Écran bleu redondant et reboot

kingleroideskong · le 28 juillet 2011

Bonjour,

D'une maniere aleatoire l'écran bleu apparait et le systeme reboot.De plus j'ai un message d'antivir :infection ADWARE/agent mywebsearch K3

merci pour votre aide

Modifié le 9 août 2011 par kingleroideskong

pear · le 28 juillet 2011

Bonjour,

1)Lancez cet outil de diagnostic:

Téléchargez ZhpDiag de Coolman

Décompresser le fichier ZHPDiag.fix sur le bureau

puis double-cliquer sur le fichier ZHPDiag.exe pour installer l'outil

Sur le bureau ,il y aura 3 icônes

Sous XP, double clic sur ZhpDiag

Sous Vista/7, faire un clic droit et Exécuter en tant qu'administrateur

Clic sur la Loupe pour lancer le scan

En cas de blocage sur O80, cliquez sur le tournevis pour le décocher

Postez en le rapport ZhpDiag.txt qui apparait sur le bureau

Comment poster les rapports

Vous copiez/collez tout ou partie des rapports dans un ou plusieurs messages.

Autre solution:

Aller sur le site :Ci-Joint

Appuyez sur Parcourir et chercher les rapports sur le disque,

Ensuite appuyez sur Créer le lien CJoint,

>> dans la page suivante --> ,,

une adresse http//.. sera créée

Copier /coller cette adresse dans votre prochain message.

2)Ecran bleu et reboot

Prérequis:

Poste de travail->Propriétés->Avancé->Paramères->Démarrage et Récupération

Vérifier qu' Image partielle est sélectionnée sinon il n'y aura pas de minidump

Et que Redémarrer automatiquement soit décoché, ce qui vous permetra de lire l'écran bleu

WhoCrashed est un petit outil qui va éclairer votre lanterne en analysant le dernier plantage de votre machine, afin de vous en donner les causes.

Pour cela, il suffit de l'exécuter et de lancer l'analyse.

Proposé gratuitement, compatible avec le système d'exploitation Windows ( 2000, XP, 2003, Vista et 2008 ) et en anglais uniquement, le logiciel ne garantit pas des résultats fiables à 100 % mais vous donnera au moins un début de réponse.

Présentation et commentaires

Télécharger Whocrashed

[/color]

Installez le

Lancez le.

Une analyse apparait au bas de la fenêtre qui s'ouvre

kingleroideskong · le 1 août 2011

Rapport de ZHPDiag v1.28.09 par Nicolas Coolman, Update du 01/08/2011

Run by HP at 01/08/2011 16:33:49

Web site : ZHPDiag Outil de diagnostic

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.19088 (Defaut)

MFIE: Mozilla Firefox v

---\\ System Information

Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)

~ Processor: x86 Family 6 Model 15 Stepping 11, GenuineIntel

~ Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 3326 MB (50% free)

System Restore: Activé (Enable)

System drive C: has 42 GB (9%) free of 455 GB

---\\ Logged in mode

~ Computer Name: PC-HP

~ User Name: HP

~ All Users Names: HP, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O82

Logged in as Administrator

---\\ Environnement Variables

~ %AppData%=C:\Users\HP\AppData\Roaming\

~ %Desktop%=C:\Users\HP\Desktop\

~ %Favorites%=C:\Users\HP\Favorites\

~ %LocalAppData%=C:\Users\HP\AppData\Local\

~ %StartMenu%=C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 42 Go of 455 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 10 Go)

E:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 466 Go)

F:\ CD-ROM drive (Free 0 Go of 0 Go)

G:\ CD-ROM drive (Not Inserted)

H:\ CD-ROM drive (Free 0 Go of 6 Go)

I:\ CD-ROM drive (Free 0 Go of 5 Go)

J:\ CD-ROM drive (Free 0 Go of 8 Go)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK

~ Scan Security Center in 00mn 00s

---\\ Recherche particulière de fichiers génériques

[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.25/11/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]

[MD5.4B555106290BD117334E9A08761C035A] - (....) (.02/11/2006 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544]

[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.29/08/2008 - 08:33:37.) -- C:\Windows\system32\Wininit.exe [96768]

[MD5.DE4685DE5130039FA63DA66C0F72F787] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.17/06/2011 - 07:08:58.) -- C:\Windows\system32\wininet.dll [916480]

[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.25/11/2009 - 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]

[MD5.4F4FCB8B6EA06784FB6D475B7EC7300F] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.02/11/2006 - 10:49:36.) -- C:\Windows\system32\drivers\atapi.sys [19048]

[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.25/11/2009 - 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880]

~ Scan Generic Processes in 00mn 00s

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 1/23

~ Mes musiques (My Musics) : 3/8

~ Mes Videos (My Videos) : 1/2

~ Mes Favoris (My Favorites) : 2/126

~ Mes Documents (My Documents) : 156/1720

~ Mon Bureau (My Desktop) : 37/1591

~ Menu demarrer (Programs) : 7/37

~ Scan Hidden Files in 00mn 03s

---\\ Processus lancés

[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184]

[MD5.9A4322EE420D6FACD4D4B1FF6CB856B1] - (.Hewlett-Packard Company - hpsysdrv.) -- C:\hp\support\hpsysdrv.exe [65536]

[MD5.B1361669BDC6ED612C35B7C67ADA2240] - (.OsdMaestro - OsdMaestro main program.) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [118784]

[MD5.D3804513FC9C11A4637392B4F0F43BC5] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [182808]

[MD5.E8B180646BAE9E688D2E6D7EA8DED794] - (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [959976]

[MD5.4AB05041D5C922B9A7A5D9059F5538CD] - (.Microsoft Corporation - User session Windows Mobile device handler.) -- C:\WINDOWS\WindowsMobile\wmdSync.exe [215552]

[MD5.21293443961A4E2597453EE7A9347F22] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [54840]

[MD5.4B555106290BD117334E9A08761C035A] - (...) -- C:\WINDOWS\System32\rundll32.exe [44544]

[MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153]

[MD5.689C6EA7A17B3AE0F2A0151465EF311E] - (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\jusched.exe [132760]

[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288]

[MD5.A8E2D2429E86EE910CFF9594F8ADBEC8] - (.MyWebSearch.com - My Web Search Plugin Loader.) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE [32849]

[MD5.53D96678FB89F056D5285101481297D9] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160]

[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\WINDOWS\ehome\ehtray.exe [125952]

[MD5.46B54734D62FE2E094E2852C36CB9A61] - (.The Eraser Project - Eraser..) -- C:\Program Files\Eraser\Eraser.exe [916240]

[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376]

[MD5.A07E8935CC8DCE6DB787DC99129CA17C] - (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe [1305408]

[MD5.83170B8E03213093B065A9638E146499] - (.OpenOffice.org - OpenOffice.org 3.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe [7424000]

[MD5.873867A02F0E83F18CF871E776B651DC] - (.OpenOffice.org - OpenOffice.org 3.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin [7418368]

[MD5.7CAC10A1C258DFCB5ADE563BAE6D2F15] - (.Hewlett-Packard Company - KBD EXE.) -- C:\hp\kbd\kbd.exe [67128]

[MD5.F5D800B0529769912BBB29FFBA6B0564] - (.Avira GmbH - Guard GUI Application.) -- C:\Program Files\Avira\AntiVir Desktop\GUARDGUI.EXE [366849]

[MD5.A623666C8A8EC9A57DCA07915A3F1EC6] - (.Microsoft Corporation - Sauvegarde Microsoft® Windows.) -- C:\Windows\system32\sdclt.exe [1169408]

[MD5.ED65737D70FDEAC29F738E77D2496EE5] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638232]

[MD5.055713CD9E0C6AAC46AFBB3A5B95EF75] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [912344]

[MD5.55B35599E4B8C20904CF6BE6F50A1F8D] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856]

[MD5.D314901F9F9F1B0CB4F7C7B09AE1AF13] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [662528]

~ Scan Processes Running in 00mn 00s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\cgw2qftj.default\prefs.js

M3 - MFPP: Plugins - [HP] -- C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\cgw2qftj.default\searchplugins\mywebsearch.xml

M3 - MFPP: Plugins - [HP] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml

M3 - MFPP: Plugins - [HP] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml

M3 - MFPP: Plugins - [HP] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml

M3 - MFPP: Plugins - [HP] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml

M3 - MFPP: Plugins - [HP] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml

M3 - MFPP: Plugins - [HP] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml

M0 - MFSP: prefs.js [HP - cgw2qftj.default] www.google.fr

M2 - MFEP: prefs.js [HP - cgw2qftj.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)

M2 - MFEP: prefs.js [HP - cgw2qftj.default\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}] [greasemonkey] Greasemonkey v0.9.5 (.Aaron Boodman; http://youngpup.net/.)

P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKLM] [@mywebsearch.com/Plugin] - (.MyWebSearch.com - My Web Search Plugin Stub for 32-bit Windows.) -- C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

P2 - FPN: [HKLM] [@unity3d.com/UnityPlayer] - (.Unity Technologies ApS - Unity Player 2.1.0f5.) -- C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll

~ Scan Firefox Browser in 00mn 00s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com

R0 - HKUS\S-1-5-21-3832752303-3851976336-1984439948-1000\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Bing

R1 - HKUS\S-1-5-21-3832752303-3851976336-1984439948-1000\Software\Microsoft\Internet Explorer\Main,Search Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} . (.MyWebSearch.com - MyWebSearch Search Assistant.) (1, 2, 0, 1) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll

R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0

~ Scan IE Browser in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

~ Scan Keys in 00mn 00s

---\\ Redirection du fichier Hosts (O1)

~ Scan Hosts File in 00mn 00s

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} . (.MyWebSearch.com - MyWebSearch Search Assistant.) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL

O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} . (.MyWebSearch.com - My Web Search Bar.) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL

O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} . (.SFR - Aide à la navigation SFR.) -- C:\Program Files\Neuf\Kit\SFRNavErrorHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} Clé orpheline

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

~ Scan BHO in 00mn 00s

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (...) -- (.not file.)

O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} . (.MyWebSearch.com - My Web Search Bar.) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. - Extensions du client Bing.) -- "C:\Program Files\Microsoft\BingBar\BingExt.dll"

~ Scan Toolbar in 00mn 00s

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe

O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard Company - hpsysdrv.) -- c:\hp\support\hpsysdrv.exe

O4 - HKLM\..\Run: [KBD] . (...) -- C:\HP\KBD\KbdStub.exe

O4 - HKLM\..\Run: [OsdMaestro] . (.OsdMaestro - OsdMaestro main program.) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe

O4 - HKLM\..\Run: [iAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [sunJavaUpdateReg] . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\jureg.exe

O4 - HKLM\..\Run: [ZoneAlarm Client] . (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

O4 - HKLM\..\Run: [Windows Mobile-based device management] . (.Microsoft Corporation - User session Windows Mobile device handler.) -- C:\Windows\WindowsMobile\wmdSync.exe

O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll

O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll

O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe

O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] . (.MyWebSearch.com - MyWebSearch SearchScope Monitor.) -- C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe

O4 - HKLM\..\Run: [MyWebSearch Email Plugin] . (.MyWebSearch.com - My Web Search Plugin Loader.) -- C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe

O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe

O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe

O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [MsnMsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - HKCU\..\Run: [Eraser] . (.The Eraser Project - Eraser..) -- C:\Program Files\Eraser\Eraser.exe

O4 - HKCU\..\Run: [yquocua] c:\users\hp\appdata\local\yquocua.exe (.not file.) @MaCo

O4 - HKCU\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe

O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [MyWebSearch Email Plugin] . (.MyWebSearch.com - My Web Search Plugin Loader.) -- C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll

O4 - HKUS\S-1-5-21-3832752303-3851976336-1984439948-1000\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-21-3832752303-3851976336-1984439948-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe

O4 - HKUS\S-1-5-21-3832752303-3851976336-1984439948-1000\..\Run: [MsnMsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - HKUS\S-1-5-21-3832752303-3851976336-1984439948-1000\..\Run: [Eraser] . (.The Eraser Project - Eraser..) -- C:\Program Files\Eraser\Eraser.exe

O4 - HKUS\S-1-5-21-3832752303-3851976336-1984439948-1000\..\Run: [yquocua] c:\users\hp\appdata\local\yquocua.exe (.not file.) @MaCo

O4 - HKUS\S-1-5-21-3832752303-3851976336-1984439948-1000\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe

O4 - HKUS\S-1-5-21-3832752303-3851976336-1984439948-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-21-3832752303-3851976336-1984439948-1000\..\Run: [MyWebSearch Email Plugin] . (.MyWebSearch.com - My Web Search Plugin Loader.) -- C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe

O4 - HKUS\S-1-5-21-3832752303-3851976336-1984439948-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe

~ Scan Application in 00mn 00s

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite Deluxe.lnk . (.CyberLink.) -- C:\Program Files\CyberLink\DVD Suite Deluxe\PowerStarter.exe

O4 - Global Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe

O4 - Global Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

O4 - Global Startup: C:\Users\HP\Desktop\Les offres internet Orange.lnk . (.Macromedia, Inc..) -- C:\Program Files\online services\Orange\orange.exe

O4 - Global Startup: C:\Users\HP\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files\PhotoFiltre\PhotoFiltre.exe

O4 - Global Startup: C:\Users\HP\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - Global Startup: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Easy Burner.lnk . (.Koyote Soft.) -- C:\Program Files\Free Easy Burner\FreeEasyBurner.exe

O4 - Global Startup: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk . (.www.mipony.net.) -- C:\Program Files\MiPony\MiPony.exe

O4 - Global Startup: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

~ Scan Global Startup in 00mn 00s

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Télécharger avec Mipony - (.not file.) - file:\\C:\Program Files\MiPony\Browser\IEContext.htm

~ Scan IE Menu Contextuel in 00mn 00s

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companion

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro

~ Scan IE Extra Buttons in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll

~ Scan Winsock in 00mn 00s

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_3_0_3_0.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-fr.cab

~ Scan Objets ActiveX in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{26BEB54A-564A-4B8F-A75A-876F2109955D}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{B74E9FDF-6760-40E1-BF1E-E7E09EE204C5}: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\..\{B74E9FDF-6760-40E1-BF1E-E7E09EE204C5}: DhcpDomain = darty

O17 - HKLM\System\CS1\Services\Tcpip\..\{26BEB54A-564A-4B8F-A75A-876F2109955D}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{B74E9FDF-6760-40E1-BF1E-E7E09EE204C5}: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CS1\Services\Tcpip\..\{B74E9FDF-6760-40E1-BF1E-E7E09EE204C5}: DhcpDomain = darty

O17 - HKLM\System\CS2\Services\Tcpip\..\{26BEB54A-564A-4B8F-A75A-876F2109955D}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{B74E9FDF-6760-40E1-BF1E-E7E09EE204C5}: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CS2\Services\Tcpip\..\{B74E9FDF-6760-40E1-BF1E-E7E09EE204C5}: DhcpDomain = darty

~ Scan Domain in 00mn 00s

---\\ Protocole additionnel (O18)

