[Résolu] Suis-je infecté ?

[franck de Marseille]

Bonsoir,

 

Mon PC ne cesse de planter et a même du mal à redémarrer. Pouvez-vous m'aider à détecter d'éventuels virus?

 

D'avance merci !

[pear]

Bonjour,

 

 

 

Lancez cet outil de diagnostic:

Téléchargez ZhpDiag de Coolman

Décompresser le fichier ZHPDiag.fix sur le bureau

puis double-cliquer sur le fichier ZHPDiag.exe pour installer l'outil

Sur le bureau ,il y aura 3 icônes

 

Sous XP, double clic sur ZhpDiag

Sous Vista/7, faire un clic droit et Exécuter en tant qu'administrateur

Clic sur la Loupe pour lancer le scan

En cas de blocage sur O80, cliquez sur le tournevis pour le décocher

Postez en le rapport ZhpDiag.txt qui apparait sur le bureau

Comment poster les rapports

Vous copiez/collez tout ou partie des rapports dans un ou plusieurs messages.

Autre solution:

Aller sur le site :Ci-Joint

Appuyez sur Parcourir et chercher les rapports sur le disque,

Ensuite appuyez sur Créer le lien CJoint,

>> dans la page suivante --> ,,

une adresse http//.. sera créée

Copier /coller cette adresse dans votre prochain message.

 

Modifié le 9 août 2011 par pear

[franck de Marseille]

Bonjour,

Voici le rapport demandé :

 

Rapport de ZHPDiag v1.28.132 par Nicolas Coolman, Update du 08/08/2011

Run by famille at 09/08/2011 17:05:26

Web site : ZHPDiag Outil de diagnostic

 

 

---\\ Web Browser

MSIE: Internet Explorer v9.0.8112.16421

MFIE: Mozilla Firefox 5.0 v (Defaut)

GCIE: Google Chrome v12.0.742.122

 

---\\ Windows Product Information

Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Windows Server License Manager Script : OK

~ Windows® 7, OEM_COA_NSLP channel

Windows ID Activation : OK

~ Windows Partial Key : M3J6X

Windows License : OK

~ Windows Remaining Initializations Number : 5

Software Protection Service (Protection logicielle) : OK

Windows Automatic Updates : OK

Windows Activation Technologies : OK

 

---\\ System Information

~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel

~ Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 8191 MB (78% free)

System Restore: Activé (Enable)

System drive C: has 333 GB (72%) free of 458 GB

 

---\\ Logged in mode

~ Computer Name: PC-DE-FAMILLE

~ User Name: famille

~ All Users Names: HomeGroupUser$, famille, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O82

Logged in as Administrator

 

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\famille\AppData\Roaming\

~ %Desktop% : C:\Users\famille\Desktop\

~ %Favorites% : C:\Users\famille\Favorites\

~ %LocalAppData% : C:\Users\famille\AppData\Local\

~ %StartMenu% : C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\system32\

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 333 Go of 458 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 458 Go of 458 Go)

E:\ CD-ROM drive (Not Inserted)

F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK

~ Scan Security Center in 00mn 00s

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.28/04/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]

[MD5.DD81D91FF3B0763C392422865C9AC12E] - (....) (.14/07/2009 - 02:39:31.) -- C:\Windows\system32\rundll32.exe [45568]

[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\system32\Wininit.exe [129024]

[MD5.1BF2BCC7E3C26FD4C8EF0C9EFB0CC25D] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.11/07/2011 - 18:01:31.) -- C:\Windows\system32\wininet.dll [1389056]

[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.05/03/2011 - 14:25:30.) -- C:\Windows\system32\Winlogon.exe [390656]

[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\drivers\atapi.sys [24128]

[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.28/04/2011 - 07:41:34.) -- C:\Windows\system32\drivers\ntfs.sys [1659776]

[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.05/03/2011 - 14:27:26.) -- C:\Windows\system32\sppcomapi.dll [232448]

[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (....) (.05/03/2011 - 14:07:20.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]

~ Scan Generic Processes in 00mn 00s

 

 

 

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 1/42

~ Mes musiques (My Musics) : 15/43

~ Mes Videos (My Videos) : 1/183

~ Mes Favoris (My Favorites) : 5/523

~ Mes Documents (My Documents) : 156/1687

~ Mon Bureau (My Desktop) : 2/609

~ Menu demarrer (Programs) : 7/38

~ Scan Hidden Files in 00mn 19s

 

 

 

---\\ Processus lancés

[MD5.F751C546A9A586A09AD64274529F8E9C] - (.McAfee, Inc. - McAfee Integrated Security Platform.) -- c:\PROGRA~2\mcafee.com\agent\mcagent.exe [645328]

[MD5.055E69B5E4841098A4EAE04EE7EEB0A2] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904]

[MD5.25173C73A8E66BDCE0991643B3810BC8] - (.EgisTec Inc. - mwlDaemon Application.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [346672]

[MD5.696A8C0E65724D5CD80944688BA69D11] - (.Pas de propriétaire - Printer Device Monitor.) -- C:\Program Files (x86)\Lexmark S600 Series\lxedmon.exe [770728]

[MD5.951E33D6F7336F35D592E4A1B03440BA] - (...) -- C:\Program Files (x86)\Lexmark S600 Series\ezprint.exe [139944]

[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408]

[MD5.467E15D29A0FB9EECFC16543AD978F5A] - (.Veoh Networks - Veoh Web Player Beta.) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [2634048]

[MD5.79A68515003E994D8632D1802C149430] - (.Pas de propriétaire - gm4ie MFC Application.) -- C:\Facemoi\facemoi.exe [59392]

[MD5.89F7C30A91E5581BDF14C62AB46A2B2D] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [255536]

[MD5.B62D8C47FFF285F910A4896836BCD744] - (.CyberLink Corp. - Acer Arcade Deluxe Resident Program.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [156968]

[MD5.D3D3B1CFA81DD68D38362D533F443FD1] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [202024]

[MD5.2B2D8EF4BE4648FC0BB91DE59D395574] - (.EgisTec Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464]

[MD5.8DCED3E27B271E76743C268DBD51EEEC] - (.Acer Corp. - Acer Arcade Deluxe PlayMovie Resident Progr.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [173288]

[MD5.9ACE8ECDB1EBC519F48AA65DE5875573] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe [202256]

[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [281768]

[MD5.7636713B4F0944045AB4AF7CED5245AB] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704]

[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696]

[MD5.6C9CD3ECBA6732661C8BBE37A877A2BD] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [924632]

[MD5.4486AD32BB05628967695FCA1BADD46E] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [16856]

[MD5.B5B4E81AADFDF95345186A023A99D2E6] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [664576]

[MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [136360]

[MD5.62F7FD637CE42ADDA3748E1B6E8780D2] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [269480]

[MD5.2B272D0A6E5071829B516FFDC7F841CA] - (.Pas de propriétaire - CLHNService Module.) -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [75048]

[MD5.9FD96AFED226918A6ED8D0BAF9C2B398] - (...) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSMonitorService.exe [58664]

[MD5.051E8D7AC7B1902BD32060AB7ED6E449] - (.CyberLink - CLMSServer.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [288120]

[MD5.C85968D24449E37653B891B03188140C] - (.McAfee, Inc. - McAfee Proxy Service Module.) -- C:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe [359952]

[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- C:\Windows\SysWOW64\rundll32.exe [44544]

[MD5.0655D440057942DE2BEEB8FAD145490E] - (.McAfee, Inc. - McAfee Personal Firewall Service.) -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe [894136]

[MD5.CF3C267356F458BE85C5034BFC382022] - (.McAfee, Inc. - McAfee Anti-Spam Server.) -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe [26640]

[MD5.77F8AD024059A9A8E17E654B887D1EF0] - (.EgisTec Inc. - MyWinLocker Service.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [306736]

[MD5.58751F9248D50BCE1053976C9E2F0859] - (.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144632]

[MD5.7CCAEBCAB6FC1ED0206C07E083E79207] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152]

[MD5.F79525634B192F5A18DE503568F94EF3] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840]

[MD5.0FC36E77D779F8D021D338BDC7368181] - (.McAfee, Inc. - McAfee Services.) -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe [865832]

[MD5.F2A433E0EA959028E349FB1D5BAE01E7] - (.McAfee, Inc. - McAfee SystemGuards Service.) -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe [606736]

[MD5.2988E515570E4F8B9D9B256137F8E8F4] - (.McAfee, Inc. - McAfee Network Agent.) -- C:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe [2482848]

[MD5.34F4F701DFDFDE6433B15D0442FEA90A] - (.McAfee, Inc. - McAfee Update Launcher.) -- c:\PROGRA~2\mcafee.com\agent\McUpdate.exe [562928]

[MD5.479E89EC5F1A340C4A2E09245E8435AA] - (.McAfee, Inc. - McAfee Update Manager Service.) -- c:\PROGRA~2\mcafee\msc\mcupdmgr.exe [806008]

~ Scan Processes Running in 00mn 01s

 

 

 

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

C:\Users\famille\AppData\Local\Google\Chrome\User Data\Default\Preferences

G1 - GCS: Preference [user Data\Default] None

G0 - GCSP: Preference [user Data\Default][HomePage] Google

G2 - GCE: Preference [user Data\Default] [defdhglnppeioeflggkmglipcecffkhk] AutocompletePro plugin for chrome v.1.0 (Activé)

G2 - GCE: Preference [user Data\Default] [fheoggkfdfchfphceeifdbepaooicaho] SiteAdvisor v.3.31.137.7 (Activé)

G2 - GCE: Preference [user Data\Default] [fnjbmmemklcjgepojigaapkoodmkgbae] DivX HiQ v.2.1.1.94 (Activé)

G2 - GCE: Preference [user Data\Default] [iknffkmlbmmhbnfhfnpopiembeecpokj] Facemoi v.2.3.0 (Activé)

G2 - GCE: Preference [user Data\Default] [jfmjfhklogoienhpfnppmbcbjfjnkonk] RealPlayer HTML5Video Downloader Extension v.1.2 (Activé)

G2 - GCE: Preference [user Data\Default] [nneajnkjbffgblleaoojgaacokifdkhm] \u003Cvideo\u003E HTML5 DivX Plus Web Player v.2.1.1.94 (Activé)

~ Scan Google Browser in 00mn 00s

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Users\famille\AppData\Roaming\Mozilla\Firefox\Profiles\dnnw8d13.default\prefs.js

M3 - MFPP: Plugins - [famille] -- C:\Users\famille\AppData\Roaming\Mozilla\Firefox\Profiles\dnnw8d13.default\searchplugins\conduit.xml

M0 - MFSP: prefs.js [famille - dnnw8d13.default] Google

M2 - MFEP: prefs.js [famille - dnnw8d13.default\[email protected]] [] Conduit Engine v3.3.3.2 (.Conduit Ltd..)

M2 - MFEP: prefs.js [famille - dnnw8d13.default\{04253f76-f258-4b03-7b4a-0bebad2ca3e9}] [] v (.FaceMoicemoi/content/facemoi.png</em:iconURL><em:homepageURL>Who visits my facebook profile - Facemoi</em:homepageURL><em:targetApplication><Description><em:id>{ec8030f7-c20a-4

P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll

P2 - FPN:Firefox Plugin Navigator . (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npDivxPlayerPlugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll

P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppl3260.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin6.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin7.dll

P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nprjplug.dll

P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 6.0.12.775.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nprpjplug.dll

P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

~ Scan Firefox Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to Windows Live

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com

R0 - HKUS\S-1-5-21-1593801776-2121311327-3249409475-1000\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to Windows Live

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKUS\S-1-5-21-1593801776-2121311327-3249409475-1000\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll

R3 - URLSearchHook: McAfee SiteAdvisor Toolbar [64Bits] - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) (3,3,1,137) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll

R3 - URLSearchHook: uTorrentBar_FR Toolbar [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.7.3) -- C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll

R3 - URLSearchHook: NCH EN Toolbar [64Bits] - {37483b40-c254-4a72-bda4-22ee90182c1e} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.2.0) -- C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

~ Scan IE Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

 

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Redirection du fichier Hosts (O1)

~ Scan Hosts File in 00mn 00s

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: McAfee Phishing Filter [64Bits] - {27B4851A-3207-45A2-B947-BE8AFE6163AB} . (...) -- c:\PROGRA~2\mcafee\msk\MSKAPB~1.DLL

O2 - BHO: scriptproxy [64Bits] - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files\McAfee\VirusScan\scriptsn.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\

O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

O2 - BHO: McAfee SiteAdvisor BHO [64Bits] - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll

O2 - BHO: uTorrentBar_FR Toolbar [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll

O2 - BHO: Lexmark Barre d'outils [64Bits] - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} . (...) -- C:\Program Files\Lexmark Toolbar\toolband.dll

O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: McAfee Phishing Filter [64Bits] - {27B4851A-3207-45A2-B947-BE8AFE6163AB} . (...) -- c:\PROGRA~2\mcafee\msk\mskapbho.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer [64Bits] - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugi

O2 - BHO: Conduit Engine [64Bits] - {30F9B915-B755-4826-820B-08FBA6BD249D} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> [64Bits] - {326E768D-4182-46FD-9C16-1449A49795F4} . (.DivX, LLC - DivX Web Player version 2.1.1.94.) -- C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

O2 - BHO: NCH EN [64Bits] - {37483b40-c254-4a72-bda4-22ee90182c1e} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll

O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites [64Bits] - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} . (.DivX, LLC - DivX Web Player version 2.1.1.94.) -- C:\Program Files (x86)\Div

O2 - BHO: (no name) [64Bits] - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline

O2 - BHO: Search Helper [64Bits] - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: scriptproxy [64Bits] - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows

O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: McAfee SiteAdvisor BHO [64Bits] - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Mega Manager IE Click Monitor [64Bits] - {bf00e119-21a3-4fd1-b178-3b8537e75c92} . (.Megaupload Limited - Mega Manager IE Click Catcher.) -- C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll

O2 - BHO: Lexmark [64Bits] - {D2C5E510-BE6D-42CC-9F61-E4F939078474} . (...) -- C:\Program Files\Lexmark Printable Web\bho.dll

O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper [64Bits] - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

O2 - BHO: (no name) [64Bits] - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} Clé orpheline

~ Scan BHO in 00mn 00s

 

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: McAfee SiteAdvisor Toolbar [64Bits] - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll

O3 - Toolbar: Google Toolbar [64Bits] - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

~ Scan Toolbar in 00mn 00s

 

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

O4 - HKLM\..\Run: [skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Program Files\Realtek\Audio\HDA\Skytel.exe

O4 - HKLM\..\Run: [iAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [mwlDaemon] . (.EgisTec Inc. - mwlDaemon Application.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe

O4 - HKLM\..\Run: [lxedmon.exe] . (.Pas de propriétaire - Printer Device Monitor.) -- C:\Program Files (x86)\Lexmark S600 Series\lxedmon.exe

O4 - HKLM\..\Run: [EzPrint] . (...) -- C:\Program Files (x86)\Lexmark S600 Series\ezprint.exe

O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [VeohPlugin] . (.Veoh Networks - Veoh Web Player Beta.) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe

O4 - HKCU\..\Run: [GM4IE] . (.Pas de propriétaire - gm4ie MFC Application.) -- C:\Facemoi\facemoi.exe

O4 - HKLM\..\Wow6432Node\Run: [ArcadeDeluxeAgent] . (.CyberLink Corp. - Acer Arcade Deluxe Resident Program.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

O4 - HKLM\..\Wow6432Node\Run: [CLMLServer] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe

O4 - HKLM\..\Wow6432Node\Run: [EgisTecLiveUpdate] . (.EgisTec Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe

O4 - HKLM\..\Wow6432Node\Run: [mcagent_exe] . (.McAfee, Inc. - McAfee Integrated Security Platform.) -- C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe

O4 - HKLM\..\Wow6432Node\Run: [MDS_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe

O4 - HKLM\..\Wow6432Node\Run: [PlayMovie] . (.Acer Corp. - Acer Arcade Deluxe PlayMovie Resident Progr.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe

O4 - HKLM\..\Wow6432Node\Run: [updatePDRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exer\7.0 (.not file.)

