier Supprimé : C:\Users\marion\AppData\LocalLow\searchquband Dossier Supprimé : C:\Users\marion\AppData\LocalLow\Searchqutoolbar Dossier Supprimé : C:\Users\marion\AppData\Roaming\Babylon Dossier Supprimé : C:\Users\marion\AppData\Roaming\Mozilla\Firefox\Profiles\oqexwpxc.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} Dossier Supprimé : C:\Users\marion\AppData\Roaming\Mozilla\Firefox\Profiles\oqexwpxc.default\extensions\ffxtlbr@babylon.com Dossier Supprimé : C:\ProgramData\Babylon Dossier Supprimé : C:\ProgramData\boost_interprocess Dossier Supprimé : C:\ProgramData\SweetIM Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly Supprimé au redémarrage : C:\Program Files (x86)\BabylonToolbar Dossier Supprimé : C:\Program Files (x86)\Boxore Supprimé au redémarrage : C:\Program Files (x86)\Conduit Supprimé au redémarrage : C:\Program Files (x86)\DealPly Dossier Supprimé : C:\Program Files (x86)\I Want This Dossier Supprimé : C:\Program Files (x86)\Ilivid Supprimé au redémarrage : C:\Program Files (x86)\Searchqu Toolbar Dossier Supprimé : C:\Program Files (x86)\SweetIM Dossier Supprimé : C:\Program Files (x86)\Vuze_Remote Supprimé au redémarrage : C:\Program Files (x86)\Windows Searchqu Toolbar Dossier Supprimé : C:\Windows\Installer\{FB697452-8CA4-46B4-98B1-165C922A2EF3} Fichier Supprimé : C:\Users\marion\AppData\Roaming\Mozilla\Firefox\Profiles\oqexwpxc.default\searchplugins\SweetIm.xml ***** [Registre] ***** [*] Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0002258.BHO [*] Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0002258.BHO.1 [*] Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0002258.FBApi [*] Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0002258.FBApi.1 [*] Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0002258.Sandbox [*] Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0002258.Sandbox.1 [*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT1750559 [*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2613520 Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit Clé Supprimée : HKCU\Software\AppDataLow\Software\I Want This Clé Supprimée : HKCU\Software\AppDataLow\Software\searchqutoolbar Clé Supprimée : HKCU\Software\AppDataLow\Toolbar Clé Supprimée : HKCU\Software\BabylonToolbar Clé Supprimée : HKCU\Software\Conduit Clé Supprimée : HKCU\Software\Cr_Installer Clé Supprimée : HKCU\Software\DataMngr Clé Supprimée : HKCU\Software\DataMngr_Toolbar Clé Supprimée : HKCU\Software\DealPly Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Clé Supprimée : HKCU\Software\ilivid Clé Supprimée : HKCU\Software\Softonic Clé Supprimée : HKCU\Software\SweetIm Clé Supprimée : HKLM\SOFTWARE\Babylon Clé Supprimée : HKLM\SOFTWARE\BabylonToolbar Clé Supprimée : HKLM\SOFTWARE\Boxore Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Clé Supprimée : HKLM\SOFTWARE\Classes\b Clé Supprimée : HKLM\SOFTWARE\Classes\Babylon.dskBnd Clé Supprimée : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1 Clé Supprimée : HKLM\SOFTWARE\Classes\bbylnApp.appCore Clé Supprimée : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1 Clé Supprimée : HKLM\SOFTWARE\Classes\escort.escortIEPane Clé Supprimée : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Clé Supprimée : HKLM\SOFTWARE\Classes\escort.escrtBtn.1 Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1 Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Features\64A6E60055D801F4BB8AC269354B72B8 Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Products\64A6E60055D801F4BB8AC269354B72B8 Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160 Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24 Clé Supprimée : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils Clé Supprimée : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1 Clé Supprimée : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator Clé Supprimée : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1 Clé Supprimée : HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.software.oneclickctrl.8 Clé Supprimée : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard Clé Supprimée : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1 Clé Supprimée : HKLM\SOFTWARE\Classes\sim-packages Clé Supprimée : HKLM\SOFTWARE\Classes\Software.OneClickCtrl.8 Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass.1 Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine.1.0 Clé Supprimée : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar Clé Supprimée : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1 Clé Supprimée : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook Clé Supprimée : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1 Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.sweetie Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1 Clé Supprimée : HKLM\SOFTWARE\Conduit Clé Supprimée : HKLM\SOFTWARE\DataMngr Clé Supprimée : HKLM\SOFTWARE\DealPly Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\jeaihkehdlhkocphopopahkfjcfcphef Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ForceRenive Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{006E6A46-8D55-4F10-BBA8-2C9653B4278B} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6084C211-01A1-464E-97A0-09772E122B50} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 0 MediaBar Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar Clé Supprimée : HKLM\SOFTWARE\Moovida Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@www.dlmanager.net/omaha/tools//Software Update;version=8 Clé Supprimée : HKLM\SOFTWARE\SearchquMediabarTb Clé Supprimée : HKLM\SOFTWARE\Software Clé Supprimée : HKLM\SOFTWARE\SweetIM Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [boxore Client] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [sweetIM] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [sweetpacks Communicator] Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{9CD2384C-143B-4790-A075-E7FEFE2A554B}] [x64] Clé Supprimée : HKLM\SOFTWARE\DataMngr [x64] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160 [x64] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24 [x64] Clé Supprimée : HKLM\SOFTWARE\Software ***** [Registre - GUID] ***** Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{32451DFC-C23B-4E12-866C-FC7982238504} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{092A2C6B-43EE-4F9F-8F8E-14ED5E11C14B} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110011221158} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022222258} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{257A6158-1416-4B31-9BF8-29FF49F3814F} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{32451DFC-C23B-4E12-866C-FC7982238504} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{33333333-3333-3333-3333-330033223358} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{7555B87D-D711-48B2-B97D-04DF700652BA} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AC5C4189-A8A0-4C9D-8910-C9CEF8360077} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C9FC4C5A-2C9B-4E41-8DA2-2F379D74CF45} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055225558} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066226658} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{736EF78E-5A04-46F9-893E-EDEC6EA5DF45} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077227758} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7A1BCE27-099C-4628-B63A-AEC00C6376B3} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AF3AFF7C-B9E9-48DD-9002-212B6DEAAC02} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DBE82879-914A-422F-BAE9-2ECC80BE536F} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E12D7149-73EF-45E4-A1E9-99FD7DAE62D3} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F2B184F1-547C-4EE9-BFC4-AC489C7077D9} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044224458} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65BCD620-07DD-012F-819F-073CF1B8F7C6} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7555B87D-D711-48B2-B97D-04DF700652BA} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C9FC4C5A-2C9B-4E41-8DA2-2F379D74CF45} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7555B87D-D711-48B2-B97D-04DF700652BA} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C9FC4C5A-2C9B-4E41-8DA2-2F379D74CF45} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}] Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}] [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055225558} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066226658} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077227758} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB} [x64] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} [x64] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0} ***** [Navigateurs] ***** -\\ Internet Explorer v9.0.8112.16421 Remplacé : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10016&barid={5AE97EE4-862A-467C-8CF3-4731662F2CA8} --> hxxp://www.google.com Remplacé : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchnu.com/406 --> hxxp://www.google.com -\\ Mozilla Firefox v [impossible d'obtenir la version] Nom du profil : default Fichier : C:\Users\marion\AppData\Roaming\Mozilla\Firefox\Profiles\oqexwpxc.default\prefs.js C:\Users\marion\AppData\Roaming\Mozilla\Firefox\Profiles\oqexwpxc.default\user.js ... Supprimé ! Supprimée : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Supprimée : user_pref("CT2504091.CTID", "CT2504091"); Supprimée : user_pref("CT2504091.CurrentServerDate", "28-8-2010"); Supprimée : user_pref("CT2504091.DialogsAlignMode", "LTR"); Supprimée : user_pref("CT2504091.DownloadReferralCookieData", ""); Supprimée : user_pref("CT2504091.EMailNotifierPollDate", "Sat Aug 28 2010 04:20:05 GMT+0200"); Supprimée : user_pref("CT2504091.FeedLastCount129079840422964131", 10); Supprimée : user_pref("CT2504091.FeedPollDate128891351169457140", "Sat Aug 28 2010 05:35:05 GMT+0200"); Supprimée : user_pref("CT2504091.FeedPollDate129079840422964131", "Sat Aug 28 2010 03:35:07 GMT+0200"); Supprimée : user_pref("CT2504091.FeedTTL128891351169457140", 40); Supprimée : user_pref("CT2504091.FirstServerDate", "28-8-2010"); Supprimée : user_pref("CT2504091.FirstTime", true); Supprimée : user_pref("CT2504091.FirstTimeFF3", true); Supprimée : user_pref("CT2504091.FirstTimeSettingsDone", true); Supprimée : user_pref("CT2504091.FixPageNotFoundErrors", true); Supprimée : user_pref("CT2504091.GroupingServerCheckInterval", 1440); Supprimée : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Supprimée : user_pref("CT2504091.Initialize", true); Supprimée : user_pref("CT2504091.InitializeCommonPrefs", true); Supprimée : user_pref("CT2504091.InstallationAndCookieDataSentCount", 2); Supprimée : user_pref("CT2504091.InstallationType", "UnknownIntegration"); Supprimée : user_pref("CT2504091.InstalledDate", "Sat Aug 28 2010 01:35:05 GMT+0200"); Supprimée : user_pref("CT2504091.IsGrouping", false); Supprimée : user_pref("CT2504091.IsMulticommunity", false); Supprimée : user_pref("CT2504091.IsOpenThankYouPage", false); Supprimée : user_pref("CT2504091.IsOpenUninstallPage", false); Supprimée : user_pref("CT2504091.LanguagePackLastCheckTime", "Sat Aug 28 2010 01:35:07 GMT+0200"); Supprimée : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440); Supprimée : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Supprimée : user_pref("CT2504091.LastLogin_2.7.2.0", "Sat Aug 28 2010 05:35:06 GMT+0200"); Supprimée : user_pref("CT2504091.LatestVersion", "2.7.2.0"); Supprimée : user_pref("CT2504091.Locale", "en-us"); Supprimée : user_pref("CT2504091.LoginCache", 4); Supprimée : user_pref("CT2504091.MCDetectTooltipHeight", "83"); Supprimée : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Supprimée : user_pref("CT2504091.MCDetectTooltipWidth", "295"); Supprimée : user_pref("CT2504091.SearchFromAddressBarIsInit", true); Supprimée : user_pref("CT2504091.SearchInNewTabEnabled", true); Supprimée : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440); Supprimée : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Sat Aug 28 2010 01:35:05 GMT+0200"); Supprimée : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Supprimée : user_pref("CT2504091.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...] Supprimée : user_pref("CT2504091.SettingsCheckIntervalMin", 120); Supprimée : user_pref("CT2504091.SettingsLastCheckTime", "Sat Aug 28 2010 01:35:04 GMT+0200"); Supprimée : user_pref("CT2504091.SettingsLastUpdate", "1281645367"); Supprimée : user_pref("CT2504091.ThirdPartyComponentsInterval", 504); Supprimée : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Sat Aug 28 2010 01:35:03 GMT+0200"); Supprimée : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1246790578"); Supprimée : user_pref("CT2504091.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...] Supprimée : user_pref("CT2504091.UserID", "UN47128897205225606"); Supprimée : user_pref("CT2504091.ValidationData_Toolbar", 1); Supprimée : user_pref("CT2504091.alertChannelId", "897164"); Supprimée : user_pref("CT2504091.clientLogIsEnabled", true); Supprimée : user_pref("CT2504091.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...] Supprimée : user_pref("CT2504091.myStuffEnabled", true); Supprimée : user_pref("CT2504091.myStuffPublihserMinWidth", 400); Supprimée : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Supprimée : user_pref("CT2504091.myStuffServiceIntervalMM", 1440); Supprimée : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Supprimée : user_pref("CT2504091.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...] Supprimée : user_pref("browser.startup.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10016&barid={5AE97EE4-[...] Supprimée : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "www.google.fr"); Supprimée : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10016&barid={5AE9[...] Supprimée : user_pref("browser.search.defaultenginename", "SweetIM Search"); Supprimée : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); Supprimée : user_pref("browser.search.selectedEngine", "SweetIM Search"); Supprimée : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", ""); -\\ Google Chrome v20.0.1132.57 Fichier : C:\Users\marion\AppData\Local\Google\Chrome\User Data\Default\Preferences Supprimée : "homepage": "hxxp://www.searchnu.com/406", Supprimée : "urls_to_restore_on_startup": [ "hxxp://www.searchnu.com/406", "hxxp://www.google.fr/" ] Supprimée : "name": "Search Results", Supprimée : "search_url": "hxxp://dts.search-results.com/sr?src=crb&appid=101&systemid=406&sr=0&q={searchT[...] Supprimée : "description": "SweetIm for Facebook", Supprimée : "name": "SweetIM for Facebook", Supprimée : "homepage": "hxxp://www.searchnu.com/406", Supprimée : "urls_to_restore_on_startup": [ "hxxp://www.searchnu.com/406", "hxxp://www.google.fr/" ] ************************* AdwCleaner[R1].txt - [40397 octets] - [27/07/2012 20:03:39] AdwCleaner[s1].txt - [31744 octets] - [27/07/2012 20:08:13] ########## EOF - C:\AdwCleaner[s1].txt - [31873 octets] ########## Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Version de la base de données: v2012.07.27.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 marion :: PORTABLEAMARION [administrateur] Protection: Activé 27/07/2012 20:32:44 mbam-log-2012-07-27 (20-32-44).txt Type d'examen: Examen complet (C:\|D:\|) Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 365882 Temps écoulé: 1 heure(s), 44 minute(s), 55 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 8 C:\Users\marion\Downloads\freeyoutubetomp3_telechargement_01net.exe (PUP.Toolbar.Repacked) -> Mis en quarantaine et supprimé avec succès. C:\Users\marion\Downloads\SoftonicDownloader_pour_winds-pro (1).exe (PUP.ToolbarDownloader) -> Mis en quarantaine et supprimé avec succès. C:\Users\marion\Downloads\SoftonicDownloader_pour_winds-pro (2).exe (PUP.ToolbarDownloader) -> Mis en quarantaine et supprimé avec succès. C:\Users\marion\Downloads\SoftonicDownloader_pour_winds-pro (3).exe (PUP.ToolbarDownloader) -> Mis en quarantaine et supprimé avec succès. C:\Users\marion\Downloads\SoftonicDownloader_pour_winds-pro.exe (PUP.ToolbarDownloader) -> Mis en quarantaine et supprimé avec succès. C:\Users\marion\Downloads\video_downloader (1).exe (PUP.BundleInstaller.VG) -> Mis en quarantaine et supprimé avec succès. C:\Users\marion\Downloads\video_downloader (2).exe (PUP.BundleInstaller.VG) -> Mis en quarantaine et supprimé avec succès. C:\Users\marion\Downloads\video_downloader.exe (PUP.BundleInstaller.VG) -> Mis en quarantaine et supprimé avec succès. (fin)

pjjoint.malekal.com - Submit a file

Merci de ton aide Il y a un petit probleme: le diag se fait bien mais il m'est impossible d'acceder au rapport comme tu me l'a ecris.Alors je te l'ai copier coller ci dessus: Rapport de ZHPDiag v1.31.11 par Nicolas Coolman, Update du 21/07/2012 Run by marion at 27/07/2012 15:58:30 -édit- Suppression du rapport, trop volumineux pour être raisonnablement copié/collé directement dans un message, et de toute façon hébergé chez cjoint (cf. message #5 ci-dessous).

Bonjour, Mon PC est très long a chaque commande. Se connecter sur Internet se solde souvent par un échec. Quand j'ai lance CCleaner, a un moment une fenêtre m'a indiqué qu'il y avait un cheval de Troie dans le système. Quelqu'un peut-il m'aider ? Merci d'avance.