O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll

O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll

O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll

O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll

O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll

O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll

O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll

O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll

O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll

O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll

O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

~ Scan Protocole Additionnel in 00mn 00s

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll

~ Scan SSODL in 00mn 00s

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll

~ Scan STS/SSO in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Crypkey License (Crypkey License) . (.CrypKey (Canada) Ltd. - CrypKey NT Service.) - C:\Windows\System32\crypserv.exe

O23 - Service: CopySafe Helper Service (CSHelper) . (...) - C:\Windows\system32\CSHelper.exe

O23 - Service: Google Update Service (gupdate1c9b9b495cdbcb0) (gupdate1c9b9b495cdbcb0) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: HP Chasis Button Service (HPBtnSrv) . (...) - c:\hp\HPEZBTN\HPBtnSrv.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - c:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: My Web Search Service (MyWebSearchService) . (.MyWebSearch.com - My Web Search Bar.) - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 182.5.) - C:\Windows\system32\nvvsvc.exe

O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe

O23 - Service: TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\WINDOWS\System32\ZoneLabs\vsmon.exe

O23 - Service: {22D78859-9CE9-4B77-BF18-AC83E81A9263} ({22D78859-9CE9-4B77-BF18-AC83E81A9263}) . (.Cyberlink Corp. - FCL Driver.) - C:\Program Files\HP\DVDPlay\000.fcl

~ Scan Services in 00mn 00s

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe

[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe

[MD5.689C6EA7A17B3AE0F2A0151465EF311E] [APT] [JavaUpdateAdministrator] (.Sun Microsystems, Inc..) -- C:\Windows\system32\jusched.exe

[MD5.689C6EA7A17B3AE0F2A0151465EF311E] [APT] [JavaUpdateHP] (.Sun Microsystems, Inc..) -- C:\Windows\system32\jusched.exe

[MD5.56D30F21871239F143A0476F8BA0ED66] [APT] [Registration] (...) -- C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe

[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe

[MD5.61D3771702DE72053FEE2A98F213A030] [APT] [scheduled Maintanence] (.PC-Doctor, Inc..) -- C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe

~ Scan Scheduled Task in 00mn 02s

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys

O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\System32\DRIVERS\avipbb.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: (dtsoftbus01) . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\System32\DRIVERS\dtsoftbus01.sys

O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys

O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys

O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys

O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: (NetworkX) . (...) - C:\Windows\system32\ckldrv.sys

O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys

O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys

O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys

O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (Vsdatant) . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - C:\Windows\System32\DRIVERS\vsdatant.sys

O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

~ Scan Drivers in 00mn 00s

---\\ Logiciels installés (O42)

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR

O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7}

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Alexander - (.Pas de propriétaire.) [HKLM] -- Alexander

O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver

O42 - Logiciel: ArtistScope Plugin IE - (.ArtistScope.) [HKLM] -- ArtistScope Plugin IE4.2.0.3

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: Cheval Académie - (.Nobilis.) [HKLM] -- {4AEEC5FF-0A75-4858-9B86-5144E0744AFD}

O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}

O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite

O42 - Logiciel: DVD Play HD DVD - (.Hewlett-Packard.) [HKLM] -- {45D707E9-F3C4-11D9-A373-0050BAE317E1}

O42 - Logiciel: Dofus - (.UNKNOWN.) [HKLM] -- Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O42 - Logiciel: Eraser - (.Heidi Computers Ltd..) [HKLM] -- Eraser

O42 - Logiciel: Eraser - (.Heidi Computers Ltd..) [HKLM] -- {F850707C-B6A0-4B56-8709-F89CF8F9AC6D}

O42 - Logiciel: Fallout New Vegas version 1.2 - (.Ozer1.) [HKLM] -- {D89C9418-F38F-4F31-8FC4-D658ADB3D963}_is1

O42 - Logiciel: Fallout New Vegas version 1.3.0.452 - (.Ozer1.) [HKLM] -- {6BB06A04-06C2-4C11-B099-F1702DEE72C0}_is1

O42 - Logiciel: Favorit (yquocua) - (.Pas de propriétaire.) [HKLM] -- yquocua

O42 - Logiciel: Free Easy Burner V 3.8 - (.Koyote soft.) [HKLM] -- Free Easy Burner_is1

O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {AFAD41A9-9687-48A3-848F-693C11451433}

O42 - Logiciel: HP Easy Setup - Frontend - (.Hewlett-Packard.) [HKLM] -- {9885A11E-60E4-417C-B58B-8B31B21C0B8A}

O42 - Logiciel: HP On-Screen Cap/Num/Scroll Lock Indicator - (.Hewlett-Packard.) [HKLM] -- OsdMaestro

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}

O42 - Logiciel: LG USB Modem Driver - (.LG Electronics.) [HKLM] -- {C3ABE126-2BB2-4246-BFE1-6797679B3579}

O42 - Logiciel: Launcher_PDC-staging - (.Launcher_PDC-staging.) [HKCU] -- 259783c65951166e

O42 - Logiciel: Les Sims Medieval - (.Electronic Arts.) [HKLM] -- {83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}

O42 - Logiciel: Les Sims™ 3 - (.Electronic Arts.) [HKLM] -- {C05D8CDB-417D-4335-A38C-A0659EDFD6B8}

O42 - Logiciel: MappySynchro v2.1 - (.Mappy SA.) [HKLM] -- MappySynchro_is1

O42 - Logiciel: MiPony 1.3.0 - (.Pas de propriétaire.) [HKLM] -- MiPony

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended

O42 - Logiciel: Microsoft Age of Empires II - (.Pas de propriétaire.) [HKLM] -- Age of Empires 2.0

O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack

O42 - Logiciel: Mozilla Firefox (3.6.18) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.18)

O42 - Logiciel: My Web Search (Webfetti) - (.My Web Search.) [HKLM] -- MyWebSearch bar Uninstall

O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers

O42 - Logiciel: On2 VP3 Video for Windows Codec - (.Pas de propriétaire.) [HKLM] -- {CF59708F-60F4-11D5-866A-00A0D2183227}

O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM] -- Origin

O42 - Logiciel: Outils de diagnostic du matériel - (.PC-Doctor, Inc..) [HKLM] -- PC-Doctor 5 for Windows

O42 - Logiciel: PC Inspector smart recovery - (.Pas de propriétaire.) [HKLM] -- {C9A87D86-FDFD-418B-BF96-EF09320973B3}

O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}

O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] -- PhotoFiltre

O42 - Logiciel: Project S - (.Microsoft Games Studios.) [HKLM] -- GFWL_{4D530942-9B89-4186-98B7-F51000000100}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {DC24971E-1946-445D-8A82-CE685433FA7D}

O42 - Logiciel: Reg (DOFUS Audio Subsystem) - (.UNKNOWN.) [HKLM] -- Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O42 - Logiciel: SFR - Kit de connexion - (.SFR.) [HKLM] -- SFR_Kit

O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2416472) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2416472

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870

O42 - Logiciel: Solution de clavier multimédia amélioré - (.Hewlett-Packard.) [HKLM] -- KBD

O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKLM] -- UnityWebPlayer

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2473228) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2473228

O42 - Logiciel: VLC media player 1.0.5 - (.VideoLAN Team.) [HKLM] -- VLC media player

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite

O42 - Logiciel: ZoneAlarm - (.Check Point, Inc.) [HKLM] -- ZoneAlarm

---\\ HKCU & HKLM Software Keys

[HKCU\Software\AC3Filter]

[HKCU\Software\AOL]

[HKCU\Software\AVS4YOU]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Software\Fun Web Products]

[HKCU\Software\AppDataLow\Software\FunWebProducts]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\MyWebSearch]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Apple Inc.]

[HKCU\Software\Applian]

[HKCU\Software\Avira]

[HKCU\Software\Big Fish Games]

[HKCU\Software\BigFish]

[HKCU\Software\CDDB]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\CyberLink]

[HKCU\Software\DT Soft]

[HKCU\Software\DivXNetworks]

[HKCU\Software\Electronic Arts]

[HKCU\Software\FIRAXIS]

[HKCU\Software\FunWebProducts]

[HKCU\Software\GNU]

[HKCU\Software\GSC Game World]

[HKCU\Software\GSCGameWorld]

[HKCU\Software\Gabest]

[HKCU\Software\Google]

[HKCU\Software\HP Guide]

[HKCU\Software\Heidi Computers Ltd]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\HookNetwork]

[HKCU\Software\Hot-TV]

[HKCU\Software\IM Providers]

[HKCU\Software\Intel]

[HKCU\Software\JavaSoft]

[HKCU\Software\LightScribe]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\LowRegistry]

[HKCU\Software\Macromedia]

[HKCU\Software\MainConcept]

[HKCU\Software\Mozilla]

[HKCU\Software\MyWebSearch]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\Netscape]

[HKCU\Software\Nico Mak Computing]

[HKCU\Software\Novell]

[HKCU\Software\ODBC]

[HKCU\Software\OpenOffice.org]

[HKCU\Software\Orange]

[HKCU\Software\PDFCreator]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\PopCap]

[HKCU\Software\Realtek]

[HKCU\Software\ReplayConverter]

[HKCU\Software\Screamer Radio]

[HKCU\Software\Softthinks]

[HKCU\Software\Steganos]

[HKCU\Software\Symantec]

[HKCU\Software\Unity]

[HKCU\Software\Virtools]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\WinZip Computing]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\Zone Labs]

[HKCU\Software\cybelsoft]

[HKCU\Software\ej-technologies]

[HKCU\Software\ere94fe5o32]

[HKCU\Software\fcn]

[HKCU\Software\keyhole.com]

[HKLM\Software\ACE Compression Software]

[HKLM\Software\ACLEngine]

[HKLM\Software\AVS4YOU]

[HKLM\Software\Adobe]

[HKLM\Software\Amazing Studio]

[HKLM\Software\America Online]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\Art Dept]

[HKLM\Software\AviSynth]

[HKLM\Software\Avira]

[HKLM\Software\Bethesda Softworks]

[HKLM\Software\Big Fish Games]

[HKLM\Software\BrowserChoice]

[HKLM\Software\C07ft5Y]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Conduit]

[HKLM\Software\Convar Deutschland GmbH]

[HKLM\Software\CyberLink]

[HKLM\Software\DT Soft]

[HKLM\Software\Debug]

[HKLM\Software\Dofus 2]

[HKLM\Software\Electronic Arts]

[HKLM\Software\Even Balance]

[HKLM\Software\FocusInteractive]

[HKLM\Software\Fun Web Products]

[HKLM\Software\GEAR Software]

[HKLM\Software\GNU]

[HKLM\Software\Google]

[HKLM\Software\HP]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\Hot-TV]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\LG Electronics]

[HKLM\Software\Licenses]

[HKLM\Software\LightScribe]

[HKLM\Software\Macromedia]

[HKLM\Software\MimarSinan]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\MyWebSearch]

[HKLM\Software\NOS]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\Neuf]

[HKLM\Software\Nico Mak Computing]

[HKLM\Software\Nobilis]

[HKLM\Software\Novell]

[HKLM\Software\ODBC]

[HKLM\Software\On2 Technologies]

[HKLM\Software\OpenOffice.org]

[HKLM\Software\PC-Doctor]

[HKLM\Software\Policies]

[HKLM\Software\PopCap]

[HKLM\Software\QATestSystem]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\ReplayConverter]

[HKLM\Software\SRS Labs]

[HKLM\Software\Sims]

[HKLM\Software\Sonic]

[HKLM\Software\Stellar information Systems ltd.]

[HKLM\Software\Sun Microsystems]

[HKLM\Software\SymNRT]

[HKLM\Software\Symantec]

[HKLM\Software\Unity]

[HKLM\Software\VideoLAN]

[HKLM\Software\Wilson WindowWare]

[HKLM\Software\WinRAR]

[HKLM\Software\Windows]

[HKLM\Software\Wow6432Node]

[HKLM\Software\X-AVCSD]

[HKLM\Software\Zone Labs]

[HKLM\Software\cybelsoft]

[HKLM\Software\ej-technologies]

[HKLM\Software\mozilla.org]

[HKLM\Software\muvee Technologies]

~ Scan Softwares in 00mn 00s

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 31/12/2008 - 12:01:48 - [0] ----D- C:\Program Files\7-Zip

O43 - CFD: 17/08/2010 - 17:16:04 - [241849631] ----D- C:\Program Files\Adobe

O43 - CFD: 05/05/2009 - 12:03:58 - [0] ----D- C:\Program Files\Apowersoft

O43 - CFD: 12/07/2011 - 13:46:16 - [2307582] ----D- C:\Program Files\Apple Software Update

O43 - CFD: 01/01/2010 - 12:40:18 - [129570468] ----D- C:\Program Files\Avira

O43 - CFD: 03/03/2009 - 18:57:40 - [3005440] ----D- C:\Program Files\AVS4YOU

O43 - CFD: 12/07/2011 - 13:44:10 - [604083] ----D- C:\Program Files\Bonjour

O43 - CFD: 08/01/2009 - 14:10:38 - [2948760] ----D- C:\Program Files\CCleaner

O43 - CFD: 12/07/2011 - 13:43:48 - [989096132] ----D- C:\Program Files\Common Files

O43 - CFD: 28/09/2008 - 11:54:44 - [1232740] ----D- C:\Program Files\Convar

O43 - CFD: 29/07/2008 - 20:10:42 - [41945386] ----D- C:\Program Files\CyberLink

O43 - CFD: 24/03/2011 - 20:07:06 - [17268545] ----D- C:\Program Files\DAEMON Tools Lite

O43 - CFD: 02/04/2010 - 17:23:44 - [985592452] ----D- C:\Program Files\Dofus 2

O43 - CFD: 25/05/2011 - 22:58:46 - [3583024] ----D- C:\Program Files\EA Games

O43 - CFD: 06/08/2007 - 18:20:22 - [51506213] ----D- C:\Program Files\EasyBits

O43 - CFD: 07/06/2011 - 13:57:40 - [18809371906] ----D- C:\Program Files\Electronic Arts

O43 - CFD: 28/09/2008 - 10:22:58 - [3813137] ----D- C:\Program Files\Eraser

O43 - CFD: 03/06/2011 - 13:49:28 - [7281076350] ----D- C:\Program Files\Fallout New Vegas

O43 - CFD: 19/06/2008 - 15:55:04 - [0] -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 08/02/2011 - 18:46:42 - [7315312] ----D- C:\Program Files\Free Easy Burner

O43 - CFD: 08/12/2010 - 09:43:46 - [0] ----D- C:\Program Files\FunWebProducts

O43 - CFD: 26/07/2011 - 16:21:42 - [91558891] ----D- C:\Program Files\Google

O43 - CFD: 07/05/2008 - 13:27:38 - [140756954] ----D- C:\Program Files\Hewlett-Packard

O43 - CFD: 05/05/2009 - 09:51:56 - [124938592] ----D- C:\Program Files\HP

O43 - CFD: 22/07/2008 - 20:37:06 - [0] ----D- C:\Program Files\HP Games

O43 - CFD: 26/05/2010 - 17:56:18 - [39810824] ----D- C:\Program Files\Infogrames

O43 - CFD: 14/06/2011 - 13:09:08 - [52210808] --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 26/08/2008 - 10:07:36 - [51694624] ----D- C:\Program Files\Intel

O43 - CFD: 18/06/2011 - 03:20:54 - [8466387] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 12/07/2011 - 14:18:50 - [1856627] ----D- C:\Program Files\iPod