O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe

O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe

O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe

O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

O4 - HKLM\..\Wow6432Node\Run: [Facemoi] . (.Pas de propriétaire - gm4ie MFC Application.) -- c:\Facemoi\facemoi.exe

O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-21-1593801776-2121311327-3249409475-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-21-1593801776-2121311327-3249409475-1000\..\Run: [VeohPlugin] . (.Veoh Networks - Veoh Web Player Beta.) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe

O4 - HKUS\S-1-5-21-1593801776-2121311327-3249409475-1000\..\Run: [GM4IE] . (.Pas de propriétaire - gm4ie MFC Application.) -- C:\Facemoi\facemoi.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

~ Scan Application in 00mn 00s

 

 

 

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\famille\Desktop\Dofus 2.lnk . (...) -- C:\Program Files (x86)\Dofus 2\app\UpLauncher.exe

O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Dofus.lnk . (.Ankama Games.) -- C:\Program Files (x86)\Dofus\UpLauncher.exe

O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shareaza.lnk . (.Shareaza Development Team.) -- C:\Program Files (x86)\Shareaza\Shareaza.exe

O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Wakfu.lnk . (...) -- C:\Program Files (x86)\Wakfu\UpLauncher.exe

O4 - Global Startup: C:\Users\famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk . (.BitTorrent, Inc..) -- C:\Program Files (x86)\uTorrent\uTorrent.exe

~ Scan Global Startup in 00mn 04s

 

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Download Link Using Mega Manager... . (...) -- C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~3\Office12\EXCEL.exe

O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll

~ Scan IE Menu Contextuel in 00mn 00s

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

~ Scan Winsock in 00mn 00s

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{7623DE02-1BD8-4B18-AD23-F9F0DA1982C9}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{7623DE02-1BD8-4B18-AD23-F9F0DA1982C9}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{7623DE02-1BD8-4B18-AD23-F9F0DA1982C9}: DhcpNameServer = 192.168.1.1

~ Scan Domain in 00mn 00s

 

 

 

---\\ Protocole additionnel (O18)

O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: dssrequest [64Bits] - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll

O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL

O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll

O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: ms-itss [64Bits] - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll

O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL

O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: sacore [64Bits] - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll

O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll

O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

~ Scan Protocole Additionnel in 00mn 00s

 

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

~ Scan SSODL in 00mn 00s

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

O23 - Service: CLHNService (CLHNService) . (.Pas de propriétaire - CLHNService Module.) - C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe

O23 - Service: CyberLink Media Server Monitor Service (CyberLink Media Server Monitor Service) . (...) - C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSMonitorService.exe

O23 - Service: CyberLink Media Server Service (CyberLink Media Server Service) . (.CyberLink - CLMSServer.) - C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe

O23 - Service: Service Google Update (gupdate1ca51b324e09bc0) (gupdate1ca51b324e09bc0) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: lxedCATSCustConnectService (lxedCATSCustConnectService) . (.Lexmark International, Inc. - Lexmark Connect Service Executable.) - C:\Windows\system32\spool\DRIVERS\x64\3\lxedserv.exe

O23 - Service: lxed_device (lxed_device) . (.Pas de propriétaire - Printer Communication System.) - C:\Windows\system32\lxedcoms.exe

O23 - Service: McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) . (.McAfee, Inc. - SiteAdvisor.) - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe

O23 - Service: McAfee Services (mcmscsvc) . (.McAfee, Inc. - McAfee Services.) - C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) . (.McAfee, Inc. - McAfee Network Agent.) - C:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe

O23 - Service: McAfee Proxy Service (McProxy) . (.McAfee, Inc. - McAfee Proxy Service Module.) - C:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe

O23 - Service: McAfee Real-time Scanner (McShield) . (.McAfee, Inc. - On-Access Scanner service.) - C:\Program Files\McAfee\VirusScan\Mcshield.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) . (.McAfee, Inc. - McAfee Personal Firewall Service.) - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe

O23 - Service: McAfee Anti-Spam Service (MSK80Service) . (.McAfee, Inc. - McAfee Anti-Spam Server.) - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe

O23 - Service: MyWinLocker Service (MWLService) . (.EgisTec Inc. - MyWinLocker Service.) - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe

O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) . (.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 197.4.) - C:\Windows\system32\nvvsvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

~ Scan Services in 00mn 00s

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

 

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\McDefragTask.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\McQcTask.job

[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.21E151BEABD692DCE9911B8A71DC0332] [APT] [McQcTask] (.McAfee, Inc..) -- c:\PROGRA~2\mcafee\mqc\QcConsol.exe

[MD5.2C1A1F91D3288E7C02B584C2553967B6] [APT] [RealUpgradeLogonTaskS-1-5-21-1593801776-2121311327-3249409475-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe

[MD5.2C1A1F91D3288E7C02B584C2553967B6] [APT] [RealUpgradeScheduledTaskS-1-5-21-1593801776-2121311327-3249409475-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe

[MD5.00000000000000000000000000000000] [APT] [RunAsStdUser Task] (...) -- C:\Users\famille\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\RunIE.exe (.not file.)

[MD5.467E15D29A0FB9EECFC16543AD978F5A] [APT] [RunAsStdUser Task for VeohWebPlayer] (.Veoh Networks.) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe

[MD5.7B43567B4C32AD7ADED537CD3B1342B9] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe

~ Scan Scheduled Task in 00mn 05s

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys

O41 - Driver: McAfee Inc. mfehidk (mfehidk) . (.McAfee, Inc. - Host Intrusion Detection Link Driver.) - C:\Windows\system32\drivers\mfehidk.sys

O41 - Driver: (MPFP) . (.McAfee, Inc. - McAfee Personal Firewall Plus Driver.) - C:\Windows\system32\Drivers\Mpfp.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Tcpip) . (.Microsoft Corporation - Pilote TCP/IP.) - C:\Windows\system32\drivers\tcpip.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys

~ Scan Drivers in 00mn 00s

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}

O42 - Logiciel: AVS Audio Editor version 6.1 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Audio Editor_is1

O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Update Manager_is1

O42 - Logiciel: AVS4YOU Software Navigator 1.4 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Software Navigator_is1

O42 - Logiciel: Acer Arcade Deluxe - (.CyberLink Corp..) [HKLM] -- InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}

O42 - Logiciel: Acer Arcade Deluxe - (.CyberLink Corp..) [HKLM] -- {2637C347-9DAD-11D6-9EA2-00055D0CA761}

O42 - Logiciel: Acer Product Registration - (.Acer Incorporated.) [HKLM] -- {DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}

O42 - Logiciel: Acer ScreenSaver - (.Acer Incorporated.) [HKLM] -- {79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}

O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player

O42 - Logiciel: Alice Greenfingers - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}

O42 - Logiciel: Alien Shooter - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110082360}

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop

O42 - Logiciel: Beetle Junior - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110052107}

O42 - Logiciel: C:\Program Files (x86)\Acer GameZone\GameConsole - (.Oberon Media, Inc..) [HKLM] -- {71C2828F-2678-4675-BDEC-895424861262}_is1

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: Chicken Invaders 2 - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}

O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM] -- conduitEngine

O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM] -- DivX Setup.divx.com

O42 - Logiciel: CyberLink MediaShow - (.CyberLink Corp..) [HKLM] -- InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}

O42 - Logiciel: CyberLink MediaShow - (.CyberLink Corp..) [HKLM] -- {80E158EA-7181-40FE-A701-301CE6BE64AB}

O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}

O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}

O42 - Logiciel: DivX Converter - (.DivX, Inc..) [HKLM] -- {B13A7C41581B411290FBC0395694E2A9}

O42 - Logiciel: DivX Plus DirectShow Filters - (.DivX, Inc..) [HKLM] -- DivX Plus DirectShow Filters

O42 - Logiciel: Dofus 1.28.0 - (.Ankama Games.) [HKLM] -- Dofus 1.28.0

O42 - Logiciel: Dream Day First Home - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}

O42 - Logiciel: Full Tilt Poker.Fr - (.Pas de propriétaire.) [HKLM] -- {34785AD0-6276-11DF-A08A-0800200C9A66}

O42 - Logiciel: Galapago - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}

O42 - Logiciel: Geoplan-Geospace version 1.6 - (.Aid-creem.) [HKLM] -- {1AA0F610-7226-4C99-85D7-5E75AFD0D5CE}_is1

O42 - Logiciel: Go-Go Gourmet - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}

O42 - Logiciel: Heroes of Hellas - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}

O42 - Logiciel: Lexmark - (.Pas de propriétaire.) [HKLM] -- {D2C5E510-BE6D-42CC-9F61-E4F939078474}

O42 - Logiciel: Lexmark Barre d'outils - (.Pas de propriétaire.) [HKLM] -- {1017A80C-6F09-4548-A84D-EDD6AC9525F0}

O42 - Logiciel: Lexmark S600 Series - (.Lexmark International, Inc..) [HKLM] -- Lexmark S600 Series

O42 - Logiciel: Lexmark Tools for Office - (.Pas de propriétaire.) [HKLM] -- {10812DE7-2E57-4740-B226-6B3BE34AF9D7}

O42 - Logiciel: Magic Farm - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114717227}

O42 - Logiciel: Magic Match Adventures - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11408540}

O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan

O42 - Logiciel: McAfee SecurityCenter - (.McAfee, Inc..) [HKLM] -- MSC

O42 - Logiciel: Mega Manager - (.Megaupload Limited.) [HKLM] -- {3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack

O42 - Logiciel: Mozilla Firefox 5.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 5.0 (x86 fr)

O42 - Logiciel: Mystery Solitaire - Secret Island - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}

O42 - Logiciel: NCH EN Toolbar - (.NCH EN.) [HKLM] -- NCH_EN Toolbar

O42 - Logiciel: NTI Backup Now 5 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}

O42 - Logiciel: NTI Media Maker 8 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}

O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel

O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers

O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}

O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0) - (.Nokia.) [HKLM] -- BC15EA930074932BB2C4B4493C9FD4EA95087D1A

O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] -- PhotoFiltre

O42 - Logiciel: RadLight MPC DirectShow Filter (remove only) - (.Pas de propriétaire.) [HKLM] -- RadLight MPC DirectShow Filter

O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: SAMSUNG Mobile Composite Device Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Composite Device

O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem

O42 - Logiciel: SAMSUNG Mobile Modem V2 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem V2

O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0

O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem

O42 - Logiciel: SAMSUNG SYMBIAN USB Download Driver - (.SAMSUNG Electronics CO,.LTD.) [HKLM] -- {D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}

O42 - Logiciel: SAMSUNG USB Mobile Device Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG USB Mobile Device

O42 - Logiciel: Samsung Mobile Modem Device Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile Modem Device

O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD0DE453-0804-4495-9C91-33D0F9AA5463}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870

O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD907315-705A-4475-A1A0-2A1245803E4D}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A0173254-F442-4D04-9154-43FA157B83D0}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870

O42 - Logiciel: Shareaza 2.4.0.0 - (.Shareaza Development Team.) [HKLM] -- Shareaza_is1

O42 - Logiciel: Stellarium 0.10.6.1 - (.Pas de propriétaire.) [HKLM] -- Stellarium_is1

O42 - Logiciel: The K-Ball (remove only) - (.Pas de propriétaire.) [HKLM] -- The K-Ball

O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}

O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}

O42 - Logiciel: Upgrade Kit - (.Acer Inc..) [HKLM] -- {1D0FDD6D-3C5E-4588-8ED0-02DC88014BF2}

O42 - Logiciel: Veetle TV 0.9.18 - (.Veetle, Inc.) [HKLM] -- Veetle TV

O42 - Logiciel: Veoh Web Player - (.Veoh Networks, Inc..) [HKLM] -- Veoh Web Player Beta

O42 - Logiciel: Wakfu - (.Ankama Games.) [HKLM] -- Wakfu

O42 - Logiciel: WavePad Sound Editor - (.NCH Software.) [HKLM] -- WavePad

O42 - Logiciel: WinPcap 4.0.2 - (.CACE Technologies.) [HKLM] -- WinPcapInst

O42 - Logiciel: eSobi v2 - (.esobi Inc..) [HKLM] -- InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}

O42 - Logiciel: uTorrentBar_FR Toolbar - (.uTorrentBar_FR.) [HKLM] -- uTorrentBar_FR Toolbar

O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\8.1]

[HKCU\Software\ABBYY]

[HKCU\Software\AVS4YOU]

[HKCU\Software\Acer]

[HKCU\Software\Ad-Remover]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Aurigma]

[HKCU\Software\AppDataLow\Google]

[HKCU\Software\AppDataLow\Software\Adobe]

[HKCU\Software\AppDataLow\Software\Conduit]

[HKCU\Software\AppDataLow\Software\DivX]

[HKCU\Software\AppDataLow\Software\Google]

[HKCU\Software\AppDataLow\Software\Macromedia]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\NCH_EN]

[HKCU\Software\AppDataLow\Software\PriceGong]

[HKCU\Software\AppDataLow\Software\conduitEngine]

[HKCU\Software\AppDataLow\Software\uTorrentBar_FR]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow\Toolbar]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Audacity]

[HKCU\Software\AutocompletePro]

[HKCU\Software\Avira]

[HKCU\Software\Billeo]

[HKCU\Software\BitTorrent]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\Conduit]

[HKCU\Software\CyberLink]

[HKCU\Software\DivXNetworks]

[HKCU\Software\DivX]

[HKCU\Software\Full Tilt Poker.fr]

[HKCU\Software\Geoplace]

[HKCU\Software\Google]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\IM Providers]

[HKCU\Software\JavaSoft]

[HKCU\Software\LexmarkInkjet]

[HKCU\Software\LexmarkPhoto]

[HKCU\Software\Lexmark]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\Macromedia]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\McAfee]

[HKCU\Software\Megaupload]

[HKCU\Software\Meridian93]

[HKCU\Software\Mobileleader]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\NCH Software]

[HKCU\Software\NCH Swift Sound]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\Netscape]

[HKCU\Software\Northcode Inc]

[HKCU\Software\ODBC]

[HKCU\Software\OEM Upgrade Kit]

[HKCU\Software\Oberon Media]

[HKCU\Software\OpenOffice.org]

[HKCU\Software\PDFCreator]

[HKCU\Software\PTP]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\RadLight MPC DirectShow Filter]

[HKCU\Software\RealNetworks]

[HKCU\Software\Realtek]

[HKCU\Software\S3R521]

[HKCU\Software\Samsung]

[HKCU\Software\SaxoUpnBackup]

[HKCU\Software\Shareaza]

[HKCU\Software\Softonic]

[HKCU\Software\SuperSoftwarePackage]

[HKCU\Software\Svetozor]

[HKCU\Software\The K-Ball]

[HKCU\Software\Trend Micro]

[HKCU\Software\Trolltech]

[HKCU\Software\Veetle]

[HKCU\Software\Veoh]

[HKCU\Software\Wow6432Node]

[HKCU\Software\Xilisoft]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\eSobi]

[HKCU\Software\ej-technologies]

[HKLM\Software\ABBYY]

[HKLM\Software\ATI Technologies]

[HKLM\Software\AVS4YOU]

[HKLM\Software\Acer Inc.]