[bonsoir merci pour le conseil voici le rapport Crash dump directory: C:\Windows\Minidump Crash dumps are enabled on your computer. On Wed 30/11/2011 14:48:30 GMT your computer crashed crash dump file: C:\Windows\Minidump\Mini113011-01.dmp This was probably caused by the following module: ntkrnlpa.exe (nt+0x4DFD9) Bugcheck code: 0xA (0x118, 0x1D, 0x0, 0xFFFFFFFF82A81AD8) Error: IRQL_NOT_LESS_OR_EQUAL file path: C:\Windows\system32\ntkrnlpa.exe product: Microsoft® Windows® Operating System company: Microsoft Corporation description: NT Kernel & System Bug check description: This indicates that Microsoft Windows or a kernel-mode driver accessed paged memory at DISPATCH_LEVEL or above. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time. On Wed 30/11/2011 14:48:30 GMT your computer crashed crash dump file: C:\Windows\memory.dmp This was probably caused by the following module: tcpip.sys (tcpip+0x6E479) Bugcheck code: 0xA (0x118, 0x1D, 0x0, 0xFFFFFFFF82A81AD8) Error: IRQL_NOT_LESS_OR_EQUAL file path: C:\Windows\system32\drivers\tcpip.sys product: Microsoft® Windows® Operating System company: Microsoft Corporation description: TCP/IP Driver Bug check description: This indicates that Microsoft Windows or a kernel-mode driver accessed paged memory at DISPATCH_LEVEL or above. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. The crash took place in a standard Microsoft module. Your system configuration may be incorrect. Possibly this problem is caused by another driver on your system which cannot be identified at this time. On Fri 25/11/2011 22:15:51 GMT your computer crashed crash dump file: C:\Windows\Minidump\Mini112511-01.dmp This was probably caused by the following module: ntkrnlpa.exe (nt+0x4DFD9) Bugcheck code: 0xA (0x4, 0x2, 0x0, 0xFFFFFFFF82A95BF7) Error: IRQL_NOT_LESS_OR_EQUAL file path: C:\Windows\system32\ntkrnlpa.exe product: Microsoft® Windows® Operating System company: Microsoft Corporation description: NT Kernel & System Bug check description: This indicates that Microsoft Windows or a kernel-mode driver accessed paged memory at DISPATCH_LEVEL or above. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time. On Fri 04/11/2011 10:09:14 GMT your computer crashed crash dump file: C:\Windows\Minidump\Mini110411-01.dmp This was probably caused by the following module: avgntflt.sys (avgntflt+0xD174) Bugcheck code: 0xC5 (0xFFFFFFFFABFEAEEC, 0x2, 0x1, 0xFFFFFFFF82B34010) Error: DRIVER_CORRUPTED_EXPOOL file path: C:\Windows\system32\drivers\avgntflt.sys product: AntiVir Workstation company: Avira GmbH description: Avira Minifilter Driver Bug check description: This indicates that the system attempted to access invalid memory at a process IRQL that was too high. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules. A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: avgntflt.sys (Avira Minifilter Driver, Avira GmbH). Google query: avgntflt.sys Avira GmbH DRIVER_CORRUPTED_EXPOOL -------------------------------------------------------------------------------- Conclusion -------------------------------------------------------------------------------- 4 crash dumps have been found and analyzed. A third party driver has been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers: avgntflt.sys (Avira Minifilter Driver, Avira GmbH) If no updates for these drivers are available, try searching with Google on the names of these drivers in combination the errors that have been reported for these drivers and include the brand and model name of your computer as well in the query. This often yields interesting results from discussions from users who have been experiencing similar problems. Read the topic general suggestions for troubleshooting system crashes for more information. Note that it's not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further. pouvez vous me le dechiffrer ? merci

Bonsoir Régulièrement le pc s'arrete et le fameux ecran bleu apparait. Je suis obligé de rebooter violemment !!!!!!!!!!!!!!! help !!!!!!!!!!

Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Version de la base de données: 7411 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.19088 08/08/2011 19:34:43 mbam-log-2011-08-08 (19-34-43).txt Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|) Elément(s) analysé(s): 113566 Temps écoulé: 20 minute(s), 22 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): Le pc n'a plus eu d'ecran bleu depuis quelques jours. L'antivirus ne signale plus de message d'alerte.

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 18:41:02 le 08/08/2011, Mode normal Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) HP@PC-HP (HP-Pavilion KB022AA-ABF m9170.fr) ============== ACTION(S) ============== Service: "MyWebSearchService" Stoppé et supprimé Fichier supprimé: C:\Windows\system32\f3PSSavr.scr Fichier supprimé: C:\Users\HP\AppData\Roaming\Mozilla\FireFox\Profiles\cgw2qftj.default\searchplugins\mywebsearch.xml Dossier supprimé: C:\Users\HP\AppData\LocalLow\FunWebProducts Dossier supprimé: C:\Program Files\FunWebProducts Dossier supprimé: C:\Users\HP\AppData\LocalLow\MyWebSearch Dossier supprimé: C:\Program Files\MyWebSearch Dossier supprimé: C:\ProgramData\PopCap Games Dossier supprimé: C:\Users\HP\AppData\Roaming\OfferBox Fichier supprimé: C:\Program Files\Windows Live\Messenger\Riched20.dll Fichier supprimé: C:\Program Files\Windows Live\Messenger\Msimg32.dll Fichier supprimé: C:\Users\HP\AppData\Local\tyfrwcbw.bat (!) -- Fichiers temporaires supprimés. -- Fichier ouvert: C:\Users\HP\AppData\Roaming\Mozilla\FireFox\Profiles\cgw2qftj.default\Prefs.js -- Ligne supprimée: user_pref("extensions.enabledItems", "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1,{e4a8a97b-f2ed-45... Ligne supprimée: user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensea... Ligne supprimée: user_pref("extensions.mywebsearch.prevKwdEnabled", true); Ligne supprimée: user_pref("extensions.mywebsearch.prevKwdURL", "chrome://browser-region/locale/region.properties"); Ligne supprimée: user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZKxdm607YYFR&ptb... -- Fichier Fermé -- Clé supprimée: HKLM\Software\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44cf-8957-5838F569A31D} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44cf-8957-5838F569A31D} Clé supprimée: HKLM\Software\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44cf-8957-5838F569A31D} Clé supprimée: HKLM\Software\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} Clé supprimée: HKLM\Software\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} Clé supprimée: HKLM\Software\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} Clé supprimée: HKLM\Software\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} Clé supprimée: HKLM\Software\Classes\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} Clé supprimée: HKLM\Software\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} Clé supprimée: HKLM\Software\Classes\CLSID\{2EECCC1A-4CA0-492F-838D-AC1FC26CB327} Clé supprimée: HKLM\Software\Classes\Interface\{2EECCC1A-4CA0-492F-838D-AC1FC26CB327} Clé supprimée: HKLM\Software\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} Clé supprimée: HKLM\Software\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} Clé supprimée: HKLM\Software\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} Clé supprimée: HKLM\Software\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} Clé supprimée: HKLM\Software\Classes\CLSID\{65f0de9c-0ac1-416b-b8b6-b3d68dc76ea3} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{65f0de9c-0ac1-416b-b8b6-b3d68dc76ea3} Clé supprimée: HKLM\Software\Classes\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} Clé supprimée: HKLM\Software\Classes\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} Clé supprimée: HKLM\Software\Classes\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} Clé supprimée: HKLM\Software\Classes\CLSID\{799391D3-EB86-4bac-9BD3-CBFEA58A0E15} Clé supprimée: HKLM\Software\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302} Clé supprimée: HKLM\Software\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} Clé supprimée: HKLM\Software\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} Clé supprimée: HKLM\Software\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} Clé supprimée: HKLM\Software\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} Clé supprimée: HKLM\Software\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} Clé supprimée: HKLM\Software\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} Clé supprimée: HKLM\Software\Classes\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} Clé supprimée: HKLM\Software\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} Clé supprimée: HKLM\Software\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} Clé supprimée: HKLM\Software\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} Clé supprimée: HKLM\Software\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61} Clé supprimée: HKLM\Software\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} Clé supprimée: HKLM\Software\Classes\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} Clé supprimée: HKLM\Software\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} Clé supprimée: HKLM\Software\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA} Clé supprimée: HKLM\Software\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} Clé supprimée: HKLM\Software\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390} Clé supprimée: HKLM\Software\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} Clé supprimée: HKLM\Software\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728} Clé supprimée: HKLM\Software\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A} Clé supprimée: HKLM\Software\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} Clé supprimée: HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} Clé supprimée: HKLM\Software\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} Clé supprimée: HKLM\Software\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82} Clé supprimée: HKLM\Software\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906} Clé supprimée: HKLM\Software\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906} Clé supprimée: HKLM\Software\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} Clé supprimée: HKLM\Software\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C} Clé supprimée: HKLM\Software\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} Clé supprimée: HKLM\Software\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} Clé supprimée: HKLM\Software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF} Clé supprimée: HKLM\Software\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} Clé supprimée: HKLM\Software\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9} Clé supprimée: HKLM\Software\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9} Clé supprimée: HKLM\Software\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9} Clé supprimée: HKLM\Software\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2} Clé supprimée: HKLM\Software\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8} Clé supprimée: HKLM\Software\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69} Clé supprimée: HKLM\Software\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC} Clé supprimée: HKLM\Software\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D} Clé supprimée: HKLM\Software\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} Clé supprimée: HKLM\Software\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1} Clé supprimée: HKLM\Software\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477} Clé supprimée: HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} Clé supprimée: HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F} Clé supprimée: HKLM\Software\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612} Clé supprimée: HKLM\Software\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612} Clé supprimée: HKLM\Software\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8} Clé supprimée: HKLM\Software\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978} Clé supprimée: HKLM\Software\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} Clé supprimée: HKLM\Software\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} Clé supprimée: HKLM\Software\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} Clé supprimée: HKLM\Software\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} Clé supprimée: HKLM\Software\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} Clé supprimée: HKLM\Software\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302} Clé supprimée: HKLM\Software\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} Clé supprimée: HKLM\Software\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} Clé supprimée: HKLM\Software\Classes\TypeLib\{9D7233B0-0CC0-4938-8208-5B3F9D643873} Clé supprimée: HKLM\Software\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} Clé supprimée: HKLM\Software\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E} Clé supprimée: HKLM\Software\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} Clé supprimée: HKLM\Software\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} Clé supprimée: HKLM\Software\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C} Clé supprimée: HKLM\Software\Classes\FunWebProducts.DataControl Clé supprimée: HKLM\Software\Classes\FunWebProducts.DataControl.1 Clé supprimée: HKLM\Software\Classes\FunWebProducts.HistoryKillerScheduler Clé supprimée: HKLM\Software\Classes\FunWebProducts.HistoryKillerScheduler.1 Clé supprimée: HKLM\Software\Classes\FunWebProducts.HistorySwatterControlBar Clé supprimée: HKLM\Software\Classes\FunWebProducts.HistorySwatterControlBar.1 Clé supprimée: HKLM\Software\Classes\FunWebProducts.HTMLMenu Clé supprimée: HKLM\Software\Classes\FunWebProducts.HTMLMenu.1 Clé supprimée: HKLM\Software\Classes\FunWebProducts.HTMLMenu.2 Clé supprimée: HKLM\Software\Classes\FunWebProducts.IECookiesManager Clé supprimée: HKLM\Software\Classes\FunWebProducts.IECookiesManager.1 Clé supprimée: HKLM\Software\Classes\FunWebProducts.KillerObjManager Clé supprimée: HKLM\Software\Classes\FunWebProducts.KillerObjManager.1 Clé supprimée: HKLM\Software\Classes\FunWebProducts.PopSwatterBarButton Clé supprimée: HKLM\Software\Classes\FunWebProducts.PopSwatterBarButton.1 Clé supprimée: HKLM\Software\Classes\FunWebProducts.PopSwatterSettingsControl Clé supprimée: HKLM\Software\Classes\FunWebProducts.PopSwatterSettingsControl.1 Clé supprimée: HKLM\Software\Classes\MyWebSearch.ChatSessionPlugin Clé supprimée: HKLM\Software\Classes\MyWebSearch.ChatSessionPlugin.1 Clé supprimée: HKLM\Software\Classes\MyWebSearch.HTMLPanel Clé supprimée: HKLM\Software\Classes\MyWebSearch.HTMLPanel.1 Clé supprimée: HKLM\Software\Classes\MyWebSearch.MultipleButton Clé supprimée: HKLM\Software\Classes\MyWebSearch.MultipleButton.1 Clé supprimée: HKLM\Software\Classes\MyWebSearch.OutlookAddin Clé supprimée: HKLM\Software\Classes\MyWebSearch.OutlookAddin.1 Clé supprimée: HKLM\Software\Classes\MyWebSearch.PseudoTransparentPlugin Clé supprimée: HKLM\Software\Classes\MyWebSearch.PseudoTransparentPlugin.1 Clé supprimée: HKLM\Software\Classes\MyWebSearch.UrlAlertButton Clé supprimée: HKLM\Software\Classes\MyWebSearch.UrlAlertButton.1 Clé supprimée: HKLM\Software\Classes\MyWebSearchToolBar.SettingsPlugin Clé supprimée: HKLM\Software\Classes\MyWebSearchToolBar.SettingsPlugin.1 Clé supprimée: HKLM\Software\Classes\MyWebSearchToolBar.ToolbarPlugin Clé supprimée: HKLM\Software\Classes\MyWebSearchToolBar.ToolbarPlugin.1 Clé supprimée: HKLM\Software\Classes\ScreenSaverControl.ScreenSaverInstaller Clé supprimée: HKLM\Software\Classes\ScreenSaverControl.ScreenSaverInstaller.1 Clé supprimée: HKLM\Software\Conduit Clé supprimée: HKLM\Software\FocusInteractive Clé supprimée: HKLM\Software\Fun Web Products Clé supprimée: HKLM\Software\MyWebSearch Clé supprimée: HKLM\Software\PopCap Clé supprimée: HKCU\Software\FunWebProducts Clé supprimée: HKCU\Software\MyWebSearch Clé supprimée: HKCU\Software\PopCap Clé supprimée: HKCU\Software\AppDataLow\Software\Fun Web Products Clé supprimée: HKCU\Software\AppDataLow\Software\FunWebProducts Clé supprimée: HKCU\Software\AppDataLow\Software\MyWebSearch Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} Clé supprimée: HKLM\Software\Classes\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} Clé supprimée: HKLM\Software\Classes\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll Clé supprimée: HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss Clé supprimée: HKLM\Software\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin Clé supprimée: HKLM\Software\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} Clé supprimée: HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin Valeur supprimée: HKLM\Software\Microsoft\Windows Media\Wmsdk\Sources|F3PopularScreenSavers Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform|FunWebProducts Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|m3ffxtbr@mywebsearch.com Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|offerbox@spointer.com Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|My Web Search Bar Search Scope Monitor Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin Valeur supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00A6FAF6-072E-44CF-8957-5838F569A31D} Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA} Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA} ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [3.6.18 (fr)] **** HKLM_MozillaPlugins\@unity3d.com/UnityPlayer (x) -- C:\Users\HP\AppData\Roaming\Mozilla\FireFox\Profiles\cgw2qftj.default -- Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} (Greasemonkey) Prefs.js - browser.download.lastDir, C:\\Users\\HP\\Desktop\\Nouveau dossier Prefs.js - browser.search.selectedEngine, My Web Search Prefs.js - browser.startup.homepage, www.google.fr Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.18 ======================================== **** Internet Explorer Version [8.0.6001.19088] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_SearchScopes\{74B19991-2F3E-4428-AE17-71C7F6BEC7FC} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...) HKLM_SearchScopes\{74B19991-2F3E-4428-AE17-71C7F6BEC7FC} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...) HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} - C:\Program Files\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.) HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files\Neuf\Kit\9launch.exe (SFR) BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files\Neuf\Kit\SFRNavErrorHelper.dll) BHO\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} (?) BHO\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "Bing Bar Helper" ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x) ======================================== C:\Program Files\Ad-Remover\Quarantine: 167 Fichier(s) C:\Program Files\Ad-Remover\Backup: 16 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 08/08/2011 18:41:05 (19925 Octet(s)) C:\Ad-Report-SCAN[1].txt - 08/08/2011 18:36:36 (21702 Octet(s)) Fin à: 18:41:46, 08/08/2011 ============== E.O.F ==============