O43 - CFD: 12/07/2011 - 14:19:44 - [128332719] ----D- C:\Program Files\iTunes

O43 - CFD: 17/04/2010 - 09:23:02 - [219405556] ----D- C:\Program Files\Java

O43 - CFD: 21/11/2009 - 16:59:16 - [16664352] ----D- C:\Program Files\JRE

O43 - CFD: 18/11/2009 - 15:14:12 - [1291790] ----D- C:\Program Files\LG Electronics

O43 - CFD: 26/06/2011 - 17:22:26 - [197348] ----D- C:\Program Files\log

O43 - CFD: 25/08/2008 - 12:35:02 - [3360402] ----D- C:\Program Files\ma-config.com

O43 - CFD: 17/03/2011 - 04:01:20 - [25230924] ----D- C:\Program Files\Microsoft

O43 - CFD: 02/09/2008 - 19:54:58 - [173218] ----D- C:\Program Files\Microsoft FrontPage

O43 - CFD: 03/07/2011 - 22:56:30 - [2746322237] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 08/05/2011 - 02:07:44 - [9362570] ----D- C:\Program Files\Microsoft Games for Windows - LIVE

O43 - CFD: 02/09/2008 - 19:54:04 - [162308272] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 18/06/2011 - 03:23:40 - [38411899] ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD: 24/11/2009 - 11:11:44 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD: 02/09/2008 - 19:55:22 - [5897045] ----D- C:\Program Files\Microsoft Visual Studio

O43 - CFD: 16/12/2010 - 09:26:28 - [144677302] ----D- C:\Program Files\Microsoft Works

O43 - CFD: 28/07/2009 - 14:00:48 - [979309] ----D- C:\Program Files\Microsoft WSE

O43 - CFD: 27/10/2010 - 03:01:24 - [23935] ----D- C:\Program Files\Microsoft.NET

O43 - CFD: 01/06/2011 - 15:44:34 - [8160519] ----D- C:\Program Files\MiPony

O43 - CFD: 17/08/2010 - 18:02:42 - [99342446] ----D- C:\Program Files\Movie Maker

O43 - CFD: 30/06/2011 - 23:38:30 - [650831699] ----D- C:\Program Files\Mozilla Firefox

O43 - CFD: 02/11/2006 - 14:37:36 - [25757] ----D- C:\Program Files\MSBuild

O43 - CFD: 19/06/2008 - 16:33:16 - [0] ----D- C:\Program Files\MSXML 4.0

O43 - CFD: 06/12/2010 - 15:06:48 - [6417646] ----D- C:\Program Files\MyWebSearch

O43 - CFD: 25/08/2008 - 09:26:08 - [14873034] ----D- C:\Program Files\Neuf

O43 - CFD: 05/02/2010 - 15:33:16 - [535970853] ----D- C:\Program Files\Nobilis

O43 - CFD: 07/02/2010 - 14:04:14 - [416912] ----D- C:\Program Files\NOS

O43 - CFD: 05/02/2010 - 15:35:38 - [4740] ----D- C:\Program Files\On2 Technologies

O43 - CFD: 30/07/2009 - 12:49:38 - [5991601] ----D- C:\Program Files\online services

O43 - CFD: 21/11/2009 - 16:59:16 - [385258936] ----D- C:\Program Files\OpenOffice.org 3

O43 - CFD: 22/07/2011 - 13:54:42 - [31012389] ----D- C:\Program Files\Origin

O43 - CFD: 26/06/2011 - 17:35:38 - [1519572104] ----D- C:\Program Files\patches

O43 - CFD: 29/07/2008 - 20:15:58 - [138406007] ----D- C:\Program Files\PC-Doctor 5 for Windows

O43 - CFD: 26/06/2011 - 17:44:32 - [1800511881] ----D- C:\Program Files\PDC-staging

O43 - CFD: 03/03/2009 - 13:50:30 - [20406169] ----D- C:\Program Files\PDFCreator

O43 - CFD: 05/05/2009 - 12:59:28 - [3553244] ----D- C:\Program Files\PhotoFiltre

O43 - CFD: 12/07/2011 - 14:16:14 - [76322555] ----D- C:\Program Files\QuickTime

O43 - CFD: 26/08/2008 - 10:00:04 - [23573051] ----D- C:\Program Files\Realtek

O43 - CFD: 02/11/2006 - 14:37:36 - [38694657] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 21/10/2008 - 19:40:32 - [1338628] ----D- C:\Program Files\Screamer Radio

O43 - CFD: 07/05/2008 - 13:31:16 - [6690937] ----D- C:\Program Files\Services en ligne

O43 - CFD: 28/09/2008 - 11:41:54 - [0] ----D- C:\Program Files\Steganos Safe 7

O43 - CFD: 01/10/2008 - 19:27:46 - [965] ----D- C:\Program Files\Stellar Phoenix NTFS Data Recovery

O43 - CFD: 27/07/2008 - 16:25:26 - [56576] ----D- C:\Program Files\SysShield Tools

O43 - CFD: 19/01/2010 - 14:39:12 - [1323559023] ----D- C:\Program Files\Ubisoft

O43 - CFD: 02/11/2006 - 15:01:56 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 19/11/2008 - 18:35:58 - [11916997] ----D- C:\Program Files\Unity

O43 - CFD: 22/07/2008 - 20:26:00 - [79116684] ----D- C:\Program Files\VideoLAN

O43 - CFD: 17/04/2010 - 20:13:16 - [1016832] ----D- C:\Program Files\Windows Calendar

O43 - CFD: 17/04/2010 - 20:13:14 - [2737152] ----D- C:\Program Files\Windows Collaboration

O43 - CFD: 17/04/2010 - 20:13:06 - [4490624] ----D- C:\Program Files\Windows Defender

O43 - CFD: 17/04/2010 - 20:13:14 - [7084664] ----D- C:\Program Files\Windows Journal

O43 - CFD: 11/07/2011 - 17:21:32 - [192182315] ----D- C:\Program Files\Windows Live

O43 - CFD: 18/06/2011 - 03:02:22 - [9116344] ----D- C:\Program Files\Windows Mail

O43 - CFD: 17/10/2010 - 13:48:26 - [4498121] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 29/07/2008 - 20:15:12 - [7957544] ----D- C:\Program Files\Windows NT

O43 - CFD: 17/04/2010 - 20:13:12 - [13528738] ----D- C:\Program Files\Windows Photo Gallery

O43 - CFD: 19/04/2010 - 07:21:04 - [134144] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 17/04/2010 - 20:13:14 - [6527558] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 30/12/2008 - 15:18:40 - [3525705] ----D- C:\Program Files\WinRAR

O43 - CFD: 26/08/2008 - 10:11:24 - [11784954] ----D- C:\Program Files\WinZip

O43 - CFD: 21/09/2008 - 19:08:58 - [6685508] ----D- C:\Program Files\XBox 360 Controller for Windows Software

O43 - CFD: 01/08/2011 - 16:34:00 - [3997744] ----D- C:\Program Files\ZHPDiag

O43 - CFD: 25/08/2008 - 12:17:48 - [11079310] ----D- C:\Program Files\Zone Labs

O43 - CFD: 07/02/2010 - 14:08:22 - [6281214] ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 12/02/2011 - 15:44:46 - [30826314] ----D- C:\Program Files\Common Files\Adobe AIR

O43 - CFD: 12/07/2011 - 14:18:48 - [92090316] ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 03/03/2009 - 18:57:40 - [0] ----D- C:\Program Files\Common Files\AVSMedia

O43 - CFD: 02/09/2008 - 19:55:20 - [86016] ----D- C:\Program Files\Common Files\Designer

O43 - CFD: 07/05/2008 - 13:35:42 - [14808299] ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD: 17/04/2010 - 09:23:16 - [35136357] ----D- C:\Program Files\Common Files\Java

O43 - CFD: 29/07/2008 - 20:15:48 - [28172849] ---AD- C:\Program Files\Common Files\LightScribe

O43 - CFD: 07/05/2008 - 13:21:12 - [56415] ---AD- C:\Program Files\Common Files\LS Getting Started

O43 - CFD: 11/07/2011 - 17:15:46 - [303448790] ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 29/07/2008 - 20:15:12 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 25/08/2008 - 12:02:28 - [4523070] ----D- C:\Program Files\Common Files\Symantec Shared

O43 - CFD: 17/04/2010 - 20:13:12 - [19208000] ----D- C:\Program Files\Common Files\System

O43 - CFD: 13/03/2009 - 18:50:44 - [390194032] ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD: 26/08/2008 - 10:28:58 - [19098327] -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller

O43 - CFD: 30/07/2009 - 12:49:14 - [4061696] ----D- C:\Program Files\Common Files\Wise Installation Wizard

O43 - CFD: 02/04/2010 - 17:23:34 - [78970619] ----D- C:\ProgramData\Adobe

O43 - CFD: 03/03/2009 - 17:43:28 - [0] ----D- C:\ProgramData\Apowersoft

O43 - CFD: 18/02/2009 - 00:12:12 - [45056000] ----D- C:\ProgramData\Apple

O43 - CFD: 12/07/2011 - 14:18:48 - [66637608] ----D- C:\ProgramData\Apple Computer

O43 - CFD: 19/06/2008 - 15:55:04 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 01/01/2010 - 12:40:18 - [1149079655] ----D- C:\ProgramData\Avira

O43 - CFD: 03/03/2009 - 18:47:10 - [0] ----D- C:\ProgramData\AVS4YOU

O43 - CFD: 28/01/2011 - 17:33:20 - [32326214] ----D- C:\ProgramData\Big Fish Games

O43 - CFD: 19/06/2008 - 15:55:04 - [0] -SH-D- C:\ProgramData\Bureau

O43 - CFD: 25/08/2008 - 12:17:48 - [4212] ----D- C:\ProgramData\CheckPoint

O43 - CFD: 23/04/2010 - 21:12:30 - [6067] ----D- C:\ProgramData\CyberLink

O43 - CFD: 24/03/2011 - 20:06:44 - [1332] ----D- C:\ProgramData\DAEMON Tools Lite

O43 - CFD: 19/06/2008 - 15:55:04 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 24/03/2011 - 21:00:08 - [0] ----D- C:\ProgramData\EA Core

O43 - CFD: 22/07/2011 - 13:54:36 - [49921] ----D- C:\ProgramData\Electronic Arts

O43 - CFD: 19/06/2008 - 15:55:04 - [0] -SH-D- C:\ProgramData\Favoris

O43 - CFD: 19/06/2008 - 16:07:00 - [327360] ----D- C:\ProgramData\Hewlett-Packard

O43 - CFD: 28/07/2009 - 01:35:06 - [6001076] ----D- C:\ProgramData\HP

O43 - CFD: 24/11/2009 - 10:24:14 - [276096] ----D- C:\ProgramData\LGMOBILEAX

O43 - CFD: 22/07/2008 - 20:03:02 - [390] ----D- C:\ProgramData\LightScribe

O43 - CFD: 25/08/2008 - 12:35:00 - [900892] ----D- C:\ProgramData\ma-config.com

O43 - CFD: 19/06/2008 - 15:55:04 - [0] -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 08/07/2011 - 22:52:46 - [228602563] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 06/06/2011 - 12:01:50 - [0] ----D- C:\ProgramData\Microsoft Games

O43 - CFD: 19/06/2008 - 15:55:04 - [0] -SH-D- C:\ProgramData\Modèles

O43 - CFD: 07/05/2008 - 13:21:32 - [0] ----D- C:\ProgramData\muvee Technologies

O43 - CFD: 07/02/2010 - 14:17:48 - [319734] ----D- C:\ProgramData\NOS

O43 - CFD: 20/07/2009 - 10:46:20 - [0] ----D- C:\ProgramData\NVIDIA

O43 - CFD: 07/05/2008 - 13:26:16 - [1235] ----D- C:\ProgramData\PC-Doctor

O43 - CFD: 06/06/2011 - 12:02:28 - [98] ----D- C:\ProgramData\PopCap Games

O43 - CFD: 17/04/2010 - 09:23:16 - [119] ----D- C:\ProgramData\Sun

O43 - CFD: 28/01/2011 - 18:33:20 - [0] ---AD- C:\ProgramData\TEMP

O43 - CFD: 03/03/2009 - 18:34:54 - [0] ----D- C:\ProgramData\Video Converter Studio

O43 - CFD: 29/07/2008 - 20:15:58 - [11296134] ----D- C:\ProgramData\WildTangent

O43 - CFD: 02/09/2008 - 03:14:52 - [0] ----D- C:\ProgramData\WindowsSearch

O43 - CFD: 26/08/2008 - 10:11:56 - [28] ----D- C:\ProgramData\WinZip

O43 - CFD: 26/08/2008 - 10:27:44 - [578002] ----D- C:\ProgramData\WLInstaller

O43 - CFD: 12/07/2011 - 14:19:44 - [544327] ----D- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

O43 - CFD: 22/04/2009 - 12:03:18 - [4226] ----D- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

O43 - CFD: 28/09/2008 - 10:22:58 - [5902405] --H-D- C:\ProgramData\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}

O43 - CFD: 13/04/2011 - 16:45:58 - [60389995] ----D- C:\Users\HP\AppData\Roaming\.minecraft

O43 - CFD: 02/04/2010 - 17:23:34 - [20529149] ----D- C:\Users\HP\AppData\Roaming\Adobe

O43 - CFD: 05/02/2010 - 15:46:32 - [0] ----D- C:\Users\HP\AppData\Roaming\AdobeUM

O43 - CFD: 02/04/2010 - 19:17:34 - [4504] ----D- C:\Users\HP\AppData\Roaming\app

O43 - CFD: 12/07/2011 - 14:20:30 - [427105] ----D- C:\Users\HP\AppData\Roaming\Apple Computer

O43 - CFD: 03/03/2009 - 18:47:12 - [0] ----D- C:\Users\HP\AppData\Roaming\AVS4YOU

O43 - CFD: 06/06/2011 - 11:35:20 - [0] ----D- C:\Users\HP\AppData\Roaming\Command & Conquer 3 - La Fureur de Kane

O43 - CFD: 07/06/2011 - 14:16:36 - [4925609] ----D- C:\Users\HP\AppData\Roaming\Command & Conquer 3 Les guerres du Tiberium

O43 - CFD: 28/07/2009 - 01:35:06 - [116638] ----D- C:\Users\HP\AppData\Roaming\CyberLink

O43 - CFD: 24/03/2011 - 20:29:26 - [3480] ----D- C:\Users\HP\AppData\Roaming\DAEMON Tools Lite

O43 - CFD: 22/07/2011 - 03:41:46 - [35582760] ----D- C:\Users\HP\AppData\Roaming\Dofus 2

O43 - CFD: 03/04/2010 - 18:31:16 - [30] ----D- C:\Users\HP\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 04/04/2010 - 16:26:00 - [30] ----D- C:\Users\HP\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 08/04/2010 - 19:08:14 - [30] ----D- C:\Users\HP\AppData\Roaming\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 02/04/2010 - 19:17:28 - [30] ----D- C:\Users\HP\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 24/07/2011 - 17:41:00 - [567] ----D- C:\Users\HP\AppData\Roaming\dvdcss