[HKLM\Software\Acer Incorporated]

[HKLM\Software\Acer]

[HKLM\Software\Adobe]

[HKLM\Software\America Online]

[HKLM\Software\Ankama]

[HKLM\Software\AppDataLow]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\Avira]

[HKLM\Software\CDDB]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Conduit]

[HKLM\Software\CyberLink]

[HKLM\Software\Cyberlink]

[HKLM\Software\DEVGURU]

[HKLM\Software\Digital River]

[HKLM\Software\DivXNetworks]

[HKLM\Software\DivX]

[HKLM\Software\Dofus 2]

[HKLM\Software\EgisTec Egis Software Update]

[HKLM\Software\EgisTec]

[HKLM\Software\Facemoi]

[HKLM\Software\Full Tilt Poker]

[HKLM\Software\Google]

[HKLM\Software\Hauppauge]

[HKLM\Software\IVT Corporation]

[HKLM\Software\Intel Corporation]

[HKLM\Software\Intel]

[HKLM\Software\Interface]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\Khronos]

[HKLM\Software\LexmarkInkjet]

[HKLM\Software\Lexmark]

[HKLM\Software\Licenses]

[HKLM\Software\MCCI]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\MarkAny]

[HKLM\Software\McAfee.com]

[HKLM\Software\McAfee]

[HKLM\Software\Megaupload Limited]

[HKLM\Software\Megaupload]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NCH Software]

[HKLM\Software\NCH Swift Sound]

[HKLM\Software\NCH_EN]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\NewTech Infosystems]

[HKLM\Software\ODBC]

[HKLM\Software\OEM]

[HKLM\Software\Oberon Media]

[HKLM\Software\OemSetup]

[HKLM\Software\OpenOffice.org]

[HKLM\Software\PC Connectivity Solution]

[HKLM\Software\PCSuite]

[HKLM\Software\PDFCreator]

[HKLM\Software\Piriform]

[HKLM\Software\Policies]

[HKLM\Software\RealNetworks]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\RichFX]

[HKLM\Software\SRS Labs]

[HKLM\Software\Samsung]

[HKLM\Software\Shareaza]

[HKLM\Software\SiteAdvisor]

[HKLM\Software\Sonic]

[HKLM\Software\Sun Microsystems]

[HKLM\Software\Symantec]

[HKLM\Software\TrendMicro]

[HKLM\Software\Uniblue]

[HKLM\Software\Veetle]

[HKLM\Software\Veoh]

[HKLM\Software\VideoLAN]

[HKLM\Software\Volatile]

[HKLM\Software\Waves Audio]

[HKLM\Software\WinPcap]

[HKLM\Software\Windows]

[HKLM\Software\Wow6432Node]

[HKLM\Software\X-AVCSD]

[HKLM\Software\Xing Technology Corp.]

[HKLM\Software\mozilla.org]

[HKLM\Software\uTorrentBar_FR]

~ Scan Softwares in 00mn 00s

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 17/08/2010 - 17:20:26 - [6168213] ----D- C:\Program Files\Acer

O43 - CFD: 16/04/2011 - 18:44:48 - [0] ----D- C:\Program Files\Babylon

O43 - CFD: 24/03/2011 - 23:28:06 - [7202648] ----D- C:\Program Files\CCleaner

O43 - CFD: 17/08/2010 - 17:20:28 - [79580198] ----D- C:\Program Files\Common Files

O43 - CFD: 17/08/2010 - 17:20:28 - [930272] ----D- C:\Program Files\DIFX

O43 - CFD: 06/06/2011 - 15:53:18 - [5953856] ----D- C:\Program Files\DivX

O43 - CFD: 05/03/2011 - 00:34:58 - [90256916] ----D- C:\Program Files\DVD Maker

O43 - CFD: 18/08/2010 - 09:06:00 - [0] -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 17/08/2010 - 17:20:28 - [2909912] ----D- C:\Program Files\Google

O43 - CFD: 17/08/2010 - 17:20:28 - [0] ----D- C:\Program Files\Intel

O43 - CFD: 11/07/2011 - 19:02:56 - [6201464] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 17/10/2010 - 11:15:46 - [5598502] ----D- C:\Program Files\Lexmark

O43 - CFD: 17/10/2010 - 11:12:38 - [638976] ----D- C:\Program Files\Lexmark Printable Web

O43 - CFD: 17/10/2010 - 11:16:52 - [86797720] ----D- C:\Program Files\Lexmark S600 Series

O43 - CFD: 17/10/2010 - 11:14:58 - [1098408] ----D- C:\Program Files\Lexmark Toolbar

O43 - CFD: 17/10/2010 - 11:15:02 - [302237] ----D- C:\Program Files\Lexmark Tools for Office

O43 - CFD: 17/08/2010 - 17:20:28 - [12518213] ----D- C:\Program Files\McAfee

O43 - CFD: 17/08/2010 - 17:20:28 - [149237810] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 17/08/2010 - 17:20:28 - [1141526] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files\MSBuild

O43 - CFD: 17/08/2010 - 17:17:22 - [51734760] ----D- C:\Program Files\NVIDIA Corporation

O43 - CFD: 17/08/2010 - 17:16:00 - [12124476] ----D- C:\Program Files\Realtek

O43 - CFD: 14/07/2009 - 07:32:40 - [36912297] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 17/08/2010 - 17:20:30 - [2698304] ----D- C:\Program Files\SAMSUNG

O43 - CFD: 14/07/2009 - 07:09:28 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 17/08/2010 - 17:20:30 - [0] ----D- C:\Program Files\Windows Calendar

O43 - CFD: 17/08/2010 - 17:20:30 - [0] ----D- C:\Program Files\Windows Collaboration

O43 - CFD: 05/03/2011 - 00:34:52 - [4039680] ----D- C:\Program Files\Windows Defender

O43 - CFD: 05/03/2011 - 00:34:56 - [9224824] ----D- C:\Program Files\Windows Journal

O43 - CFD: 05/03/2011 - 00:34:58 - [6667776] ----D- C:\Program Files\Windows Mail

O43 - CFD: 05/03/2011 - 00:34:56 - [7687085] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 18/08/2010 - 09:06:00 - [12627636] ----D- C:\Program Files\Windows NT

O43 - CFD: 17/08/2010 - 17:20:32 - [0] ----D- C:\Program Files\Windows Photo Gallery

O43 - CFD: 05/03/2011 - 00:34:56 - [5516056] ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 05/03/2011 - 00:34:56 - [244736] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 05/03/2011 - 00:34:58 - [8315018] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 17/08/2010 - 17:20:28 - [1600350] ----D- C:\Program Files\Common Files\McAfee

O43 - CFD: 06/10/2010 - 22:28:42 - [65174087] ----D- C:\Program Files\Common Files\Microsoft Shared

O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 14/07/2009 - 05:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 14/07/2009 - 17:24:10 - [12194291] ----D- C:\Program Files\Common Files\System

O43 - CFD: 17/08/2010 - 17:27:56 - [19484] ----D- C:\ProgramData\Acer GameZone Console

O43 - CFD: 09/10/2010 - 10:38:20 - [55470421] ----D- C:\ProgramData\Adobe

O43 - CFD: 05/10/2010 - 18:15:26 - [16880640] ----D- C:\ProgramData\Apple

O43 - CFD: 05/10/2010 - 18:16:20 - [26921472] ----D- C:\ProgramData\Apple Computer

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 31/12/2010 - 00:22:50 - [56319857] ----D- C:\ProgramData\Avira

O43 - CFD: 17/08/2010 - 17:27:56 - [0] ----D- C:\ProgramData\AVS4YOU

O43 - CFD: 17/08/2010 - 17:27:56 - [15462] ----D- C:\ProgramData\Bluetooth

O43 - CFD: 18/08/2010 - 09:06:00 - [0] -SH-D- C:\ProgramData\Bureau

O43 - CFD: 17/08/2010 - 17:27:56 - [158661] ----D- C:\ProgramData\CyberLink

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 06/06/2011 - 15:53:22 - [5246239] ----D- C:\ProgramData\DivX

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 17/08/2010 - 17:27:56 - [0] ----D- C:\ProgramData\EgisTec

O43 - CFD: 18/08/2010 - 10:14:32 - [420] ----D- C:\ProgramData\eSobi

O43 - CFD: 17/10/2010 - 11:41:24 - [272] ----D- C:\ProgramData\Ezprint

O43 - CFD: 18/08/2010 - 09:06:00 - [0] -SH-D- C:\ProgramData\Favoris

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 17/08/2010 - 17:27:56 - [25424] ----D- C:\ProgramData\Friends Games

O43 - CFD: 17/08/2010 - 17:27:56 - [539892] ----D- C:\ProgramData\Google

O43 - CFD: 17/08/2010 - 17:27:56 - [132] ----D- C:\ProgramData\InstallShield

O43 - CFD: 06/08/2011 - 12:42:20 - [13830] ----D- C:\ProgramData\Lx_cats

O43 - CFD: 17/08/2010 - 17:27:56 - [2619] ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 17/08/2010 - 17:28:04 - [356772044] ----D- C:\ProgramData\McAfee

O43 - CFD: 03/07/2011 - 19:49:26 - [845] ----D- C:\ProgramData\McAfee Security Scan

O43 - CFD: 18/08/2010 - 09:06:00 - [0] -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 17/08/2010 - 17:28:04 - [4289589] ----D- C:\ProgramData\Meridian93

O43 - CFD: 01/03/2011 - 11:52:42 - [117930293] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 16/06/2011 - 22:50:34 - [57688] ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 18/08/2010 - 09:06:00 - [0] -SH-D- C:\ProgramData\Modèles

O43 - CFD: 12/04/2011 - 19:55:34 - [0] ----D- C:\ProgramData\NCH Swift Sound

O43 - CFD: 15/07/2011 - 22:08:00 - [155] ----D- C:\ProgramData\Norton

O43 - CFD: 17/08/2010 - 17:28:14 - [913649] ----D- C:\ProgramData\NortonInstaller

O43 - CFD: 17/08/2010 - 17:28:14 - [276461] ----D- C:\ProgramData\NVIDIA

O43 - CFD: 17/08/2010 - 17:28:14 - [0] ----D- C:\ProgramData\PC Suite

O43 - CFD: 19/09/2010 - 16:49:46 - [1037712] ----D- C:\ProgramData\Real

O43 - CFD: 17/08/2010 - 17:28:14 - [36] ----D- C:\ProgramData\SiteAdvisor

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 17/08/2010 - 17:28:14 - [364] ----D- C:\ProgramData\Sun

O43 - CFD: 15/07/2011 - 22:07:58 - [155] ----D- C:\ProgramData\Symantec

O43 - CFD: 28/02/2011 - 22:47:40 - [163911] ---AD- C:\ProgramData\Temp

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 03/12/2010 - 22:01:18 - [0] -SH-D- C:\Users\famille\AppData\Roaming\.#

O43 - CFD: 17/08/2010 - 17:35:44 - [29536] ----D- C:\Users\famille\AppData\Roaming\Acer GameZone Console

O43 - CFD: 17/08/2010 - 17:35:44 - [5763790] ----D- C:\Users\famille\AppData\Roaming\Adobe

O43 - CFD: 05/02/2011 - 13:35:24 - [6829044] ----D- C:\Users\famille\AppData\Roaming\AnVi

O43 - CFD: 17/08/2010 - 17:35:44 - [4480] ----D- C:\Users\famille\AppData\Roaming\app

O43 - CFD: 10/12/2010 - 18:18:16 - [0] ----D- C:\Users\famille\AppData\Roaming\Apple Computer

O43 - CFD: 17/08/2010 - 17:35:44 - [1251] ----D- C:\Users\famille\AppData\Roaming\Audacity

O43 - CFD: 31/12/2010 - 00:27:32 - [0] ----D- C:\Users\famille\AppData\Roaming\Avira

O43 - CFD: 17/08/2010 - 17:35:44 - [65079] ----D- C:\Users\famille\AppData\Roaming\AVS4YOU

O43 - CFD: 17/08/2010 - 17:35:44 - [116430] ----D- C:\Users\famille\AppData\Roaming\CyberLink

O43 - CFD: 06/03/2011 - 14:43:26 - [220216] ----D- C:\Users\famille\AppData\Roaming\DivX

O43 - CFD: 13/07/2011 - 14:26:04 - [148361756] ----D- C:\Users\famille\AppData\Roaming\Dofus 2