SCAN AD-R ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 18:36:29 le 08/08/2011, Mode normal Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) HP@PC-HP (HP-Pavilion KB022AA-ABF m9170.fr) ============== RECHERCHE ============== Service: "MyWebSearchService" Présent Fichier trouvé: C:\Windows\system32\f3PSSavr.scr Fichier trouvé: C:\Users\HP\AppData\Roaming\Mozilla\FireFox\Profiles\cgw2qftj.default\searchplugins\mywebsearch.xml Dossier trouvé: C:\Users\HP\AppData\LocalLow\FunWebProducts Dossier trouvé: C:\Program Files\FunWebProducts Dossier trouvé: C:\Users\HP\AppData\LocalLow\MyWebSearch Dossier trouvé: C:\Program Files\MyWebSearch Dossier trouvé: C:\ProgramData\PopCap Games Dossier trouvé: C:\Users\HP\AppData\Roaming\OfferBox Fichier trouvé: C:\Program Files\Windows Live\Messenger\Riched20.dll Fichier trouvé: C:\Program Files\Windows Live\Messenger\Msimg32.dll Fichier trouvé: C:\Users\HP\AppData\Local\tyfrwcbw.bat -- Fichier ouvert: C:\Users\HP\AppData\Roaming\Mozilla\FireFox\Profiles\cgw2qftj.default\Prefs.js -- Ligne trouvée: user_pref("extensions.enabledItems", "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1,{e4a8a97b-f2ed-45... Ligne trouvée: user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensea... Ligne trouvée: user_pref("extensions.mywebsearch.prevKwdEnabled", true); Ligne trouvée: user_pref("extensions.mywebsearch.prevKwdURL", "chrome://browser-region/locale/region.properties"); Ligne trouvée: user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZKxdm607YYFR&ptb... -- Fichier Fermé -- Clé trouvée: HKLM\Software\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D} Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44cf-8957-5838F569A31D} Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44cf-8957-5838F569A31D} Clé trouvée: HKLM\Software\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44cf-8957-5838F569A31D} Clé trouvée: HKLM\Software\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} Clé trouvée: HKLM\Software\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} Clé trouvée: HKLM\Software\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} Clé trouvée: HKLM\Software\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} Clé trouvée: HKLM\Software\Classes\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} Clé trouvée: HKLM\Software\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} Clé trouvée: HKLM\Software\Classes\CLSID\{2EECCC1A-4CA0-492F-838D-AC1FC26CB327} Clé trouvée: HKLM\Software\Classes\Interface\{2EECCC1A-4CA0-492F-838D-AC1FC26CB327} Clé trouvée: HKLM\Software\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} Clé trouvée: HKLM\Software\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} Clé trouvée: HKLM\Software\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} Clé trouvée: HKLM\Software\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} Clé trouvée: HKLM\Software\Classes\CLSID\{65f0de9c-0ac1-416b-b8b6-b3d68dc76ea3} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{65f0de9c-0ac1-416b-b8b6-b3d68dc76ea3} Clé trouvée: HKLM\Software\Classes\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} Clé trouvée: HKLM\Software\Classes\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} Clé trouvée: HKLM\Software\Classes\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} Clé trouvée: HKLM\Software\Classes\CLSID\{799391D3-EB86-4bac-9BD3-CBFEA58A0E15} Clé trouvée: HKLM\Software\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302} Clé trouvée: HKLM\Software\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} Clé trouvée: HKLM\Software\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} Clé trouvée: HKLM\Software\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} Clé trouvée: HKLM\Software\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} Clé trouvée: HKLM\Software\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} Clé trouvée: HKLM\Software\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} Clé trouvée: HKLM\Software\Classes\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} Clé trouvée: HKLM\Software\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} Clé trouvée: HKLM\Software\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} Clé trouvée: HKLM\Software\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} Clé trouvée: HKLM\Software\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61} Clé trouvée: HKLM\Software\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} Clé trouvée: HKLM\Software\Classes\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} Clé trouvée: HKLM\Software\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} Clé trouvée: HKLM\Software\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA} Clé trouvée: HKLM\Software\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} Clé trouvée: HKLM\Software\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390} Clé trouvée: HKLM\Software\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} Clé trouvée: HKLM\Software\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728} Clé trouvée: HKLM\Software\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A} Clé trouvée: HKLM\Software\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} Clé trouvée: HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} Clé trouvée: HKLM\Software\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} Clé trouvée: HKLM\Software\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82} Clé trouvée: HKLM\Software\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906} Clé trouvée: HKLM\Software\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906} Clé trouvée: HKLM\Software\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} Clé trouvée: HKLM\Software\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C} Clé trouvée: HKLM\Software\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} Clé trouvée: HKLM\Software\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} Clé trouvée: HKLM\Software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF} Clé trouvée: HKLM\Software\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} Clé trouvée: HKLM\Software\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9} Clé trouvée: HKLM\Software\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9} Clé trouvée: HKLM\Software\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9} Clé trouvée: HKLM\Software\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2} Clé trouvée: HKLM\Software\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8} Clé trouvée: HKLM\Software\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69} Clé trouvée: HKLM\Software\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC} Clé trouvée: HKLM\Software\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D} Clé trouvée: HKLM\Software\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} Clé trouvée: HKLM\Software\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1} Clé trouvée: HKLM\Software\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477} Clé trouvée: HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} Clé trouvée: HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F} Clé trouvée: HKLM\Software\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612} Clé trouvée: HKLM\Software\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612} Clé trouvée: HKLM\Software\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8} Clé trouvée: HKLM\Software\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978} Clé trouvée: HKLM\Software\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} Clé trouvée: HKLM\Software\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} Clé trouvée: HKLM\Software\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} Clé trouvée: HKLM\Software\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} Clé trouvée: HKLM\Software\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} Clé trouvée: HKLM\Software\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302} Clé trouvée: HKLM\Software\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} Clé trouvée: HKLM\Software\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} Clé trouvée: HKLM\Software\Classes\TypeLib\{9D7233B0-0CC0-4938-8208-5B3F9D643873} Clé trouvée: HKLM\Software\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} Clé trouvée: HKLM\Software\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E} Clé trouvée: HKLM\Software\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} Clé trouvée: HKLM\Software\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} Clé trouvée: HKLM\Software\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C} Clé trouvée: HKLM\Software\Classes\FunWebProducts.DataControl Clé trouvée: HKLM\Software\Classes\FunWebProducts.DataControl.1 Clé trouvée: HKLM\Software\Classes\FunWebProducts.HistoryKillerScheduler Clé trouvée: HKLM\Software\Classes\FunWebProducts.HistoryKillerScheduler.1 Clé trouvée: HKLM\Software\Classes\FunWebProducts.HistorySwatterControlBar Clé trouvée: HKLM\Software\Classes\FunWebProducts.HistorySwatterControlBar.1 Clé trouvée: HKLM\Software\Classes\FunWebProducts.HTMLMenu Clé trouvée: HKLM\Software\Classes\FunWebProducts.HTMLMenu.1 Clé trouvée: HKLM\Software\Classes\FunWebProducts.HTMLMenu.2 Clé trouvée: HKLM\Software\Classes\FunWebProducts.IECookiesManager Clé trouvée: HKLM\Software\Classes\FunWebProducts.IECookiesManager.1 Clé trouvée: HKLM\Software\Classes\FunWebProducts.KillerObjManager Clé trouvée: HKLM\Software\Classes\FunWebProducts.KillerObjManager.1 Clé trouvée: HKLM\Software\Classes\FunWebProducts.PopSwatterBarButton Clé trouvée: HKLM\Software\Classes\FunWebProducts.PopSwatterBarButton.1 Clé trouvée: HKLM\Software\Classes\FunWebProducts.PopSwatterSettingsControl Clé trouvée: HKLM\Software\Classes\FunWebProducts.PopSwatterSettingsControl.1 Clé trouvée: HKLM\Software\Classes\MyWebSearch.ChatSessionPlugin Clé trouvée: HKLM\Software\Classes\MyWebSearch.ChatSessionPlugin.1 Clé trouvée: HKLM\Software\Classes\MyWebSearch.HTMLPanel Clé trouvée: HKLM\Software\Classes\MyWebSearch.HTMLPanel.1 Clé trouvée: HKLM\Software\Classes\MyWebSearch.MultipleButton Clé trouvée: HKLM\Software\Classes\MyWebSearch.MultipleButton.1 Clé trouvée: HKLM\Software\Classes\MyWebSearch.OutlookAddin Clé trouvée: HKLM\Software\Classes\MyWebSearch.OutlookAddin.1 Clé trouvée: HKLM\Software\Classes\MyWebSearch.PseudoTransparentPlugin Clé trouvée: HKLM\Software\Classes\MyWebSearch.PseudoTransparentPlugin.1 Clé trouvée: HKLM\Software\Classes\MyWebSearch.UrlAlertButton Clé trouvée: HKLM\Software\Classes\MyWebSearch.UrlAlertButton.1 Clé trouvée: HKLM\Software\Classes\MyWebSearchToolBar.SettingsPlugin Clé trouvée: HKLM\Software\Classes\MyWebSearchToolBar.SettingsPlugin.1 Clé trouvée: HKLM\Software\Classes\MyWebSearchToolBar.ToolbarPlugin Clé trouvée: HKLM\Software\Classes\MyWebSearchToolBar.ToolbarPlugin.1 Clé trouvée: HKLM\Software\Classes\ScreenSaverControl.ScreenSaverInstaller Clé trouvée: HKLM\Software\Classes\ScreenSaverControl.ScreenSaverInstaller.1 Clé trouvée: HKLM\Software\Conduit Clé trouvée: HKLM\Software\FocusInteractive Clé trouvée: HKLM\Software\Fun Web Products Clé trouvée: HKLM\Software\MyWebSearch Clé trouvée: HKLM\Software\PopCap Clé trouvée: HKCU\Software\FunWebProducts Clé trouvée: HKCU\Software\MyWebSearch Clé trouvée: HKCU\Software\PopCap Clé trouvée: HKCU\Software\AppDataLow\Software\Fun Web Products Clé trouvée: HKCU\Software\AppDataLow\Software\FunWebProducts Clé trouvée: HKCU\Software\AppDataLow\Software\MyWebSearch Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} Clé trouvée: HKLM\Software\Classes\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} Clé trouvée: HKLM\Software\Classes\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7} Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll Clé trouvée: HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss Clé trouvée: HKLM\Software\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin Clé trouvée: HKLM\Software\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} Clé trouvée: HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin Valeur trouvée: HKLM\Software\Microsoft\Windows Media\Wmsdk\Sources|F3PopularScreenSavers Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform|FunWebProducts Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|m3ffxtbr@mywebsearch.com Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|offerbox@spointer.com Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|My Web Search Bar Search Scope Monitor Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00A6FAF6-072E-44CF-8957-5838F569A31D} Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA} Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA} ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [3.6.18 (fr)] **** HKLM_MozillaPlugins\@mywebsearch.com/Plugin (x) HKLM_MozillaPlugins\@unity3d.com/UnityPlayer (x) HKLM_Extensions|m3ffxtbr@mywebsearch.com - C:\Program Files\MyWebSearch\bar\1.bin HKLM_Extensions|offerbox@spointer.com - C:\Program Files\OfferBox\extensions-3.1.3878.129\offerbox@spointer.com (x) -- C:\Users\HP\AppData\Roaming\Mozilla\FireFox\Profiles\cgw2qftj.default -- Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} (Greasemonkey) Searchplugins\mywebsearch.xml (hxxp://search.mywebsearch.com/mywebsearch/cfg_redir2.jhtml) Prefs.js - browser.download.lastDir, C:\\Users\\HP\\Desktop\\Nouveau dossier Prefs.js - browser.search.selectedEngine, My Web Search Prefs.js - browser.startup.homepage, www.google.fr Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.18 Prefs.js - keyword.URL, hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZKxdm607YYFR&ptb=JDmVi.BPJaMkP5WDsRUk4g&ind=20101... ======================================== **** Internet Explorer Version [8.0.6001.19088] **** HKCU_Main|Search bar - hxxp://g.msn.fr/0SEFRFR/SAOS02 HKCU_Main|Search Page - hxxp://home.microsoft.com/access/allinone.asp HKCU_Main|Start Page - hxxp://google.fr/ HKLM_Main|Default_Page_URL - hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=81&bd=Pavilion&pf=desktop HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=81&bd=Pavilion&pf=desktop HKCU_URLSearchHooks|{00A6FAF6-072E-44cf-8957-5838F569A31D} - "?" (C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL) HKCU_SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} - "My Web Search" (hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZKxdm607YYFR&ptb=JDmVi...) HKCU_SearchScopes\{74B19991-2F3E-4428-AE17-71C7F6BEC7FC} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...) HKLM_SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} - "My Web Search" (hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZKxdm607YYFR&ptb=JDmVi...) HKLM_SearchScopes\{74B19991-2F3E-4428-AE17-71C7F6BEC7FC} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...) HKCU_Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL) HKLM_Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL) HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x) HKLM_ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} - C:\Program Files\MyWebSearch\bar\1.bin\m3impipe.exe (MyWebSearch.com) HKLM_ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} - C:\Windows\system32\f3PSSavr.scr (FunWebProducts.com) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} - C:\Program Files\MyWebSearch\bar\1.bin\m3SkPlay.exe (MyWebSearch.com) HKLM_ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} - C:\Program Files\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.) HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files\Neuf\Kit\9launch.exe (SFR) HKLM_ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} - C:\Program Files\MyWebSearch\bar\1.bin\m3medint.exe (MyWebSearch.com) HKLM_ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} - C:\Program Files\MyWebSearch\bar\1.bin\m3SlSrch.exe (MyWebSearch.com) HKLM_ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} - C:\Program Files\MyWebSearch\bar\1.bin\m3SrchMn.exe (MyWebSearch.com) BHO\{00A6FAF1-072E-44cf-8957-5838F569A31D} - "MyWebSearch Search Assistant BHO" (C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL) BHO\{07B18EA1-A523-4961-B6BB-170DE4475CCA} - "mwsBar BHO" (C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL) BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files\Neuf\Kit\SFRNavErrorHelper.dll) BHO\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} (?) BHO\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "Bing Bar Helper" ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x) ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files\Ad-Remover\Backup: 0 Fichier(s) C:\Ad-Report-SCAN[1].txt - 08/08/2011 18:36:36 (21563 Octet(s)) Fin à: 18:37:09, 08/08/2011 ============== E.O.F ==============

RAPPORT NAVILOG Fix Navipromo version 4.1.0 commencé le 08/08/2011 18:09:10,59 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! Outil exécuté depuis C:\navilog1 Mise à jour le 20.04.2011 à 09h00 par IL-MAFIOSO Microsoft® Windows Vista Édition Familiale Premium ( v6.0.6002 ) Service Pack 2 X86-based PC ( Multiprocessor Free : Intel® Core2 Quad CPU Q6600 @ 2.40GHz ) BIOS : BIOS Date: 12/31/07 10:10:58 Ver: 5.15 USER : HP ( Administrator ) BOOT : Normal boot Firewall : ZoneAlarm Firewall 7.1.254.000 (Activated) C:\ (Local Disk) - NTFS - Total:455 Go (Free:37 Go) D:\ (Local Disk) - NTFS - Total:10 Go (Free:1 Go) E:\ (Local Disk) - NTFS - Total:465 Go (Free:0 Go) F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go) G:\ (CD or DVD) H:\ (CD or DVD) - CDFS - Total:6 Go (Free:0 Go) I:\ (CD or DVD) - CDFS - Total:5 Go (Free:0 Go) J:\ (CD or DVD) - CDFS - Total:7 Go (Free:0 Go) Recherche executée en mode normal Nettoyage exécuté au redémarrage de l'ordinateur C:\Users\HP\AppData\Local\yquocua.dat supprimé ! C:\Users\HP\AppData\Local\yquocua_nav.dat supprimé ! C:\Users\HP\AppData\Local\yquocua_navps.dat supprimé ! Nettoyage contenu C:\Windows\Temp effectué ! Nettoyage contenu C:\Users\HP\AppData\Local\Temp effectué ! *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès !

Rapport de ZHPDiag v1.28.09 par Nicolas Coolman, Update du 01/08/2011 Run by HP at 01/08/2011 16:33:49 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.19088 (Defaut) MFIE: Mozilla Firefox v ---\\ System Information Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002) ~ Processor: x86 Family 6 Model 15 Stepping 11, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3326 MB (50% free) System Restore: Activé (Enable) System drive C: has 42 GB (9%) free of 455 GB ---\\ Logged in mode ~ Computer Name: PC-HP ~ User Name: HP ~ All Users Names: HP, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables ~ %AppData%=C:\Users\HP\AppData\Roaming\ ~ %Desktop%=C:\Users\HP\Desktop\ ~ %Favorites%=C:\Users\HP\Favorites\ ~ %LocalAppData%=C:\Users\HP\AppData\Local\ ~ %StartMenu%=C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 42 Go of 455 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 10 Go) E:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 466 Go) F:\ CD-ROM drive (Free 0 Go of 0 Go) G:\ CD-ROM drive (Not Inserted) H:\ CD-ROM drive (Free 0 Go of 6 Go) I:\ CD-ROM drive (Free 0 Go of 5 Go) J:\ CD-ROM drive (Free 0 Go of 8 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.25/11/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592] [MD5.4B555106290BD117334E9A08761C035A] - (....) (.02/11/2006 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.29/08/2008 - 08:33:37.) -- C:\Windows\system32\Wininit.exe [96768] [MD5.DE4685DE5130039FA63DA66C0F72F787] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.17/06/2011 - 07:08:58.) -- C:\Windows\system32\wininet.dll [916480] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.25/11/2009 - 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368] [MD5.4F4FCB8B6EA06784FB6D475B7EC7300F] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.02/11/2006 - 10:49:36.) -- C:\Windows\system32\drivers\atapi.sys [19048] [MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.25/11/2009 - 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/23 ~ Mes musiques (My Musics) : 3/8 ~ Mes Videos (My Videos) : 1/2 ~ Mes Favoris (My Favorites) : 2/126 ~ Mes Documents (My Documents) : 156/1720 ~ Mon Bureau (My Desktop) : 37/1591 ~ Menu demarrer (Programs) : 7/37 ~ Scan Hidden Files in 00mn 03s ---\\ Processus lancés [MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [MD5.9A4322EE420D6FACD4D4B1FF6CB856B1] - (.Hewlett-Packard Company - hpsysdrv.) -- C:\hp\support\hpsysdrv.exe [65536] [MD5.B1361669BDC6ED612C35B7C67ADA2240] - (.OsdMaestro - OsdMaestro main program.) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [118784] [MD5.D3804513FC9C11A4637392B4F0F43BC5] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [182808] [MD5.E8B180646BAE9E688D2E6D7EA8DED794] - (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [959976] [MD5.4AB05041D5C922B9A7A5D9059F5538CD] - (.Microsoft Corporation - User session Windows Mobile device handler.) -- C:\WINDOWS\WindowsMobile\wmdSync.exe [215552] [MD5.21293443961A4E2597453EE7A9347F22] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [54840] [MD5.4B555106290BD117334E9A08761C035A] - (...) -- C:\WINDOWS\System32\rundll32.exe [44544] [MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153] [MD5.689C6EA7A17B3AE0F2A0151465EF311E] - (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\jusched.exe [132760] [MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288] [MD5.A8E2D2429E86EE910CFF9594F8ADBEC8] - (.MyWebSearch.com - My Web Search Plugin Loader.) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE [32849] [MD5.53D96678FB89F056D5285101481297D9] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160] [MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\WINDOWS\ehome\ehtray.exe [125952] [MD5.46B54734D62FE2E094E2852C36CB9A61] - (.The Eraser Project - Eraser..) -- C:\Program Files\Eraser\Eraser.exe [916240] [MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [MD5.A07E8935CC8DCE6DB787DC99129CA17C] - (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe [1305408] [MD5.83170B8E03213093B065A9638E146499] - (.OpenOffice.org - OpenOffice.org 3.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe [7424000] [MD5.873867A02F0E83F18CF871E776B651DC] - (.OpenOffice.org - OpenOffice.org 3.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin [7418368] [MD5.7CAC10A1C258DFCB5ADE563BAE6D2F15] - (.Hewlett-Packard Company - KBD EXE.) -- C:\hp\kbd\kbd.exe [67128] [MD5.F5D800B0529769912BBB29FFBA6B0564] - (.Avira GmbH - Guard GUI Application.) -- C:\Program Files\Avira\AntiVir Desktop\GUARDGUI.EXE [366849] [MD5.A623666C8A8EC9A57DCA07915A3F1EC6] - (.Microsoft Corporation - Sauvegarde Microsoft® Windows.) -- C:\Windows\system32\sdclt.exe [1169408] [MD5.ED65737D70FDEAC29F738E77D2496EE5] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638232] [MD5.055713CD9E0C6AAC46AFBB3A5B95EF75] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [912344] [MD5.55B35599E4B8C20904CF6BE6F50A1F8D] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [MD5.D314901F9F9F1B0CB4F7C7B09AE1AF13] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [662528] ~ Scan Processes Running in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\cgw2qftj.default\prefs.js M3 - MFPP: Plugins - [HP] -- C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\cgw2qftj.default\searchplugins\mywebsearch.xml M3 - MFPP: Plugins - [HP] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [HP] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [HP] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [HP] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [HP] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [HP] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml M0 - MFSP: prefs.js [HP - cgw2qftj.default] www.google.fr M2 - MFEP: prefs.js [HP - cgw2qftj.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.) M2 - MFEP: prefs.js [HP - cgw2qftj.default\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}] [greasemonkey] Greasemonkey v0.9.5 (.Aaron Boodman; http://youngpup.net/.) P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@mywebsearch.com/Plugin] - (.MyWebSearch.com - My Web Search Plugin Stub for 32-bit Windows.) -- C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@unity3d.com/UnityPlayer] - (.Unity Technologies ApS - Unity Player 2.1.0f5.) -- C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com R0 - HKUS\S-1-5-21-3832752303-3851976336-1984439948-1000\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Bing R1 - HKUS\S-1-5-21-3832752303-3851976336-1984439948-1000\Software\Microsoft\Internet Explorer\Main,Search Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} . (.MyWebSearch.com - MyWebSearch Search Assistant.) (1, 2, 0, 1) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Scan Hosts File in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} . (.MyWebSearch.com - MyWebSearch Search Assistant.) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} . (.MyWebSearch.com - My Web Search Bar.) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} . (.SFR - Aide à la navigation SFR.) -- C:\Program Files\Neuf\Kit\SFRNavErrorHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} Clé orpheline O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll ~ Scan BHO in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (...) -- (.not file.) O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} . (.MyWebSearch.com - My Web Search Bar.) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. - Extensions du client Bing.) -- "C:\Program Files\Microsoft\BingBar\BingExt.dll" ~ Scan Toolbar in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard Company - hpsysdrv.) -- c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] . (...) -- C:\HP\KBD\KbdStub.exe O4 - HKLM\..\Run: [OsdMaestro] . (.OsdMaestro - OsdMaestro main program.) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe O4 - HKLM\..\Run: [iAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [sunJavaUpdateReg] . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\jureg.exe O4 - HKLM\..\Run: [ZoneAlarm Client] . (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [Windows Mobile-based device management] . (.Microsoft Corporation - User session Windows Mobile device handler.) -- C:\Windows\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] . (.MyWebSearch.com - MyWebSearch SearchScope Monitor.) -- C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe O4 - HKLM\..\Run: [MyWebSearch Email Plugin] . (.MyWebSearch.com - My Web Search Plugin Loader.) -- C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [MsnMsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - HKCU\..\Run: [Eraser] . (.The Eraser Project - Eraser..) -- C:\Program Files\Eraser\Eraser.exe O4 - HKCU\..\Run: [yquocua] c:\users\hp\appdata\local\yquocua.exe (.not file.) @MaCo O4 - HKCU\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [MyWebSearch Email Plugin] . (.MyWebSearch.com - My Web Search Plugin Loader.) -- C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-21-3832752303-3851976336-1984439948-1000\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKUS\S-1-5-21-3832752303-3851976336-1984439948-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-21-3832752303-3851976336-1984439948-1000\..\Run: [MsnMsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - HKUS\S-1-5-21-3832752303-3851976336-1984439948-1000\..\Run: [Eraser] . (.The Eraser Project - Eraser..) -- C:\Program Files\Eraser\Eraser.exe O4 - HKUS\S-1-5-21-3832752303-3851976336-1984439948-1000\..\Run: [yquocua] c:\users\hp\appdata\local\yquocua.exe (.not file.) @MaCo O4 - HKUS\S-1-5-21-3832752303-3851976336-1984439948-1000\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe O4 - HKUS\S-1-5-21-3832752303-3851976336-1984439948-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-21-3832752303-3851976336-1984439948-1000\..\Run: [MyWebSearch Email Plugin] . (.MyWebSearch.com - My Web Search Plugin Loader.) -- C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKUS\S-1-5-21-3832752303-3851976336-1984439948-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite Deluxe.lnk . (.CyberLink.) -- C:\Program Files\CyberLink\DVD Suite Deluxe\PowerStarter.exe O4 - Global Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe O4 - Global Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Users\HP\Desktop\Les offres internet Orange.lnk . (.Macromedia, Inc..) -- C:\Program Files\online services\Orange\orange.exe O4 - Global Startup: C:\Users\HP\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files\PhotoFiltre\PhotoFiltre.exe O4 - Global Startup: C:\Users\HP\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - Global Startup: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Easy Burner.lnk . (.Koyote Soft.) -- C:\Program Files\Free Easy Burner\FreeEasyBurner.exe O4 - Global Startup: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk . (.www.mipony.net.) -- C:\Program Files\MiPony\MiPony.exe O4 - Global Startup: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe ~ Scan Global Startup in 00mn 00s ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: Télécharger avec Mipony - (.not file.) - file:\\C:\Program Files\MiPony\Browser\IEContext.htm ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companion O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll ~ Scan Winsock in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_3_0_3_0.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-fr.cab ~ Scan Objets ActiveX in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{26BEB54A-564A-4B8F-A75A-876F2109955D}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{B74E9FDF-6760-40E1-BF1E-E7E09EE204C5}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\..\{B74E9FDF-6760-40E1-BF1E-E7E09EE204C5}: DhcpDomain = darty O17 - HKLM\System\CS1\Services\Tcpip\..\{26BEB54A-564A-4B8F-A75A-876F2109955D}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{B74E9FDF-6760-40E1-BF1E-E7E09EE204C5}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{B74E9FDF-6760-40E1-BF1E-E7E09EE204C5}: DhcpDomain = darty O17 - HKLM\System\CS2\Services\Tcpip\..\{26BEB54A-564A-4B8F-A75A-876F2109955D}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{B74E9FDF-6760-40E1-BF1E-E7E09EE204C5}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CS2\Services\Tcpip\..\{B74E9FDF-6760-40E1-BF1E-E7E09EE204C5}: DhcpDomain = darty ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll ~ Scan Protocole Additionnel in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll ~ Scan SSODL in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll ~ Scan STS/SSO in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Crypkey License (Crypkey License) . (.CrypKey (Canada) Ltd. - CrypKey NT Service.) - C:\Windows\System32\crypserv.exe O23 - Service: CopySafe Helper Service (CSHelper) . (...) - C:\Windows\system32\CSHelper.exe O23 - Service: Google Update Service (gupdate1c9b9b495cdbcb0) (gupdate1c9b9b495cdbcb0) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Chasis Button Service (HPBtnSrv) . (...) - c:\hp\HPEZBTN\HPBtnSrv.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: My Web Search Service (MyWebSearchService) . (.MyWebSearch.com - My Web Search Bar.) - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 182.5.) - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe O23 - Service: TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\WINDOWS\System32\ZoneLabs\vsmon.exe O23 - Service: {22D78859-9CE9-4B77-BF18-AC83E81A9263} ({22D78859-9CE9-4B77-BF18-AC83E81A9263}) . (.Cyberlink Corp. - FCL Driver.) - C:\Program Files\HP\DVDPlay\000.fcl ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.689C6EA7A17B3AE0F2A0151465EF311E] [APT] [JavaUpdateAdministrator] (.Sun Microsystems, Inc..) -- C:\Windows\system32\jusched.exe [MD5.689C6EA7A17B3AE0F2A0151465EF311E] [APT] [JavaUpdateHP] (.Sun Microsystems, Inc..) -- C:\Windows\system32\jusched.exe [MD5.56D30F21871239F143A0476F8BA0ED66] [APT] [Registration] (...) -- C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [MD5.61D3771702DE72053FEE2A98F213A030] [APT] [scheduled Maintanence] (.PC-Doctor, Inc..) -- C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe ~ Scan Scheduled Task in 00mn 02s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\System32\DRIVERS\avipbb.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: (dtsoftbus01) . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\System32\DRIVERS\dtsoftbus01.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: (NetworkX) . (...) - C:\Windows\system32\ckldrv.sys O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (Vsdatant) . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - C:\Windows\System32\DRIVERS\vsdatant.sys O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7} O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Alexander - (.Pas de propriétaire.) [HKLM] -- Alexander O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: ArtistScope Plugin IE - (.ArtistScope.) [HKLM] -- ArtistScope Plugin IE4.2.0.3 O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Cheval Académie - (.Nobilis.) [HKLM] -- {4AEEC5FF-0A75-4858-9B86-5144E0744AFD} O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite O42 - Logiciel: DVD Play HD DVD - (.Hewlett-Packard.) [HKLM] -- {45D707E9-F3C4-11D9-A373-0050BAE317E1} O42 - Logiciel: Dofus - (.UNKNOWN.) [HKLM] -- Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O42 - Logiciel: Eraser - (.Heidi Computers Ltd..) [HKLM] -- Eraser O42 - Logiciel: Eraser - (.Heidi Computers Ltd..) [HKLM] -- {F850707C-B6A0-4B56-8709-F89CF8F9AC6D} O42 - Logiciel: Fallout New Vegas version 1.2 - (.Ozer1.) [HKLM] -- {D89C9418-F38F-4F31-8FC4-D658ADB3D963}_is1 O42 - Logiciel: Fallout New Vegas version 1.3.0.452 - (.Ozer1.) [HKLM] -- {6BB06A04-06C2-4C11-B099-F1702DEE72C0}_is1 O42 - Logiciel: Favorit (yquocua) - (.Pas de propriétaire.) [HKLM] -- yquocua O42 - Logiciel: Free Easy Burner V 3.8 - (.Koyote soft.) [HKLM] -- Free Easy Burner_is1 O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {AFAD41A9-9687-48A3-848F-693C11451433} O42 - Logiciel: HP Easy Setup - Frontend - (.Hewlett-Packard.) [HKLM] -- {9885A11E-60E4-417C-B58B-8B31B21C0B8A} O42 - Logiciel: HP On-Screen Cap/Num/Scroll Lock Indicator - (.Hewlett-Packard.) [HKLM] -- OsdMaestro O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} O42 - Logiciel: LG USB Modem Driver - (.LG Electronics.) [HKLM] -- {C3ABE126-2BB2-4246-BFE1-6797679B3579} O42 - Logiciel: Launcher_PDC-staging - (.Launcher_PDC-staging.) [HKCU] -- 259783c65951166e O42 - Logiciel: Les Sims Medieval - (.Electronic Arts.) [HKLM] -- {83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B} O42 - Logiciel: Les Sims™ 3 - (.Electronic Arts.) [HKLM] -- {C05D8CDB-417D-4335-A38C-A0659EDFD6B8} O42 - Logiciel: MappySynchro v2.1 - (.Mappy SA.) [HKLM] -- MappySynchro_is1 O42 - Logiciel: MiPony 1.3.0 - (.Pas de propriétaire.) [HKLM] -- MiPony O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended O42 - Logiciel: Microsoft Age of Empires II - (.Pas de propriétaire.) [HKLM] -- Age of Empires 2.0 O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: Mozilla Firefox (3.6.18) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.18) O42 - Logiciel: My Web Search (Webfetti) - (.My Web Search.) [HKLM] -- MyWebSearch bar Uninstall O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers O42 - Logiciel: On2 VP3 Video for Windows Codec - (.Pas de propriétaire.) [HKLM] -- {CF59708F-60F4-11D5-866A-00A0D2183227} O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM] -- Origin O42 - Logiciel: Outils de diagnostic du matériel - (.PC-Doctor, Inc..) [HKLM] -- PC-Doctor 5 for Windows O42 - Logiciel: PC Inspector smart recovery - (.Pas de propriétaire.) [HKLM] -- {C9A87D86-FDFD-418B-BF96-EF09320973B3} O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] -- PhotoFiltre O42 - Logiciel: Project S - (.Microsoft Games Studios.) [HKLM] -- GFWL_{4D530942-9B89-4186-98B7-F51000000100} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {DC24971E-1946-445D-8A82-CE685433FA7D} O42 - Logiciel: Reg (DOFUS Audio Subsystem) - (.UNKNOWN.) [HKLM] -- Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O42 - Logiciel: SFR - Kit de connexion - (.SFR.) [HKLM] -- SFR_Kit O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2416472) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2416472 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870 O42 - Logiciel: Solution de clavier multimédia amélioré - (.Hewlett-Packard.) [HKLM] -- KBD O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKLM] -- UnityWebPlayer O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2473228) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2473228 O42 - Logiciel: VLC media player 1.0.5 - (.VideoLAN Team.) [HKLM] -- VLC media player O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite O42 - Logiciel: ZoneAlarm - (.Check Point, Inc.) [HKLM] -- ZoneAlarm ---\\ HKCU & HKLM Software Keys [HKCU\Software\AC3Filter] [HKCU\Software\AOL] [HKCU\Software\AVS4YOU] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Software\Fun Web Products] [HKCU\Software\AppDataLow\Software\FunWebProducts] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\MyWebSearch] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\Applian] [HKCU\Software\Avira] [HKCU\Software\Big Fish Games] [HKCU\Software\BigFish] [HKCU\Software\CDDB] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CyberLink] [HKCU\Software\DT Soft] [HKCU\Software\DivXNetworks] [HKCU\Software\Electronic Arts] [HKCU\Software\FIRAXIS] [HKCU\Software\FunWebProducts] [HKCU\Software\GNU] [HKCU\Software\GSC Game World] [HKCU\Software\GSCGameWorld] [HKCU\Software\Gabest] [HKCU\Software\Google] [HKCU\Software\HP Guide] [HKCU\Software\Heidi Computers Ltd] [HKCU\Software\Hewlett-Packard] [HKCU\Software\HookNetwork] [HKCU\Software\Hot-TV] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\LightScribe] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\LowRegistry] [HKCU\Software\Macromedia] [HKCU\Software\MainConcept] [HKCU\Software\Mozilla] [HKCU\Software\MyWebSearch] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Netscape] [HKCU\Software\Nico Mak Computing] [HKCU\Software\Novell] [HKCU\Software\ODBC] [HKCU\Software\OpenOffice.org] [HKCU\Software\Orange] [HKCU\Software\PDFCreator] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\PopCap] [HKCU\Software\Realtek] [HKCU\Software\ReplayConverter] [HKCU\Software\Screamer Radio] [HKCU\Software\Softthinks] [HKCU\Software\Steganos] [HKCU\Software\Symantec] [HKCU\Software\Unity] [HKCU\Software\Virtools] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\WinZip Computing] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Zone Labs] [HKCU\Software\cybelsoft] [HKCU\Software\ej-technologies] [HKCU\Software\ere94fe5o32] [HKCU\Software\fcn] [HKCU\Software\keyhole.com] [HKLM\Software\ACE Compression Software] [HKLM\Software\ACLEngine] [HKLM\Software\AVS4YOU] [HKLM\Software\Adobe] [HKLM\Software\Amazing Studio] [HKLM\Software\America Online] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Art Dept] [HKLM\Software\AviSynth] [HKLM\Software\Avira] [HKLM\Software\Bethesda Softworks] [HKLM\Software\Big Fish Games] [HKLM\Software\BrowserChoice] [HKLM\Software\C07ft5Y] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Conduit] [HKLM\Software\Convar Deutschland GmbH] [HKLM\Software\CyberLink] [HKLM\Software\DT Soft] [HKLM\Software\Debug] [HKLM\Software\Dofus 2] [HKLM\Software\Electronic Arts] [HKLM\Software\Even Balance] [HKLM\Software\FocusInteractive] [HKLM\Software\Fun Web Products] [HKLM\Software\GEAR Software] [HKLM\Software\GNU] [HKLM\Software\Google] [HKLM\Software\HP] [HKLM\Software\Hewlett-Packard] [HKLM\Software\Hot-TV] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\LG Electronics] [HKLM\Software\Licenses] [HKLM\Software\LightScribe] [HKLM\Software\Macromedia] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\MyWebSearch] [HKLM\Software\NOS] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\Neuf] [HKLM\Software\Nico Mak Computing] [HKLM\Software\Nobilis] [HKLM\Software\Novell] [HKLM\Software\ODBC] [HKLM\Software\On2 Technologies] [HKLM\Software\OpenOffice.org] [HKLM\Software\PC-Doctor] [HKLM\Software\Policies] [HKLM\Software\PopCap] [HKLM\Software\QATestSystem] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\ReplayConverter] [HKLM\Software\SRS Labs] [HKLM\Software\Sims] [HKLM\Software\Sonic] [HKLM\Software\Stellar information Systems ltd.] [HKLM\Software\Sun Microsystems] [HKLM\Software\SymNRT] [HKLM\Software\Symantec] [HKLM\Software\Unity] [HKLM\Software\VideoLAN] [HKLM\Software\Wilson WindowWare] [HKLM\Software\WinRAR] [HKLM\Software\Windows] [HKLM\Software\Wow6432Node] [HKLM\Software\X-AVCSD] [HKLM\Software\Zone Labs] [HKLM\Software\cybelsoft] [HKLM\Software\ej-technologies] [HKLM\Software\mozilla.org] [HKLM\Software\muvee Technologies] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 31/12/2008 - 12:01:48 - [0] ----D- C:\Program Files\7-Zip O43 - CFD: 17/08/2010 - 17:16:04 - [241849631] ----D- C:\Program Files\Adobe O43 - CFD: 05/05/2009 - 12:03:58 - [0] ----D- C:\Program Files\Apowersoft O43 - CFD: 12/07/2011 - 13:46:16 - [2307582] ----D- C:\Program Files\Apple Software Update O43 - CFD: 01/01/2010 - 12:40:18 - [129570468] ----D- C:\Program Files\Avira O43 - CFD: 03/03/2009 - 18:57:40 - [3005440] ----D- C:\Program Files\AVS4YOU O43 - CFD: 12/07/2011 - 13:44:10 - [604083] ----D- C:\Program Files\Bonjour O43 - CFD: 08/01/2009 - 14:10:38 - [2948760] ----D- C:\Program Files\CCleaner O43 - CFD: 12/07/2011 - 13:43:48 - [989096132] ----D- C:\Program Files\Common Files O43 - CFD: 28/09/2008 - 11:54:44 - [1232740] ----D- C:\Program Files\Convar O43 - CFD: 29/07/2008 - 20:10:42 - [41945386] ----D- C:\Program Files\CyberLink O43 - CFD: 24/03/2011 - 20:07:06 - [17268545] ----D- C:\Program Files\DAEMON Tools Lite O43 - CFD: 02/04/2010 - 17:23:44 - [985592452] ----D- C:\Program Files\Dofus 2 O43 - CFD: 25/05/2011 - 22:58:46 - [3583024] ----D- C:\Program Files\EA Games O43 - CFD: 06/08/2007 - 18:20:22 - [51506213] ----D- C:\Program Files\EasyBits O43 - CFD: 07/06/2011 - 13:57:40 - [18809371906] ----D- C:\Program Files\Electronic Arts O43 - CFD: 28/09/2008 - 10:22:58 - [3813137] ----D- C:\Program Files\Eraser O43 - CFD: 03/06/2011 - 13:49:28 - [7281076350] ----D- C:\Program Files\Fallout New Vegas O43 - CFD: 19/06/2008 - 15:55:04 - [0] -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 08/02/2011 - 18:46:42 - [7315312] ----D- C:\Program Files\Free Easy Burner O43 - CFD: 08/12/2010 - 09:43:46 - [0] ----D- C:\Program Files\FunWebProducts O43 - CFD: 26/07/2011 - 16:21:42 - [91558891] ----D- C:\Program Files\Google O43 - CFD: 07/05/2008 - 13:27:38 - [140756954] ----D- C:\Program Files\Hewlett-Packard O43 - CFD: 05/05/2009 - 09:51:56 - [124938592] ----D- C:\Program Files\HP O43 - CFD: 22/07/2008 - 20:37:06 - [0] ----D- C:\Program Files\HP Games O43 - CFD: 26/05/2010 - 17:56:18 - [39810824] ----D- C:\Program Files\Infogrames O43 - CFD: 14/06/2011 - 13:09:08 - [52210808] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 26/08/2008 - 10:07:36 - [51694624] ----D- C:\Program Files\Intel O43 - CFD: 18/06/2011 - 03:20:54 - [8466387] ----D- C:\Program Files\Internet Explorer O43 - CFD: 12/07/2011 - 14:18:50 - [1856627] ----D- C:\Program Files\iPod O43 - CFD: 12/07/2011 - 14:19:44 - [128332719] ----D- C:\Program Files\iTunes O43 - CFD: 17/04/2010 - 09:23:02 - [219405556] ----D- C:\Program Files\Java O43 - CFD: 21/11/2009 - 16:59:16 - [16664352] ----D- C:\Program Files\JRE O43 - CFD: 18/11/2009 - 15:14:12 - [1291790] ----D- C:\Program Files\LG Electronics O43 - CFD: 26/06/2011 - 17:22:26 - [197348] ----D- C:\Program Files\log O43 - CFD: 25/08/2008 - 12:35:02 - [3360402] ----D- C:\Program Files\ma-config.com O43 - CFD: 17/03/2011 - 04:01:20 - [25230924] ----D- C:\Program Files\Microsoft O43 - CFD: 02/09/2008 - 19:54:58 - [173218] ----D- C:\Program Files\Microsoft FrontPage O43 - CFD: 03/07/2011 - 22:56:30 - [2746322237] ----D- C:\Program Files\Microsoft Games O43 - CFD: 08/05/2011 - 02:07:44 - [9362570] ----D- C:\Program Files\Microsoft Games for Windows - LIVE O43 - CFD: 02/09/2008 - 19:54:04 - [162308272] ----D- C:\Program Files\Microsoft Office O43 - CFD: 18/06/2011 - 03:23:40 - [38411899] ----D- C:\Program Files\Microsoft Silverlight O43 - CFD: 24/11/2009 - 11:11:44 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 02/09/2008 - 19:55:22 - [5897045] ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD: 16/12/2010 - 09:26:28 - [144677302] ----D- C:\Program Files\Microsoft Works O43 - CFD: 28/07/2009 - 14:00:48 - [979309] ----D- C:\Program Files\Microsoft WSE O43 - CFD: 27/10/2010 - 03:01:24 - [23935] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 01/06/2011 - 15:44:34 - [8160519] ----D- C:\Program Files\MiPony O43 - CFD: 17/08/2010 - 18:02:42 - [99342446] ----D- C:\Program Files\Movie Maker O43 - CFD: 30/06/2011 - 23:38:30 - [650831699] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 02/11/2006 - 14:37:36 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 19/06/2008 - 16:33:16 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 06/12/2010 - 15:06:48 - [6417646] ----D- C:\Program Files\MyWebSearch O43 - CFD: 25/08/2008 - 09:26:08 - [14873034] ----D- C:\Program Files\Neuf O43 - CFD: 05/02/2010 - 15:33:16 - [535970853] ----D- C:\Program Files\Nobilis O43 - CFD: 07/02/2010 - 14:04:14 - [416912] ----D- C:\Program Files\NOS O43 - CFD: 05/02/2010 - 15:35:38 - [4740] ----D- C:\Program Files\On2 Technologies O43 - CFD: 30/07/2009 - 12:49:38 - [5991601] ----D- C:\Program Files\online services O43 - CFD: 21/11/2009 - 16:59:16 - [385258936] ----D- C:\Program Files\OpenOffice.org 3 O43 - CFD: 22/07/2011 - 13:54:42 - [31012389] ----D- C:\Program Files\Origin O43 - CFD: 26/06/2011 - 17:35:38 - [1519572104] ----D- C:\Program Files\patches O43 - CFD: 29/07/2008 - 20:15:58 - [138406007] ----D- C:\Program Files\PC-Doctor 5 for Windows O43 - CFD: 26/06/2011 - 17:44:32 - [1800511881] ----D- C:\Program Files\PDC-staging O43 - CFD: 03/03/2009 - 13:50:30 - [20406169] ----D- C:\Program Files\PDFCreator O43 - CFD: 05/05/2009 - 12:59:28 - [3553244] ----D- C:\Program Files\PhotoFiltre O43 - CFD: 12/07/2011 - 14:16:14 - [76322555] ----D- C:\Program Files\QuickTime O43 - CFD: 26/08/2008 - 10:00:04 - [23573051] ----D- C:\Program Files\Realtek O43 - CFD: 02/11/2006 - 14:37:36 - [38694657] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 21/10/2008 - 19:40:32 - [1338628] ----D- C:\Program Files\Screamer Radio O43 - CFD: 07/05/2008 - 13:31:16 - [6690937] ----D- C:\Program Files\Services en ligne O43 - CFD: 28/09/2008 - 11:41:54 - [0] ----D- C:\Program Files\Steganos Safe 7 O43 - CFD: 01/10/2008 - 19:27:46 - [965] ----D- C:\Program Files\Stellar Phoenix NTFS Data Recovery O43 - CFD: 27/07/2008 - 16:25:26 - [56576] ----D- C:\Program Files\SysShield Tools O43 - CFD: 19/01/2010 - 14:39:12 - [1323559023] ----D- C:\Program Files\Ubisoft O43 - CFD: 02/11/2006 - 15:01:56 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 19/11/2008 - 18:35:58 - [11916997] ----D- C:\Program Files\Unity O43 - CFD: 22/07/2008 - 20:26:00 - [79116684] ----D- C:\Program Files\VideoLAN O43 - CFD: 17/04/2010 - 20:13:16 - [1016832] ----D- C:\Program Files\Windows Calendar O43 - CFD: 17/04/2010 - 20:13:14 - [2737152] ----D- C:\Program Files\Windows Collaboration O43 - CFD: 17/04/2010 - 20:13:06 - [4490624] ----D- C:\Program Files\Windows Defender O43 - CFD: 