O43 - CFD: 30/10/2008 - 10:34:10 - [44040] ----D- C:\Users\HP\AppData\Roaming\Google

O43 - CFD: 19/06/2008 - 16:06:50 - [303168] ----D- C:\Users\HP\AppData\Roaming\Hewlett-Packard

O43 - CFD: 19/06/2008 - 16:06:12 - [0] ----D- C:\Users\HP\AppData\Roaming\Identities

O43 - CFD: 26/08/2008 - 10:05:28 - [0] ----D- C:\Users\HP\AppData\Roaming\InstallShield

O43 - CFD: 19/06/2008 - 16:05:54 - [1975996] ----D- C:\Users\HP\AppData\Roaming\Macromedia

O43 - CFD: 02/11/2006 - 14:37:36 - [0] ----D- C:\Users\HP\AppData\Roaming\Media Center Programs

O43 - CFD: 24/11/2009 - 11:15:28 - [13775642] -S--D- C:\Users\HP\AppData\Roaming\Microsoft

O43 - CFD: 06/06/2011 - 12:01:50 - [0] ----D- C:\Users\HP\AppData\Roaming\Microsoft Game Studios

O43 - CFD: 02/09/2008 - 19:54:04 - [0] ----D- C:\Users\HP\AppData\Roaming\Microsoft Web Folders

O43 - CFD: 15/06/2011 - 16:09:48 - [29472] ----D- C:\Users\HP\AppData\Roaming\Mipony

O43 - CFD: 17/08/2010 - 16:34:16 - [3476524] ----D- C:\Users\HP\AppData\Roaming\Mozilla

O43 - CFD: 01/06/2011 - 15:44:44 - [280949] ----D- C:\Users\HP\AppData\Roaming\OfferBox

O43 - CFD: 21/11/2009 - 17:20:02 - [2327717] ----D- C:\Users\HP\AppData\Roaming\OpenOffice.org

O43 - CFD: 02/04/2010 - 19:17:34 - [0] ----D- C:\Users\HP\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 28/09/2008 - 18:29:48 - [13824] ----D- C:\Users\HP\AppData\Roaming\Template

O43 - CFD: 28/07/2011 - 18:47:12 - [875646] ----D- C:\Users\HP\AppData\Roaming\vlc

O43 - CFD: 18/11/2008 - 12:27:34 - [0] ----D- C:\Users\HP\AppData\Roaming\WinBatch

O43 - CFD: 30/12/2008 - 15:18:46 - [0] ----D- C:\Users\HP\AppData\Roaming\WinRAR

O43 - CFD: 17/08/2010 - 17:15:42 - [6323366] ----D- C:\Users\HP\AppData\Local\Adobe

O43 - CFD: 18/02/2009 - 00:12:44 - [0] ----D- C:\Users\HP\AppData\Local\Apple

O43 - CFD: 22/04/2009 - 12:05:32 - [7455822] ----D- C:\Users\HP\AppData\Local\Apple Computer

O43 - CFD: 19/06/2008 - 15:58:48 - [0] -SH-D- C:\Users\HP\AppData\Local\Application Data

O43 - CFD: 26/06/2011 - 16:12:46 - [33725805] ----D- C:\Users\HP\AppData\Local\Apps

O43 - CFD: 26/06/2011 - 17:35:38 - [0] ----D- C:\Users\HP\AppData\Local\Deployment

O43 - CFD: 25/04/2010 - 03:05:22 - [13521171] ----D- C:\Users\HP\AppData\Local\Downloaded Installations

O43 - CFD: 28/07/2009 - 01:35:16 - [9816] ----D- C:\Users\HP\AppData\Local\DVDPlay

O43 - CFD: 31/07/2011 - 03:23:12 - [8] ----D- C:\Users\HP\AppData\Local\Eraser

O43 - CFD: 02/06/2011 - 16:49:50 - [112] ----D- C:\Users\HP\AppData\Local\FalloutNV

O43 - CFD: 10/04/2009 - 10:16:04 - [204145312] ----D- C:\Users\HP\AppData\Local\Google

O43 - CFD: 19/06/2008 - 16:06:46 - [2046] ----D- C:\Users\HP\AppData\Local\Hewlett-Packard

O43 - CFD: 19/06/2008 - 15:58:48 - [0] -SH-D- C:\Users\HP\AppData\Local\Historique

O43 - CFD: 05/05/2009 - 12:23:28 - [241852] ----D- C:\Users\HP\AppData\Local\HP

O43 - CFD: 24/07/2011 - 01:56:24 - [1370056412] ----D- C:\Users\HP\AppData\Local\Microsoft

O43 - CFD: 06/06/2011 - 12:01:30 - [3319] ----D- C:\Users\HP\AppData\Local\Microsoft Game Studios

O43 - CFD: 10/02/2011 - 17:36:20 - [445964] ----D- C:\Users\HP\AppData\Local\Microsoft Games

O43 - CFD: 17/08/2010 - 16:34:06 - [47837145] ----D- C:\Users\HP\AppData\Local\Mozilla

O43 - CFD: 22/07/2011 - 13:55:00 - [0] ----D- C:\Users\HP\AppData\Local\Origin

O43 - CFD: 18/11/2008 - 12:27:48 - [0] ----D- C:\Users\HP\AppData\Local\PowerCinema

O43 - CFD: 26/06/2011 - 17:22:34 - [1420668] ----D- C:\Users\HP\AppData\Local\PunkBuster

O43 - CFD: 24/03/2009 - 13:24:02 - [3024607] ----D- C:\Users\HP\AppData\Local\Screamer Radio

O43 - CFD: 01/08/2011 - 16:33:26 - [9579015] ----D- C:\Users\HP\AppData\Local\Temp

O43 - CFD: 19/06/2008 - 15:58:48 - [0] -SH-D- C:\Users\HP\AppData\Local\Temporary Internet Files

O43 - CFD: 19/11/2008 - 18:35:58 - [0] ----D- C:\Users\HP\AppData\Local\Unity

O43 - CFD: 19/06/2008 - 16:06:40 - [128026] ----D- C:\Users\HP\AppData\Local\VirtualStore

O43 - CFD: 26/07/2011 - 09:17:52 - [81920] ----D- C:\Users\HP\AppData\Local\Windows Live

O43 - CFD: 25/08/2008 - 10:01:00 - [10334] ----D- C:\Users\HP\AppData\Local\WindowsUpdate

O43 - CFD: 15/07/2011 - 15:29:24 - [0] ----D- C:\Users\HP\AppData\Local\{0FA45D7F-B3F7-4FEB-A51A-BBBEC63715DF}

O43 - CFD: 28/07/2011 - 06:29:32 - [0] ----D- C:\Users\HP\AppData\Local\{21FD82A4-D39A-4BB8-8C83-F24C9B559E09}

O43 - CFD: 22/07/2011 - 13:53:08 - [0] ----D- C:\Users\HP\AppData\Local\{234182DD-440C-4250-8E7F-5DDE097DBA6B}

O43 - CFD: 31/07/2011 - 10:45:06 - [0] ----D- C:\Users\HP\AppData\Local\{23E83DD9-451A-449B-A791-25BB343093FB}

O43 - CFD: 01/08/2011 - 05:45:28 - [0] ----D- C:\Users\HP\AppData\Local\{2CBB2674-4A44-44C8-B720-3DEE1A94FDED}

O43 - CFD: 25/07/2011 - 07:28:30 - [0] ----D- C:\Users\HP\AppData\Local\{36FAB0BB-023C-4EE1-AE22-93A938ADACC8}

O43 - CFD: 17/07/2011 - 11:00:34 - [0] ----D- C:\Users\HP\AppData\Local\{40D41E03-A01C-4189-A161-B0347CA4DC1B}

O43 - CFD: 19/07/2011 - 23:33:06 - [0] ----D- C:\Users\HP\AppData\Local\{498B5AF1-73D4-4A94-BC17-8D2D041B51B1}

O43 - CFD: 28/07/2011 - 21:50:10 - [0] ----D- C:\Users\HP\AppData\Local\{502B4FAE-A8D2-42F2-BAD4-F95374FEF34C}

O43 - CFD: 19/07/2011 - 00:30:40 - [0] ----D- C:\Users\HP\AppData\Local\{5E0B9EFC-7204-4EB4-AE60-555FF8949FDE}

O43 - CFD: 20/07/2011 - 13:48:02 - [0] ----D- C:\Users\HP\AppData\Local\{69207BB7-60BE-4960-BA0C-F6D0109857D3}

O43 - CFD: 20/07/2011 - 17:37:06 - [0] ----D- C:\Users\HP\AppData\Local\{6925C13A-411C-4F99-951D-926BE524C68B}

O43 - CFD: 16/07/2011 - 08:29:06 - [0] ----D- C:\Users\HP\AppData\Local\{6BA6A56A-E398-4CEF-8034-444D840B19B6}

O43 - CFD: 26/07/2011 - 09:17:40 - [0] ----D- C:\Users\HP\AppData\Local\{6BDE5503-F96C-462D-AD31-8D1DA44FE190}

O43 - CFD: 23/07/2011 - 10:38:08 - [0] ----D- C:\Users\HP\AppData\Local\{902F3DC1-8D77-4CC5-96E5-9377F226CD42}

O43 - CFD: 30/07/2011 - 15:36:20 - [0] ----D- C:\Users\HP\AppData\Local\{965ED043-0B6F-4613-AD1F-CBFD365887D6}

O43 - CFD: 27/07/2011 - 16:16:12 - [0] ----D- C:\Users\HP\AppData\Local\{BE53675F-77E2-4D13-A23D-3CDF1B5DC4C9}

O43 - CFD: 12/07/2011 - 07:16:34 - [0] ----D- C:\Users\HP\AppData\Local\{BE6FB47B-D0FD-4217-87D0-AEBCCAC70501}

O43 - CFD: 27/07/2011 - 06:35:46 - [0] ----D- C:\Users\HP\AppData\Local\{C3776739-22E0-4911-9320-061DC75C6F03}

O43 - CFD: 19/07/2011 - 15:39:32 - [0] ----D- C:\Users\HP\AppData\Local\{D1647501-F330-4D5D-9E53-E306CCD832EC}

O43 - CFD: 24/07/2011 - 00:49:42 - [0] ----D- C:\Users\HP\AppData\Local\{DE235E17-09BB-4107-81AC-BF9362B27108}

O43 - CFD: 21/07/2011 - 23:43:08 - [0] ----D- C:\Users\HP\AppData\Local\{F48A0E7B-1F6A-470E-AD33-AA5B6EC1F156}

~ Scan Program Folder in 00mn 23s

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.C04D1CDDCA5B495C29F4B984BA64EF17] - 01/08/2011 - 15:33:52 ---A- . (...) -- C:\Program [40]

O44 - LFC:[MD5.365E043DF9D27EFC4E24BECBEE09FC1A] - 01/08/2011 - 15:29:28 ---A- . (...) -- C:\Windows\WindowsUpdate.log [15490]

O44 - LFC:[MD5.CD1558EEAD0EC3E387F8B7FDF99EC98A] - 01/08/2011 - 15:29:27 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.86759E2B7CC67B5854207F8CE4F09713] - 31/07/2011 - 09:46:19 ---A- . (...) -- C:\Windows\error.log [266]

O44 - LFC:[MD5.337F22BAB7F8BFD768358A0FAA58C544] - 31/07/2011 - 09:46:19 ---A- . (...) -- C:\Windows\win.ini [260]

O44 - LFC:[MD5.DEECFD7045974662E1CB7CBECB582436] - 31/07/2011 - 09:44:17 ---A- . (...) -- C:\Windows\System32\schedlog.txt [10239]

O44 - LFC:[MD5.F401D6605EBA2D7D8E145040C808F5BA] - 20/07/2011 - 16:37:09 ---A- . (...) -- C:\Windows\System32\uplauncher.log [792]

O44 - LFC:[MD5.BCDAEFD9CFCDCBD26F1FACB5CFA5B1C5] - 17/07/2011 - 17:32:57 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1606634]

O44 - LFC:[MD5.DAC069E585CEC9090B7F3FE9835D426E] - 17/07/2011 - 17:32:57 ---A- . (...) -- C:\Windows\System32\perfc009.dat [118064]

O44 - LFC:[MD5.A1E499B4EAC669ECCFCF5F8458807B83] - 17/07/2011 - 17:32:57 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [143958]

O44 - LFC:[MD5.712CBD03574C1BFB0F1749570364D583] - 17/07/2011 - 17:32:57 ---A- . (...) -- C:\Windows\System32\perfh009.dat [631438]

O44 - LFC:[MD5.2070E2C05161AC7D951B4D4FA8BA9911] - 17/07/2011 - 17:32:57 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [719130]

O44 - LFC:[MD5.29424BAD3927FDF5D750F4903AD09A5E] - 16/07/2011 - 02:22:17 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [319960]

O44 - LFC:[MD5.005EE82BABF1D2D32188A75BEDF500A4] - 12/07/2011 - 13:19:45 ---A- . (.GEAR Software Inc. - GEARAspi (x86).) -- C:\Windows\System32\GEARAspi.dll [107368]

O44 - LFC:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 12/07/2011 - 13:19:44 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [26600]

~ Scan Files in 01mn 05s

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 00s

---\\ MountPoints2 Shell Key (O51)

O51 - MPSK:{b743bb63-563a-11e0-92a6-001e8c766e6e}\AutoRun\command. (.Electronic Arts - Autorun Application.) -- I:\Autorun.exe

O51 - MPSK:{b743bb6b-563a-11e0-92a6-001e8c766e6e}\AutoRun\command. (...) -- H:\HeartOfDarkness.exe (.not file.)

