Aller au contenu

franck de Marseille

Membres
  • Compteur de contenus

    143
  • Inscription

  • Dernière visite

Réputation sur la communauté

0 Neutral

À propos de franck de Marseille

  • Rang
    Power Member
  • Date de naissance 05/11/1963

Profile Information

  • Sexe
    Male
  • Localisation
    marseille

Autres informations

  • Mes langues
    Français
  1. Bonjour, Depuis quelques temps je subi des extinctions inopinées, écran bleu et mon ventilo fait du yoyo au point de vue vitesse.... Qui voudra bien m'aider ? D'avance merci, Franck
  2. Bonsoir, Depuis une paire de jour mon Pc plante : écran bleu, écran qui reste noir au démarrage, plantage des activités en cours (jeux par exemple). De l'aide serait la bienvenue Merci d'avance !!!
  3. Bonsoir, voilà le rapport : [ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ] --> Recherche: C:\Program Files (x86)\Ad-remover: trouvé ! C:\Program Files (x86)\ZHPDiag: trouvé ! C:\Program Files (x86)\Ad-Remover\Backup\Ad-R.exe: trouvé ! C:\Program Files (x86)\trend micro\HijackThis.exe: trouvé ! C:\Program Files (x86)\trend micro\hijackthis.log: trouvé ! C:\Program Files (x86)\trend micro\HijackThis: trouvé ! C:\Program Files (x86)\trend micro\HiJackThis\HijackThis.exe: trouvé ! C:\Program Files (x86)\ZHPDiag\ZHPdiag.exe: trouvé ! C:\Program Files (x86)\ZHPDiag\catchme.exe: trouvé ! C:\Program Files (x86)\ZHPDiag\mbr.log: trouvé ! C:\Program Files (x86)\ZHPDiag\mbr.exe: trouvé ! C:\Users\famille\AppData\Local\VirtualStore\Program Files (x86)\trend micro\HijackThis: trouvé ! C:\Users\famille\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HijackThis.exe: trouvé ! C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé ! C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé ! C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HijackThis.lnk: trouvé ! C:\Users\famille\AppData\Roaming\Registry Mechanic\SystemReport.txt: trouvé ! C:\Users\famille\Desktop\SECURITE\HijackThis.lnk: trouvé !
  4. Re, Pensez vous que les éléments nettoyé étaient responsable des extinctions de mon PC? Si non comment puis-je résoudre ces soucis? Merci Franck, Encore une chose : Les applications téléchargées pour ce nettoyage je les désinstalle via "gestion des programmes?"
  5. Bonjour et merci de votre patience Voici le dernier rapport : Rapport de ZHPFix 1.12.3345 par Nicolas Coolman, Update du 29/07/2011 Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-10-08-2011-17-25-57.txt Run by famille at 10/08/2011 17:25:48 Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Web site : ZHPFix Fix de rapport ========== Logiciel(s) ========== ABSENT Software Key: NCH_EN Toolbar ABSENT Software Key: uTorrentBar_FR Toolbar ========== Processus mémoire ========== SUPPRIME Reboot Memory Process: C:\Program Files (x86)\Lexmark S600 Series\ezprint.exe ========== Clé(s) du Registre ========== ABSENT Key: HKLM\Software\Classes\pdfforge.DllInfo ABSENT Key: HKLM\Software\Wow6432Node\Classes\pdfforge.DllInfo ABSENT Key: HKLM\Software\Classes\pdfforge.PDF.PDF ABSENT Key: HKLM\Software\Wow6432Node\Classes\pdfforge.PDF.PDF ABSENT Key: HKLM\Software\Classes\pdfforge.PDF.PDFEncryptor ABSENT Key: HKLM\Software\Wow6432Node\Classes\pdfforge.PDF.PDFEncryptor ABSENT Key: HKLM\Software\Classes\pdfforge.PDF.PDFLine ABSENT Key: HKLM\Software\Wow6432Node\Classes\pdfforge.PDF.PDFLine ABSENT Key: HKLM\Software\Classes\pdfforge.PDF.PDFText ABSENT Key: HKLM\Software\Wow6432Node\Classes\pdfforge.PDF.PDFText ABSENT Key: HKLM\Software\Classes\pdfforge.Tools ABSENT Key: HKLM\Software\Wow6432Node\Classes\pdfforge.Tools SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{fee1002d-90a5-4a5d-aabe-01803ffbcf7a} ABSENT Key: CLSID BHO: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} ABSENT Key: CLSID BHO: {37483b40-c254-4a72-bda4-22ee90182c1e} SUPPRIME Key: HKCU\Software\AppDataLow\Software\NCH_EN SUPPRIME Key: HKCU\Software\AppDataLow\Software\uTorrentBar_FR ABSENT Key: HKLM\Software\NCH_EN ABSENT Key: HKLM\Software\uTorrentBar_FR ABSENT Key: HKLM\Software\Classes\AppID\NCTAudioCDGrabber2.DLL ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\NCTAudioCDGrabber2.DLL SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} ABSENT Key: HKLM\Software\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B} ABSENT Key: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF ABSENT Key: HKLM\Software\Wow6432Node\uTorrentBar_FR ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{fee1002d-90a5-4a5d-aabe-01803ffbcf7a} ABSENT Key: HKCU\Software\AppDataLow\Software\NCH_EN ABSENT Key: HKCU\Software\AppDataLow\Software\uTorrentBar_FR ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} ========== Valeur(s) du Registre ========== SUPPRIME URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} SUPPRIME URLSearchHook: {37483b40-c254-4a72-bda4-22ee90182c1e} ABSENT RunValue: EzPrint ABSENT URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} ABSENT URLSearchHook: {37483b40-c254-4a72-bda4-22ee90182c1e} ========== Préférences navigateur ========== ABSENT Folder Chrome: C:\Users\famille\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk ========== Dossier(s) ========== SUPPRIME Reboot Folder**: C:\Program Files\Babylon SUPPRIME Folder: C:\Users\famille\AppData\Roaming\AnVi SUPPRIME Reboot Folder**: C:\Program Files (x86)\Babylon SUPPRIME Folder: c:\users\famille\appdata\locallow\babylontoolbar SUPPRIME Folder*: C:\Users\famille\AppData\Local\Acer Arcade Deluxe SUPPRIME Folder: C:\Users\famille\AppData\Local\FullTiltPoker.fr SUPPRIME Reboot Folder**: C:\Program Files (x86)\NCH_EN SUPPRIME Reboot Folder**: C:\Program Files (x86)\ToolbarInstaller SUPPRIME Reboot Folder**: C:\Program Files (x86)\uTorrentBar_FR SUPPRIME Folder: c:\users\famille\appdata\locallow\utorrentbar_fr ABSENT C:\Users\famille\AppData\Roaming\AnVi ABSENT C:\Users\famille\AppData\Local\Acer Arcade Deluxe ABSENT C:\Users\famille\AppData\Local\FullTiltPoker.fr ========== Fichier(s) ========== SUPPRIME Reboot c:\ad-report-clean[2].txt SUPPRIME Reboot c:\ad-report-scan[2].txt SUPPRIME Reboot c:\program files (x86)\utorrentbar_fr\tbutor.dll ABSENT Folder/File: c:\users\famille\appdata\locallow\babylontoolbar ABSENT Folder/File: c:\users\famille\appdata\locallow\utorrentbar_fr ========== Récapitulatif ========== 1 : Processus mémoire 31 : Clé(s) du Registre 5 : Valeur(s) du Registre 13 : Dossier(s) 5 : Fichier(s) 2 : Logiciel(s) 1 : Préférences navigateur ========== Chemin du fichier rapport ========== C:\ZHP\ZHPFixReport.txt End of the scan in 02mn 27s
  6. Voici la dernière analyse Zhpdiag : Rapport de ZHPDiag v1.28.132 par Nicolas Coolman, Update du 08/08/2011 Run by famille at 09/08/2011 21:14:36 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 MFIE: Mozilla Firefox 5.0 v (Defaut) GCIE: Google Chrome v12.0.742.122 ---\\ Windows Product Information Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows® 7, OEM_COA_NSLP channel Windows ID Activation : OK ~ Windows Partial Key : M3J6X Windows License : OK ~ Windows Remaining Initializations Number : 5 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System Information ~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 8191 MB (79% free) System Restore: Activé (Enable) System drive C: has 333 GB (72%) free of 458 GB ---\\ Logged in mode ~ Computer Name: PC-DE-FAMILLE ~ User Name: famille ~ All Users Names: HomeGroupUser$, famille, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\famille\AppData\Roaming\ ~ %Desktop% : C:\Users\famille\Desktop\ ~ %Favorites% : C:\Users\famille\Favorites\ ~ %LocalAppData% : C:\Users\famille\AppData\Local\ ~ %StartMenu% : C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 333 Go of 458 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 458 Go of 458 Go) E:\ CD-ROM drive (Not Inserted) F:\ Floppy drive, Flash card reader, USB Key (Not Inserted) G:\ Floppy drive, Flash card reader, USB Key (Not Inserted) H:\ Floppy drive, Flash card reader, USB Key (Not Inserted) I:\ Floppy drive, Flash card reader, USB Key (Not Inserted) J:\ Floppy drive, Flash card reader, USB Key (Not Inserted) L:\ Hard drive, Flash drive, Thumb drive (Free 508 Go of 596 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.28/04/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.DD81D91FF3B0763C392422865C9AC12E] - (....) (.14/07/2009 - 02:39:31.) -- C:\Windows\system32\rundll32.exe [45568] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\system32\Wininit.exe [129024] [MD5.1BF2BCC7E3C26FD4C8EF0C9EFB0CC25D] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.11/07/2011 - 18:01:31.) -- C:\Windows\system32\wininet.dll [1389056] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.05/03/2011 - 14:25:30.) -- C:\Windows\system32\Winlogon.exe [390656] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\drivers\atapi.sys [24128] [MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.28/04/2011 - 07:41:34.) -- C:\Windows\system32\drivers\ntfs.sys [1659776] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.05/03/2011 - 14:27:26.) -- C:\Windows\system32\sppcomapi.dll [232448] [MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (....) (.05/03/2011 - 14:07:20.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/42 ~ Mes musiques (My Musics) : 15/43 ~ Mes Videos (My Videos) : 1/185 ~ Mes Favoris (My Favorites) : 5/549 ~ Mes Documents (My Documents) : 156/1687 ~ Mon Bureau (My Desktop) : 2/616 ~ Menu demarrer (Programs) : 7/38 ~ Scan Hidden Files in 00mn 17s ---\\ Processus lancés [MD5.F751C546A9A586A09AD64274529F8E9C] - (.McAfee, Inc. - McAfee Integrated Security Platform.) -- c:\PROGRA~2\mcafee.com\agent\mcagent.exe [645328] [MD5.055E69B5E4841098A4EAE04EE7EEB0A2] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904] [MD5.25173C73A8E66BDCE0991643B3810BC8] - (.EgisTec Inc. - mwlDaemon Application.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [346672] [MD5.696A8C0E65724D5CD80944688BA69D11] - (.Pas de propriétaire - Printer Device Monitor.) -- C:\Program Files (x86)\Lexmark S600 Series\lxedmon.exe [770728] [MD5.951E33D6F7336F35D592E4A1B03440BA] - (...) -- C:\Program Files (x86)\Lexmark S600 Series\ezprint.exe [139944] [MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [MD5.467E15D29A0FB9EECFC16543AD978F5A] - (.Veoh Networks - Veoh Web Player Beta.) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [2634048] [MD5.79A68515003E994D8632D1802C149430] - (.Pas de propriétaire - gm4ie MFC Application.) -- C:\Facemoi\facemoi.exe [59392] [MD5.89F7C30A91E5581BDF14C62AB46A2B2D] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [255536] [MD5.B62D8C47FFF285F910A4896836BCD744] - (.CyberLink Corp. - Acer Arcade Deluxe Resident Program.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [156968] [MD5.D3D3B1CFA81DD68D38362D533F443FD1] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [202024] [MD5.2B2D8EF4BE4648FC0BB91DE59D395574] - (.EgisTec Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464] [MD5.8DCED3E27B271E76743C268DBD51EEEC] - (.Acer Corp. - Acer Arcade Deluxe PlayMovie Resident Progr.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [173288] [MD5.9ACE8ECDB1EBC519F48AA65DE5875573] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe [202256] [MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [281768] [MD5.7636713B4F0944045AB4AF7CED5245AB] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704] [MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [MD5.6C9CD3ECBA6732661C8BBE37A877A2BD] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [924632] [MD5.B5B4E81AADFDF95345186A023A99D2E6] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [664576] [MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [136360] [MD5.62F7FD637CE42ADDA3748E1B6E8780D2] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [269480] [MD5.2B272D0A6E5071829B516FFDC7F841CA] - (.Pas de propriétaire - CLHNService Module.) -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [75048] [MD5.9FD96AFED226918A6ED8D0BAF9C2B398] - (...) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSMonitorService.exe [58664] [MD5.051E8D7AC7B1902BD32060AB7ED6E449] - (.CyberLink - CLMSServer.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [288120] [MD5.C85968D24449E37653B891B03188140C] - (.McAfee, Inc. - McAfee Proxy Service Module.) -- C:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe [359952] [MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- C:\Windows\SysWOW64\rundll32.exe [44544] [MD5.0655D440057942DE2BEEB8FAD145490E] - (.McAfee, Inc. - McAfee Personal Firewall Service.) -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe [894136] [MD5.CF3C267356F458BE85C5034BFC382022] - (.McAfee, Inc. - McAfee Anti-Spam Server.) -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe [26640] [MD5.77F8AD024059A9A8E17E654B887D1EF0] - (.EgisTec Inc. - MyWinLocker Service.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [306736] [MD5.58751F9248D50BCE1053976C9E2F0859] - (.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144632] [MD5.7CCAEBCAB6FC1ED0206C07E083E79207] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152] [MD5.F79525634B192F5A18DE503568F94EF3] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840] [MD5.0FC36E77D779F8D021D338BDC7368181] - (.McAfee, Inc. - McAfee Services.) -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe [865832] [MD5.F2A433E0EA959028E349FB1D5BAE01E7] - (.McAfee, Inc. - McAfee SystemGuards Service.) -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe [606736] [MD5.2988E515570E4F8B9D9B256137F8E8F4] - (.McAfee, Inc. - McAfee Network Agent.) -- C:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe [2482848] ~ Scan Processes Running in 00mn 01s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\famille\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [user Data\Default] None G0 - GCSP: Preference [user Data\Default][HomePage] Google G2 - GCE: Preference [user Data\Default] [defdhglnppeioeflggkmglipcecffkhk] AutocompletePro plugin for chrome v.1.0 (Activé) G2 - GCE: Preference [user Data\Default] [fheoggkfdfchfphceeifdbepaooicaho] SiteAdvisor v.3.31.137.7 (Activé) G2 - GCE: Preference [user Data\Default] [fnjbmmemklcjgepojigaapkoodmkgbae] DivX HiQ v.2.1.1.94 (Activé) G2 - GCE: Preference [user Data\Default] [iknffkmlbmmhbnfhfnpopiembeecpokj] Facemoi v.2.3.0 (Activé) G2 - GCE: Preference [user Data\Default] [jfmjfhklogoienhpfnppmbcbjfjnkonk] RealPlayer HTML5Video Downloader Extension v.1.2 (Activé) G2 - GCE: Preference [user Data\Default] [nneajnkjbffgblleaoojgaacokifdkhm] \u003Cvideo\u003E HTML5 DivX Plus Web Player v.2.1.1.94 (Activé) ~ Scan Google Browser in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\famille\AppData\Roaming\Mozilla\Firefox\Profiles\dnnw8d13.default\prefs.js M0 - MFSP: prefs.js [famille - dnnw8d13.default] Google M2 - MFEP: prefs.js [famille - dnnw8d13.default\{04253f76-f258-4b03-7b4a-0bebad2ca3e9}] [] v (.FaceMoicemoi/content/facemoi.png</em:iconURL><em:homepageURL>Who visits my facebook profile - Facemoi</em:homepageURL><em:targetApplication><Description><em:id>{ec8030f7-c20a-4 P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npDivxPlayerPlugin.dll P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppl3260.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin6.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin7.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nprjplug.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 6.0.12.775.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nprpjplug.dll P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com R0 - HKUS\S-1-5-21-1593801776-2121311327-3249409475-1000\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll R3 - URLSearchHook: McAfee SiteAdvisor Toolbar [64Bits] - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) (3,3,1,137) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll R3 - URLSearchHook: uTorrentBar_FR Toolbar [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.7.3) -- C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll R3 - URLSearchHook: NCH EN Toolbar [64Bits] - {37483b40-c254-4a72-bda4-22ee90182c1e} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.2.0) -- C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Scan Hosts File in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: McAfee Phishing Filter [64Bits] - {27B4851A-3207-45A2-B947-BE8AFE6163AB} . (...) -- c:\PROGRA~2\mcafee\msk\MSKAPB~1.DLL O2 - BHO: scriptproxy [64Bits] - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\ O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll O2 - BHO: McAfee SiteAdvisor BHO [64Bits] - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll O2 - BHO: uTorrentBar_FR Toolbar [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll O2 - BHO: Lexmark Barre d'outils [64Bits] - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} . (...) -- C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: McAfee Phishing Filter [64Bits] - {27B4851A-3207-45A2-B947-BE8AFE6163AB} . (...) -- c:\PROGRA~2\mcafee\msk\mskapbho.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer [64Bits] - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugi O2 - BHO: Increase performance and video formats for your HTML5 <video> [64Bits] - {326E768D-4182-46FD-9C16-1449A49795F4} . (.DivX, LLC - DivX Web Player version 2.1.1.94.) -- C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: NCH EN [64Bits] - {37483b40-c254-4a72-bda4-22ee90182c1e} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites [64Bits] - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} . (.DivX, LLC - DivX Web Player version 2.1.1.94.) -- C:\Program Files (x86)\Div O2 - BHO: (no name) [64Bits] - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline O2 - BHO: Search Helper [64Bits] - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: scriptproxy [64Bits] - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: McAfee SiteAdvisor BHO [64Bits] - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Mega Manager IE Click Monitor [64Bits] - {bf00e119-21a3-4fd1-b178-3b8537e75c92} . (.Megaupload Limited - Mega Manager IE Click Catcher.) -- C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Lexmark [64Bits] - {D2C5E510-BE6D-42CC-9F61-E4F939078474} . (...) -- C:\Program Files\Lexmark Printable Web\bho.dll O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper [64Bits] - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O2 - BHO: (no name) [64Bits] - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} Clé orpheline ~ Scan BHO in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: McAfee SiteAdvisor Toolbar [64Bits] - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll O3 - Toolbar: Google Toolbar [64Bits] - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll ~ Scan Toolbar in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe O4 - HKLM\..\Run: [skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Program Files\Realtek\Audio\HDA\Skytel.exe O4 - HKLM\..\Run: [iAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [mwlDaemon] . (.EgisTec Inc. - mwlDaemon Application.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe O4 - HKLM\..\Run: [lxedmon.exe] . (.Pas de propriétaire - Printer Device Monitor.) -- C:\Program Files (x86)\Lexmark S600 Series\lxedmon.exe O4 - HKLM\..\Run: [EzPrint] . (...) -- C:\Program Files (x86)\Lexmark S600 Series\ezprint.exe O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [VeohPlugin] . (.Veoh Networks - Veoh Web Player Beta.) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe O4 - HKCU\..\Run: [GM4IE] . (.Pas de propriétaire - gm4ie MFC Application.) -- C:\Facemoi\facemoi.exe O4 - HKLM\..\Wow6432Node\Run: [ArcadeDeluxeAgent] . (.CyberLink Corp. - Acer Arcade Deluxe Resident Program.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe O4 - HKLM\..\Wow6432Node\Run: [CLMLServer] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe O4 - HKLM\..\Wow6432Node\Run: [EgisTecLiveUpdate] . (.EgisTec Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe O4 - HKLM\..\Wow6432Node\Run: [mcagent_exe] . (.McAfee, Inc. - McAfee Integrated Security Platform.) -- C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe O4 - HKLM\..\Wow6432Node\Run: [MDS_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe O4 - HKLM\..\Wow6432Node\Run: [PlayMovie] . (.Acer Corp. - Acer Arcade Deluxe PlayMovie Resident Progr.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe O4 - HKLM\..\Wow6432Node\Run: [updatePDRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exer\7.0 (.not file.) O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Wow6432Node\Run: [Facemoi] . (.Pas de propriétaire - gm4ie MFC Application.) -- c:\Facemoi\facemoi.exe O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-1593801776-2121311327-3249409475-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-21-1593801776-2121311327-3249409475-1000\..\Run: [VeohPlugin] . (.Veoh Networks - Veoh Web Player Beta.) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe O4 - HKUS\S-1-5-21-1593801776-2121311327-3249409475-1000\..\Run: [GM4IE] . (.Pas de propriétaire - gm4ie MFC Application.) -- C:\Facemoi\facemoi.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\famille\Desktop\Dofus 2.lnk . (...) -- C:\Program Files (x86)\Dofus 2\app\UpLauncher.exe O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Dofus.lnk . (.Ankama Games.) -- C:\Program Files (x86)\Dofus\UpLauncher.exe O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shareaza.lnk . (.Shareaza Development Team.) -- C:\Program Files (x86)\Shareaza\Shareaza.exe O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Wakfu.lnk . (...) -- C:\Program Files (x86)\Wakfu\UpLauncher.exe O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk . (.BitTorrent, Inc..) -- C:\Program Files (x86)\uTorrent\uTorrent.exe ~ Scan Global Startup in 00mn 04s ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: Download Link Using Mega Manager... . (...) -- C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~3\Office12\EXCEL.exe O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll ~ Scan Winsock in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{7623DE02-1BD8-4B18-AD23-F9F0DA1982C9}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{7623DE02-1BD8-4B18-AD23-F9F0DA1982C9}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{7623DE02-1BD8-4B18-AD23-F9F0DA1982C9}: DhcpNameServer = 192.168.1.1 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: dssrequest [64Bits] - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: ms-itss [64Bits] - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: sacore [64Bits] - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL ~ Scan Protocole Additionnel in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ Scan SSODL in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: CLHNService (CLHNService) . (.Pas de propriétaire - CLHNService Module.) - C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe O23 - Service: CyberLink Media Server Monitor Service (CyberLink Media Server Monitor Service) . (...) - C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSMonitorService.exe O23 - Service: CyberLink Media Server Service (CyberLink Media Server Service) . (.CyberLink - CLMSServer.) - C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe O23 - Service: Service Google Update (gupdate1ca51b324e09bc0) (gupdate1ca51b324e09bc0) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: lxedCATSCustConnectService (lxedCATSCustConnectService) . (.Lexmark International, Inc. - Lexmark Connect Service Executable.) - C:\Windows\system32\spool\DRIVERS\x64\3\lxedserv.exe O23 - Service: lxed_device (lxed_device) . (.Pas de propriétaire - Printer Communication System.) - C:\Windows\system32\lxedcoms.exe O23 - Service: McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) . (.McAfee, Inc. - SiteAdvisor.) - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) . (.McAfee, Inc. - McAfee Services.) - C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) . (.McAfee, Inc. - McAfee Network Agent.) - C:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe O23 - Service: McAfee Proxy Service (McProxy) . (.McAfee, Inc. - McAfee Proxy Service Module.) - C:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe O23 - Service: McAfee Real-time Scanner (McShield) . (.McAfee, Inc. - On-Access Scanner service.) - C:\Program Files\McAfee\VirusScan\Mcshield.exe O23 - Service: McAfee Personal Firewall Service (MpfService) . (.McAfee, Inc. - McAfee Personal Firewall Service.) - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) . (.McAfee, Inc. - McAfee Anti-Spam Server.) - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe O23 - Service: MyWinLocker Service (MWLService) . (.EgisTec Inc. - MyWinLocker Service.) - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) . (.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 197.4.) - C:\Windows\system32\nvvsvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\McDefragTask.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\McQcTask.job [MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.21E151BEABD692DCE9911B8A71DC0332] [APT] [McQcTask] (.McAfee, Inc..) -- c:\PROGRA~2\mcafee\mqc\QcConsol.exe [MD5.2C1A1F91D3288E7C02B584C2553967B6] [APT] [RealUpgradeLogonTaskS-1-5-21-1593801776-2121311327-3249409475-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [MD5.2C1A1F91D3288E7C02B584C2553967B6] [APT] [RealUpgradeScheduledTaskS-1-5-21-1593801776-2121311327-3249409475-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [MD5.467E15D29A0FB9EECFC16543AD978F5A] [APT] [RunAsStdUser Task for VeohWebPlayer] (.Veoh Networks.) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [MD5.7B43567B4C32AD7ADED537CD3B1342B9] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe ~ Scan Scheduled Task in 00mn 06s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys O41 - Driver: McAfee Inc. mfehidk (mfehidk) . (.McAfee, Inc. - Host Intrusion Detection Link Driver.) - C:\Windows\system32\drivers\mfehidk.sys O41 - Driver: (MPFP) . (.McAfee, Inc. - McAfee Personal Firewall Plus Driver.) - C:\Windows\system32\Drivers\Mpfp.