17/04/2010 - 20:13:14 - [7084664] ----D- C:\Program Files\Windows Journal O43 - CFD: 11/07/2011 - 17:21:32 - [192182315] ----D- C:\Program Files\Windows Live O43 - CFD: 18/06/2011 - 03:02:22 - [9116344] ----D- C:\Program Files\Windows Mail O43 - CFD: 17/10/2010 - 13:48:26 - [4498121] ----D- C:\Program Files\Windows Media Player O43 - CFD: 29/07/2008 - 20:15:12 - [7957544] ----D- C:\Program Files\Windows NT O43 - CFD: 17/04/2010 - 20:13:12 - [13528738] ----D- C:\Program Files\Windows Photo Gallery O43 - CFD: 19/04/2010 - 07:21:04 - [134144] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 17/04/2010 - 20:13:14 - [6527558] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 30/12/2008 - 15:18:40 - [3525705] ----D- C:\Program Files\WinRAR O43 - CFD: 26/08/2008 - 10:11:24 - [11784954] ----D- C:\Program Files\WinZip O43 - CFD: 21/09/2008 - 19:08:58 - [6685508] ----D- C:\Program Files\XBox 360 Controller for Windows Software O43 - CFD: 01/08/2011 - 16:34:00 - [3997744] ----D- C:\Program Files\ZHPDiag O43 - CFD: 25/08/2008 - 12:17:48 - [11079310] ----D- C:\Program Files\Zone Labs O43 - CFD: 07/02/2010 - 14:08:22 - [6281214] ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 12/02/2011 - 15:44:46 - [30826314] ----D- C:\Program Files\Common Files\Adobe AIR O43 - CFD: 12/07/2011 - 14:18:48 - [92090316] ----D- C:\Program Files\Common Files\Apple O43 - CFD: 03/03/2009 - 18:57:40 - [0] ----D- C:\Program Files\Common Files\AVSMedia O43 - CFD: 02/09/2008 - 19:55:20 - [86016] ----D- C:\Program Files\Common Files\Designer O43 - CFD: 07/05/2008 - 13:35:42 - [14808299] ----D- C:\Program Files\Common Files\InstallShield O43 - CFD: 17/04/2010 - 09:23:16 - [35136357] ----D- C:\Program Files\Common Files\Java O43 - CFD: 29/07/2008 - 20:15:48 - [28172849] ---AD- C:\Program Files\Common Files\LightScribe O43 - CFD: 07/05/2008 - 13:21:12 - [56415] ---AD- C:\Program Files\Common Files\LS Getting Started O43 - CFD: 11/07/2011 - 17:15:46 - [303448790] ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 29/07/2008 - 20:15:12 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 25/08/2008 - 12:02:28 - [4523070] ----D- C:\Program Files\Common Files\Symantec Shared O43 - CFD: 17/04/2010 - 20:13:12 - [19208000] ----D- C:\Program Files\Common Files\System O43 - CFD: 13/03/2009 - 18:50:44 - [390194032] ----D- C:\Program Files\Common Files\Windows Live O43 - CFD: 26/08/2008 - 10:28:58 - [19098327] -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller O43 - CFD: 30/07/2009 - 12:49:14 - [4061696] ----D- C:\Program Files\Common Files\Wise Installation Wizard O43 - CFD: 02/04/2010 - 17:23:34 - [78970619] ----D- C:\ProgramData\Adobe O43 - CFD: 03/03/2009 - 17:43:28 - [0] ----D- C:\ProgramData\Apowersoft O43 - CFD: 18/02/2009 - 00:12:12 - [45056000] ----D- C:\ProgramData\Apple O43 - CFD: 12/07/2011 - 14:18:48 - [66637608] ----D- C:\ProgramData\Apple Computer O43 - CFD: 19/06/2008 - 15:55:04 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 01/01/2010 - 12:40:18 - [1149079655] ----D- C:\ProgramData\Avira O43 - CFD: 03/03/2009 - 18:47:10 - [0] ----D- C:\ProgramData\AVS4YOU O43 - CFD: 28/01/2011 - 17:33:20 - [32326214] ----D- C:\ProgramData\Big Fish Games O43 - CFD: 19/06/2008 - 15:55:04 - [0] -SH-D- C:\ProgramData\Bureau O43 - CFD: 25/08/2008 - 12:17:48 - [4212] ----D- C:\ProgramData\CheckPoint O43 - CFD: 23/04/2010 - 21:12:30 - [6067] ----D- C:\ProgramData\CyberLink O43 - CFD: 24/03/2011 - 20:06:44 - [1332] ----D- C:\ProgramData\DAEMON Tools Lite O43 - CFD: 19/06/2008 - 15:55:04 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 24/03/2011 - 21:00:08 - [0] ----D- C:\ProgramData\EA Core O43 - CFD: 22/07/2011 - 13:54:36 - [49921] ----D- C:\ProgramData\Electronic Arts O43 - CFD: 19/06/2008 - 15:55:04 - [0] -SH-D- C:\ProgramData\Favoris O43 - CFD: 19/06/2008 - 16:07:00 - [327360] ----D- C:\ProgramData\Hewlett-Packard O43 - CFD: 28/07/2009 - 01:35:06 - [6001076] ----D- C:\ProgramData\HP O43 - CFD: 24/11/2009 - 10:24:14 - [276096] ----D- C:\ProgramData\LGMOBILEAX O43 - CFD: 22/07/2008 - 20:03:02 - [390] ----D- C:\ProgramData\LightScribe O43 - CFD: 25/08/2008 - 12:35:00 - [900892] ----D- C:\ProgramData\ma-config.com O43 - CFD: 19/06/2008 - 15:55:04 - [0] -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 08/07/2011 - 22:52:46 - [228602563] -S--D- C:\ProgramData\Microsoft O43 - CFD: 06/06/2011 - 12:01:50 - [0] ----D- C:\ProgramData\Microsoft Games O43 - CFD: 19/06/2008 - 15:55:04 - [0] -SH-D- C:\ProgramData\Modèles O43 - CFD: 07/05/2008 - 13:21:32 - [0] ----D- C:\ProgramData\muvee Technologies O43 - CFD: 07/02/2010 - 14:17:48 - [319734] ----D- C:\ProgramData\NOS O43 - CFD: 20/07/2009 - 10:46:20 - [0] ----D- C:\ProgramData\NVIDIA O43 - CFD: 07/05/2008 - 13:26:16 - [1235] ----D- C:\ProgramData\PC-Doctor O43 - CFD: 06/06/2011 - 12:02:28 - [98] ----D- C:\ProgramData\PopCap Games O43 - CFD: 17/04/2010 - 09:23:16 - [119] ----D- C:\ProgramData\Sun O43 - CFD: 28/01/2011 - 18:33:20 - [0] ---AD- C:\ProgramData\TEMP O43 - CFD: 03/03/2009 - 18:34:54 - [0] ----D- C:\ProgramData\Video Converter Studio O43 - CFD: 29/07/2008 - 20:15:58 - [11296134] ----D- C:\ProgramData\WildTangent O43 - CFD: 02/09/2008 - 03:14:52 - [0] ----D- C:\ProgramData\WindowsSearch O43 - CFD: 26/08/2008 - 10:11:56 - [28] ----D- C:\ProgramData\WinZip O43 - CFD: 26/08/2008 - 10:27:44 - [578002] ----D- C:\ProgramData\WLInstaller O43 - CFD: 12/07/2011 - 14:19:44 - [544327] ----D- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} O43 - CFD: 22/04/2009 - 12:03:18 - [4226] ----D- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} O43 - CFD: 28/09/2008 - 10:22:58 - [5902405] --H-D- C:\ProgramData\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646} O43 - CFD: 13/04/2011 - 16:45:58 - [60389995] ----D- C:\Users\HP\AppData\Roaming\.minecraft O43 - CFD: 02/04/2010 - 17:23:34 - [20529149] ----D- C:\Users\HP\AppData\Roaming\Adobe O43 - CFD: 05/02/2010 - 15:46:32 - [0] ----D- C:\Users\HP\AppData\Roaming\AdobeUM O43 - CFD: 02/04/2010 - 19:17:34 - [4504] ----D- C:\Users\HP\AppData\Roaming\app O43 - CFD: 12/07/2011 - 14:20:30 - [427105] ----D- C:\Users\HP\AppData\Roaming\Apple Computer O43 - CFD: 03/03/2009 - 18:47:12 - [0] ----D- C:\Users\HP\AppData\Roaming\AVS4YOU O43 - CFD: 06/06/2011 - 11:35:20 - [0] ----D- C:\Users\HP\AppData\Roaming\Command & Conquer 3 - La Fureur de Kane O43 - CFD: 07/06/2011 - 14:16:36 - [4925609] ----D- C:\Users\HP\AppData\Roaming\Command & Conquer 3 Les guerres du Tiberium O43 - CFD: 28/07/2009 - 01:35:06 - [116638] ----D- C:\Users\HP\AppData\Roaming\CyberLink O43 - CFD: 24/03/2011 - 20:29:26 - [3480] ----D- C:\Users\HP\AppData\Roaming\DAEMON Tools Lite O43 - CFD: 22/07/2011 - 03:41:46 - [35582760] ----D- C:\Users\HP\AppData\Roaming\Dofus 2 O43 - CFD: 03/04/2010 - 18:31:16 - [30] ----D- C:\Users\HP\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 04/04/2010 - 16:26:00 - [30] ----D- C:\Users\HP\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 08/04/2010 - 19:08:14 - [30] ----D- C:\Users\HP\AppData\Roaming\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 02/04/2010 - 19:17:28 - [30] ----D- C:\Users\HP\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 24/07/2011 - 17:41:00 - [567] ----D- C:\Users\HP\AppData\Roaming\dvdcss O43 - CFD: 30/10/2008 - 10:34:10 - [44040] ----D- C:\Users\HP\AppData\Roaming\Google O43 - CFD: 19/06/2008 - 16:06:50 - [303168] ----D- C:\Users\HP\AppData\Roaming\Hewlett-Packard O43 - CFD: 19/06/2008 - 16:06:12 - [0] ----D- C:\Users\HP\AppData\Roaming\Identities O43 - CFD: 26/08/2008 - 10:05:28 - [0] ----D- C:\Users\HP\AppData\Roaming\InstallShield O43 - CFD: 19/06/2008 - 16:05:54 - [1975996] ----D- C:\Users\HP\AppData\Roaming\Macromedia O43 - CFD: 02/11/2006 - 14:37:36 - [0] ----D- C:\Users\HP\AppData\Roaming\Media Center Programs O43 - CFD: 24/11/2009 - 11:15:28 - [13775642] -S--D- C:\Users\HP\AppData\Roaming\Microsoft O43 - CFD: 06/06/2011 - 12:01:50 - [0] ----D- C:\Users\HP\AppData\Roaming\Microsoft Game Studios O43 - CFD: 02/09/2008 - 19:54:04 - [0] ----D- C:\Users\HP\AppData\Roaming\Microsoft Web Folders O43 - CFD: 15/06/2011 - 16:09:48 - [29472] ----D- C:\Users\HP\AppData\Roaming\Mipony O43 - CFD: 17/08/2010 - 16:34:16 - [3476524] ----D- C:\Users\HP\AppData\Roaming\Mozilla O43 - CFD: 01/06/2011 - 15:44:44 - [280949] ----D- C:\Users\HP\AppData\Roaming\OfferBox O43 - CFD: 21/11/2009 - 17:20:02 - [2327717] ----D- C:\Users\HP\AppData\Roaming\OpenOffice.org O43 - CFD: 02/04/2010 - 19:17:34 - [0] ----D- C:\Users\HP\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 28/09/2008 - 18:29:48 - [13824] ----D- C:\Users\HP\AppData\Roaming\Template O43 - CFD: 28/07/2011 - 18:47:12 - [875646] ----D- C:\Users\HP\AppData\Roaming\vlc O43 - CFD: 18/11/2008 - 12:27:34 - [0] ----D- C:\Users\HP\AppData\Roaming\WinBatch O43 - CFD: 30/12/2008 - 15:18:46 - [0] ----D- C:\Users\HP\AppData\Roaming\WinRAR O43 - CFD: 17/08/2010 - 17:15:42 - [6323366] ----D- C:\Users\HP\AppData\Local\Adobe O43 - CFD: 18/02/2009 - 00:12:44 - [0] ----D- C:\Users\HP\AppData\Local\Apple O43 - CFD: 22/04/2009 - 12:05:32 - [7455822] ----D- C:\Users\HP\AppData\Local\Apple Computer O43 - CFD: 19/06/2008 - 15:58:48 - [0] -SH-D- C:\Users\HP\AppData\Local\Application Data O43 - CFD: 26/06/2011 - 16:12:46 - [33725805] ----D- C:\Users\HP\AppData\Local\Apps O43 - CFD: 26/06/2011 - 17:35:38 - [0] ----D- C:\Users\HP\AppData\Local\Deployment O43 - CFD: 25/04/2010 - 03:05:22 - [13521171] ----D- C:\Users\HP\AppData\Local\Downloaded Installations O43 - CFD: 28/07/2009 - 01:35:16 - [9816] ----D- C:\Users\HP\AppData\Local\DVDPlay O43 - CFD: 31/07/2011 - 03:23:12 - [8] ----D- C:\Users\HP\AppData\Local\Eraser O43 - CFD: 02/06/2011 - 16:49:50 - [112] ----D- C:\Users\HP\AppData\Local\FalloutNV O43 - CFD: 10/04/2009 - 10:16:04 - [204145312] ----D- C:\Users\HP\AppData\Local\Google O43 - CFD: 19/06/2008 - 16:06:46 - [2046] ----D- C:\Users\HP\AppData\Local\Hewlett-Packard O43 - CFD: 19/06/2008 - 15:58:48 - [0] -SH-D- C:\Users\HP\AppData\Local\Historique O43 - CFD: 05/05/2009 - 12:23:28 - [241852] ----D- C:\Users\HP\AppData\Local\HP O43 - CFD: 24/07/2011 - 01:56:24 - [1370056412] ----D- C:\Users\HP\AppData\Local\Microsoft O43 - CFD: 06/06/2011 - 12:01:30 - [3319] ----D- C:\Users\HP\AppData\Local\Microsoft Game Studios O43 - CFD: 10/02/2011 - 17:36:20 - [445964] ----D- C:\Users\HP\AppData\Local\Microsoft Games O43 - CFD: 17/08/2010 - 16:34:06 - [47837145] ----D- C:\Users\HP\AppData\Local\Mozilla O43 - CFD: 22/07/2011 - 13:55:00 - [0] ----D- C:\Users\HP\AppData\Local\Origin O43 - CFD: 18/11/2008 - 12:27:48 - [0] ----D- C:\Users\HP\AppData\Local\PowerCinema O43 - CFD: 26/06/2011 - 17:22:34 - [1420668] ----D- C:\Users\HP\AppData\Local\PunkBuster O43 - CFD: 24/03/2009 - 13:24:02 - [3024607] ----D- C:\Users\HP\AppData\Local\Screamer Radio O43 - CFD: 01/08/2011 - 16:33:26 - [9579015] ----D- C:\Users\HP\AppData\Local\Temp O43 - CFD: 19/06/2008 - 15:58:48 - [0] -SH-D- C:\Users\HP\AppData\Local\Temporary Internet Files O43 - CFD: 19/11/2008 - 18:35:58 - [0] ----D- C:\Users\HP\AppData\Local\Unity O43 - CFD: 19/06/2008 - 16:06:40 - [128026] ----D- C:\Users\HP\AppData\Local\VirtualStore O43 - CFD: 26/07/2011 - 09:17:52 - [81920] ----D- C:\Users\HP\AppData\Local\Windows Live O43 - CFD: 25/08/2008 - 10:01:00 - [10334] ----D- C:\Users\HP\AppData\Local\WindowsUpdate O43 - CFD: 15/07/2011 - 15:29:24 - [0] ----D- C:\Users\HP\AppData\Local\{0FA45D7F-B3F7-4FEB-A51A-BBBEC63715DF} O43 - CFD: 28/07/2011 - 06:29:32 - [0] ----D- C:\Users\HP\AppData\Local\{21FD82A4-D39A-4BB8-8C83-F24C9B559E09} O43 - CFD: 22/07/2011 - 13:53:08 - [0] ----D- C:\Users\HP\AppData\Local\{234182DD-440C-4250-8E7F-5DDE097DBA6B} O43 - CFD: 31/07/2011 - 10:45:06 - [0] ----D- C:\Users\HP\AppData\Local\{23E83DD9-451A-449B-A791-25BB343093FB} O43 - CFD: 01/08/2011 - 05:45:28 - [0] ----D- C:\Users\HP\AppData\Local\{2CBB2674-4A44-44C8-B720-3DEE1A94FDED} O43 - CFD: 25/07/2011 - 07:28:30 - [0] ----D- C:\Users\HP\AppData\Local\{36FAB0BB-023C-4EE1-AE22-93A938ADACC8} O43 - CFD: 17/07/2011 - 11:00:34 - [0] ----D- C:\Users\HP\AppData\Local\{40D41E03-A01C-4189-A161-B0347CA4DC1B} O43 - CFD: 19/07/2011 - 23:33:06 - [0] ----D- C:\Users\HP\AppData\Local\{498B5AF1-73D4-4A94-BC17-8D2D041B51B1} O43 - CFD: 28/07/2011 - 21:50:10 - [0] ----D- C:\Users\HP\AppData\Local\{502B4FAE-A8D2-42F2-BAD4-F95374FEF34C} O43 - CFD: 19/07/2011 - 00:30:40 - [0] ----D- C:\Users\HP\AppData\Local\{5E0B9EFC-7204-4EB4-AE60-555FF8949FDE} O43 - CFD: 20/07/2011 - 13:48:02 - [0] ----D- C:\Users\HP\AppData\Local\{69207BB7-60BE-4960-BA0C-F6D0109857D3} O43 - CFD: 20/07/2011 - 17:37:06 - [0] ----D- C:\Users\HP\AppData\Local\{6925C13A-411C-4F99-951D-926BE524C68B} O43 - CFD: 16/07/2011 - 08:29:06 - [0] ----D- C:\Users\HP\AppData\Local\{6BA6A56A-E398-4CEF-8034-444D840B19B6} O43 - CFD: 26/07/2011 - 09:17:40 - [0] ----D- C:\Users\HP\AppData\Local\{6BDE5503-F96C-462D-AD31-8D1DA44FE190} O43 - CFD: 23/07/2011 - 10:38:08 - [0] ----D- C:\Users\HP\AppData\Local\{902F3DC1-8D77-4CC5-96E5-9377F226CD42} O43 - CFD: 30/07/2011 - 15:36:20 - [0] ----D- C:\Users\HP\AppData\Local\{965ED043-0B6F-4613-AD1F-CBFD365887D6} O43 - CFD: 27/07/2011 - 16:16:12 - [0] ----D- C:\Users\HP\AppData\Local\{BE53675F-77E2-4D13-A23D-3CDF1B5DC4C9} O43 - CFD: 12/07/2011 - 07:16:34 - [0] ----D- C:\Users\HP\AppData\Local\{BE6FB47B-D0FD-4217-87D0-AEBCCAC70501} O43 - CFD: 27/07/2011 - 06:35:46 - [0] ----D- C:\Users\HP\AppData\Local\{C3776739-22E0-4911-9320-061DC75C6F03} O43 - CFD: 19/07/2011 - 15:39:32 - [0] ----D- C:\Users\HP\AppData\Local\{D1647501-F330-4D5D-9E53-E306CCD832EC} O43 - CFD: 24/07/2011 - 00:49:42 - [0] ----D- C:\Users\HP\AppData\Local\{DE235E17-09BB-4107-81AC-BF9362B27108} O43 - CFD: 21/07/2011 - 23:43:08 - [0] ----D- C:\Users\HP\AppData\Local\{F48A0E7B-1F6A-470E-AD33-AA5B6EC1F156} ~ Scan Program Folder in 00mn 23s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.C04D1CDDCA5B495C29F4B984BA64EF17] - 01/08/2011 - 15:33:52 ---A- . (...) -- C:\Program [40] O44 - LFC:[MD5.365E043DF9D27EFC4E24BECBEE09FC1A] - 01/08/2011 - 15:29:28 ---A- . (...) -- C:\Windows\WindowsUpdate.log [15490] O44 - LFC:[MD5.CD1558EEAD0EC3E387F8B7FDF99EC98A] - 01/08/2011 - 15:29:27 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.86759E2B7CC67B5854207F8CE4F09713] - 31/07/2011 - 09:46:19 ---A- . (...) -- C:\Windows\error.log [266] O44 - LFC:[MD5.337F22BAB7F8BFD768358A0FAA58C544] - 31/07/2011 - 09:46:19 ---A- . (...) -- C:\Windows\win.ini [260] O44 - LFC:[MD5.DEECFD7045974662E1CB7CBECB582436] - 31/07/2011 - 09:44:17 ---A- . (...) -- C:\Windows\System32\schedlog.txt [10239] O44 - LFC:[MD5.F401D6605EBA2D7D8E145040C808F5BA] - 20/07/2011 - 16:37:09 ---A- . (...) -- C:\Windows\System32\uplauncher.log [792] O44 - LFC:[MD5.BCDAEFD9CFCDCBD26F1FACB5CFA5B1C5] - 17/07/2011 - 17:32:57 