O43 - CFD: 05/07/2011 - 13:44:50 - [0] ----D- C:\Users\famille\AppData\Roaming\Dofus-10.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 17/08/2010 - 17:35:46 - [5367] ----D- C:\Users\famille\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 17/08/2010 - 17:35:46 - [36] ----D- C:\Users\famille\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 05/07/2011 - 13:36:06 - [0] ----D- C:\Users\famille\AppData\Roaming\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 05/07/2011 - 13:38:52 - [0] ----D- C:\Users\famille\AppData\Roaming\Dofus-5.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 05/07/2011 - 13:39:10 - [0] ----D- C:\Users\famille\AppData\Roaming\Dofus-6.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 05/07/2011 - 13:39:34 - [0] ----D- C:\Users\famille\AppData\Roaming\Dofus-7.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 05/07/2011 - 13:40:16 - [0] ----D- C:\Users\famille\AppData\Roaming\Dofus-8.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 05/07/2011 - 13:42:00 - [0] ----D- C:\Users\famille\AppData\Roaming\Dofus-9.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 17/08/2010 - 17:35:46 - [2682] ----D- C:\Users\famille\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 17/07/2011 - 19:05:20 - [199] ----D- C:\Users\famille\AppData\Roaming\dvdcss

O43 - CFD: 17/08/2010 - 17:35:46 - [0] ----D- C:\Users\famille\AppData\Roaming\eSobi

O43 - CFD: 17/08/2010 - 17:35:46 - [827] ----D- C:\Users\famille\AppData\Roaming\Go Go Gourmet

O43 - CFD: 17/08/2010 - 17:35:46 - [0] ----D- C:\Users\famille\AppData\Roaming\Google

O43 - CFD: 17/08/2010 - 17:35:46 - [6610] ----D- C:\Users\famille\AppData\Roaming\HomeMedia Connect

O43 - CFD: 17/08/2010 - 17:35:46 - [0] ----D- C:\Users\famille\AppData\Roaming\Identities

O43 - CFD: 17/08/2010 - 17:35:46 - [0] ----D- C:\Users\famille\AppData\Roaming\InstallShield

O43 - CFD: 17/08/2010 - 17:35:46 - [2022703] ----D- C:\Users\famille\AppData\Roaming\Macromedia

O43 - CFD: 17/08/2010 - 17:36:08 - [4558090] ----D- C:\Users\famille\AppData\Roaming\Malwarebytes

O43 - CFD: 14/07/2009 - 17:35:06 - [0] ----D- C:\Users\famille\AppData\Roaming\Media Center Programs

O43 - CFD: 17/08/2010 - 17:36:08 - [639907] ----D- C:\Users\famille\AppData\Roaming\Megaupload

O43 - CFD: 17/08/2010 - 17:36:08 - [45097] ----D- C:\Users\famille\AppData\Roaming\Meridian93

O43 - CFD: 20/03/2011 - 19:55:38 - [5142525] -S--D- C:\Users\famille\AppData\Roaming\Microsoft

O43 - CFD: 17/08/2010 - 17:36:12 - [19732935] ----D- C:\Users\famille\AppData\Roaming\Mozilla

O43 - CFD: 05/04/2011 - 19:56:04 - [110592] ----D- C:\Users\famille\AppData\Roaming\NCH Software

O43 - CFD: 12/04/2011 - 19:55:34 - [0] ----D- C:\Users\famille\AppData\Roaming\NCH Swift Sound

O43 - CFD: 14/01/2011 - 19:01:14 - [4336232] ----D- C:\Users\famille\AppData\Roaming\OpenCandy

O43 - CFD: 17/08/2010 - 17:36:12 - [2818848] ----D- C:\Users\famille\AppData\Roaming\OpenOffice.org

O43 - CFD: 17/08/2010 - 17:36:12 - [354] ----D- C:\Users\famille\AppData\Roaming\PC Suite

O43 - CFD: 17/08/2010 - 17:36:12 - [6605] ----D- C:\Users\famille\AppData\Roaming\Power Sound Editor Free

O43 - CFD: 17/08/2010 - 17:36:14 - [6299864] ----D- C:\Users\famille\AppData\Roaming\PowerCinema

O43 - CFD: 19/09/2010 - 16:49:46 - [3169139] ----D- C:\Users\famille\AppData\Roaming\Real

O43 - CFD: 17/08/2010 - 17:36:14 - [0] ----D- C:\Users\famille\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 17/09/2010 - 19:10:10 - [121] ----D- C:\Users\famille\AppData\Roaming\Registry Mechanic

O43 - CFD: 17/08/2010 - 17:36:14 - [3527194] ----D- C:\Users\famille\AppData\Roaming\Samsung

O43 - CFD: 17/08/2010 - 17:36:16 - [17354841] ----D- C:\Users\famille\AppData\Roaming\Shareaza

O43 - CFD: 17/08/2010 - 17:36:16 - [6559] ----D- C:\Users\famille\AppData\Roaming\SoftDMA

O43 - CFD: 22/02/2011 - 22:41:24 - [142572] ----D- C:\Users\famille\AppData\Roaming\Stellarium

O43 - CFD: 17/08/2010 - 17:36:16 - [13824] ----D- C:\Users\famille\AppData\Roaming\Template

O43 - CFD: 14/01/2011 - 19:01:48 - [334234] ----D- C:\Users\famille\AppData\Roaming\Uniblue

O43 - CFD: 08/08/2011 - 23:08:34 - [1756254] ----D- C:\Users\famille\AppData\Roaming\uTorrent

O43 - CFD: 07/08/2011 - 21:53:58 - [2136633] ----D- C:\Users\famille\AppData\Roaming\vlc

O43 - CFD: 17/08/2010 - 17:35:20 - [0] ----D- C:\Users\famille\AppData\Local\Acer Arcade Deluxe

O43 - CFD: 09/10/2010 - 10:38:00 - [135791402] ----D- C:\Users\famille\AppData\Local\Adobe

O43 - CFD: 05/10/2010 - 18:15:26 - [0] ----D- C:\Users\famille\AppData\Local\Apple

O43 - CFD: 17/08/2010 - 17:18:36 - [0] -SH-D- C:\Users\famille\AppData\Local\Application Data

O43 - CFD: 17/08/2010 - 17:35:20 - [485047] ----D- C:\Users\famille\AppData\Local\cache

O43 - CFD: 05/04/2011 - 19:55:42 - [38496] ----D- C:\Users\famille\AppData\Local\Conduit

O43 - CFD: 17/08/2010 - 17:35:20 - [23241603] ----D- C:\Users\famille\AppData\Local\CyberLink

O43 - CFD: 06/03/2011 - 14:33:52 - [272] ----D- C:\Users\famille\AppData\Local\DDMSettings

O43 - CFD: 12/07/2011 - 13:41:30 - [379109] ----D- C:\Users\famille\AppData\Local\Diagnostics

O43 - CFD: 17/08/2010 - 17:35:22 - [116241582] ----D- C:\Users\famille\AppData\Local\Downloaded Installations

O43 - CFD: 17/08/2010 - 17:35:22 - [182] ----D- C:\Users\famille\AppData\Local\EgisTec

O43 - CFD: 17/08/2010 - 17:35:22 - [873349] ----D- C:\Users\famille\AppData\Local\FullTiltPoker.fr

O43 - CFD: 06/08/2011 - 20:08:26 - [6555344] ----D- C:\Users\famille\AppData\Local\Google

O43 - CFD: 17/08/2010 - 17:18:36 - [0] -SH-D- C:\Users\famille\AppData\Local\Historique

O43 - CFD: 24/06/2011 - 21:19:48 - [466470163] ----D- C:\Users\famille\AppData\Local\Microsoft

O43 - CFD: 17/08/2010 - 17:35:28 - [1811560] ----D- C:\Users\famille\AppData\Local\Microsoft Games

O43 - CFD: 17/08/2010 - 17:35:28 - [65753157] ----D- C:\Users\famille\AppData\Local\Mozilla

O43 - CFD: 17/08/2010 - 17:35:36 - [171312728] ----D- C:\Users\famille\AppData\Local\Oberon Games

O43 - CFD: 14/01/2011 - 19:01:50 - [0] ----D- C:\Users\famille\AppData\Local\OpenCandy

O43 - CFD: 17/08/2010 - 17:35:36 - [6949] ----D- C:\Users\famille\AppData\Local\PlayMovie

O43 - CFD: 17/08/2010 - 17:35:36 - [0] ----D- C:\Users\famille\AppData\Local\Real

O43 - CFD: 17/08/2010 - 17:35:36 - [9599371065] ----D- C:\Users\famille\AppData\Local\Shareaza

O43 - CFD: 09/08/2011 - 17:04:42 - [461925] ----D- C:\Users\famille\AppData\Local\Temp

O43 - CFD: 17/08/2010 - 17:18:36 - [0] -SH-D- C:\Users\famille\AppData\Local\Temporary Internet Files

O43 - CFD: 17/08/2010 - 17:35:36 - [83882] ----D- C:\Users\famille\AppData\Local\VirtualStore

O43 - CFD: 17/10/2010 - 11:54:22 - [121148212] ----D- C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint

O43 - CFD: 17/08/2010 - 17:21:22 - [223662572] ----D- C:\Program Files (x86)\Acer Arcade Deluxe

O43 - CFD: 17/08/2010 - 17:21:58 - [552085922] ----D- C:\Program Files (x86)\Acer GameZone

O43 - CFD: 17/08/2010 - 17:21:58 - [0] ----D- C:\Program Files (x86)\Acer Incorporated

O43 - CFD: 30/12/2010 - 21:50:22 - [102273495] ----D- C:\Program Files (x86)\Ad-Remover

O43 - CFD: 09/10/2010 - 10:38:16 - [244881332] ----D- C:\Program Files (x86)\Adobe

O43 - CFD: 05/10/2010 - 18:15:26 - [2221118] ----D- C:\Program Files (x86)\Apple Software Update

O43 - CFD: 31/12/2010 - 00:22:50 - [138343587] ----D- C:\Program Files (x86)\Avira

O43 - CFD: 17/08/2010 - 17:22:02 - [48186866] ----D- C:\Program Files (x86)\AVS4YOU

O43 - CFD: 16/04/2011 - 18:25:20 - [0] ----D- C:\Program Files (x86)\Babylon

O43 - CFD: 14/07/2011 - 23:38:56 - [897480624] ----D- C:\Program Files (x86)\Common Files

O43 - CFD: 05/04/2011 - 19:55:46 - [634976] ----D- C:\Program Files (x86)\Conduit

O43 - CFD: 05/04/2011 - 19:55:44 - [4468064] ----D- C:\Program Files (x86)\ConduitEngine

O43 - CFD: 17/08/2010 - 17:23:22 - [795721418] ----D- C:\Program Files (x86)\CyberLink

O43 - CFD: 06/06/2011 - 15:53:22 - [23619868] ----D- C:\Program Files (x86)\DivX

O43 - CFD: 17/08/2010 - 17:24:40 - [170833096] ----D- C:\Program Files (x86)\Dofus

O43 - CFD: 05/07/2011 - 15:17:20 - [971060062] ----D- C:\Program Files (x86)\Dofus 2

O43 - CFD: 17/08/2010 - 17:25:56 - [33770599] ----D- C:\Program Files (x86)\EgisTec

O43 - CFD: 17/08/2010 - 17:26:00 - [1636481] ----D- C:\Program Files (x86)\EgisTec Egis Software Update

O43 - CFD: 17/08/2010 - 17:26:00 - [23098163] ----D- C:\Program Files (x86)\eSobi

O43 - CFD: 07/09/2010 - 16:17:06 - [60442330] ----D- C:\Program Files (x86)\Full Tilt Poker.Fr

O43 - CFD: 01/11/2010 - 11:19:04 - [8262305] ----D- C:\Program Files (x86)\Geoplan-Geospace

O43 - CFD: 01/06/2011 - 18:10:04 - [350132309] ----D- C:\Program Files (x86)\Google

O43 - CFD: 17/08/2010 - 17:26:28 - [121674753] --H-D- C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 17/08/2010 - 17:26:28 - [61793884] ----D- C:\Program Files (x86)\Intel

O43 - CFD: 11/07/2011 - 19:02:56 - [6967044] ----D- C:\Program Files (x86)\Internet Explorer

O43 - CFD: 17/08/2010 - 17:26:32 - [84] ----D- C:\Program Files (x86)\IVT Corporation

O43 - CFD: 14/07/2011 - 23:36:06 - [89486643] ----D- C:\Program Files (x86)\Java

O43 - CFD: 17/08/2010 - 17:26:34 - [16664352] ----D- C:\Program Files (x86)\JRE

O43 - CFD: 17/10/2010 - 11:12:24 - [196608] ----D- C:\Program Files (x86)\Lexmark

O43 - CFD: 17/10/2010 - 11:12:40 - [40115] ----D- C:\Program Files (x86)\Lexmark Fax Solutions

O43 - CFD: 17/10/2010 - 11:14:56 - [53201585] ----D- C:\Program Files (x86)\Lexmark S600 Series

O43 - CFD: 17/10/2010 - 11:12:52 - [2315014] ----D- C:\Program Files (x86)\Lexmark Toolbar

O43 - CFD: 28/04/2011 - 08:57:00 - [235486208] ----D- C:\Program Files (x86)\McAfee

O43 - CFD: 05/04/2011 - 17:08:52 - [9454922] ----D- C:\Program Files (x86)\McAfee Security Scan

O43 - CFD: 17/08/2010 - 17:26:54 - [2219977] ----D- C:\Program Files (x86)\McAfee.com

O43 - CFD: 17/08/2010 - 17:26:54 - [7366368] ----D- C:\Program Files (x86)\Megaupload

O43 - CFD: 06/10/2010 - 22:28:36 - [1568171] ----D- C:\Program Files (x86)\Microsoft

O43 - CFD: 17/08/2010 - 17:26:54 - [44362382] ----D- C:\Program Files (x86)\Microsoft Money

O43 - CFD: 11/07/2011 - 19:00:02 - [378078823] ----D- C:\Program Files (x86)\Microsoft Office

O43 - CFD: 17/08/2010 - 17:27:04 - [7791803] ----D- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant

O43 - CFD: 17/06/2011 - 18:03:46 - [38411899] ----D- C:\Program Files (x86)\Microsoft Silverlight

O43 - CFD: 17/08/2010 - 17:27:06 - [1829877] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

O43 - CFD: 17/08/2010 - 17:27:06 - [2188837] ----D- C:\Program Files (x86)\Microsoft Sync Framework

O43 - CFD: 16/12/2010 - 00:32:44 - [145421942] ----D- C:\Program Files (x86)\Microsoft Works

O43 - CFD: 18/08/2010 - 09:08:16 - [8167779] ----D- C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 08/08/2011 - 22:18:12 - [36377194] ----D- C:\Program Files (x86)\Mozilla Firefox

O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files (x86)\MSBuild

O43 - CFD: 24/09/2009 - 22:50:36 - [0] ----D- C:\Program Files (x86)\MSXML 4.0

O43 - CFD: 05/04/2011 - 19:55:50 - [494592] ----D- C:\Program Files (x86)\NCH Software

O43 - CFD: 05/04/2011 - 23:23:30 - [6271704] ----D- C:\Program Files (x86)\NCH Swift Sound