O51 - MPSK:{c1d5b15f-3e06-11dd-983d-806e6f6e6963}\AutoRun\command. (.CyberLink Corp. - PowerDVD.) -- F:\PDVD_RT\PowerDVD.exe

O51 - MPSK:{e12af551-8cef-11e0-b6f5-001e8c766e6e}\AutoRun\command. (.Pas de propriétaire - autorun Module.) -- J:\autorun.exe

~ Scan Keys in 00mn 01s

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll

O52 - TDSD: \Drivers32\"vidc.ffds"="-" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"vidc.VP60"="C:\Windows\system32\vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\system32\vp6vfw.dll

O52 - TDSD: \Drivers32\"vidc.VP61"="C:\Windows\system32\vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\system32\vp6vfw.dll

O52 - TDSD: \Drivers32\"vidc.VP31"="vp31vfw.dll" . (.On2.com - On2_VP3.) -- C:\Windows\System32\vp31vfw.dll

O52 - TDSD: \Drivers32\"VIDC.IV41"="IR41_32.AX" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\Windows\System32\IR41_32.AX

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"vp6vfw.dll"="EA VP6 Codec" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\System32\vp6vfw.dll

~ Scan Keys in 00mn 00s

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0

~ Scan Keys in 00mn 00s

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [420968]

O58 - SDL:[MD5.B84088CA3CDCA97DA44A984C6CE1CCAD] - 02/11/2006 - 10:51:32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297576]

O58 - SDL:[MD5.7880C67BCCC27C86FD05AA2AFB5EA469] - 02/11/2006 - 10:50:35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [98408]

O58 - SDL:[MD5.9AE713F8E30EFC2ABCCD84904333DF4D] - 02/11/2006 - 10:51:00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [147048]

O58 - SDL:[MD5.90395B64600EBB4552E26E178C94B2E4] - 02/11/2006 - 10:49:20 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [14952]

O58 - SDL:[MD5.5F673180268BB1FDB69C99B6619FE379] - 02/11/2006 - 10:50:09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [67688]

O58 - SDL:[MD5.957F7540B5E7F602E44648C7DE5A1C05] - 02/11/2006 - 10:50:10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [67688]

O58 - SDL:[MD5.59DB74EF3B328852A736578DFF3FCAD6] - 19/06/2008 - 19:05:34 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athrusb.sys [449536]

O58 - SDL:[MD5.5B80E84AF6B02ECAB72DAE9AFEE06309] - 05/02/2010 - 14:36:37 ---A- . (...) -- C:\Windows\system32\drivers\atksgt.sys [165376]

O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 01/01/2010 - 11:44:29 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [56816]

O58 - SDL:[MD5.452E382340BB0C5E694ED9D3625356D0] - 01/01/2010 - 09:33:07 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\Windows\system32\drivers\avipbb.sys [96104]

O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]

O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]

O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]

O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]

O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]

O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]

O58 - SDL:[MD5.45201046C776FFDAF3FC8A0029C581C8] - 02/11/2006 - 10:49:28 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [16488]

O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]

O58 - SDL:[MD5.555E54AC2F601A8821CEF58961653991] - 24/03/2011 - 19:07:05 ---A- . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\system32\drivers\dtsoftbus01.sys [218688]

O58 - SDL:[MD5.F88FB26547FD2CE6D0A5AF2985892C48] - 02/11/2006 - 08:30:54 ---A- . (.Intel Corporation - Intel® PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G60I32.sys [117760]

O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [316520]

O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 12/07/2011 - 12:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [26600]

O58 - SDL:[MD5.DF353B401001246853763C4B7AAA6F50] - 02/11/2006 - 10:50:10 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [37480]

O58 - SDL:[MD5.707C1692214B1C290271067197F075F6] - 26/08/2008 - 16:44:44 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStor.sys [324120]

O58 - SDL:[MD5.C957BF4B5D80B46C5017BF0101E6C906] - 02/11/2006 - 10:51:25 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [232040]

O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]

O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]

O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]

O58 - SDL:[MD5.ADB68AA60EF991CE2E217223FA20B4FF] - 18/11/2009 - 02:08:00 ---A- . (.LG Electronics Inc. - LG CDMA USB Multi function Driver.) -- C:\Windows\system32\drivers\lgusbbus.sys [13056]

O58 - SDL:[MD5.975B6CF65F44E95883F3855BAE8CECAF] - 05/02/2010 - 14:36:37 ---A- . (...) -- C:\Windows\system32\drivers\lirsgt.sys [18048]

O58 - SDL:[MD5.A2262FB9F28935E862B4DB46438C80D2] - 02/11/2006 - 10:50:04 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [65640]

O58 - SDL:[MD5.30D73327D390F72A62F32C103DAF1D6D] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [65640]

O58 - SDL:[MD5.E1E36FEFD45849A95F1AB81DE0159FE3] - 02/11/2006 - 10:50:10 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [65640]

O58 - SDL:[MD5.D153B14FC6598EAE8422A2037553ADCE] - 02/11/2006 - 10:49:53 ---A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [28776]

O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]

O58 - SDL:[MD5.271AC1312EF1DDE187793183ABBFA8D0] - 26/02/2008 - 08:17:30 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 USB Wireless Adapter Driver.) -- C:\Windows\system32\drivers\netr73.sys [493568]

O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]

O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]

O58 - SDL:[MD5.484844C0D892B42ECC5E6B063D072A38] - 28/03/2009 - 23:03:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 182.) -- C:\Windows\system32\drivers\nvlddmkm.sys [7738816]

O58 - SDL:[MD5.E69E946F80C1C31C53003BFBF50CBB7C] - 02/11/2006 - 10:50:24 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [88680]

O58 - SDL:[MD5.9E0BA19A28C498A6D323D065DB76DFFC] - 02/11/2006 - 10:50:13 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [40040]

O58 - SDL:[MD5.9B0842C6F0D49F95DB99E292223AD174] - 25/05/2011 - 16:35:53 ---A- . (...) -- C:\Windows\system32\drivers\PnkBstrK.sys [138248]

O58 - SDL:[MD5.390C204CED3785609AB24E9C52054A84] - 07/05/2008 - 18:27:00 ---A- . (.Hewlett-Packard Company - PS2 SYS.) -- C:\Windows\system32\drivers\PS2.sys [19072]

O58 - SDL:[MD5.CCDAC889326317792480C0A67156A1EC] - 02/11/2006 - 10:51:45 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [900712]

O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]

O58 - SDL:[MD5.FE912E4A9719A9792669DEBB403CB9B1] - 26/08/2008 - 16:11:06 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2164248]

O58 - SDL:[MD5.3D2B6520699D1DCD5A13F9E7CAD62199] - 07/05/2008 - 11:44:00 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys [91648]

O58 - SDL:[MD5.B0538DEA03E088B80482CA939F4E8740] - 26/08/2008 - 18:01:50 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for Vista.) -- C:\Windows\system32\drivers\RTSTOR.sys [62464]

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]

O58 - SDL:[MD5.CEDD6F4E7D84E9F98B34B3FE988373AA] - 02/11/2006 - 10:50:10 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [38504]

O58 - SDL:[MD5.DF843C528C4F69D12CE41CE462E973A7] - 02/11/2006 - 10:50:16 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [71784]

O58 - SDL:[MD5.654DFEA96BC82B4ACDA4F37E5E4A3BBF] - 01/01/2010 - 09:12:24 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys [28520]

O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]

O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]

O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]

O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [235112]

O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]

O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]

O58 - SDL:[MD5.C1CA131F4E3ED63D6BC89A35FFAD4CDA] - 18/02/2009 - 14:23:30 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl.sys [32000]

O58 - SDL:[MD5.FD2E3175FCADA350C7AB4521DCA187EC] - 02/11/2006 - 10:49:30 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17512]

O58 - SDL:[MD5.D984439746D42B30FC65A4C3546C6829] - 02/11/2006 - 10:50:41 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\system32\drivers\vsmraid.sys [112232]

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]

O58 - SDL:[MD5.41A5D2BBAC62A387ED24111F1FABFA55] - 01/10/2008 - 03:47:27 ---A- . (...) -- C:\Windows\system32\Ckldrv.sys [31846]

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097]

O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]

O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]

O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]

O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]

O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]

O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]

O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]

O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]

~ Scan Drivers in 00mn 40s

---\\ Recherche heuristique Magic.control (O59)

O59 - HSMI:Heuristic Search MagicControl Infection - (...) -- C:\Users\HP\AppData\Local\yquocua_nav.dat

O59 - HSMI:Heuristic Search MagicControl Infection - (...) -- C:\Users\HP\AppData\Local\yquocua_navps.dat

~ Scan Files in 00mn 00s

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ Scan ADS in 00mn 00s

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - 05/02/2010 - C:\Windows\System32\DRIVERS\atksgt.sys - atksgt (atksgt) .(...) - LEGACY_ATKSGT

O64 - Services: CurCS - 13/02/2009 - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio(avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO

O64 - Services: CurCS - 01/01/2010 - C:\Windows\System32\DRIVERS\avgntflt.sys - avgntflt(avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT

O64 - Services: CurCS - 30/03/2009 - C:\Windows\System32\DRIVERS\avipbb.sys - avipbb(avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB

O64 - Services: CurCS - 25/07/2008 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys - driverhardwarev2(driverhardwarev2) .(.Ma-Config.com - ma-config.com.) - LEGACY_DRIVERHARDWAREV2

O64 - Services: CurCS - 05/02/2010 - C:\Windows\System32\DRIVERS\lirsgt.sys - lirsgt (lirsgt) .(...) - LEGACY_LIRSGT

O64 - Services: CurCS - 10/01/2006 - C:\Windows\system32\ckldrv.sys - NetworkX (NetworkX) .(...) - LEGACY_NETWORKX

O64 - Services: CurCS - 11/05/2009 - C:\Windows\System32\DRIVERS\ssmdrv.sys - ssmdrv(ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV

O64 - Services: CurCS - 03/03/2008 - C:\Windows\System32\DRIVERS\vsdatant.sys - Zone Alarm Firewall Driver(Vsdatant) .(.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - LEGACY_VSDATANT

O64 - Services: CurCS - 18/12/2007 - C:\Program Files\HP\DVDPlay\000.fcl - {22D78859-9CE9-4B77-BF18-AC83E81A9263}({22D78859-9CE9-4B77-BF18-AC83E81A9263}) .(.Cyberlink Corp. - FCL Driver.) - LEGACY_{22D78859-9CE9-4B77-BF18-AC83E81A9263}

~ Scan Services in 00mn 01s

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 00s

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

~ Scan Keys in 00mn 00s

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] {56256A51-B582-467e-B8D4-7786EDA79AE0} - (My Web Search) - MyWebSearch Home Page

O69 - SBI: SearchScopes [HKCU] {74B19991-2F3E-4428-AE17-71C7F6BEC7FC} - (Kelkoo) - Voitures Et Motos | Comparer Prix & Acheter Voiture Et Moto - Kelkoo France

O69 - SBI: SearchScopes [HKCU] {88C1CDC1-3682-4418-9F15-87E44E7018EF} [DefaultScope] - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {9009BB90-2FB9-4194-855E-F9DA19E1E7EB} - (AOL Recherche) - http://slirsredirect.search.aol.com

~ Scan Keys in 00mn 00s

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.1DFB35E9D98ED7E8B9DAABCFBDF1314E] [sPRF][19/02/2009] (...) -- C:\Users\HP\AppData\Local\tyfrwcbw.bat [87]

[MD5.73709547A3B136DE4FCFDE3EF78C1B8F] [sPRF][25/05/2011] (...) -- C:\Users\HP\AppData\Roaming\PnkBstrK.sys [138056]

[MD5.3F4C80358B0839D604898D0202DFA7FB] [sPRF][08/05/2011] (.Robot Entertainment - Spartan Launcher.) -- C:\Program Files\AOEOnline.exe [4160288]

[MD5.FCDA2F0DF9FF74F0FC638EFC1938AFF0] [sPRF][08/05/2011] (.Robot Entertainment - Spartan LauncherReplace.) -- C:\Program Files\AOEOnlineReplace.exe [153376]

[MD5.14F5C2FD4EEDEA7EB4C1C2DD26BE457B] [sPRF][08/05/2011] (.Microsoft Corporation - EulaDll.) -- C:\Program Files\eulax.dll [73728]

[MD5.CAC8395B9A68299F91196C14FF28A20A] [sPRF][08/05/2011] (...) -- C:\Program Files\granny2.dll [746496]

[MD5.6D231BCCAFDA16DAF3BA201D94C54C95] [sPRF][24/05/2011] (.Robot Entertainment - Spartan Launcher.) -- C:\Program Files\Launcher.exe [5290272]

[MD5.B827B7663320E5F3ED22F84487DB95DE] [sPRF][24/05/2011] (.Robot Entertainment - Spartan LauncherReplace.) -- C:\Program Files\LauncherReplace.exe [369440]

[MD5.64F0CFA2CD54C379DE768C59D089B1C6] [sPRF][24/05/2011] (...) -- C:\Program Files\pw32b.dll [173408]

[MD5.D39303C7CF96E9617D65C5F0B5F1AFDD] [sPRF][08/05/2011] (.Microsoft Corporation - Rockall Heap Manager DLL.) -- C:\Program Files\RockallDLL.dll [81998]

[MD5.EF24BE15480D20F70C0B8EEAF32B6F3B] [sPRF][08/05/2011] (.Robot Entertainment - Spartan.) -- C:\Program Files\Spartan.exe [11756320]

[MD5.FB98AFB771503DD626D0D41FBAD00B9A] [sPRF][08/05/2011] (...) -- C:\Program Files\XLiveDLC.dll [15648]

[MD5.80F4A456633F78A26A3C6B16E64EFEC5] [sPRF][28/09/2007] (.Microsoft - Uno Messenger.) -- C:\Windows\Downloaded Program Files\GAME_UNO1.dll [381960]

[MD5.8945CCA5FC4F25168E8B6F401EFAF51F] [sPRF][22/02/2007] (.Microsoft Corporation - Zone.com Stats Client for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll [304544]

[MD5.6F315BDFE7148459DE3B4B59E6DFA1D4] [sPRF][19/08/2009] (.Microsoft® Corporation - Windows Live Photo Upload Tool.) -- C:\Windows\Downloaded Program Files\MsnPUpld.dll [641368]

[MD5.732CACA8E848F6E721B093E51FC50B1D] [sPRF][09/01/2007] (.Microsoft® Corporation - Outil MSN Téléchargement de photos.) -- C:\Windows\Downloaded Program Files\PURfr-fr.dll [110592]

~ Scan Files in 00mn 01s

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "{89D67DF6-E4E9-43E8-A0E9-6B5D70000D3D}" |In - None - P6 - TRUE | .(...) -- c:\Program Files\Cyberlink\PowerDirector\PDR.exe (.not file.)

O87 - FAEL: "TCP Query User{490506CE-9414-4D4A-87E1-F506BBEBA362}C:\users\hp\appdata\local\temp\wzse0.tmp\symnrt.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\hp\appdata\local\temp\wzse0.tmp\symnrt.exe (.not file.)

O87 - FAEL: "UDP Query User{0B53AEED-7459-49D9-B8A8-80A3B74D0298}C:\users\hp\appdata\local\temp\wzse0.tmp\symnrt.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\hp\appdata\local\temp\wzse0.tmp\symnrt.exe (.not file.)