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1606634] O44 - LFC:[MD5.DAC069E585CEC9090B7F3FE9835D426E] - 17/07/2011 - 17:32:57 ---A- . (...) -- C:\Windows\System32\perfc009.dat [118064] O44 - LFC:[MD5.A1E499B4EAC669ECCFCF5F8458807B83] - 17/07/2011 - 17:32:57 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [143958] O44 - LFC:[MD5.712CBD03574C1BFB0F1749570364D583] - 17/07/2011 - 17:32:57 ---A- . (...) -- C:\Windows\System32\perfh009.dat [631438] O44 - LFC:[MD5.2070E2C05161AC7D951B4D4FA8BA9911] - 17/07/2011 - 17:32:57 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [719130] O44 - LFC:[MD5.29424BAD3927FDF5D750F4903AD09A5E] - 16/07/2011 - 02:22:17 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [319960] O44 - LFC:[MD5.005EE82BABF1D2D32188A75BEDF500A4] - 12/07/2011 - 13:19:45 ---A- . (.GEAR Software Inc. - GEARAspi (x86).) -- C:\Windows\System32\GEARAspi.dll [107368] O44 - LFC:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 12/07/2011 - 13:19:44 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [26600] ~ Scan Files in 01mn 05s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ Scan CSB in 00mn 00s ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{b743bb63-563a-11e0-92a6-001e8c766e6e}\AutoRun\command. (.Electronic Arts - Autorun Application.) -- I:\Autorun.exe O51 - MPSK:{b743bb6b-563a-11e0-92a6-001e8c766e6e}\AutoRun\command. (...) -- H:\HeartOfDarkness.exe (.not file.) O51 - MPSK:{c1d5b15f-3e06-11dd-983d-806e6f6e6963}\AutoRun\command. (.CyberLink Corp. - PowerDVD.) -- F:\PDVD_RT\PowerDVD.exe O51 - MPSK:{e12af551-8cef-11e0-b6f5-001e8c766e6e}\AutoRun\command. (.Pas de propriétaire - autorun Module.) -- J:\autorun.exe ~ Scan Keys in 00mn 01s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.ffds"="-" . (...) -- (.not file.) O52 - TDSD: \Drivers32\"vidc.VP60"="C:\Windows\system32\vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\system32\vp6vfw.dll O52 - TDSD: \Drivers32\"vidc.VP61"="C:\Windows\system32\vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\system32\vp6vfw.dll O52 - TDSD: \Drivers32\"vidc.VP31"="vp31vfw.dll" . (.On2.com - On2_VP3.) -- C:\Windows\System32\vp31vfw.dll O52 - TDSD: \Drivers32\"VIDC.IV41"="IR41_32.AX" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\Windows\System32\IR41_32.AX O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"vp6vfw.dll"="EA VP6 Codec" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\System32\vp6vfw.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [420968] O58 - SDL:[MD5.B84088CA3CDCA97DA44A984C6CE1CCAD] - 02/11/2006 - 10:51:32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297576] O58 - SDL:[MD5.7880C67BCCC27C86FD05AA2AFB5EA469] - 02/11/2006 - 10:50:35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [98408] O58 - SDL:[MD5.9AE713F8E30EFC2ABCCD84904333DF4D] - 02/11/2006 - 10:51:00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [147048] O58 - SDL:[MD5.90395B64600EBB4552E26E178C94B2E4] - 02/11/2006 - 10:49:20 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [14952] O58 - SDL:[MD5.5F673180268BB1FDB69C99B6619FE379] - 02/11/2006 - 10:50:09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [67688] O58 - SDL:[MD5.957F7540B5E7F602E44648C7DE5A1C05] - 02/11/2006 - 10:50:10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [67688] O58 - SDL:[MD5.59DB74EF3B328852A736578DFF3FCAD6] - 19/06/2008 - 19:05:34 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athrusb.sys [449536] O58 - SDL:[MD5.5B80E84AF6B02ECAB72DAE9AFEE06309] - 05/02/2010 - 14:36:37 ---A- . (...) -- C:\Windows\system32\drivers\atksgt.sys [165376] O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 01/01/2010 - 11:44:29 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [56816] O58 - SDL:[MD5.452E382340BB0C5E694ED9D3625356D0] - 01/01/2010 - 09:33:07 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\Windows\system32\drivers\avipbb.sys [96104] O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568] O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248] O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808] O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336] O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160] O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904] O58 - SDL:[MD5.45201046C776FFDAF3FC8A0029C581C8] - 02/11/2006 - 10:49:28 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [16488] O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272] O58 - SDL:[MD5.555E54AC2F601A8821CEF58961653991] - 24/03/2011 - 19:07:05 ---A- . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\system32\drivers\dtsoftbus01.sys [218688] O58 - SDL:[MD5.F88FB26547FD2CE6D0A5AF2985892C48] - 02/11/2006 - 08:30:54 ---A- . (.Intel Corporation - Intel® PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G60I32.sys [117760] O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [316520] O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 12/07/2011 - 12:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [26600] O58 - SDL:[MD5.DF353B401001246853763C4B7AAA6F50] - 02/11/2006 - 10:50:10 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [37480] O58 - SDL:[MD5.707C1692214B1C290271067197F075F6] - 26/08/2008 - 16:44:44 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStor.sys [324120] O58 - SDL:[MD5.C957BF4B5D80B46C5017BF0101E6C906] - 02/11/2006 - 10:51:25 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [232040] O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576] O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944] O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944] O58 - SDL:[MD5.ADB68AA60EF991CE2E217223FA20B4FF] - 18/11/2009 - 02:08:00 ---A- . (.LG Electronics Inc. - LG CDMA USB Multi function Driver.) -- C:\Windows\system32\drivers\lgusbbus.sys [13056] O58 - SDL:[MD5.975B6CF65F44E95883F3855BAE8CECAF] - 05/02/2010 - 14:36:37 ---A- . (...) -- C:\Windows\system32\drivers\lirsgt.sys [18048] O58 - SDL:[MD5.A2262FB9F28935E862B4DB46438C80D2] - 02/11/2006 - 10:50:04 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [65640] O58 - SDL:[MD5.30D73327D390F72A62F32C103DAF1D6D] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [65640] O58 - SDL:[MD5.E1E36FEFD45849A95F1AB81DE0159FE3] - 02/11/2006 - 10:50:10 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [65640] O58 - SDL:[MD5.D153B14FC6598EAE8422A2037553ADCE] - 02/11/2006 - 10:49:53 ---A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [28776] O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384] O58 - SDL:[MD5.271AC1312EF1DDE187793183ABBFA8D0] - 26/02/2008 - 08:17:30 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 USB Wireless Adapter Driver.) -- C:\Windows\system32\drivers\netr73.sys [493568] O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160] O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608] O58 - SDL:[MD5.484844C0D892B42ECC5E6B063D072A38] - 28/03/2009 - 23:03:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 182.) -- C:\Windows\system32\drivers\nvlddmkm.sys [7738816] O58 - SDL:[MD5.E69E946F80C1C31C53003BFBF50CBB7C] - 02/11/2006 - 10:50:24 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [88680] O58 - SDL:[MD5.9E0BA19A28C498A6D323D065DB76DFFC] - 02/11/2006 - 10:50:13 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [40040] O58 - SDL:[MD5.9B0842C6F0D49F95DB99E292223AD174] - 25/05/2011 - 16:35:53 ---A- . (...) -- C:\Windows\system32\drivers\PnkBstrK.sys [138248] O58 - SDL:[MD5.390C204CED3785609AB24E9C52054A84] - 07/05/2008 - 18:27:00 ---A- . (.Hewlett-Packard Company - PS2 SYS.) -- C:\Windows\system32\drivers\PS2.sys [19072] O58 - SDL:[MD5.CCDAC889326317792480C0A67156A1EC] - 02/11/2006 - 10:51:45 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [900712] O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088] O58 - SDL:[MD5.FE912E4A9719A9792669DEBB403CB9B1] - 26/08/2008 - 16:11:06 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2164248] O58 - SDL:[MD5.3D2B6520699D1DCD5A13F9E7CAD62199] - 07/05/2008 - 11:44:00 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys [91648] O58 - SDL:[MD5.B0538DEA03E088B80482CA939F4E8740] - 26/08/2008 - 18:01:50 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for Vista.) -- C:\Windows\system32\drivers\RTSTOR.sys [62464] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.CEDD6F4E7D84E9F98B34B3FE988373AA] - 02/11/2006 - 10:50:10 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [38504] O58 - SDL:[MD5.DF843C528C4F69D12CE41CE462E973A7] - 02/11/2006 - 10:50:16 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [71784] O58 - SDL:[MD5.654DFEA96BC82B4ACDA4F37E5E4A3BBF] - 01/01/2010 - 09:12:24 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys [28520] O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944] O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848] O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920] O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [235112] O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408] O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816] O58 - SDL:[MD5.C1CA131F4E3ED63D6BC89A35FFAD4CDA] - 18/02/2009 - 14:23:30 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl.sys [32000] O58 - SDL:[MD5.FD2E3175FCADA350C7AB4521DCA187EC] - 02/11/2006 - 10:49:30 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17512] O58 - SDL:[MD5.D984439746D42B30FC65A4C3546C6829] - 02/11/2006 - 10:50:41 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\system32\drivers\vsmraid.sys [112232] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029] O58 - SDL:[MD5.41A5D2BBAC62A387ED24111F1FABFA55] - 01/10/2008 - 03:47:27 ---A- . (...) -- C:\Windows\system32\Ckldrv.sys [31846] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097] O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768] O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537] O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146] O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952] O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672] O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776] O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536] O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672] ~ Scan Drivers in 00mn 40s ---\\ Recherche heuristique Magic.control (O59) O59 - HSMI:Heuristic Search MagicControl Infection - (...) -- C:\Users\HP\AppData\Local\yquocua_nav.dat O59 - HSMI:Heuristic Search MagicControl Infection - (...) -- C:\Users\HP\AppData\Local\yquocua_navps.dat ~ Scan Files in 00mn 00s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 05/02/2010 - C:\Windows\System32\DRIVERS\atksgt.sys - atksgt (atksgt) .(...) - LEGACY_ATKSGT O64 - Services: CurCS - 13/02/2009 - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio(avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO O64 - Services: CurCS - 01/01/2010 - C:\Windows\System32\DRIVERS\avgntflt.sys - avgntflt(avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - 30/03/2009 - C:\Windows\System32\DRIVERS\avipbb.sys - avipbb(avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB O64 - Services: CurCS - 25/07/2008 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys - driverhardwarev2(driverhardwarev2) .(.Ma-Config.com - ma-config.com.) - LEGACY_DRIVERHARDWAREV2 O64 - Services: CurCS - 05/02/2010 - C:\Windows\System32\DRIVERS\lirsgt.sys - lirsgt (lirsgt) .(...) - LEGACY_LIRSGT O64 - Services: CurCS - 10/01/2006 - C:\Windows\system32\ckldrv.sys - NetworkX (NetworkX) .(...) - LEGACY_NETWORKX O64 - Services: CurCS - 11/05/2009 - C:\Windows\System32\DRIVERS\ssmdrv.sys - ssmdrv(ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - 03/03/2008 - C:\Windows\System32\DRIVERS\vsdatant.sys - Zone Alarm Firewall Driver(Vsdatant) .(.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - LEGACY_VSDATANT O64 - Services: CurCS - 18/12/2007 - C:\Program Files\HP\DVDPlay\000.fcl - {22D78859-9CE9-4B77-BF18-AC83E81A9263}({22D78859-9CE9-4B77-BF18-AC83E81A9263}) .(.Cyberlink Corp. - FCL Driver.) - LEGACY_{22D78859-9CE9-4B77-BF18-AC83E81A9263} ~ Scan Services in 00mn 01s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {56256A51-B582-467e-B8D4-7786EDA79AE0} - (My Web Search) - MyWebSearch Home Page O69 - SBI: SearchScopes [HKCU] {74B19991-2F3E-4428-AE17-71C7F6BEC7FC} - (Kelkoo) - Voitures Et Motos | Comparer Prix & Acheter Voiture Et Moto - Kelkoo France O69 - SBI: SearchScopes [HKCU] {88C1CDC1-3682-4418-9F15-87E44E7018EF} [DefaultScope] - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {9009BB90-2FB9-4194-855E-F9DA19E1E7EB} - (AOL Recherche) - http://slirsredirect.search.aol.com ~ Scan Keys in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.1DFB35E9D98ED7E8B9DAABCFBDF1314E] [sPRF][19/02/2009] (...) -- C:\Users\HP\AppData\Local\tyfrwcbw.bat [87] [MD5.73709547A3B136DE4FCFDE3EF78C1B8F] [sPRF][25/05/2011] (...) -- C:\Users\HP\AppData\Roaming\PnkBstrK.sys [138056] [MD5.3F4C80358B0839D604898D0202DFA7FB] [sPRF][08/05/2011] (.Robot Entertainment - Spartan Launcher.) -- C:\Program Files\AOEOnline.exe [4160288] [MD5.FCDA2F0DF9FF74F0FC638EFC1938AFF0] [sPRF][08/05/2011] (.Robot Entertainment - Spartan LauncherReplace.) -- C:\Program Files\AOEOnlineReplace.exe [153376] [MD5.14F5C2FD4EEDEA7EB4C1C2DD26BE457B] [sPRF][08/05/2011] (.Microsoft Corporation - EulaDll.) -- C:\Program Files\eulax.dll [73728] [MD5.CAC8395B9A68299F91196C14FF28A20A] [sPRF][08/05/2011] (...) -- C:\Program Files\granny2.dll [746496] [MD5.6D231BCCAFDA16DAF3BA201D94C54C95] [sPRF][24/05/2011] (.Robot Entertainment - Spartan Launcher.) -- C:\Program Files\Launcher.exe [5290272] [MD5.B827B7663320E5F3ED22F84487DB95DE] [sPRF][24/05/2011] (.Robot Entertainment - Spartan LauncherReplace.) -- C:\Program Files\LauncherReplace.exe [369440] [MD5.64F0CFA2CD54C379DE768C59D089B1C6] [sPRF][24/05/2011] (...) -- C:\Program Files\pw32b.dll [173408] [MD5.D39303C7CF96E9617D65C5F0B5F1AFDD] [sPRF][08/05/2011] (.Microsoft Corporation - Rockall Heap Manager DLL.) -- C:\Program Files\RockallDLL.dll [81998] [MD5.EF24BE15480D20F70C0B8EEAF32B6F3B] [sPRF][08/05/2011] (.Robot Entertainment - Spartan.) -- C:\Program Files\Spartan.exe [11756320] [MD5.FB98AFB771503DD626D0D41FBAD00B9A] [sPRF][08/05/2011] (...) -- C:\Program Files\XLiveDLC.dll [15648] [MD5.80F4A456633F78A26A3C6B16E64EFEC5] [sPRF][28/09/2007] (.Microsoft - Uno Messenger.) -- C:\Windows\Downloaded Program Files\GAME_UNO1.dll [381960] [MD5.8945CCA5FC4F25168E8B6F401EFAF51F] [sPRF][22/02/2007] (.Microsoft Corporation - Zone.com Stats Client for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll [304544] [MD5.6F315BDFE7148459DE3B4B59E6DFA1D4] [sPRF][19/08/2009] (.Microsoft® Corporation - Windows Live Photo Upload Tool.) -- C:\Windows\Downloaded Program Files\MsnPUpld.dll [641368] [MD5.732CACA8E848F6E721B093E51FC50B1D] [sPRF][09/01/2007] (.Microsoft® Corporation - Outil MSN Téléchargement de photos.) -- C:\Windows\Downloaded Program Files\PURfr-fr.dll [110592] ~ Scan Files in 00mn 01s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{89D67DF6-E4E9-43E8-A0E9-6B5D70000D3D}" |In - None - P6 - TRUE | .