O43 - CFD: 05/04/2011 - 19:55:42 - [4549429] ----D- C:\Program Files (x86)\NCH_EN

O43 - CFD: 17/08/2010 - 17:27:12 - [228958420] ----D- C:\Program Files (x86)\NewTech Infosystems

O43 - CFD: 15/07/2011 - 22:08:00 - [0] ----D- C:\Program Files (x86)\Norton Security Scan

O43 - CFD: 17/08/2010 - 17:27:40 - [385246043] ----D- C:\Program Files (x86)\OpenOffice.org 3

O43 - CFD: 17/08/2010 - 17:27:40 - [15735871] ----D- C:\Program Files (x86)\PC Connectivity Solution

O43 - CFD: 22/01/2011 - 17:45:38 - [26925109] ----D- C:\Program Files (x86)\PDFCreator

O43 - CFD: 17/08/2010 - 17:27:40 - [3553132] ----D- C:\Program Files (x86)\PhotoFiltre

O43 - CFD: 05/10/2010 - 18:16:44 - [76337719] ----D- C:\Program Files (x86)\QuickTime

O43 - CFD: 19/09/2010 - 16:48:46 - [90918888] ----D- C:\Program Files (x86)\Real

O43 - CFD: 17/08/2010 - 17:27:44 - [4752521] ----D- C:\Program Files (x86)\Realtek

O43 - CFD: 14/07/2009 - 07:32:40 - [39257345] ----D- C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 17/08/2010 - 17:27:46 - [765947] ----D- C:\Program Files (x86)\Samsung

O43 - CFD: 17/08/2010 - 17:27:48 - [34646021] ----D- C:\Program Files (x86)\Shareaza

O43 - CFD: 22/02/2011 - 22:39:40 - [69982543] ----D- C:\Program Files (x86)\Stellarium

O43 - CFD: 18/08/2010 - 10:13:34 - [0] --H-D- C:\Program Files (x86)\Temp

O43 - CFD: 29/08/2010 - 14:06:34 - [69110644] ----D- C:\Program Files (x86)\The K-Ball

O43 - CFD: 16/04/2011 - 18:24:24 - [0] ----D- C:\Program Files (x86)\ToolbarInstaller

O43 - CFD: 30/12/2010 - 15:51:18 - [1192164] ----D- C:\Program Files (x86)\trend micro

O43 - CFD: 14/07/2009 - 06:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information

O43 - CFD: 29/12/2010 - 21:00:04 - [395128] ----D- C:\Program Files (x86)\uTorrent

O43 - CFD: 29/12/2010 - 21:00:26 - [4135548] ----D- C:\Program Files (x86)\uTorrentBar_FR

O43 - CFD: 29/11/2010 - 20:50:40 - [10428379] ----D- C:\Program Files (x86)\Veetle

O43 - CFD: 14/01/2011 - 19:00:56 - [31593598] ----D- C:\Program Files (x86)\Veoh Networks

O43 - CFD: 17/08/2010 - 17:27:52 - [383588328] ----D- C:\Program Files (x86)\Wakfu

O43 - CFD: 17/08/2010 - 17:27:52 - [0] ----D- C:\Program Files (x86)\Windows Calendar

O43 - CFD: 21/01/2008 - 05:09:48 - [0] ----D- C:\Program Files (x86)\Windows Collaboration

O43 - CFD: 14/07/2009 - 17:24:10 - [524800] ----D- C:\Program Files (x86)\Windows Defender

O43 - CFD: 17/08/2010 - 17:27:54 - [151004142] ----D- C:\Program Files (x86)\Windows Live

O43 - CFD: 17/08/2010 - 17:27:54 - [245112] ----D- C:\Program Files (x86)\Windows Live SkyDrive

O43 - CFD: 05/03/2011 - 00:35:02 - [6181376] ----D- C:\Program Files (x86)\Windows Mail

O43 - CFD: 05/03/2011 - 00:35:02 - [5024017] ----D- C:\Program Files (x86)\Windows Media Player

O43 - CFD: 14/07/2009 - 07:32:40 - [12197556] ----D- C:\Program Files (x86)\Windows NT

O43 - CFD: 17/08/2010 - 17:27:54 - [0] ----D- C:\Program Files (x86)\Windows Photo Gallery

O43 - CFD: 05/03/2011 - 00:35:02 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 05/03/2011 - 00:35:02 - [189952] ----D- C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 05/03/2011 - 00:35:02 - [5994626] ----D- C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 17/08/2010 - 17:27:54 - [196572] ----D- C:\Program Files (x86)\WinPcap

O43 - CFD: 09/08/2011 - 17:06:00 - [4005267] ----D- C:\Program Files (x86)\ZHPDiag

O43 - CFD: 09/10/2010 - 10:38:22 - [6339706] ----D- C:\Program Files (x86)\Common Files\Adobe

O43 - CFD: 05/07/2011 - 08:55:16 - [31517343] ----D- C:\Program Files (x86)\Common Files\Adobe AIR

O43 - CFD: 05/10/2010 - 18:15:32 - [44307712] ----D- C:\Program Files (x86)\Common Files\Apple

O43 - CFD: 17/08/2010 - 17:22:06 - [47920053] ----D- C:\Program Files (x86)\Common Files\AVSMedia

O43 - CFD: 17/08/2010 - 17:22:06 - [92976] ----D- C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 06/03/2011 - 14:31:30 - [29547609] ----D- C:\Program Files (x86)\Common Files\DivX Shared

O43 - CFD: 17/08/2010 - 17:22:06 - [101672] ----D- C:\Program Files (x86)\Common Files\EgisTec

O43 - CFD: 17/08/2010 - 17:22:06 - [5995787] ----D- C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 14/07/2011 - 23:38:56 - [1258951] ----D- C:\Program Files (x86)\Common Files\Java

O43 - CFD: 17/08/2010 - 17:22:08 - [10673262] ----D- C:\Program Files (x86)\Common Files\McAfee

O43 - CFD: 18/06/2011 - 08:57:16 - [253488125] ----D- C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 17/08/2010 - 17:22:12 - [354896] ----D- C:\Program Files (x86)\Common Files\Oberon Media

O43 - CFD: 17/08/2010 - 17:22:12 - [4740928] ----D- C:\Program Files (x86)\Common Files\PX Storage Engine

O43 - CFD: 19/09/2010 - 16:49:06 - [21501404] ----D- C:\Program Files (x86)\Common Files\Real

O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files (x86)\Common Files\Services

O43 - CFD: 14/07/2009 - 05:20:10 - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 15/07/2011 - 19:50:56 - [0] ----D- C:\Program Files (x86)\Common Files\Symantec Shared

O43 - CFD: 14/07/2009 - 17:24:10 - [44257903] ----D- C:\Program Files (x86)\Common Files\System

O43 - CFD: 17/08/2010 - 17:22:14 - [353923556] ----D- C:\Program Files (x86)\Common Files\Windows Live

O43 - CFD: 19/09/2010 - 16:48:42 - [352256] ----D- C:\Program Files (x86)\Common Files\xing shared

~ Scan Program Folder in 00mn 48s

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.76373B05F6DE525B64F776E4D84F6E63] - 09/08/2011 - 16:04:52 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [5194]

O44 - LFC:[MD5.8CA167B48180BB28A707304F304D749A] - 09/08/2011 - 16:04:52 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [173086]

O44 - LFC:[MD5.8AD9C5A81F68E47ACB984F7FF274FFB8] - 09/08/2011 - 16:04:52 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [207746]

O44 - LFC:[MD5.9970AA853DBC19E2E6651082805443B6] - 09/08/2011 - 16:04:52 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [685970]

O44 - LFC:[MD5.48B6D280054CE9C2853951F87D9F609C] - 09/08/2011 - 16:04:52 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [944572]

O44 - LFC:[MD5.76373B05F6DE525B64F776E4D84F6E63] - 09/08/2011 - 16:04:52 RSHAD . (...) -- C:\Windows\system32\PerfStringBackup.INI [5194]

O44 - LFC:[MD5.8CA167B48180BB28A707304F304D749A] - 09/08/2011 - 16:04:52 RSHAD . (...) -- C:\Windows\system32\perfc009.dat [173086]

O44 - LFC:[MD5.8AD9C5A81F68E47ACB984F7FF274FFB8] - 09/08/2011 - 16:04:52 RSHAD . (...) -- C:\Windows\system32\perfc00C.dat [207746]

O44 - LFC:[MD5.9970AA853DBC19E2E6651082805443B6] - 09/08/2011 - 16:04:52 RSHAD . (...) -- C:\Windows\system32\perfh009.dat [685970]

O44 - LFC:[MD5.48B6D280054CE9C2853951F87D9F609C] - 09/08/2011 - 16:04:52 RSHAD . (...) -- C:\Windows\system32\perfh00C.dat [944572]

O44 - LFC:[MD5.9703D744FC9E067A30B1907D6C4E8ADA] - 09/08/2011 - 16:01:42 ---A- . (...) -- C:\Windows\SysNative\Config.MPF [8181]

O44 - LFC:[MD5.9703D744FC9E067A30B1907D6C4E8ADA] - 09/08/2011 - 16:01:42 RSHAD . (...) -- C:\Windows\system32\Config.MPF [8181]

O44 - LFC:[MD5.4EC83CCCFFA255547F714EC6E4BF66CD] - 09/08/2011 - 16:00:28 ---A- . (...) -- C:\Windows\setupact.log [7248]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/08/2011 - 16:00:27 ---A- . (...) -- C:\Windows\setuperr.log [0]

O44 - LFC:[MD5.4B5FA05358D722C9EE7D42317657A3AC] - 09/08/2011 - 16:00:27 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.5B7D707F94C38D5BDBF7E18D3310658B] - 08/08/2011 - 22:21:18 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1854314]

O44 - LFC:[MD5.78E08E032446A25503911845CC1001C2] - 14/07/2011 - 09:15:31 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [369648]

O44 - LFC:[MD5.78E08E032446A25503911845CC1001C2] - 14/07/2011 - 09:15:31 RSHAD . (...) -- C:\Windows\system32\FNTCACHE.DAT [369648]

O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 11/07/2011 - 18:01:30 ---A- . (...) -- C:\Windows\SysNative\ieuinit.inf [72822]

O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 11/07/2011 - 18:01:30 ---A- . (...) -- C:\Windows\system32\ieuinit.inf [72822]

~ Scan Files in 01mn 30s

 

 

 

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 00s

 

 

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0

~ Scan Keys in 00mn 00s

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 10/06/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]

O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]

O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]

O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]

O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 28/04/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904]

O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 10/06/2009 - 02:52:20 RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]

O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 28/04/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008]

O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]

O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]

O58 - SDL:[MD5.39C2E2870FC0C2AE0595B883CBE716B4] - 31/12/2010 - 08:48:06 RSHAD . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [83120]

O58 - SDL:[MD5.C98FA6E5AD0E857D22716BD2B8B1F399] - 31/12/2010 - 08:48:06 RSHAD . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [116568]

O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]

O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 14/07/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]

O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 14/07/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]

O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]

O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]

O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]

O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]

O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]

O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]

O58 - SDL:[MD5.50AD8FC1DC800FF36087994C8F7FDFF2] - 10/06/2009 - 21:35:02 RSHAD . (.Intel Corporation - Intel® Gigabit Network Connection NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\e1y60x64.sys [281088]

O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 10/06/2009 - 02:47:48 RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]

O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]

O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 14/07/2009 - 21:31:59 RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]

O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 05/03/2011 - 14:33:35 RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720]

O58 - SDL:[MD5.1D004CB1DA6323B1F55CAEF7F94B61D9] - 15/09/2009 - 02:54:36 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStor.sys [408600]

O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 28/04/2011 - 07:41:26 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496]

O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 13/07/2009 - 02:48:04 RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]

O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752]

O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560]

O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]

O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776]

O58 - SDL:[MD5.E330051CCE41EB4522E5DCEBC15ADCEA] - 15/08/2010 - 14:39:28 RSHAD . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [24664]

O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 10/06/2009 - 02:48:04 RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]

O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]

O58 - SDL:[MD5.4A1C21576FB7F96F4DBDEA627FFDA775] - 16/09/2009 - 09:22:40 RSHAD . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\Windows\system32\drivers\mfeavfk.sys [102472]

O58 - SDL:[MD5.9E0AC52B3232FF8DC65FEE1A9C2FE8D1] - 16/09/2009 - 09:22:40 RSHAD . (.McAfee, Inc. - Host Intrusion Detection Link Driver.) -- C:\Windows\system32\drivers\mfehidk.sys [308296]

O58 - SDL:[MD5.624D717B11E5004F68442B5740F17F21] - 21/10/2009 - 09:15:38 RSHAD . (.McAfee, Inc. - VSCore Code Analysis Driver.) -- C:\Windows\system32\drivers\mferkdk.sys [40904]

O58 - SDL:[MD5.0CD9DE7B96735F33F078C4EA044E8B34] - 16/09/2009 - 09:22:40 RSHAD . (.McAfee, Inc. - System Monitor Filter Driver.) -- C:\Windows\system32\drivers\mfesmfk.sys [49480]

O58 - SDL:[MD5.AE2E68527013EB4F761ECCC630F7F1A3] - 01/04/2009 - 11:32:26 RSHAD . (.McAfee, Inc. - McAfee Personal Firewall Plus Driver.) -- C:\Windows\system32\drivers\Mpfp.sys [176144]

O58 - SDL:[MD5.FB3D139AD1AC117B99A16042C1DD02D1] - 01/04/2009 - 11:06:00 RSHAD . (.Egis Incorporated. - PSD Filter Driver.) -- C:\Windows\system32\drivers\mwlPSDFilter.sys [22064]

O58 - SDL:[MD5.BF3F82A3EA6FBB6657DFE081A6BA4E2E] - 01/04/2009 - 11:06:00 RSHAD . (.Egis Incorporated. - MyWinLocker PSD Named Pipe Driver.) -- C:\Windows\system32\drivers\mwlPSDNserv.sys [20528]

O58 - SDL:[MD5.DA24873DCB2891805692A03BAD1E34B4] - 01/04/2009 - 11:06:00 RSHAD . (.Egis Incorporated. - MyWinLocker PSD Virtual Disk Driver.) -- C:\Windows\system32\drivers\mwlPSDVDisk.sys [59952]

O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 13/07/2009 - 02:48:26 RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]

O58 - SDL:[MD5.3CEEE0BE85D24D911B9C02714817774C] - 19/10/2009 - 21:23:14 RSHAD . (.CACE Technologies - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\system32\drivers\npf.sys [40464]

O58 - SDL:[MD5.7D397449AAF52B0E7C79B64F6AD4473E] - 01/04/2009 - 10:48:32 RSHAD . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\Windows\system32\drivers\NTIDrvr.sys [16384]