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Tcpip) . (.Microsoft Corporation - Pilote TCP/IP.) - C:\Windows\system32\drivers\tcpip.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys ~ Scan Drivers in 00mn 01s ---\\ Logiciels installés (O42) O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} O42 - Logiciel: AVS Audio Editor version 6.1 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Audio Editor_is1 O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Update Manager_is1 O42 - Logiciel: AVS4YOU Software Navigator 1.4 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Software Navigator_is1 O42 - Logiciel: Acer Arcade Deluxe - (.CyberLink Corp..) [HKLM] -- InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761} O42 - Logiciel: Acer Arcade Deluxe - (.CyberLink Corp..) [HKLM] -- {2637C347-9DAD-11D6-9EA2-00055D0CA761} O42 - Logiciel: Acer Product Registration - (.Acer Incorporated.) [HKLM] -- {DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E} O42 - Logiciel: Acer ScreenSaver - (.Acer Incorporated.) [HKLM] -- {79DD56FC-DB8B-47F5-9C80-78B62E05F9BC} O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player O42 - Logiciel: Alice Greenfingers - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767} O42 - Logiciel: Alien Shooter - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110082360} O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: Beetle Junior - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110052107} O42 - Logiciel: C:\Program Files (x86)\Acer GameZone\GameConsole - (.Oberon Media, Inc..) [HKLM] -- {71C2828F-2678-4675-BDEC-895424861262}_is1 O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Chicken Invaders 2 - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593} O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM] -- DivX Setup.divx.com O42 - Logiciel: CyberLink MediaShow - (.CyberLink Corp..) [HKLM] -- InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB} O42 - Logiciel: CyberLink MediaShow - (.CyberLink Corp..) [HKLM] -- {80E158EA-7181-40FE-A701-301CE6BE64AB} O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: DivX Converter - (.DivX, Inc..) [HKLM] -- {B13A7C41581B411290FBC0395694E2A9} O42 - Logiciel: DivX Plus DirectShow Filters - (.DivX, Inc..) [HKLM] -- DivX Plus DirectShow Filters O42 - Logiciel: Dofus 1.28.0 - (.Ankama Games.) [HKLM] -- Dofus 1.28.0 O42 - Logiciel: Dream Day First Home - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110} O42 - Logiciel: Full Tilt Poker.Fr - (.Pas de propriétaire.) [HKLM] -- {34785AD0-6276-11DF-A08A-0800200C9A66} O42 - Logiciel: Galapago - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457} O42 - Logiciel: Geoplan-Geospace version 1.6 - (.Aid-creem.) [HKLM] -- {1AA0F610-7226-4C99-85D7-5E75AFD0D5CE}_is1 O42 - Logiciel: Go-Go Gourmet - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167} O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} O42 - Logiciel: Heroes of Hellas - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380} O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3 O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} O42 - Logiciel: Lexmark - (.Pas de propriétaire.) [HKLM] -- {D2C5E510-BE6D-42CC-9F61-E4F939078474} O42 - Logiciel: Lexmark Barre d'outils - (.Pas de propriétaire.) [HKLM] -- {1017A80C-6F09-4548-A84D-EDD6AC9525F0} O42 - Logiciel: Lexmark S600 Series - (.Lexmark International, Inc..) [HKLM] -- Lexmark S600 Series O42 - Logiciel: Lexmark Tools for Office - (.Pas de propriétaire.) [HKLM] -- {10812DE7-2E57-4740-B226-6B3BE34AF9D7} O42 - Logiciel: Magic Farm - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114717227} O42 - Logiciel: Magic Match Adventures - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11408540} O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan O42 - Logiciel: McAfee SecurityCenter - (.McAfee, Inc..) [HKLM] -- MSC O42 - Logiciel: Mega Manager - (.Megaupload Limited.) [HKLM] -- {3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9} O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: Mozilla Firefox 5.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 5.0 (x86 fr) O42 - Logiciel: Mystery Solitaire - Secret Island - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363} O42 - Logiciel: NCH EN Toolbar - (.NCH EN.) [HKLM] -- NCH_EN Toolbar O42 - Logiciel: NTI Backup Now 5 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403} O42 - Logiciel: NTI Media Maker 8 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC} O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0) - (.Nokia.) [HKLM] -- BC15EA930074932BB2C4B4493C9FD4EA95087D1A O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] -- PhotoFiltre O42 - Logiciel: RadLight MPC DirectShow Filter (remove only) - (.Pas de propriétaire.) [HKLM] -- RadLight MPC DirectShow Filter O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0 O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: SAMSUNG Mobile Composite Device Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Composite Device O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem O42 - Logiciel: SAMSUNG Mobile Modem V2 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem V2 O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0 O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem O42 - Logiciel: SAMSUNG SYMBIAN USB Download Driver - (.SAMSUNG Electronics CO,.LTD.) [HKLM] -- {D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65} O42 - Logiciel: SAMSUNG USB Mobile Device Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG USB Mobile Device O42 - Logiciel: Samsung Mobile Modem Device Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile Modem Device O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD0DE453-0804-4495-9C91-33D0F9AA5463} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870 O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD907315-705A-4475-A1A0-2A1245803E4D} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A0173254-F442-4D04-9154-43FA157B83D0} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1} O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870 O42 - Logiciel: Shareaza 2.4.0.0 - (.Shareaza Development Team.) [HKLM] -- Shareaza_is1 O42 - Logiciel: Stellarium 0.10.6.1 - (.Pas de propriétaire.) [HKLM] -- Stellarium_is1 O42 - Logiciel: The K-Ball (remove only) - (.Pas de propriétaire.) [HKLM] -- The K-Ball O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A} O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4} O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF} O42 - Logiciel: Upgrade Kit - (.Acer Inc..) [HKLM] -- {1D0FDD6D-3C5E-4588-8ED0-02DC88014BF2} O42 - Logiciel: Veetle TV 0.9.18 - (.Veetle, Inc.) [HKLM] -- Veetle TV O42 - Logiciel: Veoh Web Player - (.Veoh Networks, Inc..) [HKLM] -- Veoh Web Player Beta O42 - Logiciel: Wakfu - (.Ankama Games.) [HKLM] -- Wakfu O42 - Logiciel: WavePad Sound Editor - (.NCH Software.) [HKLM] -- WavePad O42 - Logiciel: WinPcap 4.0.2 - (.CACE Technologies.) [HKLM] -- WinPcapInst O42 - Logiciel: eSobi v2 - (.esobi Inc..) [HKLM] -- InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA} O42 - Logiciel: uTorrentBar_FR Toolbar - (.uTorrentBar_FR.) [HKLM] -- uTorrentBar_FR Toolbar O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent ---\\ HKCU & HKLM Software Keys [HKCU\Software\8.1] [HKCU\Software\ABBYY] [HKCU\Software\AVS4YOU] [HKCU\Software\Acer] [HKCU\Software\Ad-Remover] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Aurigma] [HKCU\Software\AppDataLow\Google] [HKCU\Software\AppDataLow\Software\Adobe] [HKCU\Software\AppDataLow\Software\DivX] [HKCU\Software\AppDataLow\Software\Google] [HKCU\Software\AppDataLow\Software\Macromedia] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\NCH_EN] [HKCU\Software\AppDataLow\Software\uTorrentBar_FR] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Audacity] [HKCU\Software\Avira] [HKCU\Software\Billeo] [HKCU\Software\BitTorrent] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CyberLink] [HKCU\Software\DivXNetworks] [HKCU\Software\DivX] [HKCU\Software\Full Tilt Poker.fr] [HKCU\Software\Geoplace] [HKCU\Software\Google] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IM Providers] [HKCU\Software\JavaSoft] [HKCU\Software\LexmarkInkjet] [HKCU\Software\LexmarkPhoto] [HKCU\Software\Lexmark] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\McAfee] [HKCU\Software\Megaupload] [HKCU\Software\Meridian93] [HKCU\Software\Mobileleader] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\NCH Software] [HKCU\Software\NCH Swift Sound] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Netscape] [HKCU\Software\Northcode Inc] [HKCU\Software\ODBC] [HKCU\Software\OEM Upgrade Kit] [HKCU\Software\Oberon Media] [HKCU\Software\OpenOffice.org] [HKCU\Software\PDFCreator] [HKCU\Software\PTP] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\RadLight MPC DirectShow Filter] [HKCU\Software\RealNetworks] [HKCU\Software\Realtek] [HKCU\Software\S3R521] [HKCU\Software\Samsung] [HKCU\Software\SaxoUpnBackup] [HKCU\Software\Shareaza] [HKCU\Software\Softonic] [HKCU\Software\SuperSoftwarePackage] [HKCU\Software\Svetozor] [HKCU\Software\The K-Ball] [HKCU\Software\Trend Micro] [HKCU\Software\Trolltech] [HKCU\Software\Veetle] [HKCU\Software\Veoh] [HKCU\Software\Wow6432Node] [HKCU\Software\Xilisoft] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\eSobi] [HKCU\Software\ej-technologies] [HKLM\Software\ABBYY] [HKLM\Software\ATI Technologies] [HKLM\Software\AVS4YOU] [HKLM\Software\Acer Inc.] [HKLM\Software\Acer Incorporated] [HKLM\Software\Acer] [HKLM\Software\Adobe] [HKLM\Software\America Online] [HKLM\Software\Ankama] [HKLM\Software\AppDataLow] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Avira] [HKLM\Software\CDDB] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\Cyberlink] [HKLM\Software\DEVGURU] [HKLM\Software\Digital River] [HKLM\Software\DivXNetworks] [HKLM\Software\DivX] [HKLM\Software\Dofus 2] [HKLM\Software\EgisTec Egis Software Update] [HKLM\Software\EgisTec] [HKLM\Software\Facemoi] [HKLM\Software\Full Tilt Poker] [HKLM\Software\Google] [HKLM\Software\Hauppauge] [HKLM\Software\IVT Corporation] [HKLM\Software\Intel Corporation] [HKLM\Software\Intel] [HKLM\Software\Interface] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\LexmarkInkjet] [HKLM\Software\Lexmark] [HKLM\Software\Licenses] [HKLM\Software\MCCI] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MarkAny] [HKLM\Software\McAfee.com] [HKLM\Software\McAfee] [HKLM\Software\Megaupload Limited] [HKLM\Software\Megaupload] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NCH Software] [HKLM\Software\NCH Swift Sound] [HKLM\Software\NCH_EN] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\NewTech Infosystems] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Oberon Media] [HKLM\Software\OemSetup] [HKLM\Software\OpenOffice.org] [HKLM\Software\PC Connectivity Solution] [HKLM\Software\PCSuite] [HKLM\Software\PDFCreator] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\RealNetworks] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\RichFX] [HKLM\Software\SRS Labs] [HKLM\Software\Samsung] [HKLM\Software\Shareaza] [HKLM\Software\SiteAdvisor] [HKLM\Software\Sonic] [HKLM\Software\Sun Microsystems] [HKLM\Software\Symantec] [HKLM\Software\TrendMicro] [HKLM\Software\Uniblue] [HKLM\Software\Veetle] [HKLM\Software\Veoh] [HKLM\Software\VideoLAN] [HKLM\Software\Volatile] [HKLM\Software\Waves Audio] [HKLM\Software\WinPcap] [HKLM\Software\Windows] [HKLM\Software\Wow6432Node] [HKLM\Software\X-AVCSD] [HKLM\Software\Xing Technology Corp.] [HKLM\Software\mozilla.org] [HKLM\Software\uTorrentBar_FR] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 17/08/2010 - 17:20:26 - [6168213] ----D- C:\Program Files\Acer O43 - CFD: 16/04/2011 - 18:44:48 - [0] ----D- C:\Program Files\Babylon O43 - CFD: 24/03/2011 - 23:28:06 - [7202648] ----D- C:\Program Files\CCleaner O43 - CFD: 17/08/2010 - 17:20:28 - [79580198] ----D- C:\Program Files\Common Files O43 - CFD: 17/08/2010 - 17:20:28 - [930272] ----D- C:\Program Files\DIFX O43 - CFD: 06/06/2011 - 15:53:18 - [5953856] ----D- C:\Program Files\DivX O43 - CFD: 05/03/2011 - 00:34:58 - [90256916] ----D- C:\Program Files\DVD Maker O43 - CFD: 18/08/2010 - 09:06:00 - [0] -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 17/08/2010 - 17:20:28 - [2909912] ----D- C:\Program Files\Google O43 - CFD: 17/08/2010 - 17:20:28 - [0] ----D- C:\Program Files\Intel O43 - CFD: 11/07/2011 - 19:02:56 - [6201464] ----D- C:\Program Files\Internet Explorer O43 - CFD: 17/10/2010 - 11:15:46 - [5598502] ----D- C:\Program Files\Lexmark O43 - CFD: 17/10/2010 - 11:12:38 - [638976] ----D- C:\Program Files\Lexmark Printable Web O43 - CFD: 17/10/2010 - 11:16:52 - [86797720] ----D- C:\Program Files\Lexmark S600 Series O43 - CFD: 17/10/2010 - 11:14:58 - [1098408] ----D- C:\Program Files\Lexmark Toolbar O43 - CFD: 17/10/2010 - 11:15:02 - [302237] ----D- C:\Program Files\Lexmark Tools for Office O43 - CFD: 17/08/2010 - 17:20:28 - [12518213] ----D- C:\Program Files\McAfee O43 - CFD: 17/08/2010 - 17:20:28 - [149237810] ----D- C:\Program Files\Microsoft Games O43 - CFD: 17/08/2010 - 17:20:28 - [1141526] ----D- C:\Program Files\Microsoft Office O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 17/08/2010 - 17:17:22 - [51734760] ----D- C:\Program Files\NVIDIA Corporation O43 - CFD: 17/08/2010 - 17:16:00 - [12124476] ----D- C:\Program Files\Realtek O43 - CFD: 14/07/2009 - 07:32:40 - [36912297] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 17/08/2010 - 17:20:30 - [2698304] ----D- C:\Program Files\SAMSUNG O43 - CFD: 14/07/2009 - 07:09:28 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 17/08/2010 - 17:20:30 - [0] ----D- C:\Program Files\Windows Calendar O43 - CFD: 17/08/2010 - 17:20:30 - [0] ----D- C:\Program Files\Windows Collaboration O43 - CFD: 05/03/2011 - 00:34:52 - [4039680] ----D- C:\Program Files\Windows Defender O43 - CFD: 05/03/2011 - 00:34:56 - [9224824] ----D- C:\Program Files\Windows Journal O43 - CFD: 05/03/2011 - 00:34:58 - [6667776] ----D- C:\Program Files\Windows Mail O43 - CFD: 05/03/2011 - 00:34:56 - [7687085] ----D- C:\Program Files\Windows Media Player O43 - CFD: 18/08/2010 - 09:06:00 - [12627636] ----D- C:\Program Files\Windows NT O43 - CFD: 17/08/2010 - 17:20:32 - [0] ----D- C:\Program Files\Windows Photo Gallery O43 - CFD: 05/03/2011 - 00:34:56 - [5516056] ----D- C:\Program Files\Windows Photo Viewer O43 - CFD: 05/03/2011 - 00:34:56 - [244736] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 05/03/2011 - 00:34:58 - [8315018] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 17/08/2010 - 17:20:28 - [1600350] ----D- C:\Program Files\Common Files\McAfee O43 - CFD: 06/10/2010 - 22:28:42 - [65174087] ----D- C:\Program Files\Common Files\Microsoft Shared O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 14/07/2009 - 05:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 14/07/2009 - 17:24:10 - [12194291] ----D- C:\Program Files\Common Files\System O43 - CFD: 17/08/2010 - 17:27:56 - [19484] ----D- C:\ProgramData\Acer GameZone Console O43 - CFD: 09/10/2010 - 10:38:20 - [55470421] ----D- C:\ProgramData\Adobe O43 - CFD: 05/10/2010 - 18:15:26 - [16880640] ----D- C:\ProgramData\Apple O43 - CFD: 05/10/2010 - 18:16:20 - [26921472] ----D- C:\ProgramData\Apple Computer O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 31/12/2010 - 00:22:50 - [110631207] ----D- C:\ProgramData\Avira O43 - CFD: 17/08/2010 - 17:27:56 - [0] ----D- C:\ProgramData\AVS4YOU O43 - CFD: 17/08/2010 - 17:27:56 - [15462] ----D- C:\ProgramData\Bluetooth O43 - CFD: 18/08/2010 - 09:06:00 - [0] -SH-D- C:\ProgramData\Bureau O43 - CFD: 17/08/2010 - 17:27:56 - [158661] ----D- C:\ProgramData\CyberLink O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 06/06/2011 - 15:53:22 - [5246239] ----D- C:\ProgramData\DivX O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 17/08/2010 - 17:27:56 - [0] ----D- C:\ProgramData\EgisTec O43 - CFD: 18/08/2010 - 10:14:32 - [420] ----D- C:\ProgramData\eSobi O43 - CFD: 17/10/2010 - 11:41:24 - [272] ----D- C:\ProgramData\Ezprint O43 - CFD: 18/08/2010 - 09:06:00 - [0] -SH-D- C:\ProgramData\Favoris O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 17/08/2010 - 17:27:56 - [25424] ----D- C:\ProgramData\Friends Games O43 - CFD: 17/08/2010 - 17:27:56 - [539892] ----D- C:\ProgramData\Google O43 - CFD: 17/08/2010 - 17:27:56 - [132] ----D- C:\ProgramData\InstallShield O43 - CFD: 09/08/2011 - 19:24:34 - [13838] ----D- C:\ProgramData\Lx_cats O43 - CFD: 17/08/2010 - 17:27:56 - [7196066] ----D- C:\ProgramData\Malwarebytes O43 - CFD: 17/08/2010 - 17:28:04 - [356715382] ----D- C:\ProgramData\McAfee O43 - CFD: 03/07/2011 - 19:49:26 - [845] ----D- C:\ProgramData\McAfee Security Scan O43 - CFD: 18/08/2010 - 09:06:00 - [0] -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 17/08/2010 - 17:28:04 - [4289589] ----D- C:\ProgramData\Meridian93 O43 - CFD: 01/03/2011 - 11:52:42 - [118493050] -S--D- C:\ProgramData\Microsoft O43 - CFD: 16/06/2011 - 22:50:34 - [57688] ----D- C:\ProgramData\Microsoft Help O43 - CFD: 18/08/2010 - 09:06:00 - [0] -SH-D- C:\ProgramData\Modèles O43 - CFD: 12/04/2011 - 19:55:34 - [0] ----D- C:\ProgramData\NCH Swift Sound O43 - CFD: 15/07/2011 - 22:08:00 - [155] ----D- C:\ProgramData\Norton O43 - CFD: 17/08/2010 - 17:28:14 - [913649] ----D- C:\ProgramData\NortonInstaller O43 - CFD: 17/08/2010 - 17:28:14 - [276461] ----D- C:\ProgramData\NVIDIA O43 - CFD: 17/08/2010 - 17:28:14 - [0] ----D- C:\ProgramData\PC Suite O43 - CFD: 19/09/2010 - 16:49:46 - [1037712] ----D- C:\ProgramData\Real O43 - CFD: 17/08/2010 - 17:28:14 - [36] ----D- C:\ProgramData\SiteAdvisor O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 17/08/2010 - 17:28:14 - [364] ----D- C:\ProgramData\Sun O43 - CFD: 15/07/2011 - 22:07:58 - [155] ----D- C:\ProgramData\Symantec O43 - CFD: 28/02/2011 - 22:47:40 - [163911] ---AD- C:\ProgramData\Temp O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 03/12/2010 - 22:01:18 - [0] -SH-D- C:\Users\famille\AppData\Roaming\.# O43 - CFD: 17/08/2010 - 17:35:44 - [29536] ----D- C:\Users\famille\AppData\Roaming\Acer GameZone Console O43 - CFD: 17/08/2010 - 17:35:44 - [5763790] ----D- C:\Users\famille\AppData\Roaming\Adobe O43 - CFD: 05/02/2011 - 13:35:24 - [6829044] ----D- C:\Users\famille\AppData\Roaming\AnVi O43 - CFD: 17/08/2010 - 17:35:44 - [4480] ----D- C:\Users\famille\AppData\Roaming\app O43 - CFD: 10/12/2010 - 18:18:16 - [0] ----D- C:\Users\famille\AppData\Roaming\Apple Computer O43 - CFD: 17/08/2010 - 17:35:44 - [1251] ----D- C:\Users\famille\AppData\Roaming\Audacity O43 - CFD: 31/12/2010 - 00:27:32 - [0] ----D- C:\Users\famille\AppData\Roaming\Avira O43 - CFD: 17/08/2010 - 17:35:44 - [65079] ----D- C:\Users\famille\AppData\Roaming\AVS4YOU O43 - CFD: 17/08/2010 - 17:35:44 - [116430] ----D- C:\Users\famille\AppData\Roaming\CyberLink O43 - CFD: 06/03/2011 - 14:43:26 - [220216] ----D- C:\Users\famille\AppData\Roaming\DivX O43 - CFD: 13/07/2011 - 14:26:04 - [148361756] ----D- C:\Users\famille\AppData\Roaming\Dofus 2 O43 - CFD: 05/07/2011 - 13:44:50 - [0] ----D- C:\Users\famille\AppData\Roaming\Dofus-10.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 17/08/2010 - 17:35:46 - [5367] ----D- C:\Users\famille\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 17/08/2010 - 17:35:46 - [36] ----D- C:\Users\famille\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 05/07/2011 - 13:36:06 - [0] ----D- C:\Users\famille\AppData\Roaming\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 05/07/2011 - 13:38:52 - [0] ----D- C:\Users\famille\AppData\Roaming\Dofus-5.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 05/07/2011 - 13:39:10 - [0] ----D- C:\Users\famille\AppData\Roaming\Dofus-6.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 05/07/2011 - 13:39:34 - [0] ----D- C:\Users\famille\AppData\Roaming\Dofus-7.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 05/07/2011 - 13:40:16 - [0] ----D- C:\Users\famille\AppData\Roaming\Dofus-8.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 05/07/2011 - 13:42:00 - [0] ----D- C:\Users\famille\AppData\Roaming\Dofus-9.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 17/08/2010 - 17:35:46 - [2682] ----D- C:\Users\famille\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 17/07/2011 - 19:05:20 - [199] ----D- C:\Users\famille\AppData\Roaming\dvdcss O43 - CFD: 17/08/2010 - 17:35:46 - [0] ----D- C:\Users\famille\AppData\Roaming\eSobi O43 - CFD: 17/08/2010 - 17:35:46 - [827] ----D- C:\Users\famille\AppData\Roaming\Go Go Gourmet O43 - CFD: 17/08/2010 - 17:35:46 - [0] ----D- C:\Users\famille\AppData\Roaming\Google O43 - CFD: 17/08/2010 - 17:35:46 - [6610] ----D- C:\Users\famille\AppData\Roaming\HomeMedia Connect O43 - CFD: 17/08/2010 - 17:35:46 - [0] ----D- C:\Users\famille\AppData\Roaming\Identities O43 - CFD: 17/08/2010 - 17:35:46 - [0] ----D- C:\Users\famille\AppData\Roaming\InstallShield O43 - CFD: 17/08/2010 - 17:35:46 - [2023471] ----D- C:\Users\famille\AppData\Roaming\Macromedia O43 - CFD: 17/08/2010 - 17:36:08 - [12308085] ----D- C:\Users\famille\AppData\Roaming\Malwarebytes O43 - CFD: 14/07/2009 - 17:35:06 - [0] ----D- C:\Users\famille\AppData\Roaming\Media Center Programs O43 - CFD: 17/08/2010 - 17:36:08 - [639907] ----D- C:\Users\famille\AppData\Roaming\Megaupload O43 - CFD: 17/08/2010 - 17:36:08 - [45097] ----D- C:\Users\famille\AppData\Roaming\Meridian93 O43 - CFD: 20/03/2011 - 19:55:38 - [4335445] -S--D- C:\Users\famille\AppData\Roaming\Microsoft O43 - CFD: 17/08/2010 - 17:36:12 - [16550115] ----D- C:\Users\famille\AppData\Roaming\Mozilla O43 - CFD: 05/04/2011 - 19:56:04 - [110592] ----D- C:\Users\famille\AppData\Roaming\NCH Software O43 - CFD: 12/04/2011 - 19:55:34 - [0] ----D- C:\Users\famille\AppData\Roaming\NCH Swift Sound O43 - CFD: 17/08/2010 - 17:36:12 - [2820044] ----D- C:\Users\famille\AppData\Roaming\OpenOffice.org O43 - CFD: 17/08/2010 - 17:36:12 - [354] ----D- C:\Users\famille\AppData\Roaming\PC Suite O43 - CFD: 17/08/2010 - 17:36:12 - [6605] ----D- C:\Users\famille\AppData\Roaming\Power Sound Editor Free O43 - CFD: 17/08/2010 - 17:36:14 - [6299864] ----D- C:\Users\famille\AppData\Roaming\PowerCinema O43 - CFD: 19/09/2010 - 16:49:46 - [3169139] ----D- C:\Users\famille\AppData\Roaming\Real O43 - CFD: 17/08/2010 - 17:36:14 - [0] ----D- C:\Users\famille\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 17/09/2010 - 19:10:10 - [121] ----D- C:\Users\famille\AppData\Roaming\Registry Mechanic O43 - CFD: 17/08/2010 - 17:36:14 - [3527194] ----D- C:\Users\famille\AppData\Roaming\Samsung O43 - CFD: 17/08/2010 - 17:36:16 - [17354841] ----D- C:\Users\famille\AppData\Roaming\Shareaza O43 - CFD: 17/08/2010 - 17:36:16 - [6559] ----D- C:\Users\famille\AppData\Roaming\SoftDMA O43 - CFD: 22/02/2011 - 22:41:24 - [142572] ----D- C:\Users\famille\AppData\Roaming\Stellarium O43 - CFD: 17/08/2010 - 17:36:16 - [13824] ----D- C:\Users\famille\AppData\Roaming\Template O43 - CFD: 14/01/2011 - 19:01:48 - [334234] ----D- C:\Users\famille\AppData\Roaming\Uniblue O43 - CFD: 08/08/2011 - 23:08:34 - [1756254] ----D- C:\Users\famille\AppData\Roaming\uTorrent O43 - CFD: 09/08/2011 - 19:25:40 - [2136662] ----D- C:\Users\famille\AppData\Roaming\vlc O43 - CFD: 17/08/2010 - 17:35:20 - [0] ----D- C:\Users\famille\AppData\Local\Acer Arcade Deluxe O43 - CFD: 09/10/2010 - 10:38:00 - [135791402] ----D- C:\Users\famille\AppData\Local\Adobe O43 - CFD: 05/10/2010 - 18:15:26 - [0] ----D- C:\Users\famille\AppData\Local\Apple O43 - CFD: 17/08/2010 - 17:18:36 - [0] -SH-D- C:\Users\famille\AppData\Local\Application Data O43 - CFD: 17/08/2010 - 17:35:20 - [485047] ----D- C:\Users\famille\AppData\Local\cache O43 - CFD: 17/08/2010 - 17:35:20 - [23241603] ----D- C:\Users\famille\AppData\Local\CyberLink O43 - CFD: 06/03/2011 - 14:33:52 - [272] ----D- C:\Users\famille\AppData\Local\DDMSettings O43 - CFD: 12/07/2011 - 13:41:30 - [379109] ----D- C:\Users\famille\AppData\Local\Diagnostics O43 - CFD: 17/08/2010 - 17:35:22 - [116241582] ----D- C:\Users\famille\AppData\Local\Downloaded Installations O43 - CFD: 17/08/2010 - 17:35:22 - [182] ----D- C:\Users\famille\AppData\Local\EgisTec O43 - CFD: 17/08/2010 - 17:35:22 - [873349] ----D- C:\Users\famille\AppData\Local\FullTiltPoker.fr O43 - CFD: 06/08/2011 - 20:08:26 - [6567080] ----D- C:\Users\famille\AppData\Local\Google O43 - CFD: 17/08/2010 - 17:18:36 - [0] -SH-D- C:\Users\famille\AppData\Local\Historique O43 - CFD: 24/06/2011 - 21:19:48 - [486401624] ----D- C:\Users\famille\AppData\Local\Microsoft O43 - CFD: 17/08/2010 - 17:35:28 - [1811560] ----D- C:\Users\famille\AppData\Local\Microsoft Games O43 - CFD: 17/08/2010 - 17:35:28 - [84923453] ----D- C:\Users\famille\AppData\Local\Mozilla O43 - CFD: 17/08/2010 - 17:35:36 - [171312728] ----D- C:\Users\famille\AppData\Local\Oberon Games O43 - CFD: 17/08/2010 - 17:35:36 - [6949] ----D- C:\Users\famille\AppData\Local\PlayMovie O43 - CFD: 17/08/2010 - 17:35:36 - [0] ----D- C:\Users\famille\AppData\Local\Real O43 - CFD: 17/08/2010 - 17:35:36 - [9599371065] ----D- C:\Users\famille\AppData\Local\Shareaza O43 - CFD: 09/08/2011 - 21:12:10 - [662644] ----D- C:\Users\famille\AppData\Local\Temp O43 - CFD: 17/08/2010 - 17:18:36 - [0] -SH-D- C:\Users\famille\AppData\Local\Temporary Internet Files O43 - CFD: 17/08/2010 - 17:35:36 - [83882] ----D- C:\Users\famille\AppData\Local\VirtualStore O43 - CFD: 17/10/2010 - 11:54:22 - [121148212] ----D- C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint O43 - CFD: 17/08/2010 - 17:21:22 - [223662572] ----D- C:\Program Files (x86)\Acer Arcade Deluxe O43 - CFD: 17/08/2010 - 17:21:58 - [552085922] ----D- C:\Program Files (x86)\Acer GameZone O43 - CFD: 17/08/2010 - 17:21:58 - [0] ----D- C:\Program Files (x86)\Acer Incorporated O43 - CFD: 09/08/2011 - 19:50:54 - [211755948] ----D- C:\Program Files (x86)\Ad-Remover O43 - CFD: 09/10/2010 - 10:38:16 - [244881332] ----D- C:\Program Files (x86)\Adobe O43 - CFD: 05/10/2010 - 18:15:26 - [2221118] ----D- C:\Program Files (x86)\Apple Software Update O43 - CFD: 31/12/2010 - 00:22:50 - [138343587] ----D- C:\Program Files (x86)\Avira O43 - CFD: 17/08/2010 - 17:22:02 - [48186866] ----D- C:\Program Files (x86)\AVS4YOU O43 - CFD: 16/04/2011 - 18:25:20 - [0] ----D- C:\Program Files (x86)\Babylon O43 - CFD: 14/07/2011 - 23:38:56 - [897480624] ----D- C:\Program Files (x86)\Common Files O43 - CFD: 17/08/2010 - 17:23:22 - [795721418] ----D- C:\Program Files (x86)\CyberLink O43 - CFD: 06/06/2011 - 15:53:22 - [23619868] ----D- C:\Program Files (x86)\DivX O43 - CFD: 17/08/2010 - 17:24:40 - [170833096] ----D- C:\Program Files (x86)\Dofus O43 - CFD: 05/07/2011 - 15:17:20 - [971060062] ----D- C:\Program Files (x86)\Dofus 2 O43 - CFD: 17/08/2010 - 17:25:56 - [33770599] ----D- C:\Program Files (x86)\EgisTec O43 - CFD: 17/08/2010 - 17:26:00 - [1636481] ----D- C:\Program Files (x86)\EgisTec Egis Software Update O43 - CFD: 17/08/2010 - 17:26:00 - [23098163] ----D- C:\Program Files (x86)\eSobi O43 - CFD: 07/09/2010 - 16:17:06 - [60442330] ----D- C:\Program Files (x86)\Full Tilt Poker.Fr O43 - CFD: 01/11/2010 - 11:19:04 - [8262305] ----D- C:\Program Files (x86)\Geoplan-Geospace O43 - CFD: 01/06/2011 - 18:10:04 - [344843805] ----D- C:\Program Files (x86)\Google O43 - CFD: 17/08/2010 - 17:26:28 - [121674753] --H-D- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 17/08/2010 - 17:26:28 - [61793884] ----D- C:\Program Files (x86)\Intel O43 - CFD: 11/07/2011 - 19:02:56 - [6967044] ----D- C:\Program Files (x86)\Internet Explorer O43 - CFD: 17/08/2010 - 17:26:32 - [84] ----D- C:\Program Files (x86)\IVT Corporation O43 - CFD: 14/07/2011 - 23:36:06 - [89486643] ----D- C:\Program Files (x86)\Java O43 - CFD: 17/08/2010 - 17:26:34 - [16664352] ----D- C:\Program Files (x86)\JRE O43 - CFD: 17/10/2010 - 11:12:24 - [196608] ----D- C:\Program Files (x86)\Lexmark O43 - CFD: 17/10/2010 - 11:12:40 - [40115] ----D- C:\Program Files (x86)\Lexmark Fax Solutions O43 - CFD: 17/10/2010 - 11:14:56 - [53201585] ----D- C:\Program Files (x86)\Lexmark S600 Series O43 - CFD: 17/10/2010 - 11:12:52 - [2315014] ----D- C:\Program Files (x86)\Lexmark Toolbar O43 - CFD: 09/08/2011 - 19:54:42 - [6966784] ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware O43 - CFD: 28/04/2011 - 08:57:00 - [235481954] ----D- C:\Program Files (x86)\McAfee O43 - CFD: 05/04/2011 - 17:08:52 - [9454922] ----D- C:\Program Files (x86)\McAfee Security Scan O43 - CFD: 17/08/2010 - 17:26:54 - [2219977] ----D- C:\Program Files (x86)\McAfee.com O43 - CFD: 17/08/2010 - 17:26:54 - [7366368] ----D- C:\Program Files (x86)\Megaupload O43 - CFD: 06/10/2010 - 22:28:36 - [1568171] ----D- C:\Program Files (x86)\Microsoft O43 - CFD: 17/08/2010 - 17:26:54 - [44362382] ----D- C:\Program Files (x86)\Microsoft Money O43 - CFD: 11/07/2011 - 19:00:02 - [378078823] ----D- C:\Program Files (x86)\Microsoft Office O43 - CFD: 17/08/2010 - 17:27:04 - [7791803] ----D- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant O43 - CFD: 17/06/2011 - 18:03:46 - [38411899] ----D- C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 17/08/2010 - 17:27:06 - [1829877] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 17/08/2010 - 17:27:06 - [2188837] ----D- C:\Program Files (x86)\Microsoft Sync Framework O43 - CFD: 16/12/2010 - 00:32:44 - [145421942] ----D- C:\Program Files (x86)\Microsoft Works O43 - CFD: 18/08/2010 - 09:08:16 - [8167779] ----D- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 08/08/2011 - 22:18:12 - [36377194] ----D- C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files (x86)\MSBuild O43 - CFD: 24/09/2009 - 22:50:36 - [0] ----D- C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 05/04/2011 - 19:55:50 - [494592] ----D- C:\Program Files (x86)\NCH Software O43 - CFD: 05/04/2011 - 23:23:30 - [6271704] ----D- C:\Program Files (x86)\NCH Swift Sound O43 - CFD: 05/04/2011 - 19:55:42 - [4549429] ----D- C:\Program Files (x86)\NCH_EN O43 - CFD: 17/08/2010 - 17:27:12 - [228960687] ----D- C:\Program Files (x86)\NewTech Infosystems O43 - CFD: 15/07/2011 - 22:08:00 - [0] ----D- C:\Program Files (x86)\Norton Security Scan O43 - CFD: 17/08/2010 - 17:27:40 - [385246043] ----D- C:\Program Files (x86)\OpenOffice.org 3 O43 - CFD: 17/08/2010 - 17:27:40 - [15735871] ----D- C:\Program Files (x86)\PC Connectivity Solution O43 - CFD: 22/01/2011 - 17:45:38 - [26925109] ----D- C:\Program Files (x86)\PDFCreator O43 - CFD: 17/08/2010 - 17:27:40 - [3553132] ----D- C:\Program Files (x86)\PhotoFiltre O43 - CFD: 05/10/2010 - 18:16:44 - [76337719] ----D- C:\Program Files (x86)\QuickTime O43 - CFD: 19/09/2010 - 16:48:46 - [90918888] ----D- C:\Program Files (x86)\Real O43 - CFD: 17/08/2010 - 17:27:44 - [4752521] ----D- C:\Program Files (x86)\Realtek O43 - CFD: 14/07/2009 - 07:32:40 - [39257345] ----D- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 17/08/2010 - 17:27:46 - [765947] ----D- C:\Program Files (x86)\Samsung O43 - CFD: 17/08/2010 - 17:27:48 - [34646021] ----D- C:\Program Files (x86)\Shareaza O43 - CFD: 22/02/2011 - 22:39:40 - [69982543] ----D- C:\Program Files (x86)\Stellarium O43 - CFD: 18/08/2010 - 10:13:34 - [0] --H-D- C:\Program Files (x86)\Temp O43 - CFD: 29/08/2010 - 14:06:34 - [69110644] ----D- C:\Program Files (x86)\The K-Ball O43 - CFD: 16/04/2011 - 18:24:24 - [0] ----D- C:\Program Files (x86)\ToolbarInstaller O43 - CFD: 30/12/2010 - 15:51:18 - [1192164] ----D- C:\Program Files (x86)\trend micro O43 - CFD: 14/07/2009 - 06:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information O43 - CFD: 29/12/2010 - 21:00:04 - [395128] ----D- C:\Program Files (x86)\uTorrent O43 - CFD: 29/12/2010 - 21:00:26 - [4135548] ----D- C:\Program Files (x86)\uTorrentBar_FR O43 - CFD: 29/11/2010 - 20:50:40 - [10428379] ----D- C:\Program Files (x86)\Veetle O43 - CFD: 14/01/2011 - 19:00:56 - [31593598] ----D- C:\Program Files (x86)\Veoh Networks O43 - CFD: 17/08/2010 - 17:27:52 - [383588328] ----D- C:\Program Files (x86)\Wakfu O43 - CFD: 17/08/2010 - 17:27:52 - [0] ----D- C:\Program Files (x86)\Windows Calendar O43 - CFD: 21/01/2008 - 05:09:48 - [0] ----D- C:\Program Files (x86)\Windows Collaboration O43 - CFD: 14/07/2009 - 17:24:10 - [524800] ----D- C:\Program Files (x86)\Windows Defender O43 - CFD: 17/08/2010 - 17:27:54 - [151004142] ----D- C:\Program Files (x86)\Windows Live O43 - CFD: 17/08/2010 - 17:27:54 - [245112] ----D- C:\Program Files (x86)\Windows Live SkyDrive O43 - CFD: 05/03/2011 - 00:35:02 - [6181376] ----D- C:\Program Files (x86)\Windows Mail O43 - CFD: 05/03/2011 - 00:35:02 - [5024017] ----D- C:\Program Files (x86)\Windows Media Player O43 - CFD: 14/07/2009 - 07:32:40 - [12197556] ----D- C:\Program Files (x86)\Windows NT O43 - CFD: 17/08/2010 - 17:27:54 - [0] ----D- C:\Program Files (x86)\Windows Photo Gallery O43 - CFD: 05/03/2011 - 00:35:02 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 05/03/2011 - 00:35:02 - [189952] ----D- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 05/03/2011 - 00:35:02 - [5994626] ----D- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 17/08/2010 - 17:27:54 - [196572] ----D- C:\Program Files (x86)\WinPcap O43 - CFD: 09/08/2011 - 21:15:02 - [4005509] ----D- C:\Program Files (x86)\ZHPDiag O43 - CFD: 09/10/2010 - 10:38:22 - [6339706] ----D- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 05/07/2011 - 08:55:16 - [31517343] ----D- C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 05/10/2010 - 18:15:32 - [44307712] ----D- C:\Program Files (x86)\Common Files\Apple O43 - CFD: 17/08/2010 - 17:22:06 - [47920053] ----D- C:\Program Files (x86)\Common Files\AVSMedia O43 - CFD: 17/08/2010 - 17:22:06 - [92976] ----D- C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 06/03/2011 - 14:31:30 - [29547609] ----D- C:\Program Files (x86)\Common Files\DivX Shared O43 - CFD: 17/08/2010 - 17:22:06 - [101672] ----D- C:\Program Files (x86)\Common Files\EgisTec O43 - CFD: 17/08/2010 - 17:22:06 - [5995787] ----D- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 14/07/2011 - 23:38:56 - [1258951] ----D- C:\Program Files (x86)\Common Files\Java O43 - CFD: 17/08/2010 - 17:22:08 - [10673262] ----D- C:\Program Files (x86)\Common Files\McAfee O43 - CFD: 18/06/2011 - 08:57:16 - [253488125] ----D- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 17/08/2010 - 17:22:12 - [354896] ----D- C:\Program Files (x86)\Common Files\Oberon Media O43 - CFD: 17/08/2010 - 17:22:12 - [4740928] ----D- C:\Program Files (x86)\Common Files\PX Storage Engine O43 - CFD: 19/09/2010 - 16:49:06 - [21501404] ----D- C:\Program Files (x86)\Common Files\Real O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files (x86)\Common Files\Services O43 - CFD: 14/07/2009 - 05:20:10 - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 15/07/2011 - 19:50:56 - [0] ----D- C:\Program Files (x86)\Common Files\Symantec Shared O43 - CFD: 14/07/2009 - 17:24:10 - [44257903] ----D- C:\Program Files (x86)\Common Files\System O43 - CFD: 17/08/2010 - 17:22:14 - [353923556] ----D- C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 19/09/2010 - 16:48:42 - [352256] ----D- C:\Program Files (x86)\Common Files\xing shared ~ Scan Program Folder in 00mn 23s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.E292F7CD99DD5C986A16649F4D6886FE] - 09/08/2011 - 20:13:02 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [5194] O44 - LFC:[MD5.400D5BADE6FFEC74A33D285294E8AD31] - 09/08/2011 - 20:13:02 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [189326] O44 - LFC:[MD5.EFD0A2878651A58D0C43EC3F5D69758E] - 09/08/2011 - 20:13:02 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [226410] O44 - LFC:[MD5.2FAB50D2240724D006EC244B5799AEBA] - 09/08/2011 - 20:13:02 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [702978] O44 - LFC:[MD5.401590D995D27B75F53C124F6541195C] - 09/08/2011 - 20:13:02 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [1001620] O44 - LFC:[MD5.E292F7CD99DD5C986A16649F4D6886FE] - 09/08/2011 - 20:13:02 RSHAD . (...) -- C:\Windows\system32\PerfStringBackup.INI [5194] O44 - LFC:[MD5.400D5BADE6FFEC74A33D285294E8AD31] - 09/08/2011 - 20:13:02 RSHAD . (...) -- C:\Windows\system32\perfc009.dat [189326] O44 - LFC:[MD5.EFD0A2878651A58D0C43EC3F5D69758E] - 09/08/2011 - 20:13:02 RSHAD . (...) -- C:\Windows\system32\perfc00C.dat [226410] O44 - LFC:[MD5.2FAB50D2240724D006EC244B5799AEBA] - 09/08/2011 - 20:13:02 RSHAD . (...) -- C:\Windows\system32\perfh009.dat [702978] O44 - LFC:[MD5.401590D995D27B75F53C124F6541195C] - 09/08/2011 - 20:13:02 RSHAD . (...) -- C:\Windows\system32\perfh00C.dat [1001620] O44 - LFC:[MD5.62554C763D4FD46278CE83E1ED8AF083] - 09/08/2011 - 20:09:11 ---A- . (...) -- C:\Windows\SysNative\Config.MPF [8993] O44 - LFC:[MD5.62554C763D4FD46278CE83E1ED8AF083] - 09/08/2011 - 20:09:11 RSHAD . (...) -- C:\Windows\system32\Config.MPF [8993] O44 - LFC:[MD5.2A9D9F7791A30B7178CED8AFA8EBC2E6] - 09/08/2011 - 20:08:44 ---A- . (...) -- C:\Windows\setupact.log [28992] O44 - LFC:[MD5.8736CFDAB22201B0C04A0A1C617D1C44] - 09/08/2011 - 20:08:42 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.A5515793A12CB23274DFF45D169E99D2] - 09/08/2011 - 20:07:51 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1874917] O44 - LFC:[MD5.163E4250E95F6524C518D244D742483F] - 09/08/2011 - 18:44:23 ---A- . (...) -- C:\Ad-Report-CLEAN[2].txt [21857] O44 - LFC:[MD5.363067BA6E178585056247DEC88FF826] - 09/08/2011 - 18:38:46 ---A- . (...) -- C:\Ad-Report-SCAN[2].txt [22724] O44 - LFC:[MD5.859A2F3D5BC024F82946C8D014D64A51] - 09/08/2011 - 16:09:01 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/08/2011 - 16:00:27 ---A- . (...) -- C:\Windows\setuperr.log [0] O44 - LFC:[MD5.78E08E032446A25503911845CC1001C2] - 14/07/2011 - 09:15:31 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [369648] O44 - LFC:[MD5.78E08E032446A25503911845CC1001C2] - 14/07/2011 - 09:15:31 RSHAD . (...) -- C:\Windows\system32\FNTCACHE.DAT [369648] ~ Scan Files in 01mn 28s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys ~ Scan CSB in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ Scan Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 10/06/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088] O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536] O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864] O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440] O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 28/04/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904] O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 10/06/2009 - 02:52:20 RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128] O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 28/04/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008] O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632] O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856] O58 - SDL:[MD5.39C2E2870FC0C2AE0595B883CBE716B4] - 31/12/2010 - 08:48:06 RSHAD . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [83120] O58 - SDL:[MD5.C98FA6E5AD0E857D22716BD2B8B1F399] - 31/12/2010 - 08:48:06 RSHAD . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [116568] O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848] O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 14/07/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432] O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 14/07/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704] O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720] O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104] O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976] O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720] O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480] O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488] O58 - SDL:[MD5.50AD8FC1DC800FF36087994C8F7FDFF2] - 10/06/2009 - 21:35:02 RSHAD . (.Intel Corporation - Intel® Gigabit Network Connection NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\e1y60x64.sys [281088] O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 10/06/2009 - 02:47:48 RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496] O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016] O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 14/07/2009 - 21:31:59 RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232] O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 05/03/2011 - 14:33:35 RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720] O58 - SDL:[MD5.1D004CB1DA6323B1F55CAEF7F94B61D9] - 15/09/2009 - 02:54:36 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStor.sys [408600] O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 28/04/2011 - 07:41:26 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496] O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 13/07/2009 - 02:48:04 RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112] O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752] O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560] O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600] O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776] O58 - SDL:[MD5.9C4FB231B6E02F84580DE2F00F3C5293] - 15/08/2010 - 18:52:42 RSHAD . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [25912] O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 10/06/2009 - 02:48:04 RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392] O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736] O58 - SDL:[MD5.4A1C21576FB7F96F4DBDEA627FFDA775] - 16/09/2009 - 09:22:40 RSHAD . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\Windows\system32\drivers\mfeavfk.sys [102472] O58 - SDL:[MD5.9E0AC52B3232FF8DC65FEE1A9C2FE8D1] - 16/09/2009 - 09:22:40 RSHAD . (.McAfee, Inc. - Host Intrusion Detection Link Driver.) -- C:\Windows\system32\drivers\mfehidk.sys [308296] O58 - SDL:[MD5.624D717B11E5004F68442B5740F17F21] - 21/10/2009 - 09:15:38 RSHAD . (.McAfee, Inc. - VSCore Code Analysis Driver.) -- C:\Windows\system32\drivers\mferkdk.sys [40904] O58 - SDL:[MD5.0CD9DE7B96735F33F078C4EA044E8B34] - 16/09/2009 - 09:22:40 RSHAD . (.McAfee, Inc. - System Monitor Filter Driver.) -- C:\Windows\system32\drivers\mfesmfk.sys [49480] O58 - SDL:[MD5.AE2E68527013EB4F761ECCC630F7F1A3] - 01/04/2009 - 11:32:26 RSHAD . (.McAfee, Inc. - McAfee Personal Firewall Plus Driver.) -- C:\Windows\system32\drivers\Mpfp.sys [176144] O58 - SDL:[MD5.FB3D139AD1AC117B99A16042C1DD02D1] - 01/04/2009 - 11:06:00 RSHAD . (.Egis Incorporated. - PSD Filter Driver.) -- C:\Windows\system32\drivers\mwlPSDFilter.sys [22064] O58 - SDL:[MD5.BF3F82A3EA6FBB6657DFE081A6BA4E2E] - 01/04/2009 - 11:06:00 RSHAD . (.Egis Incorporated. - MyWinLocker PSD Named Pipe Driver.) -- C:\Windows\system32\drivers\mwlPSDNserv.sys [20528] O58 - SDL:[MD5.DA24873DCB2891805692A03BAD1E34B4] - 01/04/2009 - 11:06:00 RSHAD . (.Egis Incorporated. - MyWinLocker PSD Virtual Disk Driver.) -- C:\Windows\system32\drivers\mwlPSDVDisk.sys [59952] O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 13/07/2009 - 02:48:26 RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264] O58 - SDL:[MD5.3CEEE0BE85D24D911B9C02714817774C] - 19/10/2009 - 21:23:14 RSHAD . (.CACE Technologies - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\system32\drivers\npf.sys [40464] O58 - SDL:[MD5.7D397449AAF52B0E7C79B64F6AD4473E] - 01/04/2009 - 10:48:32 RSHAD . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\Windows\system32\drivers\NTIDrvr.sys [16384] O58 - SDL:[MD5.AAF5559039E99D0CC22E25255F3DC06E] - 03/04/2010 - 21:55:32 RSHAD . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 197.45.) -- C:\Windows\system32\drivers\nvlddmkm.sys [13807976] O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 28/04/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352] O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 28/04/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272] O58 - SDL:[MD5.81B5E63131090879AD6EF9F32109B88D] - 20/12/2009 - 15:53:34 RSHAD . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\Windows\system32\drivers\pccsmcfdx64.sys [29184] O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 10/06/2009 - 02:45:46 RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816] O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 13/07/2009 - 02:45:45 RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592] O58 - SDL:[MD5.D8BCE8176CB1084C6F5830C019D47166] - 18/08/2010 - 10:19:02 RSHAD . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [1824672] O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 14/07/2009 - 21:37:19 RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040] O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 10/06/2009 - 02:45:45 RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584] O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 13/07/2009 - 02:45:46 RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464] O58 - SDL:[MD5.1612881760C9DF7FBB09B6CF1D3BA0DF] - 20/12/2009 - 17:02:12 RSHAD . (.MCCI Corporation - SAMSUNG USB Composite Device Driver.) -- C:\Windows\system32\drivers\sscdbus.sys [105128] O58 - SDL:[MD5.F46C5FAE7CB3C9AC981443EC4E66830A] - 20/12/2009 - 17:02:52 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscdcm.sys [11944] O58 - SDL:[MD5.F46C5FAE7CB3C9AC981443EC4E66830A] - 20/12/2009 - 17:02:52 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscdcmnt.sys [11944] O58 - SDL:[MD5.D7803A687E85189EA2B525CC22093521] - 20/12/2009 - 17:04:16 RSHAD . (.MCCI Corporation - SAMSUNG Mobile Modem Filter Driver.) -- C:\Windows\system32\drivers\sscdmdfl.sys [16040] O58 - SDL:[MD5.06DB3D5EB2444083C7F5AF7874765505] - 20/12/2009 - 17:04:44 RSHAD . (.MCCI Corporation - SAMSUNG Mobile Modem WDM.) -- C:\Windows\system32\drivers\sscdmdm.sys [142504] O58 - SDL:[MD5.74EA7FCEE2A219C200DABBA1DCEB7719] - 20/12/2009 - 17:06:00 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscdwh.sys [12456] O58 - SDL:[MD5.74EA7FCEE2A219C200DABBA1DCEB7719] - 20/12/2009 - 17:06:00 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscdwhnt.sys [12456] O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 02:45:55 RSHAD . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656] O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 20/12/2009 - 09:08:24 RSHAD . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\system32\drivers\TFsExDisk.sys [16392] O58 - SDL:[MD5.00C8CE31657624A125FDB90EFD554371] - 01/04/2009 - 10:48:16 RSHAD . (.NewTech Infosystems Corporation - NTI CDROM Filter Driver.) -- C:\Windows\system32\drivers\UBHelper.sys [16384] O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488] O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 10/06/2009 - 02:45:55 RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872] O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 09/08/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys [41272] O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 20/12/2009 - 17:26:10 ---A- . (...) -- C:\Windows\SysWOW64\drivers\StarOpen.sys [5632] O58 - SDL:[MD5.7455ED832A33FEF453407F5411C3342D] - 08/08/2011 - 12:03:58 ---A- . (.Almico Software - Speed Fan x64 Driver.) -- C:\Windows\SysWOW64\speedfan.sys [25280] ~ Scan Drivers in 00mn 02s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 06/12/2010 - C:\Windows\system32\DRIVERS\avgntflt.sys - No object(No service) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - 06/12/2010 - C:\Windows\system32\DRIVERS\avipbb.sys - No object(No service) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB O64 - Services: CurCS - 16/09/2009 - C:\Windows\system32\drivers\mfeavfk.sys - No object(No service) .(.McAfee, Inc. - Anti-Virus File System Filter Driver.) - LEGACY_MFEAVFK O64 - Services: CurCS - 16/09/2009 - C:\Windows\system32\drivers\mfehidk.sys - No object(No service) .(.McAfee, Inc. - Host Intrusion Detection Link Driver.) - LEGACY_MFEHIDK O64 - Services: CurCS - 16/09/2009 - C:\Windows\system32\drivers\mfesmfk.sys - No object(No service) .(.McAfee, Inc. - System Monitor Filter Driver.) - LEGACY_MFESMFK O64 - Services: CurCS - 16/07/2009 - C:\Windows\system32\Drivers\Mpfp.sys - No object(No service) .(.McAfee, Inc. - McAfee Personal Firewall Plus Driver.) - LEGACY_MPFP O64 - Services: CurCS - 27/10/2008 - C:\Windows\system32\DRIVERS\mwlPSDFilter.sys - No object(No service) .(.Egis Incorporated. - PSD Filter Driver.) - LEGACY_MWLPSDFILTER O64 - Services: CurCS - 27/10/2008 - C:\Windows\system32\DRIVERS\mwlPSDNServ.sys - No object(No service) .(.Egis Incorporated. - MyWinLocker PSD Named Pipe Driver.) - LEGACY_MWLPSDNSERV O64 - Services: CurCS - 27/10/2008 - C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys - No object(No service) .(.Egis Incorporated. - MyWinLocker PSD Virtual Disk Driver.) - LEGACY_MWLPSDVDISK O64 - Services: CurCS - 15/07/2009 - C:\Windows\system32\Drivers\TFsExDisk.sys - No object(No service) .(.Teruten Inc - File System Mini Filter Drvier.) - LEGACY_TFSEXDISK ~ Scan Services in 00mn 01s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - Google O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - Google ~ Scan Keys in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.7E7EB7AFF595774E5E500B34058CC1A7] [sPRF][09/08/2011] (...) -- C:\Users\famille\AppData\Local\Temp\sfamcc00001.dll [192512] [MD5.A4A8CE1C7696B143356208609BA1A4C9] [sPRF][18/12/2010] (...) -- C:\Users\famille\AppData\Local\Temp\sfextra.dll [55296] [MD5.9A14A477431A901A7014ED312E0C6C3C] [sPRF][09/08/2011] (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Users\famille\Desktop\mbam-setup-1.51.1.1800.exe [9466208] [MD5.78E2FA7394A8C4F0F06358627F345FA1] [sPRF][09/08/2011] (...) -- C:\Users\famille\Desktop\RogueKiller.exe [555008] [MD5.BA14B83461F654F1C47BC5B213B27D20] [sPRF][09/08/2011] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\famille\Desktop\ZHPDiag2.exe [2572387] [MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][05/01/2009] (...) -- C:\Windows\Downloaded Program Files\bdcore.dll [32] [MD5.8CE7705CB43B03BB7970B04087C7758F] [sPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [29616] [MD5.01E2ECA759056F23C73A035FDABB2D6D] [sPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [201648] [MD5.61FB16B6016BCC9AA42E02F787DC87FC] [sPRF][26/01/2010] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1955384] [MD5.2B1C4C87EB20ADDBA59DCA975E28DFFB] [sPRF][05/01/2009] (...) -- C:\Windows\Downloaded Program Files\ipsupd.dll [741376] [MD5.0C135B4FEFF52ED92CF08BB3F0A75A90] [sPRF][11/09/2006] (.Macrovision Corporation - Macrovision Software Manager Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [484272] [MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][05/01/2009] (...) -- C:\Windows\Downloaded Program Files\libfn.dll [32] ~ Scan Files in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{DE74A80C-BAC6-4BB2-BBDD-930811DC1001}" | In - None - P6 - TRUE | .(.Acer Incorporated - Acer HomeMedia.) -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe O87 - FAEL: "{354BCED7-34E7-491A-ADB6-D7653C44F022}" | In - None - P6 - TRUE | .(.Acer Corp. - Acer Arcade Deluxe PlayMovie Resident Program.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe O87 - FAEL: "{AACEF52C-B38F-43BD-8E84-F6EC39E77F9B}" | In - None - P6 - TRUE | .(.Acer Corp. - Acer Arcade Deluxe PlayMovie.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe O87 - FAEL: "{BF4046A9-FD78-4E85-8632-00E664A3863C}" | In - None - P6 - TRUE | .(.Acer Incorporated - Acer Arcade Deluxe.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe O87 - FAEL: "{93B1F951-B0D8-4846-B758-E30700A5FA86}" | In - None - P6 - TRUE | .(.CyberLink - CLMSServer.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe O87 - FAEL: "{2A3B36FF-6722-46C4-A97A-5858A5CE6608}" | In - None - P6 - TRUE | .(.CyberLink - CLMSService.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSService.exe O87 - FAEL: "{EBD90117-78D9-484D-B06F-BC9FBF6D5682}" | In - None - P6 - TRUE | .(.CyberLink Corp. - Acer HomeMedia Connect.