(...) -- c:\Program Files\Cyberlink\PowerDirector\PDR.exe (.not file.) O87 - FAEL: "TCP Query User{490506CE-9414-4D4A-87E1-F506BBEBA362}C:\users\hp\appdata\local\temp\wzse0.tmp\symnrt.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\hp\appdata\local\temp\wzse0.tmp\symnrt.exe (.not file.) O87 - FAEL: "UDP Query User{0B53AEED-7459-49D9-B8A8-80A3B74D0298}C:\users\hp\appdata\local\temp\wzse0.tmp\symnrt.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\hp\appdata\local\temp\wzse0.tmp\symnrt.exe (.not file.) O87 - FAEL: "{48EC8D39-6153-4BA0-B7CD-8508917164E2}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe O87 - FAEL: "{AB36E348-CC68-405C-BAB5-11378EFF78DA}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe O87 - FAEL: "{51947157-5E31-48F7-83A0-D97283C4DA79}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP DVDPlay.) -- C:\Program Files\HP\DVDPlay\DVDPlay.exe O87 - FAEL: "{A842310C-8F24-43B1-9325-1344CCE1D1C0}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP DVDPlay Resident Program.) -- C:\Program Files\HP\DVDPlay\DPService.exe O87 - FAEL: "{C298AB14-F930-41A2-903D-BFF70110DD03}" | In - Private - P6 - TRUE | .(...) -- C:\WINDOWS\System32\PnkBstrA.exe O87 - FAEL: "{EA00EDD8-6028-4752-82BA-443B13461BDA}" | In - Private - P17 - TRUE | .(...) -- C:\WINDOWS\System32\PnkBstrA.exe O87 - FAEL: "{C403AE22-7CE5-4C6E-87BE-793FA8525CE4}" | In - Private - P6 - TRUE | .(...) -- C:\WINDOWS\System32\PnkBstrB.exe O87 - FAEL: "{1AD512F3-5FCB-4C2D-A3E4-E211940D04C3}" | In - Private - P17 - TRUE | .(...) -- C:\WINDOWS\System32\PnkBstrB.exe O87 - FAEL: "{3DB3365B-42A9-471C-B0FD-21D2CD2374D6}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O87 - FAEL: "{271FF0A4-A42A-4698-A07C-7A7A29BBC004}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O87 - FAEL: "{7FF458AC-0942-4AC9-A0F0-E909B8B372A7}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe ~ Scan Firewall in 00mn 01s ---\\ Scan Additionnel (O88) Database Version : 8554 - (01/08/2011) Clés trouvées (Keys found) : 155 Valeurs trouvées (Values found) : 6 Dossiers trouvés (Folders found) : 7 Fichiers trouvés (Files found) : 0 [HKLM\Software\Microsoft\Internet Explorer\low rights\rundll32policy\f3scrctr.dll] =>Adware.MyWebSearch [HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss] =>Adware.MyWebSearch [HKLM\Software\microsoft\office\outlook\addins\mywebsearch.outlookaddin] =>Adware.MyWebSearch [HKLM\Software\microsoft\office\word\addins\mywebsearch.outlookaddin] =>Adware.MyWebSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ForceRenive] =>PUP.OfferBox [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall] =>Adware.BHO [HKLM\Software\Classes\funwebproducts.datacontrol] =>Adware.MyWebSearch [HKLM\Software\Classes\funwebproducts.datacontrol.1] =>Adware.MyWebSearch [HKLM\Software\Classes\funwebproducts.historykillerscheduler] =>Adware.MyWebSearch [HKLM\Software\Classes\funwebproducts.historykillerscheduler.1] =>Adware.MyWebSearch [HKLM\Software\Classes\funwebproducts.historyswattercontrolbar] =>Adware.MyWebSearch [HKLM\Software\Classes\funwebproducts.historyswattercontrolbar.1] =>Adware.MyWebSearch [HKLM\Software\Classes\funwebproducts.htmlmenu] =>Adware.MyWebSearch [HKLM\Software\Classes\funwebproducts.htmlmenu.1] =>Adware.MyWebSearch [HKLM\Software\Classes\funwebproducts.htmlmenu.2] =>Adware.MyWebSearch [HKLM\Software\Classes\funwebproducts.iecookiesmanager] =>Adware.MyWebSearch [HKLM\Software\Classes\funwebproducts.iecookiesmanager.1] =>Adware.MyWebSearch [HKLM\Software\Classes\funwebproducts.killerobjmanager] =>Adware.MyWebSearch [HKLM\Software\Classes\funwebproducts.killerobjmanager.1] =>Adware.MyWebSearch [HKLM\Software\Classes\funwebproducts.popswatterbarbutton] =>Adware.MyWebSearch [HKLM\Software\Classes\funwebproducts.popswatterbarbutton.1] =>Adware.MyWebSearch [HKLM\Software\Classes\funwebproducts.popswattersettingscontrol] =>Adware.MyWebSearch [HKLM\Software\Classes\funwebproducts.popswattersettingscontrol.1] =>Adware.MyWebSearch [HKLM\Software\Classes\mywebsearch.chatsessionplugin] =>Adware.MyWebSearch [HKLM\Software\Classes\mywebsearch.chatsessionplugin.1] =>Adware.MyWebSearch [HKLM\Software\Classes\mywebsearch.htmlpanel] =>Adware.MyWebSearch [HKLM\Software\Classes\mywebsearch.htmlpanel.1] =>Adware.MyWebSearch [HKLM\Software\Classes\mywebsearch.multiplebutton] =>Adware.MyWebSearch [HKLM\Software\Classes\mywebsearch.multiplebutton.1] =>Adware.MyWebSearch [HKLM\Software\Classes\mywebsearch.outlookaddin] =>Adware.MyWebSearch [HKLM\Software\Classes\mywebsearch.outlookaddin.1] =>Adware.MyWebSearch [HKLM\Software\Classes\mywebsearch.pseudotransparentplugin] =>Adware.MyWebSearch [HKLM\Software\Classes\mywebsearch.pseudotransparentplugin.1] =>Adware.MyWebSearch [HKLM\Software\Classes\mywebsearch.urlalertbutton] =>Adware.MyWebSearch [HKLM\Software\Classes\MyWebSearch.UrlAlertButton.1] =>Adware.MyWebSearch [HKLM\Software\Classes\mywebsearchtoolbar.settingsplugin] =>Adware.MyWebSearch [HKLM\Software\Classes\mywebsearchtoolbar.settingsplugin.1] =>Adware.MyWebSearch [HKLM\Software\Classes\mywebsearchtoolbar.toolbarplugin] =>Adware.MyWebSearch [HKLM\Software\Classes\mywebsearchtoolbar.toolbarplugin.1] =>Adware.MyWebSearch [HKLM\Software\Classes\screensavercontrol.screensaverinstaller] =>Adware.BHO [HKLM\Software\Classes\screensavercontrol.screensaverinstaller.1] =>Adware.BHO [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}] =>Adware.MyWebSearch [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}] =>Adware.MyWebSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44CF-8957-5838F569A31D}] =>Adware.MyWebSearch [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf6-072e-44cf-8957-5838f569a31d}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d}] =>Adware.MyWebSearch [HKLM\Software\Classes\TypeLib\{07b18ea0-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{07b18ea1-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07b18ea1-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}] =>Adware.MyWebSearch [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{07b18eac-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch [HKLM\Software\Classes\TypeLib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{1093995a-ba37-41d2-836e-091067c4ad17}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{120927bf-1700-43bc-810f-fab92549b390}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec}] =>Adware.MyWebSearch [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}] =>Adware.MyWebSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{1f52a5fa-a705-4415-b975-88503b291728}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{25560540-9571-4d7b-9389-0f166788785a}] =>Adware.MyWebSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a}] =>Adware.MyWebSearch [HKLM\Software\Classes\TypeLib\{29d67d3c-509a-4544-903f-c8c1b8236554}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}] =>Adware.MyWebSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82}] =>Adware.MyWebSearch [HKLM\Software\Classes\TypeLib\{3e720450-b472-4954-b7aa-33069eb53906}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{3e720451-b472-4954-b7aa-33069eb53906}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{3e720452-b472-4954-b7aa-33069eb53906}] =>Adware.MyWebSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{3e720453-b472-4954-b7aa-33069eb53906}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5}] =>Adware.MyWebSearch [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0}] =>Adware.AdRotator [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0}] =>Adware.AdRotator [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}] =>Adware.MyWebSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c}] =>Adware.MyWebSearch [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff}] =>Adware.MyWebSearch [HKLM\Software\Classes\TypeLib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch [HKLM\Software\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983}] =>Adware.MyWebSearch [HKLM\Software\Classes\TypeLib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c}] =>Adware.MyWebSearch [HKLM\Software\Classes\TypeLib\{8e6f1830-9607-4440-8530-13be7c4b1d14}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{8e9cf769-3d3b-40eb-9e2d-76e7a205e4d2}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8}] =>Adware.MyWebSearch [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab}] =>Adware.MyWebSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{991aac62-b100-47ce-8b75-253965244f69}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df}] =>Adware.MyWebSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d}] =>Adware.MyWebSearch [HKLM\Software\Classes\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835}] =>Adware.MyWebSearch [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127}] =>Adware.MyWebSearch [HKLM\Software\Classes\TypeLib\{d518921a-4a03-425e-9873-b9a71756821e}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{d858dafc-9573-4811-b323-7011a3aa7e61}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805}] =>Adware.MyWebSearch [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f}] =>Adware.MyWebSearch [HKLM\Software\Classes\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d}] =>Adware.MyWebSearch [HKLM\Software\Classes\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612}] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612}] =>Adware.MyWebSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8}] =>Adware.MyWebSearch [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da}] =>Adware.MyWebSearch [HKLM\Software\Classes\TypeLib\{f42228fb-e84e-479e-b922-fbbd096e792c}] =>Adware.MyWebSearch [HKLM\Software\Classes\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978}] =>Adware.MyWebSearch [HKLM\SYSTEM\CurrentControlSet\Services\MyWebSearchService] =>Adware.MyWebSearch [HKLM\Software\Conduit] =>Toolbar.Conduit [HKCU\Software\fcn] =>Rogue.Multiple [HKLM\Software\focusinteractive] =>Adware.MyWebSearch [HKCU\Software\AppDataLow\Software\Fun Web Products] =>Adware.MyWebSearch [HKLM\Software\Fun Web Products] =>Adware.MyWebSearch [HKCU\Software\FunWebProducts] =>Adware.MyWebSearch [HKCU\Software\AppDataLow\Software\FunWebProducts] =>Adware.MyWebSearch [HKCU\Software\PopCap] =>Adware.PopCap [HKLM\Software\PopCap] =>Adware.PopCap [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\mywebsearch bar uninstall] =>Adware.MyWebSearch [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{07b18ea9-a523-4961-b6bb-170de4475cca} =>Adware.MyWebSearch [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{07b18ea9-a523-4961-b6bb-170de4475cca} =>Adware.MyWebSearch [HKLM\Software\Mozilla\Firefox\Extensions]:m3ffxtbr@mywebsearch.com =>Adware.MyWebSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]:My Web Search Bar Search Scope Monitor =>Adware.MyWebSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]:MyWebSearch Email Plugin =>Adware.MyWebSearch [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]:MyWebSearch Email Plugin =>Adware.MyWebSearch C:\Program Files\FunWebProducts =>Adware.MyWebSearch C:\Program Files\log =>Worm.Silly C:\Program Files\MyWebSearch =>Adware.MyWebSearch C:\ProgramData\PopCap Games =>Adware.PopCap C:\Users\HP\AppData\Roaming\OfferBox =>PUP.OfferBox C:\Users\HP\AppData\LocalLow\FunWebProducts =>Adware.MyWebSearch C:\Users\HP\AppData\LocalLow\MyWebSearch =>Adware.MyWebSearch ~ Scan Additionnel in 00mn 07s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 01/01/2010 108289 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe SR - | Auto 01/01/2010 185089 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe SR - | Auto 12/07/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SS - | Demand 12/04/2011 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\BBSvc.exe SR - | Auto 12/07/2011 349472 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 01/10/2008 69632 | (Crypkey License) . (.CrypKey (Canada) Ltd..) - C:\Windows\System32\crypserv.exe SR - | Auto 03/01/2010 266240 | (CSHelper) . (...) - C:\Windows\system32\CSHelper.exe SS - | Demand 29/08/2008 21504 | C:\Program Files\NOS\bin\getPlus_Helper.dll (getPlusHelper) . (.NOS Microsystems Ltd..) - C:\Windows\System32\svchost.exe SS - | Auto 10/04/2009 133104 | (gupdate1c9b9b495cdbcb0) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 10/04/2009 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SR - | Auto 07/05/2008 65536 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe SR - | Auto 07/05/2008 198240 | (HPBtnSrv) . (...) - c:\hp\HPEZBTN\HPBtnSrv.exe SR - | Auto 07/05/2008 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe SS - | Demand 25/04/2010 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe SR - | Demand 12/07/2011 820520 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SR - | Auto 07/05/2008 79136 | (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files\Common Files\LightScribe\LSSrvc.exe SS - | Demand 25/08/2008 191656 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe SR - | Auto 06/12/2010 28762 | (MyWebSearchService) . (.MyWebSearch.com.) - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe SR - | Auto 28/03/2009 207392 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 25/05/2011 75136 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe SR - | Auto 25/08/2008 79400 | (vsmon) . (.Check Point Software Technologies LTD.) - C:\WINDOWS\System32\ZoneLabs\vsmon.exe SR - | Auto 29/08/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe SR - | Auto 05/05/2009 39408 | ({22D78859-9CE9-4B77-BF18-AC83E81A9263}) . (.Cyberlink Corp..) - C:\Program Files\HP\DVDPlay\000.fcl ~ Scan Services in 00mn 00s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by HP at 01/08/2011 16:36:28 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll C:\Windows\system32\drivers\iastor.sys Intel Corporation Intel Matrix Storage Manager driver 1 ntkrnlpa!IofCallDriver[0x82A54912] -> \Device\Harddisk0\DR0[0x86F35AC8] 3 CLASSPNP[0x8BBA18B3] -> ntkrnlpa!IofCallDriver[0x82A54912] -> \Device\Ide\IAAStorageDevice-2[0x855A0028] kernel: MBR read successfully user & kernel MBR OK ~ Scan MBR in 00mn 02s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by HP at 01/08/2011 16:36:30 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 04s End of the scan (1440 lines in 02mn 41s)(0)

Bonjour, D'une maniere aleatoire l'écran bleu apparait et le systeme reboot.De plus j'ai un message d'antivir :infection ADWARE/agent mywebsearch K3 merci pour votre aide