O58 - SDL:[MD5.AAF5559039E99D0CC22E25255F3DC06E] - 03/04/2010 - 21:55:32 RSHAD . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 197.45.) -- C:\Windows\system32\drivers\nvlddmkm.sys [13807976]

O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 28/04/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352]

O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 28/04/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272]

O58 - SDL:[MD5.81B5E63131090879AD6EF9F32109B88D] - 20/12/2009 - 15:53:34 RSHAD . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\Windows\system32\drivers\pccsmcfdx64.sys [29184]

O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 10/06/2009 - 02:45:46 RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]

O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 13/07/2009 - 02:45:45 RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]

O58 - SDL:[MD5.D8BCE8176CB1084C6F5830C019D47166] - 18/08/2010 - 10:19:02 RSHAD . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [1824672]

O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 14/07/2009 - 21:37:19 RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]

O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 10/06/2009 - 02:45:45 RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]

O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 13/07/2009 - 02:45:46 RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]

O58 - SDL:[MD5.1612881760C9DF7FBB09B6CF1D3BA0DF] - 20/12/2009 - 17:02:12 RSHAD . (.MCCI Corporation - SAMSUNG USB Composite Device Driver.) -- C:\Windows\system32\drivers\sscdbus.sys [105128]

O58 - SDL:[MD5.F46C5FAE7CB3C9AC981443EC4E66830A] - 20/12/2009 - 17:02:52 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscdcm.sys [11944]

O58 - SDL:[MD5.F46C5FAE7CB3C9AC981443EC4E66830A] - 20/12/2009 - 17:02:52 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscdcmnt.sys [11944]

O58 - SDL:[MD5.D7803A687E85189EA2B525CC22093521] - 20/12/2009 - 17:04:16 RSHAD . (.MCCI Corporation - SAMSUNG Mobile Modem Filter Driver.) -- C:\Windows\system32\drivers\sscdmdfl.sys [16040]

O58 - SDL:[MD5.06DB3D5EB2444083C7F5AF7874765505] - 20/12/2009 - 17:04:44 RSHAD . (.MCCI Corporation - SAMSUNG Mobile Modem WDM.) -- C:\Windows\system32\drivers\sscdmdm.sys [142504]

O58 - SDL:[MD5.74EA7FCEE2A219C200DABBA1DCEB7719] - 20/12/2009 - 17:06:00 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscdwh.sys [12456]

O58 - SDL:[MD5.74EA7FCEE2A219C200DABBA1DCEB7719] - 20/12/2009 - 17:06:00 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscdwhnt.sys [12456]

O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 02:45:55 RSHAD . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]

O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 20/12/2009 - 09:08:24 RSHAD . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\system32\drivers\TFsExDisk.sys [16392]

O58 - SDL:[MD5.00C8CE31657624A125FDB90EFD554371] - 01/04/2009 - 10:48:16 RSHAD . (.NewTech Infosystems Corporation - NTI CDROM Filter Driver.) -- C:\Windows\system32\drivers\UBHelper.sys [16384]

O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]

O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 10/06/2009 - 02:45:55 RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]

O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 20/12/2009 - 17:26:10 ---A- . (...) -- C:\Windows\SysWOW64\drivers\StarOpen.sys [5632]

O58 - SDL:[MD5.7455ED832A33FEF453407F5411C3342D] - 08/08/2011 - 12:03:58 ---A- . (.Almico Software - Speed Fan x64 Driver.) -- C:\Windows\SysWOW64\speedfan.sys [25280]

~ Scan Drivers in 00mn 02s

 

 

 

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: Ad-Remover By C_XX - (.C_XX.) [HKLM] -- Ad-Remover

O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ Scan ADS in 00mn 00s

 

 

 

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - 06/12/2010 - C:\Windows\system32\DRIVERS\avgntflt.sys - No object(No service) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT

O64 - Services: CurCS - 06/12/2010 - C:\Windows\system32\DRIVERS\avipbb.sys - No object(No service) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB

O64 - Services: CurCS - 16/09/2009 - C:\Windows\system32\drivers\mfeavfk.sys - No object(No service) .(.McAfee, Inc. - Anti-Virus File System Filter Driver.) - LEGACY_MFEAVFK

O64 - Services: CurCS - 16/09/2009 - C:\Windows\system32\drivers\mfehidk.sys - No object(No service) .(.McAfee, Inc. - Host Intrusion Detection Link Driver.) - LEGACY_MFEHIDK

O64 - Services: CurCS - 16/09/2009 - C:\Windows\system32\drivers\mfesmfk.sys - No object(No service) .(.McAfee, Inc. - System Monitor Filter Driver.) - LEGACY_MFESMFK

O64 - Services: CurCS - 16/07/2009 - C:\Windows\system32\Drivers\Mpfp.sys - No object(No service) .(.McAfee, Inc. - McAfee Personal Firewall Plus Driver.) - LEGACY_MPFP

O64 - Services: CurCS - 27/10/2008 - C:\Windows\system32\DRIVERS\mwlPSDFilter.sys - No object(No service) .(.Egis Incorporated. - PSD Filter Driver.) - LEGACY_MWLPSDFILTER

O64 - Services: CurCS - 27/10/2008 - C:\Windows\system32\DRIVERS\mwlPSDNServ.sys - No object(No service) .(.Egis Incorporated. - MyWinLocker PSD Named Pipe Driver.) - LEGACY_MWLPSDNSERV

O64 - Services: CurCS - 27/10/2008 - C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys - No object(No service) .(.Egis Incorporated. - MyWinLocker PSD Virtual Disk Driver.) - LEGACY_MWLPSDVDISK

O64 - Services: CurCS - 15/07/2009 - C:\Windows\system32\Drivers\TFsExDisk.sys - No object(No service) .(.Teruten Inc - File System Mini Filter Drvier.) - LEGACY_TFSEXDISK

~ Scan Services in 00mn 01s

 

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: C:\Users\famille\AppData\Roaming\Mozilla\Firefox\Profiles\dnnw8d13.default\searchplugins\conduit.xml

O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web (Babylon)) - Babylon Search

O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} - (NCH EN Customized Web Search) - http://search.conduit.com

~ Scan Keys in 00mn 00s

 

 

 

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.7E7EB7AFF595774E5E500B34058CC1A7] [sPRF][08/08/2011] (...) -- C:\Users\famille\AppData\Local\Temp\sfamcc00001.dll [192512]

[MD5.A4A8CE1C7696B143356208609BA1A4C9] [sPRF][18/12/2010] (...) -- C:\Users\famille\AppData\Local\Temp\sfextra.dll [55296]

[MD5.BA14B83461F654F1C47BC5B213B27D20] [sPRF][09/08/2011] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\famille\Desktop\ZHPDiag2.exe [2572387]

[MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][05/01/2009] (...) -- C:\Windows\Downloaded Program Files\bdcore.dll [32]

[MD5.8CE7705CB43B03BB7970B04087C7758F] [sPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [29616]

[MD5.01E2ECA759056F23C73A035FDABB2D6D] [sPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [201648]

[MD5.61FB16B6016BCC9AA42E02F787DC87FC] [sPRF][26/01/2010] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1955384]

[MD5.2B1C4C87EB20ADDBA59DCA975E28DFFB] [sPRF][05/01/2009] (...) -- C:\Windows\Downloaded Program Files\ipsupd.dll [741376]

[MD5.0C135B4FEFF52ED92CF08BB3F0A75A90] [sPRF][11/09/2006] (.Macrovision Corporation - Macrovision Software Manager Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [484272]

[MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][05/01/2009] (...) -- C:\Windows\Downloaded Program Files\libfn.dll [32]

~ Scan Files in 00mn 00s

 

 

 

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "{DE74A80C-BAC6-4BB2-BBDD-930811DC1001}" | In - None - P6 - TRUE | .(.Acer Incorporated - Acer HomeMedia.) -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe

O87 - FAEL: "{354BCED7-34E7-491A-ADB6-D7653C44F022}" | In - None - P6 - TRUE | .(.Acer Corp. - Acer Arcade Deluxe PlayMovie Resident Program.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe

O87 - FAEL: "{AACEF52C-B38F-43BD-8E84-F6EC39E77F9B}" | In - None - P6 - TRUE | .(.Acer Corp. - Acer Arcade Deluxe PlayMovie.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe

O87 - FAEL: "{BF4046A9-FD78-4E85-8632-00E664A3863C}" | In - None - P6 - TRUE | .(.Acer Incorporated - Acer Arcade Deluxe.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe

O87 - FAEL: "{93B1F951-B0D8-4846-B758-E30700A5FA86}" | In - None - P6 - TRUE | .(.CyberLink - CLMSServer.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe

O87 - FAEL: "{2A3B36FF-6722-46C4-A97A-5858A5CE6608}" | In - None - P6 - TRUE | .(.CyberLink - CLMSService.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSService.exe

O87 - FAEL: "{EBD90117-78D9-484D-B06F-BC9FBF6D5682}" | In - None - P6 - TRUE | .(.CyberLink Corp. - Acer HomeMedia Connect.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\HomeMedia Connect.exe

O87 - FAEL: "{0E9B5AD8-4B7C-4046-B6C6-6E378E944651}" | In - Public - P17 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

O87 - FAEL: "{0D21AA58-9DC3-4EEA-94C8-58D2EB062942}" | In - Public - P6 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

O87 - FAEL: "{BDD67F42-D121-417C-B481-8F0C399722E0}" | In - Public - P17 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

O87 - FAEL: "{79BE4C26-1201-473C-BEEF-B6447653C5CA}" | In - Public - P6 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

O87 - FAEL: "{669500DC-8ED1-476A-B6D8-C91DA7636EE9}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- C:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe

O87 - FAEL: "{CC72602D-8E2C-44F3-9EDF-239C8C7BAC41}" | In - None - P6 - TRUE | .(.McAfee, Inc. - McAfee Network Agent.) -- C:\Program Files (x86)\Common Files\Mcafee\MNA\McNaSvc.exe

O87 - FAEL: "{B2141CD5-713B-4A4E-86B4-FA2D51D5D2B1}" | In - None - P6 - TRUE | .(.Pas de propriétaire - Printer Communication System.) -- C:\Windows\system32\lxedcoms.exe

O87 - FAEL: "{BDCC5242-9235-45AB-B07F-79278AAD67ED}" | In - None - P6 - TRUE | .(.Pas de propriétaire - Printer Communication System.) -- C:\Windows\system32\LXEDcoms.exe

O87 - FAEL: "{F742535C-62F3-40DE-8C32-1EDC0BC03951}" | In - None - P6 - TRUE | .(.Pas de propriétaire - Printer Communication System.) -- C:\Windows\system32\LXEDcoms.exe

O87 - FAEL: "{6D480602-DF91-471D-9D00-2E2160D99DEF}" | In - Private - P6 - TRUE | .(.ABBYY (BIT Software) - FineScanManager.) -- C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe

O87 - FAEL: "{05D5F926-AA08-42F4-974D-F79130C6F4DC}" | In - Private - P17 - TRUE | .(.ABBYY (BIT Software) - FineScanManager.) -- C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe

O87 - FAEL: "{FA8578ED-3C21-42EA-B3BE-404374B55941}" | In - Public - P6 - TRUE | .(.ABBYY (BIT Software) - FineScanManager.) -- C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe

O87 - FAEL: "{2A741EAA-DB0F-495D-9D81-94BCAA6FDDA3}" | In - Public - P17 - TRUE | .(.ABBYY (BIT Software) - FineScanManager.) -- C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe

O87 - FAEL: "{10B8C1F9-B58E-4BBF-85F4-BC6389497CEF}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe

O87 - FAEL: "{0A413918-1EF2-48EC-915A-74DAAA00E737}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe

O87 - FAEL: "{D0C76CC9-2278-4378-89AE-8731AD485A74}" | In - Public - P6 - TRUE | .(.Veoh Networks - Veoh Web Player Beta.) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe

O87 - FAEL: "{B6A2400E-F182-46C2-8928-0B0DF431FBD4}" | In - Public - P17 - TRUE | .(.Veoh Networks - Veoh Web Player Beta.) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe

~ Scan Firewall in 00mn 02s

 

 

 

---\\ Scan Additionnel (O88)

Database Version : 8606 - (08/08/2011)

Clés trouvées (Keys found) : 37

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 18

Fichiers trouvés (Files found) : 1

 

[HKLM\Software\Classes\AppID\NCTAudioCDGrabber2.DLL] =>PUP.BearShare

[HKLM\Software\Wow6432Node\Classes\AppID\NCTAudioCDGrabber2.DLL] =>PUP.BearShare

[HKLM\Software\Classes\Conduit.Engine] =>Toolbar.Conduit

[HKLM\Software\Wow6432Node\Classes\Conduit.Engine] =>Toolbar.Conduit

[HKLM\Software\Classes\pdfforge.DllInfo] =>

[HKLM\Software\Wow6432Node\Classes\pdfforge.DllInfo] =>

[HKLM\Software\Classes\pdfforge.PDF.PDF] =>PUP.Dealio

[HKLM\Software\Wow6432Node\Classes\pdfforge.PDF.PDF] =>PUP.Dealio

[HKLM\Software\Classes\pdfforge.PDF.PDFEncryptor] =>PUP.Dealio

[HKLM\Software\Wow6432Node\Classes\pdfforge.PDF.PDFEncryptor] =>PUP.Dealio

[HKLM\Software\Classes\pdfforge.PDF.PDFLine] =>PUP.Dealio

[HKLM\Software\Wow6432Node\Classes\pdfforge.PDF.PDFLine] =>PUP.Dealio

[HKLM\Software\Classes\pdfforge.PDF.PDFText] =>PUP.Dealio

[HKLM\Software\Wow6432Node\Classes\pdfforge.PDF.PDFText] =>PUP.Dealio

[HKLM\Software\Classes\pdfforge.Tools] =>PUP.Dealio

[HKLM\Software\Wow6432Node\Classes\pdfforge.Tools] =>PUP.Dealio

[HKLM\Software\Classes\Toolbar.CT2801948] =>Toolbar.Agent

[HKLM\Software\Wow6432Node\Classes\Toolbar.CT2801948] =>Toolbar.Agent

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Agent

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Agent

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit

[HKLM\Software\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}] =>PUP.BearShare

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{fee1002d-90a5-4a5d-aabe-01803ffbcf7a}] =>Adware.DesktopMedia

[HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AskSBar

[HKCU\Software\AutocompletePro] =>Adware.PredictAd

[HKCU\Software\Conduit] =>Toolbar.Conduit

[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit

[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit

[HKCU\Software\AppDataLow\Software\conduitEngine] =>Toolbar.Conduit

[HKLM\Software\Wow6432Node\conduitEngine] =>Toolbar.Conduit

[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong

[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit

[HKCU\Software\AppDataLow\Software\uTorrentBar_FR] =>Toolbar.Conduit

[HKLM\Software\Wow6432Node\uTorrentBar_FR] =>Toolbar.Conduit

C:\Program Files\Babylon =>Toolbar.Babylon

C:\Users\famille\AppData\Roaming\OpenCandy =>Adware.OpenCandy

C:\Users\famille\AppData\Local\Conduit =>Toolbar.Conduit

C:\Users\famille\AppData\Local\OpenCandy =>Adware.OpenCandy

C:\Users\famille\AppData\LocalLow\BabylonToolbar =>Toolbar.Babylon

C:\Users\famille\AppData\LocalLow\Conduit =>Toolbar.Conduit

C:\Users\famille\AppData\LocalLow\ConduitEngine =>Toolbar.Conduit

C:\Users\famille\AppData\LocalLow\PriceGong =>Adware.PriceGong

C:\Users\famille\AppData\LocalLow\uTorrentBar_FR =>Toolbar.Conduit

C:\Program Files (x86)\Babylon =>Toolbar.Babylon

C:\Program Files (x86)\Conduit =>Toolbar.Conduit

C:\Program Files (x86)\ConduitEngine =>Toolbar.Conduit

C:\Program Files (x86)\uTorrentBar_FR =>Toolbar.Conduit

C:\Users\famille\AppData\Roaming\Mozilla\Firefox\Profiles\dnnw8d13.default\Conduit =>Toolbar.Conduit

C:\Users\famille\AppData\Roaming\Mozilla\Firefox\Profiles\dnnw8d13.default\ConduitEngine =>Toolbar.Conduit

C:\Users\famille\AppData\Roaming\Mozilla\Firefox\Profiles\dnnw8d13.default\Extensions\[email protected] =>Toolbar.Conduit

C:\Users\famille\AppData\Roaming\Mozilla\Firefox\Profiles\dnnw8d13.default\SearchPlugins\conduit.xml =>Toolbar.Conduit

~ Scan Additionnel in 00mn 09s

 

 

 

---\\ Recherche détournement de DNS routeur (O89)

Serveur : neufbox

Address: 192.168.1.1

Nom : www.l.google.com

Addresses: 209.85.148.104

209.85.148.147

209.85.148.105

209.85.148.103

209.85.148.99

209.85.148.106

Aliases: www.google.fr

www.google.com

~ Scan DNS in 00mn 03s

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 31/12/2010 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

SR - | Auto 31/12/2010 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

SR - | Auto 26/07/2009 75048 | (CLHNService) . (...) - C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe

SR - | Auto 26/07/2009 58664 | (CyberLink Media Server Monitor Service) . (...) - C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSMonitorService.exe

SR - | Auto 26/07/2009 288120 | (CyberLink Media Server Service) . (.CyberLink.) - C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe

SS - | Auto 20/10/2009 133104 | (gupdate1ca51b324e09bc0) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 20/10/2009 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 23/09/2009 182768 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

SR - | Auto 01/04/2009 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

SR - | Auto 14/04/2010 45736 | (lxedCATSCustConnectService) . (.Lexmark International, Inc..) - C:\Windows\system32\spool\DRIVERS\x64\3\lxedserv.exe

SR - | Auto 17/10/2010 1052328 | (lxed_device) . (...) - C:\Windows\system32\lxedcoms.exe

SR - | Auto 16/02/2011 101048 | (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe

SS - | Demand 05/04/2011 227232 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe

SR - | Auto 10/07/2009 865832 | (mcmscsvc) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe

SR - | Auto 07/07/2009 2482848 | (McNASvc) . (.McAfee, Inc..) - C:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe

SS - | Demand 16/09/2009 696848 | (McODS) . (.McAfee, Inc..) - C:\Program Files\McAfee\VirusScan\mcods.exe

SR - | Auto 08/07/2009 359952 | (McProxy) . (.McAfee, Inc..) - C:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe

SS - | Auto 16/09/2009 155456 | (McShield) . (.McAfee, Inc..) - C:\Program Files\McAfee\VirusScan\Mcshield.exe

SR - | Demand 16/09/2009 606736 | (McSysmon) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe

SR - | Auto 15/09/2009 894136 | (MpfService) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe

SR - | Auto 08/07/2009 26640 | (MSK80Service) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe

SR - | Auto 01/04/2009 306736 | (MWLService) . (.EgisTec Inc..) - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe

SS - | Demand 01/04/2009 50424 | (NTIBackupSvc) . (.NewTech InfoSystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

SR - | Auto 01/04/2009 144632 | (NTISchedulerSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

SR - | Auto 17/08/2010 159336 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe

SR - | Auto 01/04/2009 247152 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

SS - | Demand 20/12/2009 430592 | (ServiceLayer) . (.Nokia..) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

~ Scan Services in 00mn 07s

 

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

~ Scan MBR in 00mn 09s

 

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by famille at 09/08/2011 17:09:03

 

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

~ Scan MBR in 00mn 11s

 

 

 

End of the scan (1460 lines in 03mn 37s)(0)

[pear]

Télécharger Rogue Killer par Tigzy sur le bureau

Sous Vista/Seven , clic droit -> lancer en tant qu'administrateur

Si le programme bloque, cliquez droit sur le lien ci-dessus->Enregistrer sous..

Dans la fenêtre qui s'ouvre renommez Roguekiller ->Winlogon.exe

Quittez tous tes programmes en cours et lancez le

Quand on vous le demande, tapez 1 et valider

Un rapport (RKreport.txt) apparait sur le bureau

montrant les processus infectieux

Copier/Coller le contenu dans la réponse

 

 

Relancez Rogue Killer

Nettoyage du registre Passer en Mode 2

 

Téléchargez AD-Remover sur le bureau

 

Déconnectez-vous et fermez toutes les applications en cours

Cliquer sur "Ad-R.exe" pour lancer l'installation et laisser les paramètres par défaut .

Une fenêtre s'affichera Vous prévenant des risques de l'utilisation de ce logiciel

Cliquez sur "OUI"

Double cliquer sur l'icône Ad-remover sur le bureau

Au menu principal choisir l'optionScanner et Validez

 

Patientez pendant le travail de l'outil.

Poster le rapport qui apparait à la fin .

Il est sauvegardé aussi sous C:\Ad-report.log

 

Ensuite

 

Relancer Ad- remover , choisir l'option Nettoyer

 

Il y aura 2 rapports à poster après :Scanner et Nettoyer

 

Une fois la désinfrction terminée, mais pas avant:

désinstaller AD-Remover, lancez avec l'option D puis supprimer l'icône du bureau.

 

 

 

 

Téléchargez MBAM

 

Branchez tous les supports amovibles avant de faire ce scan (clé usb/disque dur externe etc)

Avant de lancer Mbam

Vous devez d'abord désactiver vos protections mais vous ne savez pas comment faire

Exécuter avec droits d'administrateur.

Sous Vista , désactiver l'Uac

 

Double cliquez sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation.

Enregistrez le sur le bureau .

Fermer toutes les fenêtres et programmes

Suivez les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet)

N'apportez aucune modification aux réglages par défaut et, en fin d'installation,

Vérifiez que les options Update et Launch soient cochées

MBAM démarrera automatiquement et enverra un message demandant de mettre à jour le programme avant de lancer une analyse.

cliquer sur OK pour fermer la boîte de dialogue..

Dans l'onglet "mise à jour", cliquez sur le bouton Recherche de mise à jour:

Si le pare-feu demande l'autorisation de connecter MBAM, acceptez.

Une fois la mise à jour terminée, allez dans l'onglet Recherche.

Sélectionnez "Exécuter un examen complet"

Cliquez sur "Rechercher"

.L' analyse prendra un certain temps, soyez patient !

A la fin , un message affichera :

L'examen s'est terminé normalement.

Et un fichier Mbam.log apparaitra

 

 

 

Nettoyage

Relancez Mbam(Malewares'Bytes)

Sélectionnez "Exécuter un examen complet"

Cliquez sur "Rechercher"

L' analyse prendra un certain temps, soyez patient !

A la fin , un message affichera :

L'examen s'est terminé normalement.

Sélectionnez tout et cliquez sur Supprimer la sélection ,

MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

puis ouvrir le Bloc-notes et y copier le rapport d'analyse qui peut être retrouvé sous l'onglet Rapports/logs.

Copiez-collez ce rapport dans la prochaine réponse.

[franck de Marseille]

RE,

Voilà la première partie :

RogueKiller V5.3.1 [06/08/2011] par Tigzy

contact sur Forum Sciences / Forum Informatique - Sur la Toile (SLT)

mail: tigzyRK<at>gmail<dot>com

Remontees: [RogueKiller] Remontées (1/31)

 

Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Demarrage : Mode normal

Utilisateur: famille [Droits d'admin]

Mode: Recherche -- Date : 09/08/2011 19:26:37

 

Processus malicieux: 0

 

Entrees de registre: 3

[sUSP PATH] RunAsStdUser Task.job : c:\users\famille\appdata\local\temp\{86d4b82a-abed-442a-be86-96357b70f4fe}\runie.exe -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

 

Fichier HOSTS:

127.0.0.1 localhost

::1 localhost

 

 

Termine : << RKreport[1].txt >>

RKreport[1].txt

[franck de Marseille]

Je crois que j'ai fait une boulette : j'ai lancé deux fois le processus 2. Voici les rapports

 

Le premier :

 

RogueKiller V5.3.1 [06/08/2011] par Tigzy

contact sur Forum Sciences / Forum Informatique - Sur la Toile (SLT)

mail: tigzyRK<at>gmail<dot>com

Remontees: [RogueKiller] Remontées (1/31)

 

Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Demarrage : Mode normal

Utilisateur: famille [Droits d'admin]

Mode: Suppression -- Date : 09/08/2011 19:28:48

 

Processus malicieux: 0

 

Entrees de registre: 2

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

 

Fichier HOSTS:

127.0.0.1 localhost

::1 localhost

 

 

Termine : << RKreport[2].txt >>

RKreport[1].txt ; RKreport[2].txt

 

Et voici le second :

 

RogueKiller V5.3.1 [06/08/2011] par Tigzy

contact sur Forum Sciences / Forum Informatique - Sur la Toile (SLT)

mail: tigzyRK<at>gmail<dot>com

Remontees: [RogueKiller] Remontées (1/31)

 

Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Demarrage : Mode normal

Utilisateur: famille [Droits d'admin]

Mode: Suppression -- Date : 09/08/2011 19:29:21

 

Processus malicieux: 0

 

Entrees de registre: 1

[sUSP PATH] RunAsStdUser Task.job : c:\users\famille\appdata\local\temp\{86d4b82a-abed-442a-be86-96357b70f4fe}\runie.exe -> DELETED

 

Fichier HOSTS:

127.0.0.1 localhost

::1 localhost

 

 

Termine : << RKreport[3].txt >>

RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

[franck de Marseille]

La suite (1)

 

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

 

Mis à jour par TeamXscript le 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: http://www.teamxscript.org

 

C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [2]) -> Lancé à 19:36:11 le 09/08/2011, Mode normal

 

Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64)

famille@PC-DE-FAMILLE (Acer Aspire M3800)

 

============== RECHERCHE ==============

 

 

Dossier trouvé: C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default\conduit

Dossier trouvé: C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default\ConduitEngine

Dossier trouvé: C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default\extensions\[email protected]

Fichier trouvé: C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default\searchplugins\conduit.xml

Dossier trouvé: C:\Users\famille\AppData\Local\Conduit

Dossier trouvé: C:\Users\famille\AppData\LocalLow\Conduit

Dossier trouvé: C:\Program Files (x86)\Conduit

Dossier trouvé: C:\Users\famille\AppData\LocalLow\ConduitEngine

Dossier trouvé: C:\Program Files (x86)\ConduitEngine

Dossier trouvé: C:\Users\famille\AppData\Roaming\OpenCandy

Dossier trouvé: C:\Users\famille\AppData\Local\OpenCandy

Dossier trouvé: C:\Users\famille\AppData\LocalLow\PriceGong

 

-- Fichier ouvert: C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default\Prefs.js --

Ligne trouvée: user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "");

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1045667/1041378/FR", "\"0\"...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1194029/1189706/FR", "\"0\"...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1243674/1239347/FR", "\"0\"...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"")...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2801948", ...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2851639", ...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3....

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2801948",...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63433363123173...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/27/2...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2801948/CT2801948...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2851639/CT2851639...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/idel.gif", "...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/minimize.gif...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/play.gif", "...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/stop.gif", "...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/vol.gif", "\...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=fr", "\"634...

Ligne trouvée: user_pref("CommunityToolbar.EngineOwner", "CT2851639");

Ligne trouvée: user_pref("CommunityToolbar.EngineOwnerGuid", "{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}");

Ligne trouvée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar_fr");

Ligne trouvée: user_pref("CommunityToolbar.IsEngineShown", false);

Ligne trouvée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);

Ligne trouvée: user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://cdn.triplegames.com/shared/apps/gamearcade/ar...

Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2851639");

Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}");

Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "utorrentbar_fr");

Ligne trouvée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...

Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT2851639,ConduitEngine");

Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList2", "CT2851639,ConduitEngine");

Ligne trouvée: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Wed Apr 06 2011 08:05:29 GMT+02...

Ligne trouvée: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);

Ligne trouvée: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Jul 10 2011 19:22:06 GMT+0200");

Ligne trouvée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");

Ligne trouvée: user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);

Ligne trouvée: user_pref("CommunityToolbar.alert.locale", "en");

Ligne trouvée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);

Ligne trouvée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Jul 11 2011 17:54:37 GMT+0200");

Ligne trouvée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");

Ligne trouvée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);

Ligne trouvée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");

Ligne trouvée: user_pref("CommunityToolbar.alert.showTrayIcon", false);

Ligne trouvée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);

Ligne trouvée: user_pref("CommunityToolbar.alert.userId", "36984b70-4fe1-4de7-8ba7-a38e3ffc5db0");

Ligne trouvée: user_pref("CommunityToolbar.facebook.sessionKey", "2.eazJvCTPjTUat98zJgGocA__.86400.1300046400-10000...