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\HomeMedia Connect.exe O87 - FAEL: "{0E9B5AD8-4B7C-4046-B6C6-6E378E944651}" | In - Public - P17 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O87 - FAEL: "{0D21AA58-9DC3-4EEA-94C8-58D2EB062942}" | In - Public - P6 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O87 - FAEL: "{BDD67F42-D121-417C-B481-8F0C399722E0}" | In - Public - P17 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O87 - FAEL: "{79BE4C26-1201-473C-BEEF-B6447653C5CA}" | In - Public - P6 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O87 - FAEL: "{669500DC-8ED1-476A-B6D8-C91DA7636EE9}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- C:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe O87 - FAEL: "{CC72602D-8E2C-44F3-9EDF-239C8C7BAC41}" | In - None - P6 - TRUE | .(.McAfee, Inc. - McAfee Network Agent.) -- C:\Program Files (x86)\Common Files\Mcafee\MNA\McNaSvc.exe O87 - FAEL: "{B2141CD5-713B-4A4E-86B4-FA2D51D5D2B1}" | In - None - P6 - TRUE | .(.Pas de propriétaire - Printer Communication System.) -- C:\Windows\system32\lxedcoms.exe O87 - FAEL: "{BDCC5242-9235-45AB-B07F-79278AAD67ED}" | In - None - P6 - TRUE | .(.Pas de propriétaire - Printer Communication System.) -- C:\Windows\system32\LXEDcoms.exe O87 - FAEL: "{F742535C-62F3-40DE-8C32-1EDC0BC03951}" | In - None - P6 - TRUE | .(.Pas de propriétaire - Printer Communication System.) -- C:\Windows\system32\LXEDcoms.exe O87 - FAEL: "{6D480602-DF91-471D-9D00-2E2160D99DEF}" | In - Private - P6 - TRUE | .(.ABBYY (BIT Software) - FineScanManager.) -- C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe O87 - FAEL: "{05D5F926-AA08-42F4-974D-F79130C6F4DC}" | In - Private - P17 - TRUE | .(.ABBYY (BIT Software) - FineScanManager.) -- C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe O87 - FAEL: "{FA8578ED-3C21-42EA-B3BE-404374B55941}" | In - Public - P6 - TRUE | .(.ABBYY (BIT Software) - FineScanManager.) -- C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe O87 - FAEL: "{2A741EAA-DB0F-495D-9D81-94BCAA6FDDA3}" | In - Public - P17 - TRUE | .(.ABBYY (BIT Software) - FineScanManager.) -- C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe O87 - FAEL: "{10B8C1F9-B58E-4BBF-85F4-BC6389497CEF}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe O87 - FAEL: "{0A413918-1EF2-48EC-915A-74DAAA00E737}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe O87 - FAEL: "{D0C76CC9-2278-4378-89AE-8731AD485A74}" | In - Public - P6 - TRUE | .(.Veoh Networks - Veoh Web Player Beta.) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe O87 - FAEL: "{B6A2400E-F182-46C2-8928-0B0DF431FBD4}" | In - Public - P17 - TRUE | .(.Veoh Networks - Veoh Web Player Beta.) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe ~ Scan Firewall in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 8606 - (08/08/2011) Clés trouvées (Keys found) : 21 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 5 Fichiers trouvés (Files found) : 0 [HKLM\Software\Classes\AppID\NCTAudioCDGrabber2.DLL] =>PUP.BearShare [HKLM\Software\Wow6432Node\Classes\AppID\NCTAudioCDGrabber2.DLL] =>PUP.BearShare [HKLM\Software\Classes\pdfforge.DllInfo] => [HKLM\Software\Wow6432Node\Classes\pdfforge.DllInfo] => [HKLM\Software\Classes\pdfforge.PDF.PDF] =>PUP.Dealio [HKLM\Software\Wow6432Node\Classes\pdfforge.PDF.PDF] =>PUP.Dealio [HKLM\Software\Classes\pdfforge.PDF.PDFEncryptor] =>PUP.Dealio [HKLM\Software\Wow6432Node\Classes\pdfforge.PDF.PDFEncryptor] =>PUP.Dealio [HKLM\Software\Classes\pdfforge.PDF.PDFLine] =>PUP.Dealio [HKLM\Software\Wow6432Node\Classes\pdfforge.PDF.PDFLine] =>PUP.Dealio [HKLM\Software\Classes\pdfforge.PDF.PDFText] =>PUP.Dealio [HKLM\Software\Wow6432Node\Classes\pdfforge.PDF.PDFText] =>PUP.Dealio [HKLM\Software\Classes\pdfforge.Tools] =>PUP.Dealio [HKLM\Software\Wow6432Node\Classes\pdfforge.Tools] =>PUP.Dealio [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Agent [HKLM\Software\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}] =>PUP.BearShare [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{fee1002d-90a5-4a5d-aabe-01803ffbcf7a}] =>Adware.DesktopMedia [HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AskSBar [HKCU\Software\AppDataLow\Software\uTorrentBar_FR] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\uTorrentBar_FR] =>Toolbar.Conduit C:\Program Files\Babylon =>Toolbar.Babylon C:\Users\famille\AppData\LocalLow\BabylonToolbar =>Toolbar.Babylon C:\Users\famille\AppData\LocalLow\uTorrentBar_FR =>Toolbar.Conduit C:\Program Files (x86)\Babylon =>Toolbar.Babylon C:\Program Files (x86)\uTorrentBar_FR =>Toolbar.Conduit ~ Scan Additionnel in 00mn 09s ---\\ Recherche détournement de DNS routeur (O89) Serveur : neufbox Address: 192.168.1.1 Nom : www.l.google.com Addresses: 209.85.148.105 209.85.148.106 209.85.148.104 209.85.148.147 209.85.148.99 209.85.148.103 Aliases: www.google.fr www.google.com ~ Scan DNS in 00mn 02s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 31/12/2010 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe SR - | Auto 31/12/2010 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe SR - | Auto 26/07/2009 75048 | (CLHNService) . (...) - C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe SR - | Auto 26/07/2009 58664 | (CyberLink Media Server Monitor Service) . (...) - C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSMonitorService.exe SR - | Auto 26/07/2009 288120 | (CyberLink Media Server Service) . (.CyberLink.) - C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe SS - | Auto 20/10/2009 133104 | (gupdate1ca51b324e09bc0) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 20/10/2009 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 23/09/2009 182768 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Auto 01/04/2009 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe SR - | Auto 14/04/2010 45736 | (lxedCATSCustConnectService) . (.Lexmark International, Inc..) - C:\Windows\system32\spool\DRIVERS\x64\3\lxedserv.exe SR - | Auto 17/10/2010 1052328 | (lxed_device) . (...) - C:\Windows\system32\lxedcoms.exe SR - | Auto 16/02/2011 101048 | (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe SS - | Demand 05/04/2011 227232 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe SR - | Auto 10/07/2009 865832 | (mcmscsvc) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe SR - | Auto 07/07/2009 2482848 | (McNASvc) . (.McAfee, Inc..) - C:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe SS - | Demand 16/09/2009 696848 | (McODS) . (.McAfee, Inc..) - C:\Program Files\McAfee\VirusScan\mcods.exe SR - | Auto 08/07/2009 359952 | (McProxy) . (.McAfee, Inc..) - C:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe SS - | Auto 16/09/2009 155456 | (McShield) . (.McAfee, Inc..) - C:\Program Files\McAfee\VirusScan\Mcshield.exe SR - | Demand 16/09/2009 606736 | (McSysmon) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe SR - | Auto 15/09/2009 894136 | (MpfService) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe SR - | Auto 08/07/2009 26640 | (MSK80Service) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe SR - | Auto 01/04/2009 306736 | (MWLService) . (.EgisTec Inc..) - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe SS - | Demand 01/04/2009 50424 | (NTIBackupSvc) . (.NewTech InfoSystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe SR - | Auto 01/04/2009 144632 | (NTISchedulerSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe SR - | Auto 17/08/2010 159336 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 01/04/2009 247152 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe SS - | Demand 20/12/2009 430592 | (ServiceLayer) . (.Nokia..) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ~ Scan Services in 00mn 06s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover ~ Scan MBR in 00mn 08s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by famille at 09/08/2011 21:17:40 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 10s End of the scan (1413 lines in 03mn 04s)(0)
  7. Par contre concernant Mbam : Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4431 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 15/08/2010 12:11:11 mbam-log-2010-08-15 (12-11-11).txt Type d'examen: Examen complet (C:\|D:\|L:\|) Elément(s) analysé(s): 346943 Temps écoulé: 1 heure(s), 13 minute(s), 56 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 4 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 20 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{549b5ca7-4a86-11d7-a4df-000874180bb3} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{549b5ca7-4a86-11d7-a4df-000874180bb3} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\AnVi (Rogue.AnVi) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus (Rogue.AntiVirus) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wmsdk64_32.exe (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\24d1ca9a-a864-4f7b-86fe-495eb56529d8 (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\7bde84a2-f58f-46ec-9eac-f1f90fead080 (Malware.Trace) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi (Rogue.AntiVirus) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Users\famille\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PI11YB24\5-direct[1].ex (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\Users\famille\AppData\Local\Temp\asd2FF5.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Users\famille\AppData\Local\Temp\dhdhtrdhdrtr5y (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Users\famille\AppData\Local\Temp\expand32xp.dll (Trojan.FakeAV) -> Quarantined and deleted successfully. C:\Users\famille\AppData\Local\Temp\tmp2922.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Users\famille\AppData\Local\Temp\tmp3033.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Users\famille\AppData\Local\Temp\tmpA85F.tmp.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\Users\famille\AppData\Local\Temp\topwesitjh (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Users\famille\Documents\VICTOR\dossier\tmplus\Updater.exe (Rogue.Agent) -> Quarantined and deleted successfully. C:\Users\famille\Downloads\adobeflashplayerv10.0.45.2.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\About.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully. C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\Activate.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully. C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\Antivirus Support.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully. C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\Antivirus.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully. C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\Buy.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully. C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\Scan.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully. C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\Settings.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully. C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\Update.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully. C:\Users\famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antivirus.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully. C:\Users\famille\AppData\Roaming\AnVi\avt.exe (Rogue.AntiVirus) -> Quarantined and deleted successfully. J'ai encore autre chose : Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Version de la base de données: 7418 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 09/08/2011 21:05:39 mbam-log-2011-08-09 (21-05-39).txt Type d'examen: Examen complet (C:\|D:\|L:\|) Elément(s) analysé(s): 371513 Temps écoulé: 58 minute(s), 0 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 3 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\Users\famille\downloads\plugin_vlc.exe (Trojan.Dropper) -> Quarantined and deleted successfully. l:\system volume information\_restore{7b8a76dd-dd2b-4c55-a7a2-f9f2aee1e818}\RP95\A0201999.exe (Riskware.Tool.CK) -> Quarantined and deleted successfully. l:\victor\VICTOR\cheatengine54.exe (Riskware.Tool.CK) -> Quarantined and deleted successfully.
  8. Ensuite le 2eme rapport AD-R (nettoyage): ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: http://www.teamxscript.org C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 19:41:40 le 09/08/2011, Mode normal Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64) famille@PC-DE-FAMILLE (Acer Aspire M3800) ============== ACTION(S) ============== Dossier supprimé: C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default\conduit Dossier supprimé: C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default\ConduitEngine Dossier supprimé: C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default\extensions\engine@conduit.com Fichier supprimé: C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default\searchplugins\conduit.xml Dossier supprimé: C:\Users\famille\AppData\Local\Conduit Dossier supprimé: C:\Users\famille\AppData\LocalLow\Conduit Dossier supprimé: C:\Program Files (x86)\Conduit Dossier supprimé: C:\Users\famille\AppData\LocalLow\ConduitEngine Dossier supprimé: C:\Program Files (x86)\ConduitEngine Dossier supprimé: C:\Users\famille\AppData\Roaming\OpenCandy Dossier supprimé: C:\Users\famille\AppData\Local\OpenCandy Dossier supprimé: C:\Users\famille\AppData\LocalLow\PriceGong (!) -- Fichiers temporaires supprimés. -- Fichier ouvert: C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default\Prefs.js -- Ligne supprimée: user_pref("CommunityToolbar.CantToolbarBeEngineOwner", ""); Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1045667/1041378/FR", "\"0\"... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1194029/1189706/FR", "\"0\"... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1243674/1239347/FR", "\"0\"... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"")... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2801948", ... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2851639", ... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2801948",... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63433363123173... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/27/2... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2801948/CT2801948... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2851639/CT2851639... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/idel.gif", "... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/minimize.gif... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/play.gif", "... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/stop.gif", "... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/vol.gif", "\... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=fr", "\"634... Ligne supprimée: user_pref("CommunityToolbar.EngineOwner", "CT2851639"); Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerGuid", "{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}"); Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar_fr"); Ligne supprimée: user_pref("CommunityToolbar.IsEngineShown", false); Ligne supprimée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); Ligne supprimée: user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://cdn.triplegames.com/shared/apps/gamearcade/ar... Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2851639"); Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}"); Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "utorrentbar_fr"); Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr... Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT2851639,ConduitEngine"); Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "CT2851639,ConduitEngine"); Ligne supprimée: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Wed Apr 06 2011 08:05:29 GMT+02... Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440); Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Jul 10 2011 19:22:06 GMT+0200"); Ligne supprimée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Ligne supprimée: user_pref("CommunityToolbar.alert.firstTimeAlertShown", true); Ligne supprimée: user_pref("CommunityToolbar.alert.locale", "en"); Ligne supprimée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Jul 11 2011 17:54:37 GMT+0200"); Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559"); Ligne supprimée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Ligne supprimée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Ligne supprimée: user_pref("CommunityToolbar.alert.showTrayIcon", false); Ligne supprimée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Ligne supprimée: user_pref("CommunityToolbar.alert.userId", "36984b70-4fe1-4de7-8ba7-a38e3ffc5db0"); Ligne supprimée: user_pref("CommunityToolbar.facebook.sessionKey", "2.eazJvCTPjTUat98zJgGocA__.86400.1300046400-10000... Ligne supprimée: user_pref("CommunityToolbar.facebook.sessionSecret", "LN9wd_v_7TSCCo81BFsf4w__"); Ligne supprimée: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Mar 26 2011 09:18:23 GMT+0100"); Ligne supprimée: user_pref("CommunityToolbar.facebook.userId", "100001568831559"); Ligne supprimée: user_pref("CommunityToolbar.globalUserId", "d2a156be-59d7-40de-99b9-b88e9679981c"); Ligne supprimée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Ligne supprimée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Ligne supprimée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2801948"); Ligne supprimée: user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sat Jul 02 2011 12:11:32 GMT+0200"); Ligne supprimée: user_pref("ConduitEngine.CTID", "ConduitEngine"); Ligne supprimée: user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Wed Apr 06 2011 08:05:28 GMT+0200"); Ligne supprimée: user_pref("ConduitEngine.FirstServerDate", "12/29/2010 22"); Ligne supprimée: user_pref("ConduitEngine.FirstTime", true); Ligne supprimée: user_pref("ConduitEngine.FirstTimeFF3", true); Ligne supprimée: user_pref("ConduitEngine.FixPageNotFoundErrors", false); Ligne supprimée: user_pref("ConduitEngine.HasUserGlobalKeys", true); Ligne supprimée: user_pref("ConduitEngine.Initialize", true); Ligne supprimée: user_pref("ConduitEngine.InitializeCommonPrefs", true); Ligne supprimée: user_pref("ConduitEngine.InstallationType", "UnknownIntegration"); Ligne supprimée: user_pref("ConduitEngine.InstalledDate", "Wed Dec 29 2010 20:04:00 GMT+0100"); Ligne supprimée: user_pref("ConduitEngine.IsMulticommunity", false); Ligne supprimée: user_pref("ConduitEngine.IsOpenThankYouPage", false); Ligne supprimée: user_pref("ConduitEngine.IsOpenUninstallPage", false); Ligne supprimée: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Dec 30 2010 20:04:00 GMT+0100"); Ligne supprimée: user_pref("ConduitEngine.LastLogin_3.2.5.2", "Thu Dec 30 2010 20:30:05 GMT+0100"); Ligne supprimée: user_pref("ConduitEngine.PublisherContainerWidth", 0); Ligne supprimée: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true); Ligne supprimée: user_pref("ConduitEngine.SettingsLastCheckTime", "Wed Apr 06 2011 08:05:27 GMT+0200"); Ligne supprimée: user_pref("ConduitEngine.UserID", "UN78959148571048230"); Ligne supprimée: user_pref("ConduitEngine.engineLocale", "fr"); Ligne supprimée: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Dec 30 2010 20:04:00 GMT+0100"); Ligne supprimée: user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Wed Apr 06 2011 08:05:29 GMT+0200"); Ligne supprimée: user_pref("ConduitEngine.initDone", true); Ligne supprimée: user_pref("ConduitEngine.isAppTrackingManagerOn", true); -- Fichier Fermé -- Clé supprimée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Clé supprimée: HKLM\Software\Classes\CLSID\{B0CDE31A-5EC1-4F67-8F68-8AABC7B0E94B} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B0CDE31A-5EC1-4F67-8F68-8AABC7B0E94B} Clé supprimée: HKLM\Software\Classes\Conduit.Engine Clé supprimée: HKLM\Software\Classes\Toolbar.CT2801948 Clé supprimée: HKLM\Software\Conduit Clé supprimée: HKLM\Software\conduitEngine Clé supprimée: HKCU\Software\AutocompletePro Clé supprimée: HKCU\Software\Conduit Clé supprimée: HKCU\Software\AppDataLow\Toolbar Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit Clé supprimée: HKCU\Software\AppDataLow\Software\conduitEngine Clé supprimée: HKCU\Software\AppDataLow\Software\PriceGong Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8060ED0-EFAD-45A8-9E1B-819A62BEB1AA} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Clé supprimée: HKLM\Software\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [5.0 (fr)] **** Plugins\npDivxPlayerPlugin.dll (DivX, Inc) HKLM_MozillaPlugins\Adobe Reader (x) Searchplugins\babylon.xml (hxxp://search.babylon.com/web/{searchTerms}) Searchplugins\bing.xml ( hxxp://www.bing.com/search) Components\browsercomps.dll (Mozilla Foundation) HKLM_Extensions|{23fcfd51-4958-4f00-80a3-ae97e717ed8b} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video HKLM_Extensions|{6904342A-8307-11DF-A508-4AE2DFD72085} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa HKLM_Extensions|{B7082FAA-CB62-4872-9106-E42DD88EDE45} - C:\Program Files (x86)\McAfee\SiteAdvisor -- C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default -- Extensions\{04253f76-f258-4b03-7b4a-0bebad2ca3e9} (<?xml version="1.0"?><RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:em="http://www.mozilla.org/2004/em-rdf#"><Description about="urn:mozilla:install-manifest"><em:id>{04253f76-f258-4b03-7b4a-0bebad2ca3e9}</em:id>facemoi<em:version>2.0</em:version><em:description>Extension for Facebook</em:description><em:creator>FaceMoi</em:creator><em:contributor>FaceMoi : www.facemoi.com</em:contributor><em:contributor>Who visits my facebook profile - Facemoi</em:contributor><em:iconURL>chrome://facemoi/content/facemoi.png</em:iconURL><em:homepageURL>Who visits my facebook profile - Facemoi</em:homepageURL><em:targetApplication><Description><em:id>{ec8030f7-c20a-464f-9b0e-13a3a9e97384}</em:id><em:minVersion>2.3</em:minVersion><em:maxVersion>4.*</em:maxVersion></Description></em:targetApplication></Description></RDF>) Prefs.js - browser.download.lastDir, C:\\Users\\famille\\Desktop Prefs.js - browser.search.defaultenginename, Search the web (Babylon) Prefs.js - browser.search.defaulturl, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=18173 Prefs.js - browser.search.selectedEngine, Google Prefs.js - browser.startup.homepage, hxxp://ww.google.fr Prefs.js - browser.startup.homepage_override.buildID, 20110615151330 Prefs.js - browser.startup.homepage_override.mstone, rv:5.0 Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=adbartrp&AF=18173&q= ======================================== **** Internet Explorer Version [9.0.8112.16421] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_URLSearchHooks|{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - "McAfee SiteAdvisor Toolbar" (c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll) HKCU_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll) HKCU_URLSearchHooks|{37483b40-c254-4a72-bda4-22ee90182c1e} - "NCH EN Toolbar" (C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll) HKLM_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll) HKLM_URLSearchHooks|{37483b40-c254-4a72-bda4-22ee90182c1e} - "NCH EN Toolbar" (C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll) HKCU_Toolbar\WebBrowser|{1017A80C-6F09-4548-A84D-EDD6AC9525F0} (C:\Program Files\Lexmark Toolbar\toolband.dll) HKCU_Toolbar\WebBrowser|{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} (C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll) HKCU_Toolbar\WebBrowser|{37483B40-C254-4A72-BDA4-22EE90182C1E} (C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll) HKLM_Toolbar|{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} (c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll) HKLM_Toolbar|{1017A80C-6F09-4548-A84D-EDD6AC9525F0} (C:\Program Files\Lexmark Toolbar\toolband.dll) HKLM_Toolbar|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} (C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll) HKLM_Toolbar|{37483b40-c254-4a72-bda4-22ee90182c1e} (C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll) HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files (x86)\Veetle\Player\vtl_hfs.exe (?) HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files (x86)\Veetle\Player\player.exe (?) HKCU_ElevationPolicy\{A68B194F-D79E-4EE0-A405-AFB259F1FB36} - C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC) HKCU_ElevationPolicy\{B45B50CC-DCB6-4D3E-B6CA-696CAF40BDF2} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe (Megaupload Limited) HKCU_ElevationPolicy\{C62FD49E-B4B9-4F6A-AC7C-3474E848E866} - C:\Program Files (x86)\DivX\DivX Plus Web Player\dwpBroker.exe (?) HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files (x86)\Veetle\Player\vtl_hfax.exe (?) HKLM_ElevationPolicy\{02DAEBED-1504-4562-A498-4120120DEB8A} - C:\Program Files\Lexmark Toolbar\tbsched.exe (?) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x) HKLM_ElevationPolicy\{291DCC1E-4014-4CCD-8305-D990C4AFD8D5} - C:\Program Files (x86)\NCH_EN\NCH_ENToolbarHelper.exe (?) HKLM_ElevationPolicy\{5F17E524-3447-4c7d-8E5F-4EFF31CDE3B7} - C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC) HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files (x86)\Veetle\Player\vtl_hfs.exe (?) HKLM_ElevationPolicy\{64903E32-AE0B-408D-909C-09A08791F28D} - C:\Program Files (x86)\DivX\DivX Plus Web Player\dwpBroker.exe (?) HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files (x86)\Veetle\Player\player.exe (?) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files (x86)\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?) HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x) HKLM_ElevationPolicy\{D5793D32-E7C9-4F0E-B76E-A3545761F2E3} - C:\Users\famille\AppData\Local\Conduit\CT2801948\NCH_ENAutoUpdateHelper.exe (x) HKLM_ElevationPolicy\{D802E3EF-2513-4661-972E-BAD737EFBA88} - C:\Program Files (x86)\DivX\DivX OVS Helper\OVSHelperBroker.exe (DivX, LLC.) HKLM_ElevationPolicy\{DAABE21E-DB8C-49b8-9511-9E6547ECBC5F} - c:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.) HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files (x86)\Veetle\Player\vtl_hfax.exe (?) HKLM_ElevationPolicy\{FCAF9570-E42A-4D7D-BB81-FC311AB91B02} - C:\Program Files (x86)\uTorrentBar_FR\uTorrentBar_FRToolbarHelper.exe (?) HKCU_Extensions\{97ED3A9F-CD6F-473A-8FE1-7505C1B844C3} - "Billeo" (billeo.dll,219) HKLM_Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66} - "?" (?) BHO\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll) BHO\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - "Lexmark Barre d'outils" (C:\Program Files\Lexmark Toolbar\toolband.dll) BHO\{27B4851A-3207-45A2-B947-BE8AFE6163AB} - "McAfee Phishing Filter" (c:\PROGRA~2\mcafee\msk\mskapbho.dll) BHO\{326E768D-4182-46FD-9C16-1449A49795F4} - "DivX Plus Web Player HTML5 <video>" (C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll) BHO\{37483b40-c254-4a72-bda4-22ee90182c1e} - "NCH EN Toolbar" (C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll) BHO\{593DDEC6-7468-4cdd-90E1-42DADAA222E9} - "DivX HiQ" (C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll) BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?) BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll) BHO\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} - "scriptproxy" (C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll) BHO\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} - "McAfee SiteAdvisor BHO" (c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll) BHO\{bf00e119-21a3-4fd1-b178-3b8537e75c92} - "IeMonitorBho Class" (C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll) BHO\{D2C5E510-BE6D-42CC-9F61-E4F939078474} - "Lexmark " (C:\Program Files\Lexmark Printable Web\bho.dll) BHO\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC} (?) ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 250 Fichier(s) C:\Program Files (x86)\Ad-Remover\Backup: 32 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 30/12/2010 21:54:22 (7187 Octet(s)) C:\Ad-Report-CLEAN[2].txt - 09/08/2011 19:41:46 (21586 Octet(s)) C:\Ad-Report-SCAN[1].txt - 30/12/2010 21:50:44 (7083 Octet(s)) C:\Ad-Report-SCAN[2].txt - 09/08/2011 19:36:18 (22724 Octet(s)) Fin à: 19:44:21, 09/08/2011 ============== E.O.F ==============