O87 - FAEL: "{48EC8D39-6153-4BA0-B7CD-8508917164E2}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe

O87 - FAEL: "{AB36E348-CC68-405C-BAB5-11378EFF78DA}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe

O87 - FAEL: "{51947157-5E31-48F7-83A0-D97283C4DA79}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP DVDPlay.) -- C:\Program Files\HP\DVDPlay\DVDPlay.exe

O87 - FAEL: "{A842310C-8F24-43B1-9325-1344CCE1D1C0}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP DVDPlay Resident Program.) -- C:\Program Files\HP\DVDPlay\DPService.exe

O87 - FAEL: "{C298AB14-F930-41A2-903D-BFF70110DD03}" | In - Private - P6 - TRUE | .(...) -- C:\WINDOWS\System32\PnkBstrA.exe

O87 - FAEL: "{EA00EDD8-6028-4752-82BA-443B13461BDA}" | In - Private - P17 - TRUE | .(...) -- C:\WINDOWS\System32\PnkBstrA.exe

O87 - FAEL: "{C403AE22-7CE5-4C6E-87BE-793FA8525CE4}" | In - Private - P6 - TRUE | .(...) -- C:\WINDOWS\System32\PnkBstrB.exe

O87 - FAEL: "{1AD512F3-5FCB-4C2D-A3E4-E211940D04C3}" | In - Private - P17 - TRUE | .(...) -- C:\WINDOWS\System32\PnkBstrB.exe

O87 - FAEL: "{3DB3365B-42A9-471C-B0FD-21D2CD2374D6}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{271FF0A4-A42A-4698-A07C-7A7A29BBC004}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{7FF458AC-0942-4AC9-A0F0-E909B8B372A7}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe

~ Scan Firewall in 00mn 01s

---\\ Scan Additionnel (O88)

Database Version : 8554 - (01/08/2011)

Clés trouvées (Keys found) : 155

Valeurs trouvées (Values found) : 6

Dossiers trouvés (Folders found) : 7

Fichiers trouvés (Files found) : 0

[HKLM\Software\Microsoft\Internet Explorer\low rights\rundll32policy\f3scrctr.dll] =>Adware.MyWebSearch

[HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss] =>Adware.MyWebSearch

[HKLM\Software\microsoft\office\outlook\addins\mywebsearch.outlookaddin] =>Adware.MyWebSearch

[HKLM\Software\microsoft\office\word\addins\mywebsearch.outlookaddin] =>Adware.MyWebSearch

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ForceRenive] =>PUP.OfferBox

[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall] =>Adware.BHO

[HKLM\Software\Classes\funwebproducts.datacontrol] =>Adware.MyWebSearch

[HKLM\Software\Classes\funwebproducts.datacontrol.1] =>Adware.MyWebSearch

[HKLM\Software\Classes\funwebproducts.historykillerscheduler] =>Adware.MyWebSearch

[HKLM\Software\Classes\funwebproducts.historykillerscheduler.1] =>Adware.MyWebSearch

[HKLM\Software\Classes\funwebproducts.historyswattercontrolbar] =>Adware.MyWebSearch

[HKLM\Software\Classes\funwebproducts.historyswattercontrolbar.1] =>Adware.MyWebSearch

[HKLM\Software\Classes\funwebproducts.htmlmenu] =>Adware.MyWebSearch

[HKLM\Software\Classes\funwebproducts.htmlmenu.1] =>Adware.MyWebSearch

[HKLM\Software\Classes\funwebproducts.htmlmenu.2] =>Adware.MyWebSearch

[HKLM\Software\Classes\funwebproducts.iecookiesmanager] =>Adware.MyWebSearch

[HKLM\Software\Classes\funwebproducts.iecookiesmanager.1] =>Adware.MyWebSearch

[HKLM\Software\Classes\funwebproducts.killerobjmanager] =>Adware.MyWebSearch

[HKLM\Software\Classes\funwebproducts.killerobjmanager.1] =>Adware.MyWebSearch

[HKLM\Software\Classes\funwebproducts.popswatterbarbutton] =>Adware.MyWebSearch

[HKLM\Software\Classes\funwebproducts.popswatterbarbutton.1] =>Adware.MyWebSearch

[HKLM\Software\Classes\funwebproducts.popswattersettingscontrol] =>Adware.MyWebSearch

[HKLM\Software\Classes\funwebproducts.popswattersettingscontrol.1] =>Adware.MyWebSearch

[HKLM\Software\Classes\mywebsearch.chatsessionplugin] =>Adware.MyWebSearch

[HKLM\Software\Classes\mywebsearch.chatsessionplugin.1] =>Adware.MyWebSearch

[HKLM\Software\Classes\mywebsearch.htmlpanel] =>Adware.MyWebSearch

[HKLM\Software\Classes\mywebsearch.htmlpanel.1] =>Adware.MyWebSearch

[HKLM\Software\Classes\mywebsearch.multiplebutton] =>Adware.MyWebSearch

[HKLM\Software\Classes\mywebsearch.multiplebutton.1] =>Adware.MyWebSearch

[HKLM\Software\Classes\mywebsearch.outlookaddin] =>Adware.MyWebSearch

[HKLM\Software\Classes\mywebsearch.outlookaddin.1] =>Adware.MyWebSearch

[HKLM\Software\Classes\mywebsearch.pseudotransparentplugin] =>Adware.MyWebSearch

[HKLM\Software\Classes\mywebsearch.pseudotransparentplugin.1] =>Adware.MyWebSearch

[HKLM\Software\Classes\mywebsearch.urlalertbutton] =>Adware.MyWebSearch

[HKLM\Software\Classes\MyWebSearch.UrlAlertButton.1] =>Adware.MyWebSearch

[HKLM\Software\Classes\mywebsearchtoolbar.settingsplugin] =>Adware.MyWebSearch

[HKLM\Software\Classes\mywebsearchtoolbar.settingsplugin.1] =>Adware.MyWebSearch

[HKLM\Software\Classes\mywebsearchtoolbar.toolbarplugin] =>Adware.MyWebSearch

[HKLM\Software\Classes\mywebsearchtoolbar.toolbarplugin.1] =>Adware.MyWebSearch

[HKLM\Software\Classes\screensavercontrol.screensaverinstaller] =>Adware.BHO

[HKLM\Software\Classes\screensavercontrol.screensaverinstaller.1] =>Adware.BHO

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}] =>Adware.MyWebSearch

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44CF-8957-5838F569A31D}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf6-072e-44cf-8957-5838f569a31d}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{07b18ea0-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{07b18ea1-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07b18ea1-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{07b18eac-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{1093995a-ba37-41d2-836e-091067c4ad17}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{120927bf-1700-43bc-810f-fab92549b390}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}] =>Adware.MyWebSearch

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{1f52a5fa-a705-4415-b975-88503b291728}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{25560540-9571-4d7b-9389-0f166788785a}] =>Adware.MyWebSearch

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{29d67d3c-509a-4544-903f-c8c1b8236554}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}] =>Adware.MyWebSearch

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{3e720450-b472-4954-b7aa-33069eb53906}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{3e720451-b472-4954-b7aa-33069eb53906}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{3e720452-b472-4954-b7aa-33069eb53906}] =>Adware.MyWebSearch

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{3e720453-b472-4954-b7aa-33069eb53906}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0}] =>Adware.AdRotator

[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0}] =>Adware.AdRotator

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}] =>Adware.MyWebSearch

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c}] =>Adware.MyWebSearch

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{8e6f1830-9607-4440-8530-13be7c4b1d14}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{8e9cf769-3d3b-40eb-9e2d-76e7a205e4d2}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8}] =>Adware.MyWebSearch

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab}] =>Adware.MyWebSearch

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{991aac62-b100-47ce-8b75-253965244f69}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df}] =>Adware.MyWebSearch

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835}] =>Adware.MyWebSearch

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{d518921a-4a03-425e-9873-b9a71756821e}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{d858dafc-9573-4811-b323-7011a3aa7e61}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805}] =>Adware.MyWebSearch

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612}] =>Adware.MyWebSearch

[HKLM\Software\Classes\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612}] =>Adware.MyWebSearch

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8}] =>Adware.MyWebSearch

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{f42228fb-e84e-479e-b922-fbbd096e792c}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978}] =>Adware.MyWebSearch

[HKLM\SYSTEM\CurrentControlSet\Services\MyWebSearchService] =>Adware.MyWebSearch

[HKLM\Software\Conduit] =>Toolbar.Conduit

[HKCU\Software\fcn] =>Rogue.Multiple

[HKLM\Software\focusinteractive] =>Adware.MyWebSearch

[HKCU\Software\AppDataLow\Software\Fun Web Products] =>Adware.MyWebSearch

[HKLM\Software\Fun Web Products] =>Adware.MyWebSearch

[HKCU\Software\FunWebProducts] =>Adware.MyWebSearch

[HKCU\Software\AppDataLow\Software\FunWebProducts] =>Adware.MyWebSearch

[HKCU\Software\PopCap] =>Adware.PopCap

[HKLM\Software\PopCap] =>Adware.PopCap

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\mywebsearch bar uninstall] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{07b18ea9-a523-4961-b6bb-170de4475cca} =>Adware.MyWebSearch

[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{07b18ea9-a523-4961-b6bb-170de4475cca} =>Adware.MyWebSearch

[HKLM\Software\Mozilla\Firefox\Extensions]:m3ffxtbr@mywebsearch.com =>Adware.MyWebSearch

[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]:My Web Search Bar Search Scope Monitor =>Adware.MyWebSearch

[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]:MyWebSearch Email Plugin =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Run]:MyWebSearch Email Plugin =>Adware.MyWebSearch

C:\Program Files\FunWebProducts =>Adware.MyWebSearch

C:\Program Files\log =>Worm.Silly

C:\Program Files\MyWebSearch =>Adware.MyWebSearch

C:\ProgramData\PopCap Games =>Adware.PopCap

C:\Users\HP\AppData\Roaming\OfferBox =>PUP.OfferBox

C:\Users\HP\AppData\LocalLow\FunWebProducts =>Adware.MyWebSearch

C:\Users\HP\AppData\LocalLow\MyWebSearch =>Adware.MyWebSearch

~ Scan Additionnel in 00mn 07s

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 01/01/2010 108289 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

SR - | Auto 01/01/2010 185089 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

SR - | Auto 12/07/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

SS - | Demand 12/04/2011 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\BBSvc.exe

SR - | Auto 12/07/2011 349472 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe

SR - | Auto 01/10/2008 69632 | (Crypkey License) . (.CrypKey (Canada) Ltd..) - C:\Windows\System32\crypserv.exe

SR - | Auto 03/01/2010 266240 | (CSHelper) . (...) - C:\Windows\system32\CSHelper.exe

SS - | Demand 29/08/2008 21504 | C:\Program Files\NOS\bin\getPlus_Helper.dll (getPlusHelper) . (.NOS Microsystems Ltd..) - C:\Windows\System32\svchost.exe

SS - | Auto 10/04/2009 133104 | (gupdate1c9b9b495cdbcb0) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SS - | Demand 10/04/2009 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SR - | Auto 07/05/2008 65536 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

SR - | Auto 07/05/2008 198240 | (HPBtnSrv) . (...) - c:\hp\HPEZBTN\HPBtnSrv.exe

SR - | Auto 07/05/2008 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

SS - | Demand 25/04/2010 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

SR - | Demand 12/07/2011 820520 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe

SR - | Auto 07/05/2008 79136 | (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files\Common Files\LightScribe\LSSrvc.exe

SS - | Demand 25/08/2008 191656 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe

SR - | Auto 06/12/2010 28762 | (MyWebSearchService) . (.MyWebSearch.com.) - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe

SR - | Auto 28/03/2009 207392 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe

SR - | Auto 25/05/2011 75136 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe

SR - | Auto 25/08/2008 79400 | (vsmon) . (.Check Point Software Technologies LTD.) - C:\WINDOWS\System32\ZoneLabs\vsmon.exe

SR - | Auto 29/08/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

SR - | Auto 05/05/2009 39408 | ({22D78859-9CE9-4B77-BF18-AC83E81A9263}) . (.Cyberlink Corp..) - C:\Program Files\HP\DVDPlay\000.fcl

~ Scan Services in 00mn 00s

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Run by HP at 01/08/2011 16:36:28

device: opened successfully

user: MBR read successfully

Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll

C:\Windows\system32\drivers\iastor.sys Intel Corporation Intel Matrix Storage Manager driver

1 ntkrnlpa!IofCallDriver[0x82A54912] -> \Device\Harddisk0\DR0[0x86F35AC8]

3 CLASSPNP[0x8BBA18B3] -> ntkrnlpa!IofCallDriver[0x82A54912] -> \Device\Ide\IAAStorageDevice-2[0x855A0028]

kernel: MBR read successfully

user & kernel MBR OK

~ Scan MBR in 00mn 02s

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by HP at 01/08/2011 16:36:30

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

~ Scan MBR in 00mn 04s

End of the scan (1440 lines in 02mn 41s)(0)

pear · le 1 août 2011

Bonjour,

Il y a du monde !

Vous devez désactiver la protection en temps réel de votre Antivirus qui peut considérer certains composants de ce logiciel comme néfastes.

Vous devez désactiver vos protections et ne savez pas comment faire->Sur PCA,En Français

Téléchargez Navilog1 par Il-Mafioso

Enregistrer la cible (du lien) sous... et enregistrez-le sur le bureau.

Ensuite double cliquez sur navilog1.exe pour lancer l'installation.

Une fois l'installation terminée, Faire un Clic-droit sur le raccourci Navilog1 présent sur le bureau et choisir "Exécuter en tant qu'administrateur".

Si cela ne s'exécutait pas:

Démarrer ->Exécuter->Services.msc->Connexion secondaire->Démarrage Manuel

Réessayer

Dans la fenêtre qui s'ouvre, choisissez votre langue et validez

Au menu principal, Faire le choix 1et valider

< Ne faites pas le choix 2 sauf avis contraire>

Suivre les instructions et patienter jusqu'au message :

*** Analyse Terminée le ..... ***

Appuyer sur une touche comme demandé ; le bloc-notes va s'ouvrir.

Copier-coller l'intégralité dans la réponse.

Refermer le bloc-notes.

PS :le rapport est, aussi, sauvegardé à la racine du disque dur C:\cleannavi.txt

PS:Si le bureau ne réapparaît pas, CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.

Puis à l'onglet "processus". Cliquer en haut à gauche sur fichiers et choisir "exécuter"

Taper explorer et valider.

Il faut lancer la procédure dans tous les comptes utilisateurs où le problème apparaît car Navilog1 ne nettoie que

le compte sur lequel on l'exécute,après les avoir passés en mode "administrateur" (sinon navilog1 ne s'exécute pas)

Si c'est fait ou que vous êtes seul utilisateur:

Pour Désinstaller Navilog1 faites le choix 4

Ensuite supprimer ce dossier : C:\navilog1

Téléchargez AD-Remover sur le bureau

Déconnectez-vous et fermez toutes les applications en cours

Cliquer sur "Ad-R.exe" pour lancer l'installation et laisser les paramètres par défaut .

Une fenêtre s'affichera Vous prévenant des risques de l'utilisation de ce logiciel

Cliquez sur "OUI"

Double cliquer sur l'icône Ad-remover sur le bureau

Au menu principal choisir l'optionScanner et Validez

Patientez pendant le travail de l'outil.

Poster le rapport qui apparait à la fin .

Il est sauvegardé aussi sous C:\Ad-report.log

Ensuite

Relancer Ad- remover , choisir l'option Nettoyer

Il y aura 2 rapports à poster après :Scanner et Nettoyer

Une fois la désinfrction terminée, mais pas avant:

désinstaller AD-Remover, lancez avec l'option D puis supprimer l'icône du bureau.

Téléchargez MBAM

Branchez tous les supports amovibles avant de faire ce scan (clé usb/disque dur externe etc)

Avant de lancer Mbam

Vous devez d'abord désactiver vos protections mais vous ne savez pas comment faire

Exécuter avec droits d'administrateur.

Sous Vista , désactiver l'Uac

Double cliquez sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation.

Enregistrez le sur le bureau .

Fermer toutes les fenêtres et programmes

Suivez les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet)

N'apportez aucune modification aux réglages par défaut et, en fin d'installation,

Vérifiez que les options Update et Launch soient cochées

MBAM démarrera automatiquement et enverra un message demandant de mettre à jour le programme avant de lancer une analyse.

cliquer sur OK pour fermer la boîte de dialogue..

Dans l'onglet "mise à jour", cliquez sur le bouton Recherche de mise à jour:

Si le pare-feu demande l'autorisation de connecter MBAM, acceptez.

Une fois la mise à jour terminée, allez dans l'onglet Recherche.

Sélectionnez "Exécuter un examen complet"

Cliquez sur "Rechercher"

.L' analyse prendra un certain temps, soyez patient !