  9. La suite (1) ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: http://www.teamxscript.org C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [2]) -> Lancé à 19:36:11 le 09/08/2011, Mode normal Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64) famille@PC-DE-FAMILLE (Acer Aspire M3800) ============== RECHERCHE ============== Dossier trouvé: C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default\conduit Dossier trouvé: C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default\ConduitEngine Dossier trouvé: C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default\extensions\engine@conduit.com Fichier trouvé: C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default\searchplugins\conduit.xml Dossier trouvé: C:\Users\famille\AppData\Local\Conduit Dossier trouvé: C:\Users\famille\AppData\LocalLow\Conduit Dossier trouvé: C:\Program Files (x86)\Conduit Dossier trouvé: C:\Users\famille\AppData\LocalLow\ConduitEngine Dossier trouvé: C:\Program Files (x86)\ConduitEngine Dossier trouvé: C:\Users\famille\AppData\Roaming\OpenCandy Dossier trouvé: C:\Users\famille\AppData\Local\OpenCandy Dossier trouvé: C:\Users\famille\AppData\LocalLow\PriceGong -- Fichier ouvert: C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default\Prefs.js -- Ligne trouvée: user_pref("CommunityToolbar.CantToolbarBeEngineOwner", ""); Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1045667/1041378/FR", "\"0\"... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1194029/1189706/FR", "\"0\"... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1243674/1239347/FR", "\"0\"... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"")... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2801948", ... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2851639", ... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2801948",... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63433363123173... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/27/2... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2801948/CT2801948... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2851639/CT2851639... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/idel.gif", "... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/minimize.gif... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/play.gif", "... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/stop.gif", "... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/vol.gif", "\... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=fr", "\"634... Ligne trouvée: user_pref("CommunityToolbar.EngineOwner", "CT2851639"); Ligne trouvée: user_pref("CommunityToolbar.EngineOwnerGuid", "{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}"); Ligne trouvée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar_fr"); Ligne trouvée: user_pref("CommunityToolbar.IsEngineShown", false); Ligne trouvée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); Ligne trouvée: user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://cdn.triplegames.com/shared/apps/gamearcade/ar... Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2851639"); Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}"); Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "utorrentbar_fr"); Ligne trouvée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr... Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT2851639,ConduitEngine"); Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList2", "CT2851639,ConduitEngine"); Ligne trouvée: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Wed Apr 06 2011 08:05:29 GMT+02... Ligne trouvée: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440); Ligne trouvée: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Jul 10 2011 19:22:06 GMT+0200"); Ligne trouvée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Ligne trouvée: user_pref("CommunityToolbar.alert.firstTimeAlertShown", true); Ligne trouvée: user_pref("CommunityToolbar.alert.locale", "en"); Ligne trouvée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Ligne trouvée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Jul 11 2011 17:54:37 GMT+0200"); Ligne trouvée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559"); Ligne trouvée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Ligne trouvée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Ligne trouvée: user_pref("CommunityToolbar.alert.showTrayIcon", false); Ligne trouvée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Ligne trouvée: user_pref("CommunityToolbar.alert.userId", "36984b70-4fe1-4de7-8ba7-a38e3ffc5db0"); Ligne trouvée: user_pref("CommunityToolbar.facebook.sessionKey", "2.eazJvCTPjTUat98zJgGocA__.86400.1300046400-10000... Ligne trouvée: user_pref("CommunityToolbar.facebook.sessionSecret", "LN9wd_v_7TSCCo81BFsf4w__"); Ligne trouvée: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Mar 26 2011 09:18:23 GMT+0100"); Ligne trouvée: user_pref("CommunityToolbar.facebook.userId", "100001568831559"); Ligne trouvée: user_pref("CommunityToolbar.globalUserId", "d2a156be-59d7-40de-99b9-b88e9679981c"); Ligne trouvée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Ligne trouvée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Ligne trouvée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2801948"); Ligne trouvée: user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sat Jul 02 2011 12:11:32 GMT+0200"); Ligne trouvée: user_pref("ConduitEngine.CTID", "ConduitEngine"); Ligne trouvée: user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Wed Apr 06 2011 08:05:28 GMT+0200"); Ligne trouvée: user_pref("ConduitEngine.FirstServerDate", "12/29/2010 22"); Ligne trouvée: user_pref("ConduitEngine.FirstTime", true); Ligne trouvée: user_pref("ConduitEngine.FirstTimeFF3", true); Ligne trouvée: user_pref("ConduitEngine.FixPageNotFoundErrors", false); Ligne trouvée: user_pref("ConduitEngine.HasUserGlobalKeys", true); Ligne trouvée: user_pref("ConduitEngine.Initialize", true); Ligne trouvée: user_pref("ConduitEngine.InitializeCommonPrefs", true); Ligne trouvée: user_pref("ConduitEngine.InstallationType", "UnknownIntegration"); Ligne trouvée: user_pref("ConduitEngine.InstalledDate", "Wed Dec 29 2010 20:04:00 GMT+0100"); Ligne trouvée: user_pref("ConduitEngine.IsMulticommunity", false); Ligne trouvée: user_pref("ConduitEngine.IsOpenThankYouPage", false); Ligne trouvée: user_pref("ConduitEngine.IsOpenUninstallPage", false); Ligne trouvée: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Dec 30 2010 20:04:00 GMT+0100"); Ligne trouvée: user_pref("ConduitEngine.LastLogin_3.2.5.2", "Thu Dec 30 2010 20:30:05 GMT+0100"); Ligne trouvée: user_pref("ConduitEngine.PublisherContainerWidth", 0); Ligne trouvée: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true); Ligne trouvée: user_pref("ConduitEngine.SettingsLastCheckTime", "Wed Apr 06 2011 08:05:27 GMT+0200"); Ligne trouvée: user_pref("ConduitEngine.UserID", "UN78959148571048230"); Ligne trouvée: user_pref("ConduitEngine.engineLocale", "fr"); Ligne trouvée: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Dec 30 2010 20:04:00 GMT+0100"); Ligne trouvée: user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Wed Apr 06 2011 08:05:29 GMT+0200"); Ligne trouvée: user_pref("ConduitEngine.initDone", true); Ligne trouvée: user_pref("ConduitEngine.isAppTrackingManagerOn", true); -- Fichier Fermé -- Clé trouvée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Clé trouvée: HKLM\Software\Classes\CLSID\{B0CDE31A-5EC1-4F67-8F68-8AABC7B0E94B} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B0CDE31A-5EC1-4F67-8F68-8AABC7B0E94B} Clé trouvée: HKLM\Software\Classes\Conduit.Engine Clé trouvée: HKLM\Software\Classes\Toolbar.CT2801948 Clé trouvée: HKLM\Software\Conduit Clé trouvée: HKLM\Software\conduitEngine Clé trouvée: HKCU\Software\AutocompletePro Clé trouvée: HKCU\Software\Conduit Clé trouvée: HKCU\Software\AppDataLow\Toolbar Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit Clé trouvée: HKCU\Software\AppDataLow\Software\conduitEngine Clé trouvée: HKCU\Software\AppDataLow\Software\PriceGong Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8060ED0-EFAD-45A8-9E1B-819A62BEB1AA} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Clé trouvée: HKLM\Software\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [5.0 (fr)] **** Plugins\npDivxPlayerPlugin.dll (DivX, Inc) HKLM_MozillaPlugins\Adobe Reader (x) Searchplugins\babylon.xml (hxxp://search.babylon.com/web/{searchTerms}) Searchplugins\bing.xml ( hxxp://www.bing.com/search) Components\browsercomps.dll (Mozilla Foundation) HKLM_Extensions|{23fcfd51-4958-4f00-80a3-ae97e717ed8b} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video HKLM_Extensions|{6904342A-8307-11DF-A508-4AE2DFD72085} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa HKLM_Extensions|{B7082FAA-CB62-4872-9106-E42DD88EDE45} - C:\Program Files (x86)\McAfee\SiteAdvisor -- C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default -- Extensions\engine@conduit.com (Conduit Engine ) Extensions\{04253f76-f258-4b03-7b4a-0bebad2ca3e9} (<?xml version="1.0"?><RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:em="http://www.mozilla.org/2004/em-rdf#"><Description about="urn:mozilla:install-manifest"><em:id>{04253f76-f258-4b03-7b4a-0bebad2ca3e9}</em:id>facemoi<em:version>2.0</em:version><em:description>Extension for Facebook</em:description><em:creator>FaceMoi</em:creator><em:contributor>FaceMoi : www.facemoi.com</em:contributor><em:contributor>Who visits my facebook profile - Facemoi</em:contributor><em:iconURL>chrome://facemoi/content/facemoi.png</em:iconURL><em:homepageURL>Who visits my facebook profile - Facemoi</em:homepageURL><em:targetApplication><Description><em:id>{ec8030f7-c20a-464f-9b0e-13a3a9e97384}</em:id><em:minVersion>2.3</em:minVersion><em:maxVersion>4.*</em:maxVersion></Description></em:targetApplication></Description></RDF>) Searchplugins\conduit.xml (hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms} /) Prefs.js - browser.download.lastDir, C:\\Users\\famille\\Desktop Prefs.js - browser.search.defaultenginename, Search the web (Babylon) Prefs.js - browser.search.defaulturl, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=18173 Prefs.js - browser.search.selectedEngine, Google Prefs.js - browser.startup.homepage, hxxp://ww.google.fr Prefs.js - browser.startup.homepage_override.buildID, 20110615151330 Prefs.js - browser.startup.homepage_override.mstone, rv:5.0 Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=adbartrp&AF=18173&q= ======================================== **** Internet Explorer Version [9.0.8112.16421] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKCU_Main|Start Page - hxxps://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1302971529&rver=6.1.6206.0&wp=MBI&wreply=hxxp:%2F%2Fmail.live... HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_URLSearchHooks|{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - "McAfee SiteAdvisor Toolbar" (c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll) HKCU_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll) HKCU_URLSearchHooks|{37483b40-c254-4a72-bda4-22ee90182c1e} - "NCH EN Toolbar" (C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll) HKLM_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll) HKLM_URLSearchHooks|{37483b40-c254-4a72-bda4-22ee90182c1e} - "NCH EN Toolbar" (C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll) HKCU_SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - "Search the web (Babylon)" (hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=18173) HKCU_SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} - "NCH EN Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...) HKLM_SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} - "NCH EN Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...) HKCU_Toolbar\WebBrowser|{1017A80C-6F09-4548-A84D-EDD6AC9525F0} (C:\Program Files\Lexmark Toolbar\toolband.dll) HKCU_Toolbar\WebBrowser|{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} (C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll) HKCU_Toolbar\WebBrowser|{37483B40-C254-4A72-BDA4-22EE90182C1E} (C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll) HKLM_Toolbar|{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} (c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll) HKLM_Toolbar|{1017A80C-6F09-4548-A84D-EDD6AC9525F0} (C:\Program Files\Lexmark Toolbar\toolband.dll) HKLM_Toolbar|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} (C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll) HKLM_Toolbar|{37483b40-c254-4a72-bda4-22ee90182c1e} (C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll) HKLM_Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} (C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll) HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files (x86)\Veetle\Player\vtl_hfs.exe (?) HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files (x86)\Veetle\Player\player.exe (?) HKCU_ElevationPolicy\{A68B194F-D79E-4EE0-A405-AFB259F1FB36} - C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC) HKCU_ElevationPolicy\{B45B50CC-DCB6-4D3E-B6CA-696CAF40BDF2} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe (Megaupload Limited) HKCU_ElevationPolicy\{C62FD49E-B4B9-4F6A-AC7C-3474E848E866} - C:\Program Files (x86)\DivX\DivX Plus Web Player\dwpBroker.exe (?) HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files (x86)\Veetle\Player\vtl_hfax.exe (?) HKLM_ElevationPolicy\{02DAEBED-1504-4562-A498-4120120DEB8A} - C:\Program Files\Lexmark Toolbar\tbsched.exe (?) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x) HKLM_ElevationPolicy\{291DCC1E-4014-4CCD-8305-D990C4AFD8D5} - C:\Program Files (x86)\NCH_EN\NCH_ENToolbarHelper.exe (?) HKLM_ElevationPolicy\{5F17E524-3447-4c7d-8E5F-4EFF31CDE3B7} - C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC) HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files (x86)\Veetle\Player\vtl_hfs.exe (?) HKLM_ElevationPolicy\{64903E32-AE0B-408D-909C-09A08791F28D} - C:\Program Files (x86)\DivX\DivX Plus Web Player\dwpBroker.exe (?) HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files (x86)\Veetle\Player\player.exe (?) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files (x86)\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?) HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x) HKLM_ElevationPolicy\{D5793D32-E7C9-4F0E-B76E-A3545761F2E3} - C:\Users\famille\AppData\Local\Conduit\CT2801948\NCH_ENAutoUpdateHelper.exe (?) HKLM_ElevationPolicy\{D802E3EF-2513-4661-972E-BAD737EFBA88} - C:\Program Files (x86)\DivX\DivX OVS Helper\OVSHelperBroker.exe (DivX, LLC.) HKLM_ElevationPolicy\{D8060ED0-EFAD-45A8-9E1B-819A62BEB1AA} - C:\Program Files (x86)\ConduitEngine\ConduitEngineHelper.exe (?) HKLM_ElevationPolicy\{DAABE21E-DB8C-49b8-9511-9E6547ECBC5F} - c:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.) HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files (x86)\Veetle\Player\vtl_hfax.exe (?) HKLM_ElevationPolicy\{FCAF9570-E42A-4D7D-BB81-FC311AB91B02} - C:\Program Files (x86)\uTorrentBar_FR\uTorrentBar_FRToolbarHelper.exe (?) HKCU_Extensions\{97ED3A9F-CD6F-473A-8FE1-7505C1B844C3} - "Billeo" (billeo.dll,219) HKLM_Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66} - "?" (?) BHO\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll) BHO\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - "Lexmark Barre d'outils" (C:\Program Files\Lexmark Toolbar\toolband.dll) BHO\{27B4851A-3207-45A2-B947-BE8AFE6163AB} - "McAfee Phishing Filter" (c:\PROGRA~2\mcafee\msk\mskapbho.dll) BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} - "Conduit Engine" (C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll) BHO\{326E768D-4182-46FD-9C16-1449A49795F4} - "DivX Plus Web Player HTML5 <video>" (C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll) BHO\{37483b40-c254-4a72-bda4-22ee90182c1e} - "NCH EN Toolbar" (C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll) BHO\{593DDEC6-7468-4cdd-90E1-42DADAA222E9} - "DivX HiQ" (C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll) BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?) BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll) BHO\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} - "scriptproxy" (C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll) BHO\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} - "McAfee SiteAdvisor BHO" (c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll) BHO\{bf00e119-21a3-4fd1-b178-3b8537e75c92} - "IeMonitorBho Class" (C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll) BHO\{D2C5E510-BE6D-42CC-9F61-E4F939078474} - "Lexmark " (C:\Program Files\Lexmark Printable Web\bho.dll) BHO\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC} (?) ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 88 Fichier(s) C:\Program Files (x86)\Ad-Remover\Backup: 18 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 30/12/2010 21:54:22 (7187 Octet(s)) C:\Ad-Report-SCAN[1].txt - 30/12/2010 21:50:44 (7083 Octet(s)) C:\Ad-Report-SCAN[2].txt - 09/08/2011 19:36:18 (22585 Octet(s)) Fin à: 19:37:44, 09/08/2011 ============== E.O.F ==============
  10. Je crois que j'ai fait une boulette : j'ai lancé deux fois le processus 2. Voici les rapports Le premier : RogueKiller V5.3.1 [06/08/2011] par Tigzy contact sur Forum Sciences / Forum Informatique - Sur la Toile (SLT) mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/31) Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur: famille [Droits d'admin] Mode: Suppression -- Date : 09/08/2011 19:28:48 Processus malicieux: 0 Entrees de registre: 2 [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) Fichier HOSTS: 127.0.0.1 localhost ::1 localhost Termine : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt Et voici le second : RogueKiller V5.3.1 [06/08/2011] par Tigzy contact sur Forum Sciences / Forum Informatique - Sur la Toile (SLT) mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/31) Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur: famille [Droits d'admin] Mode: Suppression -- Date : 09/08/2011 19:29:21 Processus malicieux: 0 Entrees de registre: 1 [sUSP PATH] RunAsStdUser Task.job : c:\users\famille\appdata\local\temp\{86d4b82a-abed-442a-be86-96357b70f4fe}\runie.exe -> DELETED Fichier HOSTS: 127.0.0.1 localhost ::1 localhost Termine : << RKreport[3].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
  11. RE, Voilà la première partie : RogueKiller V5.3.1 [06/08/2011] par Tigzy contact sur Forum Sciences / Forum Informatique - Sur la Toile (SLT) mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/31) Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur: famille [Droits d'admin] Mode: Recherche -- Date : 09/08/2011 19:26:37 Processus malicieux: 0 Entrees de registre: 3 [sUSP PATH] RunAsStdUser Task.job : c:\users\famille\appdata\local\temp\{86d4b82a-abed-442a-be86-96357b70f4fe}\runie.exe -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND Fichier HOSTS: 127.0.0.1 localhost ::1 localhost Termine : << RKreport[1].txt >> RKreport[1].txt
  12. Bonjour, Voici le rapport demandé : Rapport de ZHPDiag v1.28.132 par Nicolas Coolman, Update du 08/08/2011 Run by famille at 09/08/2011 17:05:26 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 MFIE: Mozilla Firefox 5.0 v (Defaut) GCIE: Google Chrome v12.0.742.122 ---\\ Windows Product Information Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows® 7, OEM_COA_NSLP channel Windows ID Activation : OK ~ Windows Partial Key : M3J6X Windows License : OK ~ Windows Remaining Initializations Number : 5 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System Information ~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 8191 MB (78% free) System Restore: Activé (Enable) System drive C: has 333 GB (72%) free of 458 GB ---\\ Logged in mode ~ Computer Name: PC-DE-FAMILLE ~ User Name: famille ~ All Users Names: HomeGroupUser$, famille, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\famille\AppData\Roaming\ ~ %Desktop% : C:\Users\famille\Desktop\ ~ %Favorites% : C:\Users\famille\Favorites\ ~ %LocalAppData% : C:\Users\famille\AppData\Local\ ~ %StartMenu% : C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 333 Go of 458 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 458 Go of 458 Go) E:\ CD-ROM drive (Not Inserted) F:\ Floppy drive, Flash card reader, USB Key (Not Inserted) G:\ Floppy drive, Flash card reader, USB Key (Not Inserted) H:\ Floppy drive, Flash card reader, USB Key (Not Inserted) I:\ Floppy drive, Flash card reader, USB Key (Not Inserted) J:\ Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.28/04/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.DD81D91FF3B0763C392422865C9AC12E] - (....) (.14/07/2009 - 02:39:31.) -- C:\Windows\system32\rundll32.exe [45568] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\system32\Wininit.exe [129024] [MD5.1BF2BCC7E3C26FD4C8EF0C9EFB0CC25D] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.11/07/2011 - 18:01:31.) -- C:\Windows\system32\wininet.dll [1389056] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.05/03/2011 - 14:25:30.) -- C:\Windows\system32\Winlogon.exe [390656] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\drivers\atapi.sys [24128] [MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.28/04/2011 - 07:41:34.) -- C:\Windows\system32\drivers\ntfs.sys [1659776] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.05/03/2011 - 14:27:26.) -- C:\Windows\system32\sppcomapi.dll [232448] [MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (....) (.05/03/2011 - 14:07:20.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/42 ~ Mes musiques (My Musics) : 15/43 ~ Mes Videos (My Videos) : 1/183 ~ Mes Favoris (My Favorites) : 5/523 ~ Mes Documents (My Documents) : 156/1687 ~ Mon Bureau (My Desktop) : 2/609 ~ Menu demarrer (Programs) : 7/38 ~ Scan Hidden Files in 00mn 19s ---\\ Processus lancés [MD5.F751C546A9A586A09AD64274529F8E9C] - (.McAfee, Inc. - McAfee Integrated Security Platform.) -- c:\PROGRA~2\mcafee.com\agent\mcagent.exe [645328] [MD5.055E69B5E4841098A4EAE04EE7EEB0A2] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904] [MD5.25173C73A8E66BDCE0991643B3810BC8] - (.EgisTec Inc. - mwlDaemon Application.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [346672] [MD5.696A8C0E65724D5CD80944688BA69D11] - (.Pas de propriétaire - Printer Device Monitor.) -- C:\Program Files (x86)\Lexmark S600 Series\lxedmon.exe [770728] [MD5.951E33D6F7336F35D592E4A1B03440BA] - (...) -- C:\Program Files (x86)\Lexmark S600 Series\ezprint.exe [139944] [MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [MD5.467E15D29A0FB9EECFC16543AD978F5A] - (.Veoh Networks - Veoh Web Player Beta.) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [2634048] [MD5.79A68515003E994D8632D1802C149430] - (.Pas de propriétaire - gm4ie MFC Application.) -- C:\Facemoi\facemoi.exe [59392] [MD5.89F7C30A91E5581BDF14C62AB46A2B2D] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [255536] [MD5.B62D8C47FFF285F910A4896836BCD744] - (.CyberLink Corp. - Acer Arcade Deluxe Resident Program.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [156968] [MD5.D3D3B1CFA81DD68D38362D533F443FD1] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [202024] [MD5.2B2D8EF4BE4648FC0BB91DE59D395574] - (.EgisTec Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464] [MD5.8DCED3E27B271E76743C268DBD51EEEC] - (.Acer Corp. - Acer Arcade Deluxe PlayMovie Resident Progr.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [173288] [MD5.9ACE8ECDB1EBC519F48AA65DE5875573] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe [202256] [MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [281768] [MD5.7636713B4F0944045AB4AF7CED5245AB] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704] [MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [MD5.6C9CD3ECBA6732661C8BBE37A877A2BD] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [924632] [MD5.4486AD32BB05628967695FCA1BADD46E] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [16856] [MD5.B5B4E81AADFDF95345186A023A99D2E6] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [664576] [MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [136360] [MD5.62F7FD637CE42ADDA3748E1B6E8780D2] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [269480] [MD5.2B272D0A6E5071829B516FFDC7F841CA] - (.Pas de propriétaire - CLHNService Module.) -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [75048] [MD5.9FD96AFED226918A6ED8D0BAF9C2B398] - (...) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSMonitorService.exe [58664] [MD5.051E8D7AC7B1902BD32060AB7ED6E449] - (.CyberLink - CLMSServer.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [288120] [MD5.C85968D24449E37653B891B03188140C] - (.McAfee, Inc. - McAfee Proxy Service Module.) -- C:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe [359952] [MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- C:\Windows\SysWOW64\rundll32.exe [44544] [MD5.0655D440057942DE2BEEB8FAD145490E] - (.McAfee, Inc. - McAfee Personal Firewall Service.) -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe [894136] [MD5.CF3C267356F458BE85C5034BFC382022] - (.McAfee, Inc. - McAfee Anti-Spam Server.) -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe [26640] [MD5.77F8AD024059A9A8E17E654B887D1EF0] - (.EgisTec Inc. - MyWinLocker Service.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [306736] [MD5.58751F9248D50BCE1053976C9E2F0859] - (.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144632] [MD5.7CCAEBCAB6FC1ED0206C07E083E79207] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152] [MD5.F79525634B192F5A18DE503568F94EF3] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840] [MD5.0FC36E77D779F8D021D338BDC7368181] - (.McAfee, Inc. - McAfee Services.) -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe [865832] [MD5.F2A433E0EA959028E349FB1D5BAE01E7] - (.McAfee, Inc. - McAfee SystemGuards Service.) -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe [606736] [MD5.2988E515570E4F8B9D9B256137F8E8F4] - (.McAfee, Inc. - McAfee Network Agent.) -- C:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe [2482848] [MD5.34F4F701DFDFDE6433B15D0442FEA90A] - (.McAfee, Inc. - McAfee Update Launcher.) -- c:\PROGRA~2\mcafee.com\agent\McUpdate.exe [562928] [MD5.479E89EC5F1A340C4A2E09245E8435AA] - (.McAfee, Inc. - McAfee Update Manager Service.) -- c:\PROGRA~2\mcafee\msc\mcupdmgr.exe [806008] ~ Scan Processes Running in 00mn 01s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\famille\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [user Data\Default] None G0 - GCSP: Preference [user Data\Default][HomePage] Google G2 - GCE: Preference [user Data\Default] [defdhglnppeioeflggkmglipcecffkhk] AutocompletePro plugin for chrome v.1.0 (Activé) G2 - GCE: Preference [user Data\Default] [fheoggkfdfchfphceeifdbepaooicaho] SiteAdvisor v.3.31.137.7 (Activé) G2 - GCE: Preference [user Data\Default] [fnjbmmemklcjgepojigaapkoodmkgbae] DivX HiQ v.2.1.1.94 (Activé) G2 - GCE: Preference [user Data\Default] [iknffkmlbmmhbnfhfnpopiembeecpokj] Facemoi v.2.3.0 (Activé) G2 - GCE: Preference [user Data\Default] [jfmjfhklogoienhpfnppmbcbjfjnkonk] RealPlayer HTML5Video Downloader Extension v.1.2 (Activé) G2 - GCE: Preference [user Data\Default] [nneajnkjbffgblleaoojgaacokifdkhm] \u003Cvideo\u003E HTML5 DivX Plus Web Player v.2.1.1.94 (Activé) ~ Scan Google Browser in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\famille\AppData\Roaming\Mozilla\Firefox\Profiles\dnnw8d13.default\prefs.js M3 - MFPP: Plugins - [famille] -- C:\Users\famille\AppData\Roaming\Mozilla\Firefox\Profiles\dnnw8d13.default\searchplugins\conduit.xml M0 - MFSP: prefs.js [famille - dnnw8d13.default] Google M2 - MFEP: prefs.js [famille - dnnw8d13.default\engine@conduit.com] [] Conduit Engine v3.3.3.2 (.Conduit Ltd..) M2 - MFEP: prefs.js [famille - dnnw8d13.default\{04253f76-f258-4b03-7b4a-0bebad2ca3e9}] [] v (.FaceMoicemoi/content/facemoi.png</em:iconURL><em:homepageURL>Who visits my facebook profile - Facemoi</em:homepageURL><em:targetApplication><Description><em:id>{ec8030f7-c20a-4 P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npDivxPlayerPlugin.dll P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppl3260.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin6.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin7.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nprjplug.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 6.0.12.775.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nprpjplug.dll P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to Windows Live R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com R0 - HKUS\S-1-5-21-1593801776-2121311327-3249409475-1000\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to Windows Live R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKUS\S-1-5-21-1593801776-2121311327-3249409475-1000\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll R3 - URLSearchHook: McAfee SiteAdvisor Toolbar [64Bits] - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) (3,3,1,137) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll R3 - URLSearchHook: uTorrentBar_FR Toolbar [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.7.3) -- C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll R3 - URLSearchHook: NCH EN Toolbar [64Bits] - {37483b40-c254-4a72-bda4-22ee90182c1e} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.2.0) -- C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Scan Hosts File in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: McAfee Phishing Filter [64Bits] - {27B4851A-3207-45A2-B947-BE8AFE6163AB} . (...) -- c:\PROGRA~2\mcafee\msk\MSKAPB~1.DLL O2 - BHO: scriptproxy [64Bits] - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\ O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll O2 - BHO: McAfee SiteAdvisor BHO [64Bits] - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll O2 - BHO: uTorrentBar_FR Toolbar [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll O2 - BHO: Lexmark Barre d'outils [64Bits] - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} . (...) -- C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: McAfee Phishing Filter [64Bits] - {27B4851A-3207-45A2-B947-BE8AFE6163AB} . (...) -- c:\PROGRA~2\mcafee\msk\mskapbho.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer [64Bits] - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugi O2 - BHO: Conduit Engine [64Bits] - {30F9B915-B755-4826-820B-08FBA6BD249D} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> [64Bits] - {326E768D-4182-46FD-9C16-1449A49795F4} . (.DivX, LLC - DivX Web Player version 2.1.1.94.) -- C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: NCH EN [64Bits] - {37483b40-c254-4a72-bda4-22ee90182c1e} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites [64Bits] - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} . (.DivX, LLC - DivX Web Player version 2.1.1.94.) -- C:\Program Files (x86)\Div O2 - BHO: (no name) [64Bits] - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline O2 - BHO: Search Helper [64Bits] - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: scriptproxy [64Bits] - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: McAfee SiteAdvisor BHO [64Bits] - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Mega Manager IE Click Monitor [64Bits] - {bf00e119-21a3-4fd1-b178-3b8537e75c92} . (.Megaupload Limited - Mega Manager IE Click Catcher.) -- C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Lexmark [64Bits] - {D2C5E510-BE6D-42CC-9F61-E4F939078474} . (...) -- C:\Program Files\Lexmark Printable Web\bho.dll O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper [64Bits] - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O2 - BHO: (no name) [64Bits] - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} Clé orpheline ~ Scan BHO in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: McAfee SiteAdvisor Toolbar [64Bits] - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll O3 - Toolbar: Google Toolbar [64Bits] - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll ~ Scan Toolbar in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe O4 - HKLM\..\Run: [skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Program Files\Realtek\Audio\HDA\Skytel.exe O4 - HKLM\..\Run: [iAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [mwlDaemon] . (.EgisTec Inc. - mwlDaemon Application.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe O4 - HKLM\..\Run: [lxedmon.exe] . (.Pas de propriétaire - Printer Device Monitor.) -- C:\Program Files (x86)\Lexmark S600 Series\lxedmon.exe O4 - HKLM\..\Run: [EzPrint] . (...) -- C:\Program Files (x86)\Lexmark S600 Series\ezprint.exe O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [VeohPlugin] . (.Veoh Networks - Veoh Web Player Beta.) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe O4 - HKCU\..\Run: [GM4IE] . (.Pas de propriétaire - gm4ie MFC Application.) -- C:\Facemoi\facemoi.exe O4 - HKLM\..\Wow6432Node\Run: [ArcadeDeluxeAgent] . (.CyberLink Corp. - Acer Arcade Deluxe Resident Program.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe O4 - HKLM\..\Wow6432Node\Run: [CLMLServer] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe O4 - HKLM\..\Wow6432Node\Run: [EgisTecLiveUpdate] . (.EgisTec Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe O4 - HKLM\..\Wow6432Node\Run: [mcagent_exe] . (.McAfee, Inc. - McAfee Integrated Security Platform.) -- C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe O4 - HKLM\..\Wow6432Node\Run: [MDS_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe O4 - HKLM\..\Wow6432Node\Run: [PlayMovie] . (.Acer Corp. - Acer Arcade Deluxe PlayMovie Resident Progr.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe O4 - HKLM\..\Wow6432Node\Run: [updatePDRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exer\7.0 (.not file.) O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Wow6432Node\Run: [Facemoi] . (.Pas de propriétaire - gm4ie MFC Application.) -- c:\Facemoi\facemoi.exe O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-1593801776-2121311327-3249409475-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-21-1593801776-2121311327-3249409475-1000\..\Run: [VeohPlugin] . (.Veoh Networks - Veoh Web Player Beta.) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe O4 - HKUS\S-1-5-21-1593801776-2121311327-3249409475-1000\..\Run: [GM4IE] . (.Pas de propriétaire - gm4ie MFC Application.) -- C:\Facemoi\facemoi.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\famille\Desktop\Dofus 2.lnk . (...) -- C:\Program Files (x86)\Dofus 2\app\UpLauncher.exe O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Dofus.lnk . (.Ankama Games.) -- C:\Program Files (x86)\Dofus\UpLauncher.exe O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shareaza.lnk . (.Shareaza Development Team.) -- C:\Program Files (x86)\Shareaza\Shareaza.exe O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Wakfu.lnk . (...) -- C:\Program Files (x86)\Wakfu\UpLauncher.exe O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk . (.BitTorrent, Inc..) -- C:\Program Files (x86)\uTorrent\uTorrent.exe ~ Scan Global Startup in 00mn 04s ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: Download Link Using Mega Manager... . (...) -- C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~3\Office12\EXCEL.exe O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll ~ Scan Winsock in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{7623DE02-1BD8-4B18-AD23-F9F0DA1982C9}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{7623DE02-1BD8-4B18-AD23-F9F0DA1982C9}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{7623DE02-1BD8-4B18-AD23-F9F0DA1982C9}: DhcpNameServer = 192.168.1.1 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: dssrequest [64Bits] - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: ms-itss [64Bits] - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: sacore [64Bits] - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL ~ Scan Protocole Additionnel in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ Scan SSODL in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: CLHNService (CLHNService) . (.Pas de propriétaire - CLHNService Module.) - C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe O23 - Service: CyberLink Media Server Monitor Service (CyberLink Media Server Monitor Service) . (...) - C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSMonitorService.exe O23 - Service: CyberLink Media Server Service (CyberLink Media Server Service) . (.CyberLink - CLMSServer.) - C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe O23 - Service: Service Google Update (gupdate1ca51b324e09bc0) (gupdate1ca51b324e09bc0) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: lxedCATSCustConnectService (lxedCATSCustConnectService) . (.Lexmark International, Inc. - Lexmark Connect Service Executable.) - C:\Windows\system32\spool\DRIVERS\x64\3\lxedserv.exe O23 - Service: lxed_device (lxed_device) . (.Pas de propriétaire - Printer Communication System.) - C:\Windows\system32\lxedcoms.exe O23 - Service: McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) . (.McAfee, Inc. - SiteAdvisor.) - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) . (.McAfee, Inc. - McAfee Services.) - C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) . (.McAfee, Inc. - McAfee Network Agent.) - C:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe O23 - Service: McAfee Proxy Service (McProxy) . (.McAfee, Inc. - McAfee Proxy Service Module.) - C:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe O23 - Service: McAfee Real-time Scanner (McShield) . (.McAfee, Inc. - On-Access Scanner service.) - C:\Program Files\McAfee\VirusScan\Mcshield.exe O23 - Service: McAfee Personal Firewall Service (MpfService) . (.McAfee, Inc. - McAfee Personal Firewall Service.) - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) . (.McAfee, Inc. - McAfee Anti-Spam Server.) - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe O23 - Service: MyWinLocker Service (MWLService) . (.EgisTec Inc. - MyWinLocker Service.) - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) . (.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 197.4.) - C:\Windows\system32\nvvsvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\McDefragTask.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\McQcTask.job [MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.21E151BEABD692DCE9911B8A71DC0332] [APT] [McQcTask] (.McAfee, Inc..) -- c:\PROGRA~2\mcafee\mqc\QcConsol.exe [MD5.2C1A1F91D3288E7C02B584C2553967B6] [APT] [RealUpgradeLogonTaskS-1-5-21-1593801776-2121311327-3249409475-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [MD5.2C1A1F91D3288E7C02B584C2553967B6] [APT] [RealUpgradeScheduledTaskS-1-5-21-1593801776-2121311327-3249409475-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [MD5.00000000000000000000000000000000] [APT] [RunAsStdUser Task] (...) -- C:\Users\famille\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\RunIE.exe (.not file.) [MD5.467E15D29A0FB9EECFC16543AD978F5A] [APT] [RunAsStdUser Task for VeohWebPlayer] (.Veoh Networks.) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [MD5.7B43567B4C32AD7ADED537CD3B1342B9] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe ~ Scan Scheduled Task in 00mn 05s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys O41 - Driver: McAfee Inc. mfehidk (mfehidk) . (.McAfee, Inc. - Host Intrusion Detection Link Driver.) - C:\Windows\system32\drivers\mfehidk.sys O41 - Driver: (MPFP) . (.McAfee, Inc. - McAfee Personal Firewall Plus Driver.) - C:\Windows\system32\Drivers\Mpfp.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Tcpip) . (.Microsoft Corporation - Pilote TCP/IP.) - C:\Windows\system32\drivers\tcpip.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} O42 - Logiciel: AVS Audio Editor version 6.1 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Audio Editor_is1 O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Update Manager_is1 O42 - Logiciel: AVS4YOU Software Navigator 1.4 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Software Navigator_is1 O42 - Logiciel: Acer Arcade Deluxe - (.CyberLink Corp..) [HKLM] -- InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761} O42 - Logiciel: Acer Arcade Deluxe - (.CyberLink Corp..) [HKLM] -- {2637C347-9DAD-11D6-9EA2-00055D0CA761} O42 - Logiciel: Acer Product Registration - (.Acer Incorporated.) [HKLM] -- {DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E} O42 - Logiciel: Acer ScreenSaver - (.Acer Incorporated.) [HKLM] -- {79DD56FC-DB8B-47F5-9C80-78B62E05F9BC} O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player O42 - Logiciel: Alice Greenfingers - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767} O42 - Logiciel: Alien Shooter - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110082360} O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: Beetle Junior - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110052107} O42 - Logiciel: C:\Program Files (x86)\Acer GameZone\GameConsole - (.Oberon Media, Inc..) [HKLM] -- {71C2828F-2678-4675-BDEC-895424861262}_is1 O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Chicken Invaders 2 - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593} O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM] -- conduitEngine O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM] -- DivX Setup.divx.com O42 - Logiciel: CyberLink MediaShow - (.CyberLink Corp..) [HKLM] -- InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB} O42 - Logiciel: CyberLink MediaShow - (.CyberLink Corp..) [HKLM] -- {80E158EA-7181-40FE-A701-301CE6BE64AB} O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: DivX Converter - (.DivX, Inc..) [HKLM] -- {B13A7C41581B411290FBC0395694E2A9} O42 - Logiciel: DivX Plus DirectShow Filters - (.DivX, Inc..) [HKLM] -- DivX Plus DirectShow Filters O42 - Logiciel: Dofus 1.28.0 - (.Ankama Games.) [HKLM] -- Dofus 1.28.0 O42 - Logiciel: Dream Day First Home - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110} O42 - Logiciel: Full Tilt Poker.Fr - (.Pas de propriétaire.) [HKLM] -- {34785AD0-6276-11DF-A08A-0800200C9A66} O42 - Logiciel: Galapago - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457} O42 - Logiciel: Geoplan-Geospace version 1.6 - (.Aid-creem.) [HKLM] -- {1AA0F610-7226-4C99-85D7-5E75AFD0D5CE}_is1 O42 - Logiciel: Go-Go Gourmet - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167} O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} O42 - Logiciel: Heroes of Hellas - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380} O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3 O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} O42 - Logiciel: Lexmark - (.Pas de propriétaire.) [HKLM] -- {D2C5E510-BE6D-42CC-9F61-E4F939078474} O42 - Logiciel: Lexmark Barre d'outils - (.Pas de propriétaire.) [HKLM] -- {1017A80C-6F09-4548-A84D-EDD6AC9525F0} O42 - Logiciel: Lexmark S600 Series - (.Lexmark International, Inc..) [HKLM] -- Lexmark S600 Series O42 - Logiciel: Lexmark Tools for Office - (.Pas de propriétaire.) [HKLM] -- {10812DE7-2E57-4740-B226-6B3BE34AF9D7} O42 - Logiciel: Magic Farm - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114717227} O42 - Logiciel: Magic Match Adventures - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11408540} O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan O42 - Logiciel: McAfee SecurityCenter - (.McAfee, Inc..) [HKLM] -- MSC O42 - Logiciel: Mega Manager - (.Megaupload Limited.) [HKLM] -- {3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9} O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: Mozilla Firefox 5.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 5.0 (x86 fr) O42 - Logiciel: Mystery Solitaire - Secret Island - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363} O42 - Logiciel: NCH EN Toolbar - (.NCH EN.) [HKLM] -- NCH_EN Toolbar O42 - Logiciel: NTI Backup Now 5 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403} O42 - Logiciel: NTI Media Maker 8 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC} O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0) - (.Nokia.) [HKLM] -- BC15EA930074932BB2C4B4493C9FD4EA95087D1A O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] -- PhotoFiltre O42 - Logiciel: RadLight MPC DirectShow Filter (remove only) - (.Pas de propriétaire.) [HKLM] -- RadLight MPC DirectShow Filter O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0 O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: SAMSUNG Mobile Composite Device Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Composite Device O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem O42 - Logiciel: SAMSUNG Mobile Modem V2 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem V2 O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0 O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem O42 - Logiciel: SAMSUNG SYMBIAN USB Download Driver - (.SAMSUNG Electronics CO,.LTD.) [HKLM] -- {D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65} O42 - Logiciel: SAMSUNG USB Mobile Device Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG USB Mobile Device O42 - Logiciel: Samsung Mobile Modem Device Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile Modem Device O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD0DE453-0804-4495-9C91-33D0F9AA5463} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870 O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD907315-705A-4475-A1A0-2A1245803E4D} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A0173254-F442-4D04-9154-43FA157B83D0} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1} O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870 O42 - Logiciel: Shareaza 2.4.0.0 - (.Shareaza Development Team.) [HKLM] -- Shareaza_is1 O42 - Logiciel: Stellarium 0.10.6.1 - (.Pas de propriétaire.) [HKLM] -- Stellarium_is1 O42 - Logiciel: The K-Ball (remove only) - (.Pas de propriétaire.) [HKLM] -- The K-Ball O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A} O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4} O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF} O42 - Logiciel: Upgrade Kit - (.Acer Inc..) [HKLM] -- {1D0FDD6D-3C5E-4588-8ED0-02DC88014BF2} O42 - Logiciel: Veetle TV 0.9.18 - (.Veetle, Inc.) [HKLM] -- Veetle TV O42 - Logiciel: Veoh Web Player - (.Veoh Networks, Inc..) [HKLM] -- Veoh Web Player Beta O42 - Logiciel: Wakfu - (.Ankama Games.) [HKLM] -- Wakfu O42 - Logiciel: WavePad Sound Editor - (.NCH Software.) [HKLM] -- WavePad O42 - Logiciel: WinPcap 4.0.2 - (.CACE Technologies.) [HKLM] -- WinPcapInst O42 - Logiciel: eSobi v2 - (.esobi Inc..) [HKLM] -- InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA} O42 - Logiciel: uTorrentBar_FR Toolbar - (.uTorrentBar_FR.) [HKLM] -- uTorrentBar_FR Toolbar O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent ---\\ HKCU & HKLM Software Keys [HKCU\Software\8.1] [HKCU\Software\ABBYY] [HKCU\Software\AVS4YOU] [HKCU\Software\Acer] [HKCU\Software\Ad-Remover] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Aurigma] [HKCU\Software\AppDataLow\Google] [HKCU\Software\AppDataLow\Software\Adobe] [HKCU\Software\AppDataLow\Software\Conduit] [HKCU\Software\AppDataLow\Software\DivX] [HKCU\Software\AppDataLow\Software\Google] [HKCU\Software\AppDataLow\Software\Macromedia] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\NCH_EN] [HKCU\Software\AppDataLow\Software\PriceGong] [HKCU\Software\AppDataLow\Software\conduitEngine] [HKCU\Software\AppDataLow\Software\uTorrentBar_FR] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow\Toolbar] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Audacity] [HKCU\Software\AutocompletePro] [HKCU\Software\Avira] [HKCU\Software\Billeo] [HKCU\Software\BitTorrent] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Conduit] [HKCU\Software\CyberLink] [HKCU\Software\DivXNetworks] [HKCU\Software\DivX] [HKCU\Software\Full Tilt Poker.fr] [HKCU\Software\Geoplace] [HKCU\Software\Google] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IM Providers] [HKCU\Software\JavaSoft] [HKCU\Software\LexmarkInkjet] [HKCU\Software\LexmarkPhoto] [HKCU\Software\Lexmark] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\McAfee] [HKCU\Software\Megaupload] [HKCU\Software\Meridian93] [HKCU\Software\Mobileleader] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\NCH Software] [HKCU\Software\NCH Swift Sound] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Netscape] [HKCU\Software\Northcode Inc] [HKCU\Software\ODBC] [HKCU\Software\OEM Upgrade Kit] [HKCU\Software\Oberon Media] [HKCU\Software\OpenOffice.org] [HKCU\Software\PDFCreator] [HKCU\Software\PTP] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\RadLight MPC DirectShow Filter] [HKCU\Software\RealNetworks] [HKCU\Software\Realtek] [HKCU\Software\S3R521] [HKCU\Software\Samsung] [HKCU\Software\SaxoUpnBackup] [HKCU\Software\Shareaza] [HKCU\Software\Softonic] [HKCU\Software\SuperSoftwarePackage] [HKCU\Software\Svetozor] [HKCU\Software\The K-Ball] [HKCU\Software\Trend Micro] [HKCU\Software\Trolltech] [HKCU\Software\Veetle] [HKCU\Software\Veoh] [HKCU\Software\Wow6432Node] [HKCU\Software\Xilisoft] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\eSobi] [HKCU\Software\ej-technologies] [HKLM\Software\ABBYY] [HKLM\Software\ATI Technologies] [HKLM\Software\AVS4YOU] [HKLM\Software\Acer Inc.] [HKLM\Software\Acer Incorporated] [HKLM\Software\Acer] [HKLM\Software\Adobe] [HKLM\Software\America Online] [HKLM\Software\Ankama] [HKLM\Software\AppDataLow] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Avira] [HKLM\Software\CDDB] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Conduit] [HKLM\Software\CyberLink] [HKLM\Software\Cyberlink] [HKLM\Software\DEVGURU] [HKLM\Software\Digital River] [HKLM\Software\DivXNetworks] [HKLM\Software\DivX] [HKLM\Software\Dofus 2] [HKLM\Software\EgisTec Egis Software Update] [HKLM\Software\EgisTec] [HKLM\Software\Facemoi] [HKLM\Software\Full Tilt