A la fin , un message affichera :

L'examen s'est terminé normalement.

Et un fichier Mbam.log apparaitra

Nettoyage

Relancez Mbam(Malewares'Bytes)

Sélectionnez "Exécuter un examen complet"

Cliquez sur "Rechercher"

L' analyse prendra un certain temps, soyez patient !

A la fin , un message affichera :

L'examen s'est terminé normalement.

Sélectionnez tout et cliquez sur Supprimer la sélection ,

MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

puis ouvrir le Bloc-notes et y copier le rapport d'analyse qui peut être retrouvé sous l'onglet Rapports/logs.

Copiez-collez ce rapport dans la prochaine réponse.

kingleroideskong · le 8 août 2011

RAPPORT NAVILOG

Fix Navipromo version 4.1.0 commencé le 08/08/2011 18:09:10,59

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!

!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\navilog1

Mise à jour le 20.04.2011 à 09h00 par IL-MAFIOSO

Microsoft® Windows Vista Édition Familiale Premium ( v6.0.6002 ) Service Pack 2

X86-based PC ( Multiprocessor Free : Intel® Core2 Quad CPU Q6600 @ 2.40GHz )

BIOS : BIOS Date: 12/31/07 10:10:58 Ver: 5.15

USER : HP ( Administrator )

BOOT : Normal boot

Firewall : ZoneAlarm Firewall 7.1.254.000 (Activated)

C:\ (Local Disk) - NTFS - Total:455 Go (Free:37 Go)

D:\ (Local Disk) - NTFS - Total:10 Go (Free:1 Go)

E:\ (Local Disk) - NTFS - Total:465 Go (Free:0 Go)

F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)

G:\ (CD or DVD)

H:\ (CD or DVD) - CDFS - Total:6 Go (Free:0 Go)

I:\ (CD or DVD) - CDFS - Total:5 Go (Free:0 Go)

J:\ (CD or DVD) - CDFS - Total:7 Go (Free:0 Go)

Recherche executée en mode normal

Nettoyage exécuté au redémarrage de l'ordinateur

C:\Users\HP\AppData\Local\yquocua.dat supprimé !

C:\Users\HP\AppData\Local\yquocua_nav.dat supprimé !

C:\Users\HP\AppData\Local\yquocua_navps.dat supprimé !

Nettoyage contenu C:\Windows\Temp effectué !

Nettoyage contenu C:\Users\HP\AppData\Local\Temp effectué !

*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

Modifié le 8 août 2011 par kingleroideskong

kingleroideskong · le 8 août 2011

SCAN AD-R

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 18:36:29 le 08/08/2011, Mode normal

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86)

HP@PC-HP (HP-Pavilion KB022AA-ABF m9170.fr)

============== RECHERCHE ==============

Service: "MyWebSearchService" Présent

Fichier trouvé: C:\Windows\system32\f3PSSavr.scr

Fichier trouvé: C:\Users\HP\AppData\Roaming\Mozilla\FireFox\Profiles\cgw2qftj.default\searchplugins\mywebsearch.xml

Dossier trouvé: C:\Users\HP\AppData\LocalLow\FunWebProducts

Dossier trouvé: C:\Program Files\FunWebProducts

Dossier trouvé: C:\Users\HP\AppData\LocalLow\MyWebSearch

Dossier trouvé: C:\Program Files\MyWebSearch

Dossier trouvé: C:\ProgramData\PopCap Games

Dossier trouvé: C:\Users\HP\AppData\Roaming\OfferBox

Fichier trouvé: C:\Program Files\Windows Live\Messenger\Riched20.dll

Fichier trouvé: C:\Program Files\Windows Live\Messenger\Msimg32.dll

Fichier trouvé: C:\Users\HP\AppData\Local\tyfrwcbw.bat

-- Fichier ouvert: C:\Users\HP\AppData\Roaming\Mozilla\FireFox\Profiles\cgw2qftj.default\Prefs.js --

Ligne trouvée: user_pref("extensions.enabledItems", "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1,{e4a8a97b-f2ed-45...

Ligne trouvée: user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensea...

Ligne trouvée: user_pref("extensions.mywebsearch.prevKwdEnabled", true);

Ligne trouvée: user_pref("extensions.mywebsearch.prevKwdURL", "chrome://browser-region/locale/region.properties");

Ligne trouvée: user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZKxdm607YYFR&ptb...

-- Fichier Fermé --

Clé trouvée: HKLM\Software\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44cf-8957-5838F569A31D}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44cf-8957-5838F569A31D}

Clé trouvée: HKLM\Software\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44cf-8957-5838F569A31D}

Clé trouvée: HKLM\Software\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}

Clé trouvée: HKLM\Software\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}

Clé trouvée: HKLM\Software\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}

Clé trouvée: HKLM\Software\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}

Clé trouvée: HKLM\Software\Classes\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}

Clé trouvée: HKLM\Software\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}

Clé trouvée: HKLM\Software\Classes\CLSID\{2EECCC1A-4CA0-492F-838D-AC1FC26CB327}

Clé trouvée: HKLM\Software\Classes\Interface\{2EECCC1A-4CA0-492F-838D-AC1FC26CB327}

Clé trouvée: HKLM\Software\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}

Clé trouvée: HKLM\Software\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}

Clé trouvée: HKLM\Software\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}

Clé trouvée: HKLM\Software\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}

Clé trouvée: HKLM\Software\Classes\CLSID\{65f0de9c-0ac1-416b-b8b6-b3d68dc76ea3}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{65f0de9c-0ac1-416b-b8b6-b3d68dc76ea3}

Clé trouvée: HKLM\Software\Classes\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}

Clé trouvée: HKLM\Software\Classes\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}

Clé trouvée: HKLM\Software\Classes\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}

Clé trouvée: HKLM\Software\Classes\CLSID\{799391D3-EB86-4bac-9BD3-CBFEA58A0E15}

Clé trouvée: HKLM\Software\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}

Clé trouvée: HKLM\Software\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}

Clé trouvée: HKLM\Software\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}

Clé trouvée: HKLM\Software\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}

Clé trouvée: HKLM\Software\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}

Clé trouvée: HKLM\Software\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}

Clé trouvée: HKLM\Software\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}

Clé trouvée: HKLM\Software\Classes\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}

Clé trouvée: HKLM\Software\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}

Clé trouvée: HKLM\Software\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}

Clé trouvée: HKLM\Software\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}

Clé trouvée: HKLM\Software\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}

Clé trouvée: HKLM\Software\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}

Clé trouvée: HKLM\Software\Classes\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}

Clé trouvée: HKLM\Software\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}

Clé trouvée: HKLM\Software\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}

Clé trouvée: HKLM\Software\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}

Clé trouvée: HKLM\Software\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}

Clé trouvée: HKLM\Software\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}

Clé trouvée: HKLM\Software\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}

Clé trouvée: HKLM\Software\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}

Clé trouvée: HKLM\Software\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}

Clé trouvée: HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}

Clé trouvée: HKLM\Software\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}

Clé trouvée: HKLM\Software\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}

Clé trouvée: HKLM\Software\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}

Clé trouvée: HKLM\Software\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}

Clé trouvée: HKLM\Software\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}

Clé trouvée: HKLM\Software\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}

Clé trouvée: HKLM\Software\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}

Clé trouvée: HKLM\Software\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}

Clé trouvée: HKLM\Software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}

Clé trouvée: HKLM\Software\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}

Clé trouvée: HKLM\Software\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}

Clé trouvée: HKLM\Software\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}

Clé trouvée: HKLM\Software\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}

Clé trouvée: HKLM\Software\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}

Clé trouvée: HKLM\Software\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}

Clé trouvée: HKLM\Software\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}

Clé trouvée: HKLM\Software\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}

Clé trouvée: HKLM\Software\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}

Clé trouvée: HKLM\Software\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}

Clé trouvée: HKLM\Software\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}

Clé trouvée: HKLM\Software\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}

Clé trouvée: HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}

Clé trouvée: HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}

Clé trouvée: HKLM\Software\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}

Clé trouvée: HKLM\Software\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}

Clé trouvée: HKLM\Software\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}

Clé trouvée: HKLM\Software\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}

Clé trouvée: HKLM\Software\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}

Clé trouvée: HKLM\Software\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}

Clé trouvée: HKLM\Software\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}

Clé trouvée: HKLM\Software\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}

Clé trouvée: HKLM\Software\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}

Clé trouvée: HKLM\Software\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}

Clé trouvée: HKLM\Software\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}

Clé trouvée: HKLM\Software\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}

Clé trouvée: HKLM\Software\Classes\TypeLib\{9D7233B0-0CC0-4938-8208-5B3F9D643873}

Clé trouvée: HKLM\Software\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}

Clé trouvée: HKLM\Software\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}

Clé trouvée: HKLM\Software\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}

Clé trouvée: HKLM\Software\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}

Clé trouvée: HKLM\Software\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}

Clé trouvée: HKLM\Software\Classes\FunWebProducts.DataControl

Clé trouvée: HKLM\Software\Classes\FunWebProducts.DataControl.1

Clé trouvée: HKLM\Software\Classes\FunWebProducts.HistoryKillerScheduler

Clé trouvée: HKLM\Software\Classes\FunWebProducts.HistoryKillerScheduler.1

Clé trouvée: HKLM\Software\Classes\FunWebProducts.HistorySwatterControlBar

Clé trouvée: HKLM\Software\Classes\FunWebProducts.HistorySwatterControlBar.1

Clé trouvée: HKLM\Software\Classes\FunWebProducts.HTMLMenu

Clé trouvée: HKLM\Software\Classes\FunWebProducts.HTMLMenu.1

Clé trouvée: HKLM\Software\Classes\FunWebProducts.HTMLMenu.2

Clé trouvée: HKLM\Software\Classes\FunWebProducts.IECookiesManager

Clé trouvée: HKLM\Software\Classes\FunWebProducts.IECookiesManager.1

Clé trouvée: HKLM\Software\Classes\FunWebProducts.KillerObjManager

Clé trouvée: HKLM\Software\Classes\FunWebProducts.KillerObjManager.1

Clé trouvée: HKLM\Software\Classes\FunWebProducts.PopSwatterBarButton

Clé trouvée: HKLM\Software\Classes\FunWebProducts.PopSwatterBarButton.1

Clé trouvée: HKLM\Software\Classes\FunWebProducts.PopSwatterSettingsControl

Clé trouvée: HKLM\Software\Classes\FunWebProducts.PopSwatterSettingsControl.1

Clé trouvée: HKLM\Software\Classes\MyWebSearch.ChatSessionPlugin

Clé trouvée: HKLM\Software\Classes\MyWebSearch.ChatSessionPlugin.1

Clé trouvée: HKLM\Software\Classes\MyWebSearch.HTMLPanel

Clé trouvée: HKLM\Software\Classes\MyWebSearch.HTMLPanel.1

Clé trouvée: HKLM\Software\Classes\MyWebSearch.MultipleButton

Clé trouvée: HKLM\Software\Classes\MyWebSearch.MultipleButton.1

Clé trouvée: HKLM\Software\Classes\MyWebSearch.OutlookAddin

Clé trouvée: HKLM\Software\Classes\MyWebSearch.OutlookAddin.1

Clé trouvée: HKLM\Software\Classes\MyWebSearch.PseudoTransparentPlugin

Clé trouvée: HKLM\Software\Classes\MyWebSearch.PseudoTransparentPlugin.1

Clé trouvée: HKLM\Software\Classes\MyWebSearch.UrlAlertButton

Clé trouvée: HKLM\Software\Classes\MyWebSearch.UrlAlertButton.1

Clé trouvée: HKLM\Software\Classes\MyWebSearchToolBar.SettingsPlugin

Clé trouvée: HKLM\Software\Classes\MyWebSearchToolBar.SettingsPlugin.1

Clé trouvée: HKLM\Software\Classes\MyWebSearchToolBar.ToolbarPlugin

Clé trouvée: HKLM\Software\Classes\MyWebSearchToolBar.ToolbarPlugin.1

Clé trouvée: HKLM\Software\Classes\ScreenSaverControl.ScreenSaverInstaller

Clé trouvée: HKLM\Software\Classes\ScreenSaverControl.ScreenSaverInstaller.1

Clé trouvée: HKLM\Software\Conduit

Clé trouvée: HKLM\Software\FocusInteractive

Clé trouvée: HKLM\Software\Fun Web Products

Clé trouvée: HKLM\Software\MyWebSearch

Clé trouvée: HKLM\Software\PopCap

Clé trouvée: HKCU\Software\FunWebProducts

Clé trouvée: HKCU\Software\MyWebSearch

Clé trouvée: HKCU\Software\PopCap

Clé trouvée: HKCU\Software\AppDataLow\Software\Fun Web Products

Clé trouvée: HKCU\Software\AppDataLow\Software\FunWebProducts

Clé trouvée: HKCU\Software\AppDataLow\Software\MyWebSearch

Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}

Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}

Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}

Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}

Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127}

Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7}

Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}

Clé trouvée: HKLM\Software\Classes\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239}

Clé trouvée: HKLM\Software\Classes\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3}

Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}

Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll

Clé trouvée: HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss

Clé trouvée: HKLM\Software\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin

Clé trouvée: HKLM\Software\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}

Clé trouvée: HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin

Valeur trouvée: HKLM\Software\Microsoft\Windows Media\Wmsdk\Sources|F3PopularScreenSavers

Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform|FunWebProducts

Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|m3ffxtbr@mywebsearch.com

Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|offerbox@spointer.com

Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|My Web Search Bar Search Scope Monitor

Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin

Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin

Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00A6FAF6-072E-44CF-8957-5838F569A31D}

Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA}

Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA}

============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [3.6.18 (fr)] ****

HKLM_MozillaPlugins\@mywebsearch.com/Plugin (x)

HKLM_MozillaPlugins\@unity3d.com/UnityPlayer (x)

HKLM_Extensions|m3ffxtbr@mywebsearch.com - C:\Program Files\MyWebSearch\bar\1.bin

HKLM_Extensions|offerbox@spointer.com - C:\Program Files\OfferBox\extensions-3.1.3878.129\offerbox@spointer.com (x)

-- C:\Users\HP\AppData\Roaming\Mozilla\FireFox\Profiles\cgw2qftj.default --

Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} (Greasemonkey)

Searchplugins\mywebsearch.xml (hxxp://search.mywebsearch.com/mywebsearch/cfg_redir2.jhtml)

Prefs.js - browser.download.lastDir, C:\\Users\\HP\\Desktop\\Nouveau dossier

Prefs.js - browser.search.selectedEngine, My Web Search

Prefs.js - browser.startup.homepage, www.google.fr

Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.18

Prefs.js - keyword.URL, hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZKxdm607YYFR&ptb=JDmVi.BPJaMkP5WDsRUk4g&ind=20101...

========================================

**** Internet Explorer Version [8.0.6001.19088] ****

HKCU_Main|Search bar - hxxp://g.msn.fr/0SEFRFR/SAOS02

HKCU_Main|Search Page - hxxp://home.microsoft.com/access/allinone.asp

HKCU_Main|Start Page - hxxp://google.fr/

HKLM_Main|Default_Page_URL - hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=81&bd=Pavilion&pf=desktop

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Start Page - hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=81&bd=Pavilion&pf=desktop

HKCU_URLSearchHooks|{00A6FAF6-072E-44cf-8957-5838F569A31D} - "?" (C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL)

HKCU_SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} - "My Web Search" (hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZKxdm607YYFR&ptb=JDmVi...)