Poker] [HKLM\Software\Google] [HKLM\Software\Hauppauge] [HKLM\Software\IVT Corporation] [HKLM\Software\Intel Corporation] [HKLM\Software\Intel] [HKLM\Software\Interface] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\LexmarkInkjet] [HKLM\Software\Lexmark] [HKLM\Software\Licenses] [HKLM\Software\MCCI] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MarkAny] [HKLM\Software\McAfee.com] [HKLM\Software\McAfee] [HKLM\Software\Megaupload Limited] [HKLM\Software\Megaupload] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NCH Software] [HKLM\Software\NCH Swift Sound] [HKLM\Software\NCH_EN] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\NewTech Infosystems] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Oberon Media] [HKLM\Software\OemSetup] [HKLM\Software\OpenOffice.org] [HKLM\Software\PC Connectivity Solution] [HKLM\Software\PCSuite] [HKLM\Software\PDFCreator] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\RealNetworks] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\RichFX] [HKLM\Software\SRS Labs] [HKLM\Software\Samsung] [HKLM\Software\Shareaza] [HKLM\Software\SiteAdvisor] [HKLM\Software\Sonic] [HKLM\Software\Sun Microsystems] [HKLM\Software\Symantec] [HKLM\Software\TrendMicro] [HKLM\Software\Uniblue] [HKLM\Software\Veetle] [HKLM\Software\Veoh] [HKLM\Software\VideoLAN] [HKLM\Software\Volatile] [HKLM\Software\Waves Audio] [HKLM\Software\WinPcap] [HKLM\Software\Windows] [HKLM\Software\Wow6432Node] [HKLM\Software\X-AVCSD] [HKLM\Software\Xing Technology Corp.] [HKLM\Software\mozilla.org] [HKLM\Software\uTorrentBar_FR] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 17/08/2010 - 17:20:26 - [6168213] ----D- C:\Program Files\Acer O43 - CFD: 16/04/2011 - 18:44:48 - [0] ----D- C:\Program Files\Babylon O43 - CFD: 24/03/2011 - 23:28:06 - [7202648] ----D- C:\Program Files\CCleaner O43 - CFD: 17/08/2010 - 17:20:28 - [79580198] ----D- C:\Program Files\Common Files O43 - CFD: 17/08/2010 - 17:20:28 - [930272] ----D- C:\Program Files\DIFX O43 - CFD: 06/06/2011 - 15:53:18 - [5953856] ----D- C:\Program Files\DivX O43 - CFD: 05/03/2011 - 00:34:58 - [90256916] ----D- C:\Program Files\DVD Maker O43 - CFD: 18/08/2010 - 09:06:00 - [0] -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 17/08/2010 - 17:20:28 - [2909912] ----D- C:\Program Files\Google O43 - CFD: 17/08/2010 - 17:20:28 - [0] ----D- C:\Program Files\Intel O43 - CFD: 11/07/2011 - 19:02:56 - [6201464] ----D- C:\Program Files\Internet Explorer O43 - CFD: 17/10/2010 - 11:15:46 - [5598502] ----D- C:\Program Files\Lexmark O43 - CFD: 17/10/2010 - 11:12:38 - [638976] ----D- C:\Program Files\Lexmark Printable Web O43 - CFD: 17/10/2010 - 11:16:52 - [86797720] ----D- C:\Program Files\Lexmark S600 Series O43 - CFD: 17/10/2010 - 11:14:58 - [1098408] ----D- C:\Program Files\Lexmark Toolbar O43 - CFD: 17/10/2010 - 11:15:02 - [302237] ----D- C:\Program Files\Lexmark Tools for Office O43 - CFD: 17/08/2010 - 17:20:28 - [12518213] ----D- C:\Program Files\McAfee O43 - CFD: 17/08/2010 - 17:20:28 - [149237810] ----D- C:\Program Files\Microsoft Games O43 - CFD: 17/08/2010 - 17:20:28 - [1141526] ----D- C:\Program Files\Microsoft Office O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 17/08/2010 - 17:17:22 - [51734760] ----D- C:\Program Files\NVIDIA Corporation O43 - CFD: 17/08/2010 - 17:16:00 - [12124476] ----D- C:\Program Files\Realtek O43 - CFD: 14/07/2009 - 07:32:40 - [36912297] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 17/08/2010 - 17:20:30 - [2698304] ----D- C:\Program Files\SAMSUNG O43 - CFD: 14/07/2009 - 07:09:28 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 17/08/2010 - 17:20:30 - [0] ----D- C:\Program Files\Windows Calendar O43 - CFD: 17/08/2010 - 17:20:30 - [0] ----D- C:\Program Files\Windows Collaboration O43 - CFD: 05/03/2011 - 00:34:52 - [4039680] ----D- C:\Program Files\Windows Defender O43 - CFD: 05/03/2011 - 00:34:56 - [9224824] ----D- C:\Program Files\Windows Journal O43 - CFD: 05/03/2011 - 00:34:58 - [6667776] ----D- C:\Program Files\Windows Mail O43 - CFD: 05/03/2011 - 00:34:56 - [7687085] ----D- C:\Program Files\Windows Media Player O43 - CFD: 18/08/2010 - 09:06:00 - [12627636] ----D- C:\Program Files\Windows NT O43 - CFD: 17/08/2010 - 17:20:32 - [0] ----D- C:\Program Files\Windows Photo Gallery O43 - CFD: 05/03/2011 - 00:34:56 - [5516056] ----D- C:\Program Files\Windows Photo Viewer O43 - CFD: 05/03/2011 - 00:34:56 - [244736] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 05/03/2011 - 00:34:58 - [8315018] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 17/08/2010 - 17:20:28 - [1600350] ----D- C:\Program Files\Common Files\McAfee O43 - CFD: 06/10/2010 - 22:28:42 - [65174087] ----D- C:\Program Files\Common Files\Microsoft Shared O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 14/07/2009 - 05:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 14/07/2009 - 17:24:10 - [12194291] ----D- C:\Program Files\Common Files\System O43 - CFD: 17/08/2010 - 17:27:56 - [19484] ----D- C:\ProgramData\Acer GameZone Console O43 - CFD: 09/10/2010 - 10:38:20 - [55470421] ----D- C:\ProgramData\Adobe O43 - CFD: 05/10/2010 - 18:15:26 - [16880640] ----D- C:\ProgramData\Apple O43 - CFD: 05/10/2010 - 18:16:20 - [26921472] ----D- C:\ProgramData\Apple Computer O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 31/12/2010 - 00:22:50 - [56319857] ----D- C:\ProgramData\Avira O43 - CFD: 17/08/2010 - 17:27:56 - [0] ----D- C:\ProgramData\AVS4YOU O43 - CFD: 17/08/2010 - 17:27:56 - [15462] ----D- C:\ProgramData\Bluetooth O43 - CFD: 18/08/2010 - 09:06:00 - [0] -SH-D- C:\ProgramData\Bureau O43 - CFD: 17/08/2010 - 17:27:56 - [158661] ----D- C:\ProgramData\CyberLink O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 06/06/2011 - 15:53:22 - [5246239] ----D- C:\ProgramData\DivX O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 17/08/2010 - 17:27:56 - [0] ----D- C:\ProgramData\EgisTec O43 - CFD: 18/08/2010 - 10:14:32 - [420] ----D- C:\ProgramData\eSobi O43 - CFD: 17/10/2010 - 11:41:24 - [272] ----D- C:\ProgramData\Ezprint O43 - CFD: 18/08/2010 - 09:06:00 - [0] -SH-D- C:\ProgramData\Favoris O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 17/08/2010 - 17:27:56 - [25424] ----D- C:\ProgramData\Friends Games O43 - CFD: 17/08/2010 - 17:27:56 - [539892] ----D- C:\ProgramData\Google O43 - CFD: 17/08/2010 - 17:27:56 - [132] ----D- C:\ProgramData\InstallShield O43 - CFD: 06/08/2011 - 12:42:20 - [13830] ----D- C:\ProgramData\Lx_cats O43 - CFD: 17/08/2010 - 17:27:56 - [2619] ----D- C:\ProgramData\Malwarebytes O43 - CFD: 17/08/2010 - 17:28:04 - [356772044] ----D- C:\ProgramData\McAfee O43 - CFD: 03/07/2011 - 19:49:26 - [845] ----D- C:\ProgramData\McAfee Security Scan O43 - CFD: 18/08/2010 - 09:06:00 - [0] -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 17/08/2010 - 17:28:04 - [4289589] ----D- C:\ProgramData\Meridian93 O43 - CFD: 01/03/2011 - 11:52:42 - [117930293] -S--D- C:\ProgramData\Microsoft O43 - CFD: 16/06/2011 - 22:50:34 - [57688] ----D- C:\ProgramData\Microsoft Help O43 - CFD: 18/08/2010 - 09:06:00 - [0] -SH-D- C:\ProgramData\Modèles O43 - CFD: 12/04/2011 - 19:55:34 - [0] ----D- C:\ProgramData\NCH Swift Sound O43 - CFD: 15/07/2011 - 22:08:00 - [155] ----D- C:\ProgramData\Norton O43 - CFD: 17/08/2010 - 17:28:14 - [913649] ----D- C:\ProgramData\NortonInstaller O43 - CFD: 17/08/2010 - 17:28:14 - [276461] ----D- C:\ProgramData\NVIDIA O43 - CFD: 17/08/2010 - 17:28:14 - [0] ----D- C:\ProgramData\PC Suite O43 - CFD: 19/09/2010 - 16:49:46 - [1037712] ----D- C:\ProgramData\Real O43 - CFD: 17/08/2010 - 17:28:14 - [36] ----D- C:\ProgramData\SiteAdvisor O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 17/08/2010 - 17:28:14 - [364] ----D- C:\ProgramData\Sun O43 - CFD: 15/07/2011 - 22:07:58 - [155] ----D- C:\ProgramData\Symantec O43 - CFD: 28/02/2011 - 22:47:40 - [163911] ---AD- C:\ProgramData\Temp O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 03/12/2010 - 22:01:18 - [0] -SH-D- C:\Users\famille\AppData\Roaming\.# O43 - CFD: 17/08/2010 - 17:35:44 - [29536] ----D- C:\Users\famille\AppData\Roaming\Acer GameZone Console O43 - CFD: 17/08/2010 - 17:35:44 - [5763790] ----D- C:\Users\famille\AppData\Roaming\Adobe O43 - CFD: 05/02/2011 - 13:35:24 - [6829044] ----D- C:\Users\famille\AppData\Roaming\AnVi O43 - CFD: 17/08/2010 - 17:35:44 - [4480] ----D- C:\Users\famille\AppData\Roaming\app O43 - CFD: 10/12/2010 - 18:18:16 - [0] ----D- C:\Users\famille\AppData\Roaming\Apple Computer O43 - CFD: 17/08/2010 - 17:35:44 - [1251] ----D- C:\Users\famille\AppData\Roaming\Audacity O43 - CFD: 31/12/2010 - 00:27:32 - [0] ----D- C:\Users\famille\AppData\Roaming\Avira O43 - CFD: 17/08/2010 - 17:35:44 - [65079] ----D- C:\Users\famille\AppData\Roaming\AVS4YOU O43 - CFD: 17/08/2010 - 17:35:44 - [116430] ----D- C:\Users\famille\AppData\Roaming\CyberLink O43 - CFD: 06/03/2011 - 14:43:26 - [220216] ----D- C:\Users\famille\AppData\Roaming\DivX O43 - CFD: 13/07/2011 - 14:26:04 - [148361756] ----D- C:\Users\famille\AppData\Roaming\Dofus 2 O43 - CFD: 05/07/2011 - 13:44:50 - [0] ----D- C:\Users\famille\AppData\Roaming\Dofus-10.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 17/08/2010 - 17:35:46 - [5367] ----D- C:\Users\famille\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 17/08/2010 - 17:35:46 - [36] ----D- C:\Users\famille\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 05/07/2011 - 13:36:06 - [0] ----D- C:\Users\famille\AppData\Roaming\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 05/07/2011 - 13:38:52 - [0] ----D- C:\Users\famille\AppData\Roaming\Dofus-5.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 05/07/2011 - 13:39:10 - [0] ----D- C:\Users\famille\AppData\Roaming\Dofus-6.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 05/07/2011 - 13:39:34 - [0] ----D- C:\Users\famille\AppData\Roaming\Dofus-7.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 05/07/2011 - 13:40:16 - [0] ----D- C:\Users\famille\AppData\Roaming\Dofus-8.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 05/07/2011 - 13:42:00 - [0] ----D- C:\Users\famille\AppData\Roaming\Dofus-9.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 17/08/2010 - 17:35:46 - [2682] ----D- C:\Users\famille\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 17/07/2011 - 19:05:20 - [199] ----D- C:\Users\famille\AppData\Roaming\dvdcss O43 - CFD: 17/08/2010 - 17:35:46 - [0] ----D- C:\Users\famille\AppData\Roaming\eSobi O43 - CFD: 17/08/2010 - 17:35:46 - [827] ----D- C:\Users\famille\AppData\Roaming\Go Go Gourmet O43 - CFD: 17/08/2010 - 17:35:46 - [0] ----D- C:\Users\famille\AppData\Roaming\Google O43 - CFD: 17/08/2010 - 17:35:46 - [6610] ----D- C:\Users\famille\AppData\Roaming\HomeMedia Connect O43 - CFD: 17/08/2010 - 17:35:46 - [0] ----D- C:\Users\famille\AppData\Roaming\Identities O43 - CFD: 17/08/2010 - 17:35:46 - [0] ----D- C:\Users\famille\AppData\Roaming\InstallShield O43 - CFD: 17/08/2010 - 17:35:46 - [2022703] ----D- C:\Users\famille\AppData\Roaming\Macromedia O43 - CFD: 17/08/2010 - 17:36:08 - [4558090] ----D- C:\Users\famille\AppData\Roaming\Malwarebytes O43 - CFD: 14/07/2009 - 17:35:06 - [0] ----D- C:\Users\famille\AppData\Roaming\Media Center Programs O43 - CFD: 17/08/2010 - 17:36:08 - [639907] ----D- C:\Users\famille\AppData\Roaming\Megaupload O43 - CFD: 17/08/2010 - 17:36:08 - [45097] ----D- C:\Users\famille\AppData\Roaming\Meridian93 O43 - CFD: 20/03/2011 - 19:55:38 - [5142525] -S--D- C:\Users\famille\AppData\Roaming\Microsoft O43 - CFD: 17/08/2010 - 17:36:12 - [19732935] ----D- C:\Users\famille\AppData\Roaming\Mozilla O43 - CFD: 05/04/2011 - 19:56:04 - [110592] ----D- C:\Users\famille\AppData\Roaming\NCH Software O43 - CFD: 12/04/2011 - 19:55:34 - [0] ----D- C:\Users\famille\AppData\Roaming\NCH Swift Sound O43 - CFD: 14/01/2011 - 19:01:14 - [4336232] ----D- C:\Users\famille\AppData\Roaming\OpenCandy O43 - CFD: 17/08/2010 - 17:36:12 - [2818848] ----D- C:\Users\famille\AppData\Roaming\OpenOffice.org O43 - CFD: 17/08/2010 - 17:36:12 - [354] ----D- C:\Users\famille\AppData\Roaming\PC Suite O43 - CFD: 17/08/2010 - 17:36:12 - [6605] ----D- C:\Users\famille\AppData\Roaming\Power Sound Editor Free O43 - CFD: 17/08/2010 - 17:36:14 - [6299864] ----D- C:\Users\famille\AppData\Roaming\PowerCinema O43 - CFD: 19/09/2010 - 16:49:46 - [3169139] ----D- C:\Users\famille\AppData\Roaming\Real O43 - CFD: 17/08/2010 - 17:36:14 - [0] ----D- C:\Users\famille\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 17/09/2010 - 19:10:10 - [121] ----D- C:\Users\famille\AppData\Roaming\Registry Mechanic O43 - CFD: 17/08/2010 - 17:36:14 - [3527194] ----D- C:\Users\famille\AppData\Roaming\Samsung O43 - CFD: 17/08/2010 - 17:36:16 - [17354841] ----D- C:\Users\famille\AppData\Roaming\Shareaza O43 - CFD: 17/08/2010 - 17:36:16 - [6559] ----D- C:\Users\famille\AppData\Roaming\SoftDMA O43 - CFD: 22/02/2011 - 22:41:24 - [142572] ----D- C:\Users\famille\AppData\Roaming\Stellarium O43 - CFD: 17/08/2010 - 17:36:16 - [13824] ----D- C:\Users\famille\AppData\Roaming\Template O43 - CFD: 14/01/2011 - 19:01:48 - [334234] ----D- C:\Users\famille\AppData\Roaming\Uniblue O43 - CFD: 08/08/2011 - 23:08:34 - [1756254] ----D- C:\Users\famille\AppData\Roaming\uTorrent O43 - CFD: 07/08/2011 - 21:53:58 - [2136633] ----D- C:\Users\famille\AppData\Roaming\vlc O43 - CFD: 17/08/2010 - 17:35:20 - [0] ----D- C:\Users\famille\AppData\Local\Acer Arcade Deluxe O43 - CFD: 09/10/2010 - 10:38:00 - [135791402] ----D- C:\Users\famille\AppData\Local\Adobe O43 - CFD: 05/10/2010 - 18:15:26 - [0] ----D- C:\Users\famille\AppData\Local\Apple O43 - CFD: 17/08/2010 - 17:18:36 - [0] -SH-D- C:\Users\famille\AppData\Local\Application Data O43 - CFD: 17/08/2010 - 17:35:20 - [485047] ----D- C:\Users\famille\AppData\Local\cache O43 - CFD: 05/04/2011 - 19:55:42 - [38496] ----D- C:\Users\famille\AppData\Local\Conduit O43 - CFD: 17/08/2010 - 17:35:20 - [23241603] ----D- C:\Users\famille\AppData\Local\CyberLink O43 - CFD: 06/03/2011 - 14:33:52 - [272] ----D- C:\Users\famille\AppData\Local\DDMSettings O43 - CFD: 12/07/2011 - 13:41:30 - [379109] ----D- C:\Users\famille\AppData\Local\Diagnostics O43 - CFD: 17/08/2010 - 17:35:22 - [116241582] ----D- C:\Users\famille\AppData\Local\Downloaded Installations O43 - CFD: 17/08/2010 - 17:35:22 - [182] ----D- C:\Users\famille\AppData\Local\EgisTec O43 - CFD: 17/08/2010 - 17:35:22 - [873349] ----D- C:\Users\famille\AppData\Local\FullTiltPoker.fr O43 - CFD: 06/08/2011 - 20:08:26 - [6555344] ----D- C:\Users\famille\AppData\Local\Google O43 - CFD: 17/08/2010 - 17:18:36 - [0] -SH-D- C:\Users\famille\AppData\Local\Historique O43 - CFD: 24/06/2011 - 21:19:48 - [466470163] ----D- C:\Users\famille\AppData\Local\Microsoft O43 - CFD: 17/08/2010 - 17:35:28 - [1811560] ----D- C:\Users\famille\AppData\Local\Microsoft Games O43 - CFD: 17/08/2010 - 17:35:28 - [65753157] ----D- C:\Users\famille\AppData\Local\Mozilla O43 - CFD: 17/08/2010 - 17:35:36 - [171312728] ----D- C:\Users\famille\AppData\Local\Oberon Games O43 - CFD: 14/01/2011 - 19:01:50 - [0] ----D- C:\Users\famille\AppData\Local\OpenCandy O43 - CFD: 17/08/2010 - 17:35:36 - [6949] ----D- C:\Users\famille\AppData\Local\PlayMovie O43 - CFD: 17/08/2010 - 17:35:36 - [0] ----D- C:\Users\famille\AppData\Local\Real O43 - CFD: 17/08/2010 - 17:35:36 - [9599371065] ----D- C:\Users\famille\AppData\Local\Shareaza O43 - CFD: 09/08/2011 - 17:04:42 - [461925] ----D- C:\Users\famille\AppData\Local\Temp O43 - CFD: 17/08/2010 - 17:18:36 - [0] -SH-D- C:\Users\famille\AppData\Local\Temporary Internet Files O43 - CFD: 17/08/2010 - 17:35:36 - [83882] ----D- C:\Users\famille\AppData\Local\VirtualStore O43 - CFD: 17/10/2010 - 11:54:22 - [121148212] ----D- C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint O43 - CFD: 17/08/2010 - 17:21:22 - [223662572] ----D- C:\Program Files (x86)\Acer Arcade Deluxe O43 - CFD: 17/08/2010 - 17:21:58 - [552085922] ----D- C:\Program Files (x86)\Acer GameZone O43 - CFD: 17/08/2010 - 17:21:58 - [0] ----D- C:\Program Files (x86)\Acer Incorporated O43 - CFD: 30/12/2010 - 21:50:22 - [102273495] ----D- C:\Program Files (x86)\Ad-Remover O43 - CFD: 09/10/2010 - 10:38:16 - [244881332] ----D- C:\Program Files (x86)\Adobe O43 - CFD: 05/10/2010 - 18:15:26 - [2221118] ----D- C:\Program Files (x86)\Apple Software Update O43 - CFD: 31/12/2010 - 00:22:50 - [138343587] ----D- C:\Program Files (x86)\Avira O43 - CFD: 17/08/2010 - 17:22:02 - [48186866] ----D- C:\Program Files (x86)\AVS4YOU O43 - CFD: 16/04/2011 - 18:25:20 - [0] ----D- C:\Program Files (x86)\Babylon O43 - CFD: 14/07/2011 - 23:38:56 - [897480624] ----D- C:\Program Files (x86)\Common Files O43 - CFD: 05/04/2011 - 19:55:46 - [634976] ----D- C:\Program Files (x86)\Conduit O43 - CFD: 05/04/2011 - 19:55:44 - [4468064] ----D- C:\Program Files (x86)\ConduitEngine O43 - CFD: 17/08/2010 - 17:23:22 - [795721418] ----D- C:\Program Files (x86)\CyberLink O43 - CFD: 06/06/2011 - 15:53:22 - [23619868] ----D- C:\Program Files (x86)\DivX O43 - CFD: 17/08/2010 - 17:24:40 - [170833096] ----D- C:\Program Files (x86)\Dofus O43 - CFD: 05/07/2011 - 15:17:20 - [971060062] ----D- C:\Program Files (x86)\Dofus 2 O43 - CFD: 17/08/2010 - 17:25:56 - [33770599] ----D- C:\Program Files (x86)\EgisTec O43 - CFD: 17/08/2010 - 17:26:00 - [1636481] ----D- C:\Program Files (x86)\EgisTec Egis Software Update O43 - CFD: 17/08/2010 - 17:26:00 - [23098163] ----D- C:\Program Files (x86)\eSobi O43 - CFD: 07/09/2010 - 16:17:06 - [60442330] ----D- C:\Program Files (x86)\Full Tilt Poker.Fr O43 - CFD: 01/11/2010 - 11:19:04 - [8262305] ----D- C:\Program Files (x86)\Geoplan-Geospace O43 - CFD: 01/06/2011 - 18:10:04 - [350132309] ----D- C:\Program Files (x86)\Google O43 - CFD: 17/08/2010 - 17:26:28 - [121674753] --H-D- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 17/08/2010 - 17:26:28 - [61793884] ----D- C:\Program Files (x86)\Intel O43 - CFD: 11/07/2011 - 19:02:56 - [6967044] ----D- C:\Program Files (x86)\Internet Explorer O43 - CFD: 17/08/2010 - 17:26:32 - [84] ----D- C:\Program Files (x86)\IVT Corporation O43 - CFD: 14/07/2011 - 23:36:06 - [89486643] ----D- C:\Program Files (x86)\Java O43 - CFD: 17/08/2010 - 17:26:34 - [16664352] ----D- C:\Program Files (x86)\JRE O43 - CFD: 17/10/2010 - 11:12:24 - [196608] ----D- C:\Program Files (x86)\Lexmark O43 - CFD: 17/10/2010 - 11:12:40 - [40115] ----D- C:\Program Files (x86)\Lexmark Fax Solutions O43 - CFD: 17/10/2010 - 11:14:56 - [53201585] ----D- C:\Program Files (x86)\Lexmark S600 Series O43 - CFD: 17/10/2010 - 11:12:52 - [2315014] ----D- C:\Program Files (x86)\Lexmark Toolbar O43 - CFD: 28/04/2011 - 08:57:00 - [235486208] ----D- C:\Program Files (x86)\McAfee O43 - CFD: 05/04/2011 - 17:08:52 - [9454922] ----D- C:\Program Files (x86)\McAfee Security Scan O43 - CFD: 17/08/2010 - 17:26:54 - [2219977] ----D- C:\Program Files (x86)\McAfee.com O43 - CFD: 17/08/2010 - 17:26:54 - [7366368] ----D- C:\Program Files (x86)\Megaupload O43 - CFD: 06/10/2010 - 22:28:36 - [1568171] ----D- C:\Program Files (x86)\Microsoft O43 - CFD: 17/08/2010 - 17:26:54 - [44362382] ----D- C:\Program Files (x86)\Microsoft Money O43 - CFD: 11/07/2011 - 19:00:02 - [378078823] ----D- C:\Program Files (x86)\Microsoft Office O43 - CFD: 17/08/2010 - 17:27:04 - [7791803] ----D- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant O43 - CFD: 17/06/2011 - 18:03:46 - [38411899] ----D- C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 17/08/2010 - 17:27:06 - [1829877] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 17/08/2010 - 17:27:06 - [2188837] ----D- C:\Program Files (x86)\Microsoft Sync Framework O43 - CFD: 16/12/2010 - 00:32:44 - [145421942] ----D- C:\Program Files (x86)\Microsoft Works O43 - CFD: 18/08/2010 - 09:08:16 - [8167779] ----D- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 08/08/2011 - 22:18:12 - [36377194] ----D- C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files (x86)\MSBuild O43 - CFD: 24/09/2009 - 22:50:36 - [0] ----D- C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 05/04/2011 - 19:55:50 - [494592] ----D- C:\Program Files (x86)\NCH Software O43 - CFD: 05/04/2011 - 23:23:30 - [6271704] ----D- C:\Program Files (x86)\NCH Swift Sound O43 - CFD: 05/04/2011 - 19:55:42 - [4549429] ----D- C:\Program Files (x86)\NCH_EN O43 - CFD: 17/08/2010 - 17:27:12 - [228958420] ----D- C:\Program Files (x86)\NewTech Infosystems O43 - CFD: 15/07/2011 - 22:08:00 - [0] ----D- C:\Program Files (x86)\Norton Security Scan O43 - CFD: 17/08/2010 - 17:27:40 - [385246043] ----D- C:\Program Files (x86)\OpenOffice.org 3 O43 - CFD: 17/08/2010 - 17:27:40 - [15735871] ----D- C:\Program Files (x86)\PC Connectivity Solution O43 - CFD: 22/01/2011 - 17:45:38 - [26925109] ----D- C:\Program Files (x86)\PDFCreator O43 - CFD: 17/08/2010 - 17:27:40 - [3553132] ----D- C:\Program Files (x86)\PhotoFiltre O43 - CFD: 05/10/2010 - 18:16:44 - [76337719] ----D- C:\Program Files (x86)\QuickTime O43 - CFD: 19/09/2010 - 16:48:46 - [90918888] ----D- C:\Program Files (x86)\Real O43 - CFD: 17/08/2010 - 17:27:44 - [4752521] ----D- C:\Program Files (x86)\Realtek O43 - CFD: 14/07/2009 - 07:32:40 - [39257345] ----D- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 17/08/2010 - 17:27:46 - [765947] ----D- C:\Program Files (x86)\Samsung O43 - CFD: 17/08/2010 - 17:27:48 - [34646021] ----D- C:\Program Files (x86)\Shareaza O43 - CFD: 22/02/2011 - 22:39:40 - [69982543] ----D- C:\Program Files (x86)\Stellarium O43 - CFD: 18/08/2010 - 10:13:34 - [0] --H-D- C:\Program Files (x86)\Temp O43 - CFD: 29/08/2010 - 14:06:34 - [69110644] ----D- C:\Program Files (x86)\The K-Ball O43 - CFD: 16/04/2011 - 18:24:24 - [0] ----D- C:\Program Files (x86)\ToolbarInstaller O43 - CFD: 30/12/2010 - 15:51:18 - [1192164] ----D- C:\Program Files (x86)\trend micro O43 - CFD: 14/07/2009 - 06:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information O43 - CFD: 29/12/2010 - 21:00:04 - [395128] ----D- C:\Program Files (x86)\uTorrent O43 - CFD: 29/12/2010 - 21:00:26 - [4135548] ----D- C:\Program Files (x86)\uTorrentBar_FR O43 - CFD: 29/11/2010 - 20:50:40 - [10428379] ----D- C:\Program Files (x86)\Veetle O43 - CFD: 14/01/2011 - 19:00:56 - [31593598] ----D- C:\Program Files (x86)\Veoh Networks O43 - CFD: 17/08/2010 - 17:27:52 - [383588328] ----D- C:\Program Files (x86)\Wakfu O43 - CFD: 17/08/2010 - 17:27:52 - [0] ----D- C:\Program Files (x86)\Windows Calendar O43 - CFD: 21/01/2008 - 05:09:48 - [0] ----D- C:\Program Files (x86)\Windows Collaboration O43 - CFD: 14/07/2009 - 17:24:10 - [524800] ----D- C:\Program Files (x86)\Windows Defender O43 - CFD: 17/08/2010 - 17:27:54 - [151004142] ----D- C:\Program Files (x86)\Windows Live O43 - CFD: 17/08/2010 - 17:27:54 - [245112] ----D- C:\Program Files (x86)\Windows Live SkyDrive O43 - CFD: 05/03/2011 - 00:35:02 - [6181376] ----D- C:\Program Files (x86)\Windows Mail O43 - CFD: 05/03/2011 - 00:35:02 - [5024017] ----D- C:\Program Files (x86)\Windows Media Player O43 - CFD: 14/07/2009 - 07:32:40 - [12197556] ----D- C:\Program Files (x86)\Windows NT O43 - CFD: 17/08/2010 - 17:27:54 - [0] ----D- C:\Program Files (x86)\Windows Photo Gallery O43 - CFD: 05/03/2011 - 00:35:02 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 05/03/2011 - 00:35:02 - [189952] ----D- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 05/03/2011 - 00:35:02 - [5994626] ----D- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 17/08/2010 - 17:27:54 - [196572] ----D- C:\Program Files (x86)\WinPcap O43 - CFD: 09/08/2011 - 17:06:00 - [4005267] ----D- C:\Program Files (x86)\ZHPDiag O43 - CFD: 09/10/2010 - 10:38:22 - [6339706] ----D- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 05/07/2011 - 08:55:16 - [31517343] ----D- C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 05/10/2010 - 18:15:32 - [44307712] ----D- C:\Program Files (x86)\Common Files\Apple O43 - CFD: 17/08/2010 - 17:22:06 - [47920053] ----D- C:\Program Files (x86)\Common Files\AVSMedia O43 - CFD: 17/08/2010 - 17:22:06 - [92976] ----D- C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 06/03/2011 - 14:31:30 - [29547609] ----D- C:\Program Files (x86)\Common Files\DivX Shared O43 - CFD: 17/08/2010 - 17:22:06 - [101672] ----D- C:\Program Files (x86)\Common Files\EgisTec O43 - CFD: 17/08/2010 - 17:22:06 - [5995787] ----D- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 14/07/2011 - 23:38:56 - [1258951] ----D- C:\Program Files (x86)\Common Files\Java O43 - CFD: 17/08/2010 - 17:22:08 - [10673262] ----D- C:\Program Files (x86)\Common Files\McAfee O43 - CFD: 18/06/2011 - 08:57:16 - [253488125] ----D- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 17/08/2010 - 17:22:12 - [354896] ----D- C:\Program Files (x86)\Common Files\Oberon Media O43 - CFD: 17/08/2010 - 17:22:12 - [4740928] ----D- C:\Program Files (x86)\Common Files\PX Storage Engine O43 - CFD: 19/09/2010 - 16:49:06 - [21501404] ----D- C:\Program Files (x86)\Common Files\Real O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files (x86)\Common Files\Services O43 - CFD: 14/07/2009 - 05:20:10 - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 15/07/2011 - 19:50:56 - [0] ----D- C:\Program Files (x86)\Common Files\Symantec Shared O43 - CFD: 14/07/2009 - 17:24:10 - [44257903] ----D- C:\Program Files (x86)\Common Files\System O43 - CFD: 17/08/2010 - 17:22:14 - [353923556] ----D- C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 19/09/2010 - 16:48:42 - [352256] ----D- C:\Program Files (x86)\Common Files\xing shared ~ Scan Program Folder in 00mn 48s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.76373B05F6DE525B64F776E4D84F6E63] - 09/08/2011 - 16:04:52 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [5194] O44 - LFC:[MD5.8CA167B48180BB28A707304F304D749A] - 09/08/2011 - 16:04:52 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [173086] O44 - LFC:[MD5.8AD9C5A81F68E47ACB984F7FF274FFB8] - 09/08/2011 - 16:04:52 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [207746] O44 - LFC:[MD5.9970AA853DBC19E2E6651082805443B6] - 09/08/2011 - 16:04:52 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [685970] O44 - LFC:[MD5.48B6D280054CE9C2853951F87D9F609C] - 09/08/2011 - 16:04:52 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [944572] O44 - LFC:[MD5.76373B05F6DE525B64F776E4D84F6E63] - 09/08/2011 - 16:04:52 RSHAD . (...) -- C:\Windows\system32\PerfStringBackup.INI [5194] O44 - LFC:[MD5.8CA167B48180BB28A707304F304D749A] - 09/08/2011 - 16:04:52 RSHAD . (...) -- C:\Windows\system32\perfc009.dat [173086] O44 - LFC:[MD5.8AD9C5A81F68E47ACB984F7FF274FFB8] - 09/08/2011 - 16:04:52 RSHAD . (...) -- C:\Windows\system32\perfc00C.dat [207746] O44 - LFC:[MD5.9970AA853DBC19E2E6651082805443B6] - 09/08/2011 - 16:04:52 RSHAD . (...) -- C:\Windows\system32\perfh009.dat [685970] O44 - LFC:[MD5.48B6D280054CE9C2853951F87D9F609C] - 09/08/2011 - 16:04:52 RSHAD . (...) -- C:\Windows\system32\perfh00C.dat [944572] O44 - LFC:[MD5.9703D744FC9E067A30B1907D6C4E8ADA] - 09/08/2011 - 16:01:42 ---A- . (...) -- C:\Windows\SysNative\Config.MPF [8181] O44 - LFC:[MD5.9703D744FC9E067A30B1907D6C4E8ADA] - 09/08/2011 - 16:01:42 RSHAD . (...) -- C:\Windows\system32\Config.MPF [8181] O44 - LFC:[MD5.4EC83CCCFFA255547F714EC6E4BF66CD] - 09/08/2011 - 16:00:28 ---A- . (...) -- C:\Windows\setupact.log [7248] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/08/2011 - 16:00:27 ---A- . (...) -- C:\Windows\setuperr.log [0] O44 - LFC:[MD5.4B5FA05358D722C9EE7D42317657A3AC] - 09/08/2011 - 16:00:27 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.5B7D707F94C38D5BDBF7E18D3310658B] - 08/08/2011 - 22:21:18 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1854314] O44 - LFC:[MD5.78E08E032446A25503911845CC1001C2] - 14/07/2011 - 09:15:31 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [369648] O44 - LFC:[MD5.78E08E032446A25503911845CC1001C2] - 14/07/2011 - 09:15:31 RSHAD . (...) -- C:\Windows\system32\FNTCACHE.DAT [369648] O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 11/07/2011 - 18:01:30 ---A- . (...) -- C:\Windows\SysNative\ieuinit.inf [72822] O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 11/07/2011 - 18:01:30 ---A- . (...) -- C:\Windows\system32\ieuinit.inf [72822] ~ Scan Files in 01mn 30s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys ~ Scan CSB in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ Scan Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 10/06/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088] O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536] O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864] O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440] O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 28/04/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904] O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 10/06/2009 - 02:52:20 RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128] O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 28/04/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008] O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632] O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856] O58 - SDL:[MD5.39C2E2870FC0C2AE0595B883CBE716B4] - 31/12/2010 - 08:48:06 RSHAD . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [83120] O58 - SDL:[MD5.C98FA6E5AD0E857D22716BD2B8B1F399] - 31/12/2010 - 08:48:06 RSHAD . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [116568] O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848] O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 14/07/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432] O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 14/07/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704] O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720] O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104] O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976] O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720] O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480] O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488] O58 - SDL:[MD5.50AD8FC1DC800FF36087994C8F7FDFF2] - 10/06/2009 - 21:35:02 RSHAD . (.Intel Corporation - Intel® Gigabit Network Connection NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\e1y60x64.sys [281088] O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 10/06/2009 - 02:47:48 RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496] O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016] O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 14/07/2009 - 21:31:59 RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232] O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 05/03/2011 - 14:33:35 RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720] O58 - SDL:[MD5.1D004CB1DA6323B1F55CAEF7F94B61D9] - 15/09/2009 - 02:54:36 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStor.sys [408600] O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 28/04/2011 - 07:41:26 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496] O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 13/07/2009 - 02:48:04 RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112] O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752] O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560] O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600] O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776] O58 - SDL:[MD5.E330051CCE41EB4522E5DCEBC15ADCEA] - 15/08/2010 - 14:39:28 RSHAD . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [24664] O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 10/06/2009 - 02:48:04 RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392] O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736] O58 - SDL:[MD5.4A1C21576FB7F96F4DBDEA627FFDA775] - 16/09/2009 - 09:22:40 RSHAD . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\Windows\system32\drivers\mfeavfk.sys [102472] O58 - SDL:[MD5.9E0AC52B3232FF8DC65FEE1A9C2FE8D1] - 16/09/2009 - 09:22:40 RSHAD . (.McAfee, Inc. - Host Intrusion Detection Link Driver.) -- C:\Windows\system32\drivers\mfehidk.sys [308296] O58 - SDL:[MD5.624D717B11E5004F68442B5740F17F21] - 21/10/2009 - 09:15:38 RSHAD . (.McAfee, Inc. - VSCore Code Analysis Driver.) -- C:\Windows\system32\drivers\mferkdk.sys [40904] O58 - SDL:[MD5.0CD9DE7B96735F33F078C4EA044E8B34] - 16/09/2009 - 09:22:40 RSHAD . (.McAfee, Inc. - System Monitor Filter Driver.) -- C:\Windows\system32\drivers\mfesmfk.sys [49480] O58 - SDL:[MD5.AE2E68527013EB4F761ECCC630F7F1A3] - 01/04/2009 - 11:32:26 RSHAD . (.McAfee, Inc. - McAfee Personal Firewall Plus Driver.) -- C:\Windows\system32\drivers\Mpfp.sys [176144] O58 - SDL:[MD5.FB3D139AD1AC117B99A16042C1DD02D1] - 01/04/2009 - 11:06:00 RSHAD . (.Egis Incorporated. - PSD Filter Driver.) -- C:\Windows\system32\drivers\mwlPSDFilter.sys [22064] O58 - SDL:[MD5.BF3F82A3EA6FBB6657DFE081A6BA4E2E] - 01/04/2009 - 11:06:00 RSHAD . (.Egis Incorporated. - MyWinLocker PSD Named Pipe Driver.) -- C:\Windows\system32\drivers\mwlPSDNserv.sys [20528] O58 - SDL:[MD5.DA24873DCB2891805692A03BAD1E34B4] - 01/04/2009 - 11:06:00 RSHAD . (.Egis Incorporated. - MyWinLocker PSD Virtual Disk Driver.) -- C:\Windows\system32\drivers\mwlPSDVDisk.sys [59952] O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 13/07/2009 - 02:48:26 RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264] O58 - SDL:[MD5.3CEEE0BE85D24D911B9C02714817774C] - 19/10/2009 - 21:23:14 RSHAD . (.CACE Technologies - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\system32\drivers\npf.sys [40464] O58 - SDL:[MD5.7D397449AAF52B0E7C79B64F6AD4473E] - 01/04/2009 - 10:48:32 RSHAD . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\Windows\system32\drivers\NTIDrvr.sys [16384] O58 - SDL:[MD5.AAF5559039E99D0CC22E25255F3DC06E] - 03/04/2010 - 21:55:32 RSHAD . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 197.45.) -- C:\Windows\system32\drivers\nvlddmkm.sys [13807976] O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 28/04/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352] O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 28/04/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272] O58 - SDL:[MD5.81B5E63131090879AD6EF9F32109B88D] - 20/12/2009 - 15:53:34 RSHAD . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\Windows\system32\drivers\pccsmcfdx64.sys [29184] O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 10/06/2009 - 02:45:46 RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816] O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 13/07/2009 - 02:45:45 RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592] O58 - SDL:[MD5.D8BCE8176CB1084C6F5830C019D47166] - 18/08/2010 - 10:19:02 RSHAD . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [1824672] O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 14/07/2009 - 21:37:19 RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040] O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 10/06/2009 - 02:45:45 RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584] O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 13/07/2009 - 02:45:46 RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464] O58 - SDL:[MD5.1612881760C9DF7FBB09B6CF1D3BA0DF] - 20/12/2009 - 17:02:12 RSHAD . (.MCCI Corporation - SAMSUNG USB Composite Device Driver.) -- C:\Windows\system32\drivers\sscdbus.sys [105128] O58 - SDL:[MD5.F46C5FAE7CB3C9AC981443EC4E66830A] - 20/12/2009 - 17:02:52 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscdcm.sys [11944] O58 - SDL:[MD5.F46C5FAE7CB3C9AC981443EC4E66830A] - 20/12/2009 - 17:02:52 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscdcmnt.sys [11944] O58 - SDL:[MD5.D7803A687E85189EA2B525CC22093521] - 20/12/2009 - 17:04:16 RSHAD . (.MCCI Corporation - SAMSUNG Mobile Modem Filter Driver.) -- C:\Windows\system32\drivers\sscdmdfl.sys [16040] O58 - SDL:[MD5.06DB3D5EB2444083C7F5AF7874765505] - 20/12/2009 - 17:04:44 RSHAD . (.MCCI Corporation - SAMSUNG Mobile Modem WDM.) -- C:\Windows\system32\drivers\sscdmdm.sys [142504] O58 - SDL:[MD5.74EA7FCEE2A219C200DABBA1DCEB7719] - 20/12/2009 - 17:06:00 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscdwh.sys [12456] O58 - SDL:[MD5.74EA7FCEE2A219C200DABBA1DCEB7719] - 20/12/2009 - 17:06:00 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscdwhnt.sys [12456] O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 02:45:55 RSHAD . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656] O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 20/12/2009 - 09:08:24 RSHAD . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\system32\drivers\TFsExDisk.sys [16392] O58 - SDL:[MD5.00C8CE31657624A125FDB90EFD554371] - 01/04/2009 - 10:48:16 RSHAD . (.NewTech Infosystems Corporation - NTI CDROM Filter Driver.) -- C:\Windows\system32\drivers\UBHelper.sys [16384] O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488] O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 10/06/2009 - 02:45:55 RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872] O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 20/12/2009 - 17:26:10 ---A- . (...) -- C:\Windows\SysWOW64\drivers\StarOpen.sys [5632] O58 - SDL:[MD5.7455ED832A33FEF453407F5411C3342D] - 08/08/2011 - 12:03:58 ---A- . (.Almico Software - Speed Fan x64 Driver.) -- C:\Windows\SysWOW64\speedfan.sys [25280] ~ Scan Drivers in 00mn 02s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: Ad-Remover By C_XX - (.C_XX.) [HKLM] -- Ad-Remover O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 06/12/2010 - C:\Windows\system32\DRIVERS\avgntflt.sys - No object(No service) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - 06/12/2010 - C:\Windows\system32\DRIVERS\avipbb.sys - No object(No service) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB O64 - Services: CurCS - 16/09/2009 - C:\Windows\system32\drivers\mfeavfk.sys - No object(No service) .(.McAfee, Inc. - Anti-Virus File System Filter Driver.) - LEGACY_MFEAVFK O64 - Services: CurCS - 16/09/2009 - C:\Windows\system32\drivers\mfehidk.sys - No object(No service) .(.McAfee, Inc. - Host Intrusion Detection Link Driver.) - LEGACY_MFEHIDK O64 - Services: CurCS - 16/09/2009 - C:\Windows\system32\drivers\mfesmfk.sys - No object(No service) .(.McAfee, Inc. - System Monitor Filter Driver.) - LEGACY_MFESMFK O64 - Services: CurCS - 16/07/2009 - C:\Windows\system32\Drivers\Mpfp.sys - No object(No service) .(.McAfee, Inc. - McAfee Personal Firewall Plus Driver.) - LEGACY_MPFP O64 - Services: CurCS - 27/10/2008 - C:\Windows\system32\DRIVERS\mwlPSDFilter.sys - No object(No service) .(.Egis Incorporated. - PSD Filter Driver.) - LEGACY_MWLPSDFILTER O64 - Services: CurCS - 27/10/2008 - C:\Windows\system32\DRIVERS\mwlPSDNServ.sys - No object(No service) .(.Egis Incorporated. - MyWinLocker PSD Named Pipe Driver.) - LEGACY_MWLPSDNSERV O64 - Services: CurCS - 27/10/2008 - C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys - No object(No service) .(.Egis Incorporated. - MyWinLocker PSD Virtual Disk Driver.) - LEGACY_MWLPSDVDISK O64 - Services: CurCS - 15/07/2009 - C:\Windows\system32\Drivers\TFsExDisk.sys - No object(No service) .(.Teruten Inc - File System Mini Filter Drvier.) - LEGACY_TFSEXDISK ~ Scan Services in 00mn 01s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: C:\Users\famille\AppData\Roaming\Mozilla\Firefox\Profiles\dnnw8d13.default\searchplugins\conduit.xml O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web (Babylon)) - Babylon Search O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - Google O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - Google O69 - SBI: SearchScopes [HKCU] {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} - (NCH EN Customized Web Search) - http://search.conduit.com ~ Scan Keys in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.7E7EB7AFF595774E5E500B34058CC1A7] [sPRF][08/08/2011] (...) -- C:\Users\famille\AppData\Local\Temp\sfamcc00001.dll [192512] [MD5.A4A8CE1C7696B143356208609BA1A4C9] [sPRF][18/12/2010] (...) -- C:\Users\famille\AppData\Local\Temp\sfextra.dll [55296] [MD5.BA14B83461F654F1C47BC5B213B27D20] [sPRF][09/08/2011] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\famille\Desktop\ZHPDiag2.exe [2572387] [MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][05/01/2009] (...) -- C:\Windows\Downloaded Program Files\bdcore.dll [32] [MD5.8CE7705CB43B03BB7970B04087C7758F] [sPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [29616] [MD5.01E2ECA759056F23C73A035FDABB2D6D] [sPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [201648] [MD5.61FB16B6016BCC9AA42E02F787DC87FC] [sPRF][26/01/2010] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1955384] [MD5.2B1C4C87EB20ADDBA59DCA975E28DFFB] [sPRF][05/01/2009] (...) -- C:\Windows\Downloaded Program Files\ipsupd.dll [741376] [MD5.0C135B4FEFF52ED92CF08BB3F0A75A90] [sPRF][11/09/2006] (.Macrovision Corporation - Macrovision Software Manager Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [484272] [MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][05/01/2009] (...) -- C:\Windows\Downloaded Program Files\libfn.dll [32] ~ Scan Files in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{DE74A80C-BAC6-4BB2-BBDD-930811DC1001}" | In - None - P6 - TRUE | .(.Acer Incorporated - Acer HomeMedia.) -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe O87 - FAEL: "{354BCED7-34E7-491A-ADB6-D7653C44F022}" | In - None - P6 - TRUE | .(.Acer Corp. - Acer Arcade Deluxe PlayMovie Resident Program.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe O87 - FAEL: "{AACEF52C-B38F-43BD-8E84-F6EC39E77F9B}" | In - None - P6 - TRUE | .(.Acer Corp. - Acer Arcade Deluxe PlayMovie.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe O87 - FAEL: "{BF4046A9-FD78-4E85-8632-00E664A3863C}" | In - None - P6 - TRUE | .(.Acer Incorporated - Acer Arcade Deluxe.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe O87 - FAEL: "{93B1F951-B0D8-4846-B758-E30700A5FA86}" | In - None - P6 - TRUE | .(.CyberLink - CLMSServer.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe O87 - FAEL: "{2A3B36FF-6722-46C4-A97A-5858A5CE6608}" | In - None - P6 - TRUE | .(.CyberLink - CLMSService.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSService.exe O87 - FAEL: "{EBD90117-78D9-484D-B06F-BC9FBF6D5682}" | In - None - P6 - TRUE | .(.CyberLink Corp. - Acer HomeMedia Connect.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\HomeMedia Connect.exe O87 - FAEL: "{0E9B5AD8-4B7C-4046-B6C6-6E378E944651}" | In - Public - P17 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O87 - FAEL: "{0D21AA58-9DC3-4EEA-94C8-58D2EB062942}" | In - Public - P6 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O87 - FAEL: "{BDD67F42-D121-417C-B481-8F0C399722E0}" | In - Public - P17 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O87 - FAEL: "{79BE4C26-1201-473C-BEEF-B6447653C5CA}" | In - Public - P6 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O87 - FAEL: "{669500DC-8ED1-476A-B6D8-C91DA7636EE9}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- C:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe O87 - FAEL: "{CC72602D-8E2C-44F3-9EDF-239C8C7BAC41}" | In - None - P6 - TRUE | .(.McAfee, Inc. - McAfee Network Agent.) -- C:\Program Files (x86)\Common Files\Mcafee\MNA\McNaSvc.exe O87 - FAEL: "{B2141CD5-713B-4A4E-86B4-FA2D51D5D2B1}" | In - None - P6 - TRUE | .(.Pas de propriétaire - Printer Communication System.) -- C:\Windows\system32\lxedcoms.exe O87 - FAEL: "{BDCC5242-9235-45AB-B07F-79278AAD67ED}" | In - None - P6 - TRUE | .(.Pas de propriétaire - Printer Communication System.) -- C:\Windows\system32\LXEDcoms.exe O87 - FAEL: "{F742535C-62F3-40DE-8C32-1EDC0BC03951}" | In - None - P6 - TRUE | .(.Pas de propriétaire - Printer Communication System.) -- C:\Windows\system32\LXEDcoms.exe O87 - FAEL: "{6D480602-DF91-471D-9D00-2E2160D99DEF}" | In - Private - P6 - TRUE | .(.ABBYY (BIT Software) - FineScanManager.) -- C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe O87 - FAEL: "{05D5F926-AA08-42F4-974D-F79130C6F4DC}" | In - Private - P17 - TRUE | .(.ABBYY (BIT Software) - FineScanManager.) -- C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe O87 - FAEL: "{FA8578ED-3C21-42EA-B3BE-404374B55941}" | In - Public - P6 - TRUE | .(.ABBYY (BIT Software) - FineScanManager.) -- C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe O87 - FAEL: "{2A741EAA-DB0F-495D-9D81-94BCAA6FDDA3}" | In - Public - P17 - TRUE | .(.ABBYY (BIT Software) - FineScanManager.) -- C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe O87 - FAEL: "{10B8C1F9-B58E-4BBF-85F4-BC6389497CEF}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe O87 - FAEL: "{0A413918-1EF2-48EC-915A-74DAAA00E737}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe O87 - FAEL: "{D0C76CC9-2278-4378-89AE-8731AD485A74}" | In - Public - P6 - TRUE | .(.Veoh Networks - Veoh Web Player Beta.) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe O87 - FAEL: "{B6A2400E-F182-46C2-8928-0B0DF431FBD4}" | In - Public - P17 - TRUE | .(.Veoh Networks - Veoh Web Player Beta.) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe ~ Scan Firewall in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 8606 - (08/08/2011) Clés trouvées (Keys found) : 37 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 18 Fichiers trouvés (Files found) : 1 [HKLM\Software\Classes\AppID\NCTAudioCDGrabber2.DLL] =>PUP.BearShare [HKLM\Software\Wow6432Node\Classes\AppID\NCTAudioCDGrabber2.DLL] =>PUP.BearShare [HKLM\Software\Classes\Conduit.Engine] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Classes\Conduit.Engine] =>Toolbar.Conduit [HKLM\Software\Classes\pdfforge.DllInfo] => [HKLM\Software\Wow6432Node\Classes\pdfforge.DllInfo] => [HKLM\Software\Classes\pdfforge.PDF.PDF] =>PUP.Dealio [HKLM\Software\Wow6432Node\Classes\pdfforge.PDF.PDF] =>PUP.Dealio [HKLM\Software\Classes\pdfforge.PDF.PDFEncryptor] =>PUP.Dealio [HKLM\Software\Wow6432Node\Classes\pdfforge.PDF.PDFEncryptor] =>PUP.Dealio [HKLM\Software\Classes\pdfforge.PDF.PDFLine] =>PUP.Dealio [HKLM\Software\Wow6432Node\Classes\pdfforge.PDF.PDFLine] =>PUP.Dealio [HKLM\Software\Classes\pdfforge.PDF.PDFText] =>PUP.Dealio [HKLM\Software\Wow6432Node\Classes\pdfforge.PDF.PDFText] =>PUP.Dealio [HKLM\Software\Classes\pdfforge.Tools] =>PUP.Dealio [HKLM\Software\Wow6432Node\Classes\pdfforge.Tools] =>PUP.Dealio [HKLM\Software\Classes\Toolbar.CT2801948] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\Toolbar.CT2801948] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Agent [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Adware.MyWebSearch [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit [HKLM\Software\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}] =>PUP.BearShare [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{fee1002d-90a5-4a5d-aabe-01803ffbcf7a}] =>Adware.DesktopMedia [HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AskSBar [HKCU\Software\AutocompletePro] =>Adware.PredictAd [HKCU\Software\Conduit] =>Toolbar.Conduit [HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit [HKCU\Software\AppDataLow\Software\conduitEngine] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\conduitEngine] =>Toolbar.Conduit [HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong [HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit [HKCU\Software\AppDataLow\Software\uTorrentBar_FR] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\uTorrentBar_FR] =>Toolbar.Conduit C:\Program Files\Babylon =>Toolbar.Babylon C:\Users\famille\AppData\Roaming\OpenCandy =>Adware.OpenCandy C:\Users\famille\AppData\Local\Conduit =>Toolbar.Conduit C:\Users\famille\AppData\Local\OpenCandy =>Adware.OpenCandy C:\Users\famille\AppData\LocalLow\BabylonToolbar =>Toolbar.Babylon C:\Users\famille\AppData\LocalLow\Conduit =>Toolbar.Conduit C:\Users\famille\AppData\LocalLow\ConduitEngine =>Toolbar.Conduit C:\Users\famille\AppData\LocalLow\PriceGong =>Adware.PriceGong C:\Users\famille\AppData\LocalLow\uTorrentBar_FR =>Toolbar.Conduit C:\Program Files (x86)\Babylon =>Toolbar.Babylon C:\Program Files (x86)\Conduit =>Toolbar.Conduit C:\Program Files (x86)\ConduitEngine =>Toolbar.Conduit C:\Program Files (x86)\uTorrentBar_FR =>Toolbar.Conduit C:\Users\famille\AppData\Roaming\Mozilla\Firefox\Profiles\dnnw8d13.default\Conduit =>Toolbar.Conduit C:\Users\famille\AppData\Roaming\Mozilla\Firefox\Profiles\dnnw8d13.default\ConduitEngine =>Toolbar.Conduit C:\Users\famille\AppData\Roaming\Mozilla\Firefox\Profiles\dnnw8d13.default\Extensions\engine@conduit.com =>Toolbar.Conduit C:\Users\famille\AppData\Roaming\Mozilla\Firefox\Profiles\dnnw8d13.default\SearchPlugins\conduit.xml =>Toolbar.Conduit ~ Scan Additionnel in 00mn 09s ---\\ Recherche détournement de DNS routeur (O89) Serveur : neufbox Address: 192.168.1.1 Nom : www.l.google.com Addresses: 209.85.148.104 209.85.148.147 209.85.148.105 209.85.148.103 209.85.148.99 209.85.148.106 Aliases: www.google.fr www.google.com ~ Scan DNS in 00mn 03s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 31/12/2010 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe SR - | Auto 31/12/2010 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe SR - | Auto 26/07/2009 75048 | (CLHNService) . (...) - C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe SR - | Auto 26/07/2009 58664 | (CyberLink Media Server Monitor Service) . (...) - C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSMonitorService.exe SR - | Auto 26/07/2009 288120 | (CyberLink Media Server Service) . (.CyberLink.) - C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe SS - | Auto 20/10/2009 133104 | (gupdate1ca51b324e09bc0) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 20/10/2009 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 23/09/2009 182768 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Auto 01/04/2009 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe SR - | Auto 14/04/2010 45736 | (lxedCATSCustConnectService) . (.Lexmark International, Inc..) - C:\Windows\system32\spool\DRIVERS\x64\3\lxedserv.exe SR - | Auto 17/10/2010 1052328 | (lxed_device) . (...) - C:\Windows\system32\lxedcoms.exe SR - | Auto 16/02/2011 101048 | (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe SS - | Demand 05/04/2011 227232 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe SR - | Auto 10/07/2009 865832 | (mcmscsvc) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe SR - | Auto 07/07/2009 2482848 | (McNASvc) . (.McAfee, Inc..) - C:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe SS - | Demand 16/09/2009 696848 | (McODS) . (.McAfee, Inc..) - C:\Program Files\McAfee\VirusScan\mcods.exe SR - | Auto 08/07/2009 359952 | (McProxy) . (.McAfee, Inc..) - C:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe SS - | Auto 16/09/2009 155456 | (McShield) . (.McAfee, Inc..) - C:\Program Files\McAfee\VirusScan\Mcshield.exe SR - | Demand 16/09/2009 606736 | (McSysmon) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe SR - | Auto 15/09/2009 894136 | (MpfService) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe SR - | Auto 08/07/2009 26640 | (MSK80Service) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe SR - | Auto 01/04/2009 306736 | (MWLService) . (.EgisTec Inc..) - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe SS - | Demand 01/04/2009 50424 | (NTIBackupSvc) . (.NewTech InfoSystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe SR - | Auto 01/04/2009 144632 | (NTISchedulerSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe SR - | Auto 17/08/2010 159336 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 01/04/2009 247152 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe SS - | Demand 20/12/2009 430592 | (ServiceLayer) . (.Nokia..) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ~ Scan Services in 00mn 07s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover ~ Scan MBR in 00mn 09s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by famille at 09/08/2011 17:09:03 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 11s End of the scan (1460 lines in 03mn 37s)(0)
  13. Bonsoir, Mon PC ne cesse de planter et a même du mal à redémarrer. Pouvez-vous m'aider à détecter d'éventuels virus? D'avance merci !
  14. Bonjour, Merci de votre aide et bonne continuation.
  15. Bonsoir, Personne ne peut m'aider? Ou bien est ce inutile?
×
×
  • Créer...