HKCU_SearchScopes\{74B19991-2F3E-4428-AE17-71C7F6BEC7FC} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...)

HKLM_SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} - "My Web Search" (hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZKxdm607YYFR&ptb=JDmVi...)

HKLM_SearchScopes\{74B19991-2F3E-4428-AE17-71C7F6BEC7FC} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...)

HKCU_Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL)

HKLM_Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL)

HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)

HKLM_ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} - C:\Program Files\MyWebSearch\bar\1.bin\m3impipe.exe (MyWebSearch.com)

HKLM_ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} - C:\Windows\system32\f3PSSavr.scr (FunWebProducts.com)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} - C:\Program Files\MyWebSearch\bar\1.bin\m3SkPlay.exe (MyWebSearch.com)

HKLM_ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} - C:\Program Files\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.)

HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files\Neuf\Kit\9launch.exe (SFR)

HKLM_ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} - C:\Program Files\MyWebSearch\bar\1.bin\m3medint.exe (MyWebSearch.com)

HKLM_ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} - C:\Program Files\MyWebSearch\bar\1.bin\m3SlSrch.exe (MyWebSearch.com)

HKLM_ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} - C:\Program Files\MyWebSearch\bar\1.bin\m3SrchMn.exe (MyWebSearch.com)

BHO\{00A6FAF1-072E-44cf-8957-5838F569A31D} - "MyWebSearch Search Assistant BHO" (C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL)

BHO\{07B18EA1-A523-4961-B6BB-170DE4475CCA} - "mwsBar BHO" (C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL)

BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files\Neuf\Kit\SFRNavErrorHelper.dll)

BHO\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} (?)

BHO\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "Bing Bar Helper" ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Program Files\Ad-Remover\Backup: 0 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 08/08/2011 18:36:36 (21563 Octet(s))

Fin à: 18:37:09, 08/08/2011

============== E.O.F ==============

kingleroideskong · le 8 août 2011

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 18:41:02 le 08/08/2011, Mode normal

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86)

HP@PC-HP (HP-Pavilion KB022AA-ABF m9170.fr)

============== ACTION(S) ==============

Service: "MyWebSearchService" Stoppé et supprimé

Fichier supprimé: C:\Windows\system32\f3PSSavr.scr

Fichier supprimé: C:\Users\HP\AppData\Roaming\Mozilla\FireFox\Profiles\cgw2qftj.default\searchplugins\mywebsearch.xml

Dossier supprimé: C:\Users\HP\AppData\LocalLow\FunWebProducts

Dossier supprimé: C:\Program Files\FunWebProducts

Dossier supprimé: C:\Users\HP\AppData\LocalLow\MyWebSearch

Dossier supprimé: C:\Program Files\MyWebSearch

Dossier supprimé: C:\ProgramData\PopCap Games

Dossier supprimé: C:\Users\HP\AppData\Roaming\OfferBox

Fichier supprimé: C:\Program Files\Windows Live\Messenger\Riched20.dll

Fichier supprimé: C:\Program Files\Windows Live\Messenger\Msimg32.dll

Fichier supprimé: C:\Users\HP\AppData\Local\tyfrwcbw.bat

(!) -- Fichiers temporaires supprimés.

-- Fichier ouvert: C:\Users\HP\AppData\Roaming\Mozilla\FireFox\Profiles\cgw2qftj.default\Prefs.js --

Ligne supprimée: user_pref("extensions.enabledItems", "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1,{e4a8a97b-f2ed-45...

Ligne supprimée: user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensea...

Ligne supprimée: user_pref("extensions.mywebsearch.prevKwdEnabled", true);

Ligne supprimée: user_pref("extensions.mywebsearch.prevKwdURL", "chrome://browser-region/locale/region.properties");

Ligne supprimée: user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZKxdm607YYFR&ptb...

-- Fichier Fermé --

Clé supprimée: HKLM\Software\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44cf-8957-5838F569A31D}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44cf-8957-5838F569A31D}

Clé supprimée: HKLM\Software\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44cf-8957-5838F569A31D}

Clé supprimée: HKLM\Software\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}

Clé supprimée: HKLM\Software\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}

Clé supprimée: HKLM\Software\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}

Clé supprimée: HKLM\Software\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}

Clé supprimée: HKLM\Software\Classes\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}

Clé supprimée: HKLM\Software\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}

Clé supprimée: HKLM\Software\Classes\CLSID\{2EECCC1A-4CA0-492F-838D-AC1FC26CB327}

Clé supprimée: HKLM\Software\Classes\Interface\{2EECCC1A-4CA0-492F-838D-AC1FC26CB327}

Clé supprimée: HKLM\Software\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}

Clé supprimée: HKLM\Software\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}

Clé supprimée: HKLM\Software\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}

Clé supprimée: HKLM\Software\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}

Clé supprimée: HKLM\Software\Classes\CLSID\{65f0de9c-0ac1-416b-b8b6-b3d68dc76ea3}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{65f0de9c-0ac1-416b-b8b6-b3d68dc76ea3}

Clé supprimée: HKLM\Software\Classes\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}

Clé supprimée: HKLM\Software\Classes\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}

Clé supprimée: HKLM\Software\Classes\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}

Clé supprimée: HKLM\Software\Classes\CLSID\{799391D3-EB86-4bac-9BD3-CBFEA58A0E15}

Clé supprimée: HKLM\Software\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}

Clé supprimée: HKLM\Software\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}

Clé supprimée: HKLM\Software\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}

Clé supprimée: HKLM\Software\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}

Clé supprimée: HKLM\Software\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}

Clé supprimée: HKLM\Software\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}

Clé supprimée: HKLM\Software\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}

Clé supprimée: HKLM\Software\Classes\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}

Clé supprimée: HKLM\Software\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}

Clé supprimée: HKLM\Software\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}

Clé supprimée: HKLM\Software\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}

Clé supprimée: HKLM\Software\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}

Clé supprimée: HKLM\Software\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}

Clé supprimée: HKLM\Software\Classes\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}

Clé supprimée: HKLM\Software\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}

Clé supprimée: HKLM\Software\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}

Clé supprimée: HKLM\Software\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}

Clé supprimée: HKLM\Software\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}

Clé supprimée: HKLM\Software\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}

Clé supprimée: HKLM\Software\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}

Clé supprimée: HKLM\Software\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}

Clé supprimée: HKLM\Software\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}

Clé supprimée: HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}

Clé supprimée: HKLM\Software\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}

Clé supprimée: HKLM\Software\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}

Clé supprimée: HKLM\Software\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}

Clé supprimée: HKLM\Software\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}

Clé supprimée: HKLM\Software\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}

Clé supprimée: HKLM\Software\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}

Clé supprimée: HKLM\Software\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}

Clé supprimée: HKLM\Software\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}

Clé supprimée: HKLM\Software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}

Clé supprimée: HKLM\Software\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}

Clé supprimée: HKLM\Software\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}

Clé supprimée: HKLM\Software\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}

Clé supprimée: HKLM\Software\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}

Clé supprimée: HKLM\Software\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}

Clé supprimée: HKLM\Software\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}

Clé supprimée: HKLM\Software\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}

Clé supprimée: HKLM\Software\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}

Clé supprimée: HKLM\Software\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}

Clé supprimée: HKLM\Software\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}

Clé supprimée: HKLM\Software\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}

Clé supprimée: HKLM\Software\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}

Clé supprimée: HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}

Clé supprimée: HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}

Clé supprimée: HKLM\Software\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}

Clé supprimée: HKLM\Software\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}

Clé supprimée: HKLM\Software\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}

Clé supprimée: HKLM\Software\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}

Clé supprimée: HKLM\Software\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}

Clé supprimée: HKLM\Software\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}

Clé supprimée: HKLM\Software\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}

Clé supprimée: HKLM\Software\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}

Clé supprimée: HKLM\Software\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}

Clé supprimée: HKLM\Software\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}

Clé supprimée: HKLM\Software\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}

Clé supprimée: HKLM\Software\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}

Clé supprimée: HKLM\Software\Classes\TypeLib\{9D7233B0-0CC0-4938-8208-5B3F9D643873}

Clé supprimée: HKLM\Software\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}

Clé supprimée: HKLM\Software\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}

Clé supprimée: HKLM\Software\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}

Clé supprimée: HKLM\Software\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}

Clé supprimée: HKLM\Software\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}

Clé supprimée: HKLM\Software\Classes\FunWebProducts.DataControl

Clé supprimée: HKLM\Software\Classes\FunWebProducts.DataControl.1

Clé supprimée: HKLM\Software\Classes\FunWebProducts.HistoryKillerScheduler

Clé supprimée: HKLM\Software\Classes\FunWebProducts.HistoryKillerScheduler.1

Clé supprimée: HKLM\Software\Classes\FunWebProducts.HistorySwatterControlBar

Clé supprimée: HKLM\Software\Classes\FunWebProducts.HistorySwatterControlBar.1

Clé supprimée: HKLM\Software\Classes\FunWebProducts.HTMLMenu

Clé supprimée: HKLM\Software\Classes\FunWebProducts.HTMLMenu.1

Clé supprimée: HKLM\Software\Classes\FunWebProducts.HTMLMenu.2

Clé supprimée: HKLM\Software\Classes\FunWebProducts.IECookiesManager

Clé supprimée: HKLM\Software\Classes\FunWebProducts.IECookiesManager.1

Clé supprimée: HKLM\Software\Classes\FunWebProducts.KillerObjManager

Clé supprimée: HKLM\Software\Classes\FunWebProducts.KillerObjManager.1

Clé supprimée: HKLM\Software\Classes\FunWebProducts.PopSwatterBarButton

Clé supprimée: HKLM\Software\Classes\FunWebProducts.PopSwatterBarButton.1

Clé supprimée: HKLM\Software\Classes\FunWebProducts.PopSwatterSettingsControl

Clé supprimée: HKLM\Software\Classes\FunWebProducts.PopSwatterSettingsControl.1

Clé supprimée: HKLM\Software\Classes\MyWebSearch.ChatSessionPlugin

Clé supprimée: HKLM\Software\Classes\MyWebSearch.ChatSessionPlugin.1

Clé supprimée: HKLM\Software\Classes\MyWebSearch.HTMLPanel

Clé supprimée: HKLM\Software\Classes\MyWebSearch.HTMLPanel.1

Clé supprimée: HKLM\Software\Classes\MyWebSearch.MultipleButton

Clé supprimée: HKLM\Software\Classes\MyWebSearch.MultipleButton.1

Clé supprimée: HKLM\Software\Classes\MyWebSearch.OutlookAddin

Clé supprimée: HKLM\Software\Classes\MyWebSearch.OutlookAddin.1

Clé supprimée: HKLM\Software\Classes\MyWebSearch.PseudoTransparentPlugin

Clé supprimée: HKLM\Software\Classes\MyWebSearch.PseudoTransparentPlugin.1

Clé supprimée: HKLM\Software\Classes\MyWebSearch.UrlAlertButton

Clé supprimée: HKLM\Software\Classes\MyWebSearch.UrlAlertButton.1

Clé supprimée: HKLM\Software\Classes\MyWebSearchToolBar.SettingsPlugin

Clé supprimée: HKLM\Software\Classes\MyWebSearchToolBar.SettingsPlugin.1

Clé supprimée: HKLM\Software\Classes\MyWebSearchToolBar.ToolbarPlugin

Clé supprimée: HKLM\Software\Classes\MyWebSearchToolBar.ToolbarPlugin.1

Clé supprimée: HKLM\Software\Classes\ScreenSaverControl.ScreenSaverInstaller

Clé supprimée: HKLM\Software\Classes\ScreenSaverControl.ScreenSaverInstaller.1

Clé supprimée: HKLM\Software\Conduit

Clé supprimée: HKLM\Software\FocusInteractive

Clé supprimée: HKLM\Software\Fun Web Products

Clé supprimée: HKLM\Software\MyWebSearch

Clé supprimée: HKLM\Software\PopCap

Clé supprimée: HKCU\Software\FunWebProducts

Clé supprimée: HKCU\Software\MyWebSearch

Clé supprimée: HKCU\Software\PopCap

Clé supprimée: HKCU\Software\AppDataLow\Software\Fun Web Products

Clé supprimée: HKCU\Software\AppDataLow\Software\FunWebProducts

Clé supprimée: HKCU\Software\AppDataLow\Software\MyWebSearch

Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}

Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}

Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}

Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}

Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127}

Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7}

Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}

Clé supprimée: HKLM\Software\Classes\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239}

Clé supprimée: HKLM\Software\Classes\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3}

Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}

Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll

Clé supprimée: HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss

Clé supprimée: HKLM\Software\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin

Clé supprimée: HKLM\Software\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}

Clé supprimée: HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin

Valeur supprimée: HKLM\Software\Microsoft\Windows Media\Wmsdk\Sources|F3PopularScreenSavers

Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform|FunWebProducts

Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|m3ffxtbr@mywebsearch.com

Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|offerbox@spointer.com

Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|My Web Search Bar Search Scope Monitor

Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin

Valeur supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin

Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00A6FAF6-072E-44CF-8957-5838F569A31D}

Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA}

Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA}

============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [3.6.18 (fr)] ****

HKLM_MozillaPlugins\@unity3d.com/UnityPlayer (x)

-- C:\Users\HP\AppData\Roaming\Mozilla\FireFox\Profiles\cgw2qftj.default --

Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} (Greasemonkey)

Prefs.js - browser.download.lastDir, C:\\Users\\HP\\Desktop\\Nouveau dossier

Prefs.js - browser.search.selectedEngine, My Web Search

Prefs.js - browser.startup.homepage, www.google.fr

Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.18

========================================

**** Internet Explorer Version [8.0.6001.19088] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896

HKCU_Main|Start Page - hxxp://fr.msn.com/

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm

HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Start Page - hxxp://fr.msn.com/

HKCU_SearchScopes\{74B19991-2F3E-4428-AE17-71C7F6BEC7FC} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...)

HKLM_SearchScopes\{74B19991-2F3E-4428-AE17-71C7F6BEC7FC} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...)

HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} - C:\Program Files\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.)

HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files\Neuf\Kit\9launch.exe (SFR)

BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files\Neuf\Kit\SFRNavErrorHelper.dll)

BHO\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} (?)

BHO\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "Bing Bar Helper" ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)

========================================

C:\Program Files\Ad-Remover\Quarantine: 167 Fichier(s)

C:\Program Files\Ad-Remover\Backup: 16 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 08/08/2011 18:41:05 (19925 Octet(s))

C:\Ad-Report-SCAN[1].txt - 08/08/2011 18:36:36 (21702 Octet(s))

Fin à: 18:41:46, 08/08/2011

============== E.O.F ==============

pear · le 8 août 2011

Il manque le rapport de Mbam et vos commentaires ensuite sur l'état de la machine.

kingleroideskong · le 8 août 2011

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

Version de la base de données: 7411

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.19088

08/08/2011 19:34:43

mbam-log-2011-08-08 (19-34-43).txt

Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|)

Elément(s) analysé(s): 113566

Temps écoulé: 20 minute(s), 22 seconde(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

Processus mémoire infecté(s):