Ligne trouvée: user_pref("CommunityToolbar.facebook.sessionSecret", "LN9wd_v_7TSCCo81BFsf4w__");

Ligne trouvée: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Mar 26 2011 09:18:23 GMT+0100");

Ligne trouvée: user_pref("CommunityToolbar.facebook.userId", "100001568831559");

Ligne trouvée: user_pref("CommunityToolbar.globalUserId", "d2a156be-59d7-40de-99b9-b88e9679981c");

Ligne trouvée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);

Ligne trouvée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);

Ligne trouvée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2801948");

Ligne trouvée: user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sat Jul 02 2011 12:11:32 GMT+0200");

Ligne trouvée: user_pref("ConduitEngine.CTID", "ConduitEngine");

Ligne trouvée: user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Wed Apr 06 2011 08:05:28 GMT+0200");

Ligne trouvée: user_pref("ConduitEngine.FirstServerDate", "12/29/2010 22");

Ligne trouvée: user_pref("ConduitEngine.FirstTime", true);

Ligne trouvée: user_pref("ConduitEngine.FirstTimeFF3", true);

Ligne trouvée: user_pref("ConduitEngine.FixPageNotFoundErrors", false);

Ligne trouvée: user_pref("ConduitEngine.HasUserGlobalKeys", true);

Ligne trouvée: user_pref("ConduitEngine.Initialize", true);

Ligne trouvée: user_pref("ConduitEngine.InitializeCommonPrefs", true);

Ligne trouvée: user_pref("ConduitEngine.InstallationType", "UnknownIntegration");

Ligne trouvée: user_pref("ConduitEngine.InstalledDate", "Wed Dec 29 2010 20:04:00 GMT+0100");

Ligne trouvée: user_pref("ConduitEngine.IsMulticommunity", false);

Ligne trouvée: user_pref("ConduitEngine.IsOpenThankYouPage", false);

Ligne trouvée: user_pref("ConduitEngine.IsOpenUninstallPage", false);

Ligne trouvée: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Dec 30 2010 20:04:00 GMT+0100");

Ligne trouvée: user_pref("ConduitEngine.LastLogin_3.2.5.2", "Thu Dec 30 2010 20:30:05 GMT+0100");

Ligne trouvée: user_pref("ConduitEngine.PublisherContainerWidth", 0);

Ligne trouvée: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);

Ligne trouvée: user_pref("ConduitEngine.SettingsLastCheckTime", "Wed Apr 06 2011 08:05:27 GMT+0200");

Ligne trouvée: user_pref("ConduitEngine.UserID", "UN78959148571048230");

Ligne trouvée: user_pref("ConduitEngine.engineLocale", "fr");

Ligne trouvée: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Dec 30 2010 20:04:00 GMT+0100");

Ligne trouvée: user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Wed Apr 06 2011 08:05:29 GMT+0200");

Ligne trouvée: user_pref("ConduitEngine.initDone", true);

Ligne trouvée: user_pref("ConduitEngine.isAppTrackingManagerOn", true);

-- Fichier Fermé --

 

 

Clé trouvée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}

Clé trouvée: HKLM\Software\Classes\CLSID\{B0CDE31A-5EC1-4F67-8F68-8AABC7B0E94B}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B0CDE31A-5EC1-4F67-8F68-8AABC7B0E94B}

Clé trouvée: HKLM\Software\Classes\Conduit.Engine

Clé trouvée: HKLM\Software\Classes\Toolbar.CT2801948

Clé trouvée: HKLM\Software\Conduit

Clé trouvée: HKLM\Software\conduitEngine

Clé trouvée: HKCU\Software\AutocompletePro

Clé trouvée: HKCU\Software\Conduit

Clé trouvée: HKCU\Software\AppDataLow\Toolbar

Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit

Clé trouvée: HKCU\Software\AppDataLow\Software\conduitEngine

Clé trouvée: HKCU\Software\AppDataLow\Software\PriceGong

Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8060ED0-EFAD-45A8-9E1B-819A62BEB1AA}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

Clé trouvée: HKLM\Software\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk

 

Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}

 

 

============== SCAN ADDITIONNEL ==============

 

**** Mozilla Firefox Version [5.0 (fr)] ****

 

Plugins\npDivxPlayerPlugin.dll (DivX, Inc)

HKLM_MozillaPlugins\Adobe Reader (x)

Searchplugins\babylon.xml (hxxp://search.babylon.com/web/{searchTerms})

Searchplugins\bing.xml ( hxxp://www.bing.com/search)

Components\browsercomps.dll (Mozilla Foundation)

HKLM_Extensions|{23fcfd51-4958-4f00-80a3-ae97e717ed8b} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video

HKLM_Extensions|{6904342A-8307-11DF-A508-4AE2DFD72085} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa

HKLM_Extensions|{B7082FAA-CB62-4872-9106-E42DD88EDE45} - C:\Program Files (x86)\McAfee\SiteAdvisor

 

-- C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default --

Extensions\[email protected] (Conduit Engine )

Extensions\{04253f76-f258-4b03-7b4a-0bebad2ca3e9} (<?xml version="1.0"?><RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:em="http://www.mozilla.org/2004/em-rdf#"><Description about="urn:mozilla:install-manifest"><em:id>{04253f76-f258-4b03-7b4a-0bebad2ca3e9}</em:id>facemoi<em:version>2.0</em:version><em:description>Extension for Facebook</em:description><em:creator>FaceMoi</em:creator><em:contributor>FaceMoi : www.facemoi.com</em:contributor><em:contributor>Who visits my facebook profile - Facemoi</em:contributor><em:iconURL>chrome://facemoi/content/facemoi.png</em:iconURL><em:homepageURL>Who visits my facebook profile - Facemoi</em:homepageURL><em:targetApplication><Description><em:id>{ec8030f7-c20a-464f-9b0e-13a3a9e97384}</em:id><em:minVersion>2.3</em:minVersion><em:maxVersion>4.*</em:maxVersion></Description></em:targetApplication></Description></RDF>)

Searchplugins\conduit.xml (hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms} /)

Prefs.js - browser.download.lastDir, C:\\Users\\famille\\Desktop

Prefs.js - browser.search.defaultenginename, Search the web (Babylon)

Prefs.js - browser.search.defaulturl, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=18173

Prefs.js - browser.search.selectedEngine, Google

Prefs.js - browser.startup.homepage, hxxp://ww.google.fr

Prefs.js - browser.startup.homepage_override.buildID, 20110615151330

Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=adbartrp&AF=18173&q=

 

========================================

 

**** Internet Explorer Version [9.0.8112.16421] ****

 

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896

HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKCU_Main|Start Page - hxxps://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1302971529&rver=6.1.6206.0&wp=MBI&wreply=hxxp:%2F%2Fmail.live...

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm

HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Start Page - hxxp://fr.msn.com/

HKCU_URLSearchHooks|{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - "McAfee SiteAdvisor Toolbar" (c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll)

HKCU_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll)

HKCU_URLSearchHooks|{37483b40-c254-4a72-bda4-22ee90182c1e} - "NCH EN Toolbar" (C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll)

HKLM_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll)

HKLM_URLSearchHooks|{37483b40-c254-4a72-bda4-22ee90182c1e} - "NCH EN Toolbar" (C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll)

HKCU_SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - "Search the web (Babylon)" (hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=18173)

HKCU_SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} - "NCH EN Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)

HKLM_SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} - "NCH EN Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)

HKCU_Toolbar\WebBrowser|{1017A80C-6F09-4548-A84D-EDD6AC9525F0} (C:\Program Files\Lexmark Toolbar\toolband.dll)

HKCU_Toolbar\WebBrowser|{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} (C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll)

HKCU_Toolbar\WebBrowser|{37483B40-C254-4A72-BDA4-22EE90182C1E} (C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll)

HKLM_Toolbar|{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} (c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll)

HKLM_Toolbar|{1017A80C-6F09-4548-A84D-EDD6AC9525F0} (C:\Program Files\Lexmark Toolbar\toolband.dll)

HKLM_Toolbar|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} (C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll)

HKLM_Toolbar|{37483b40-c254-4a72-bda4-22ee90182c1e} (C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll)

HKLM_Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} (C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll)

HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files (x86)\Veetle\Player\vtl_hfs.exe (?)

HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files (x86)\Veetle\Player\player.exe (?)

HKCU_ElevationPolicy\{A68B194F-D79E-4EE0-A405-AFB259F1FB36} - C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC)

HKCU_ElevationPolicy\{B45B50CC-DCB6-4D3E-B6CA-696CAF40BDF2} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe (Megaupload Limited)

HKCU_ElevationPolicy\{C62FD49E-B4B9-4F6A-AC7C-3474E848E866} - C:\Program Files (x86)\DivX\DivX Plus Web Player\dwpBroker.exe (?)

HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files (x86)\Veetle\Player\vtl_hfax.exe (?)

HKLM_ElevationPolicy\{02DAEBED-1504-4562-A498-4120120DEB8A} - C:\Program Files\Lexmark Toolbar\tbsched.exe (?)

HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)

HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)

HKLM_ElevationPolicy\{291DCC1E-4014-4CCD-8305-D990C4AFD8D5} - C:\Program Files (x86)\NCH_EN\NCH_ENToolbarHelper.exe (?)

HKLM_ElevationPolicy\{5F17E524-3447-4c7d-8E5F-4EFF31CDE3B7} - C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC)

HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files (x86)\Veetle\Player\vtl_hfs.exe (?)

HKLM_ElevationPolicy\{64903E32-AE0B-408D-909C-09A08791F28D} - C:\Program Files (x86)\DivX\DivX Plus Web Player\dwpBroker.exe (?)

HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files (x86)\Veetle\Player\player.exe (?)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files (x86)\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)

HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)

HKLM_ElevationPolicy\{D5793D32-E7C9-4F0E-B76E-A3545761F2E3} - C:\Users\famille\AppData\Local\Conduit\CT2801948\NCH_ENAutoUpdateHelper.exe (?)

HKLM_ElevationPolicy\{D802E3EF-2513-4661-972E-BAD737EFBA88} - C:\Program Files (x86)\DivX\DivX OVS Helper\OVSHelperBroker.exe (DivX, LLC.)

HKLM_ElevationPolicy\{D8060ED0-EFAD-45A8-9E1B-819A62BEB1AA} - C:\Program Files (x86)\ConduitEngine\ConduitEngineHelper.exe (?)

HKLM_ElevationPolicy\{DAABE21E-DB8C-49b8-9511-9E6547ECBC5F} - c:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)

HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files (x86)\Veetle\Player\vtl_hfax.exe (?)

HKLM_ElevationPolicy\{FCAF9570-E42A-4D7D-BB81-FC311AB91B02} - C:\Program Files (x86)\uTorrentBar_FR\uTorrentBar_FRToolbarHelper.exe (?)

HKCU_Extensions\{97ED3A9F-CD6F-473A-8FE1-7505C1B844C3} - "Billeo" (billeo.dll,219)

HKLM_Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66} - "?" (?)

BHO\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll)

BHO\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - "Lexmark Barre d'outils" (C:\Program Files\Lexmark Toolbar\toolband.dll)

BHO\{27B4851A-3207-45A2-B947-BE8AFE6163AB} - "McAfee Phishing Filter" (c:\PROGRA~2\mcafee\msk\mskapbho.dll)

BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} - "Conduit Engine" (C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll)

BHO\{326E768D-4182-46FD-9C16-1449A49795F4} - "DivX Plus Web Player HTML5 <video>" (C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll)

BHO\{37483b40-c254-4a72-bda4-22ee90182c1e} - "NCH EN Toolbar" (C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll)

BHO\{593DDEC6-7468-4cdd-90E1-42DADAA222E9} - "DivX HiQ" (C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll)

BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)

BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)

BHO\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} - "scriptproxy" (C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll)

BHO\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} - "McAfee SiteAdvisor BHO" (c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll)

BHO\{bf00e119-21a3-4fd1-b178-3b8537e75c92} - "IeMonitorBho Class" (C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll)

BHO\{D2C5E510-BE6D-42CC-9F61-E4F939078474} - "Lexmark " (C:\Program Files\Lexmark Printable Web\bho.dll)

BHO\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC} (?)

 

========================================

 

C:\Program Files (x86)\Ad-Remover\Quarantine: 88 Fichier(s)

C:\Program Files (x86)\Ad-Remover\Backup: 18 Fichier(s)

 

C:\Ad-Report-CLEAN[1].txt - 30/12/2010 21:54:22 (7187 Octet(s))

C:\Ad-Report-SCAN[1].txt - 30/12/2010 21:50:44 (7083 Octet(s))

C:\Ad-Report-SCAN[2].txt - 09/08/2011 19:36:18 (22585 Octet(s))

 

Fin à: 19:37:44, 09/08/2011

 

============== E.O.F ==============

[franck de Marseille]

Ensuite le 2eme rapport AD-R (nettoyage):

 

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

 

Mis à jour par TeamXscript le 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: http://www.teamxscript.org

 

C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 19:41:40 le 09/08/2011, Mode normal

 

Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64)

famille@PC-DE-FAMILLE (Acer Aspire M3800)

 

============== ACTION(S) ==============

 

 

Dossier supprimé: C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default\conduit

Dossier supprimé: C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default\ConduitEngine

Dossier supprimé: C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default\extensions\[email protected]

Fichier supprimé: C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default\searchplugins\conduit.xml

Dossier supprimé: C:\Users\famille\AppData\Local\Conduit

Dossier supprimé: C:\Users\famille\AppData\LocalLow\Conduit

Dossier supprimé: C:\Program Files (x86)\Conduit

Dossier supprimé: C:\Users\famille\AppData\LocalLow\ConduitEngine

Dossier supprimé: C:\Program Files (x86)\ConduitEngine

Dossier supprimé: C:\Users\famille\AppData\Roaming\OpenCandy

Dossier supprimé: C:\Users\famille\AppData\Local\OpenCandy

Dossier supprimé: C:\Users\famille\AppData\LocalLow\PriceGong

 

(!) -- Fichiers temporaires supprimés.

 

 

-- Fichier ouvert: C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default\Prefs.js --

Ligne supprimée: user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "");

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1045667/1041378/FR", "\"0\"...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1194029/1189706/FR", "\"0\"...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1243674/1239347/FR", "\"0\"...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"")...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2801948", ...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2851639", ...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3....

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2801948",...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63433363123173...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/27/2...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2801948/CT2801948...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2851639/CT2851639...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/idel.gif", "...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/minimize.gif...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/play.gif", "...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/stop.gif", "...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/vol.gif", "\...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=fr", "\"634...

Ligne supprimée: user_pref("CommunityToolbar.EngineOwner", "CT2851639");

Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerGuid", "{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}");

Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar_fr");

Ligne supprimée: user_pref("CommunityToolbar.IsEngineShown", false);

Ligne supprimée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);

Ligne supprimée: user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://cdn.triplegames.com/shared/apps/gamearcade/ar...

Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2851639");

Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}");

Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "utorrentbar_fr");

Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...

Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT2851639,ConduitEngine");

Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "CT2851639,ConduitEngine");

Ligne supprimée: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Wed Apr 06 2011 08:05:29 GMT+02...

Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);

Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Jul 10 2011 19:22:06 GMT+0200");

Ligne supprimée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");

Ligne supprimée: user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);

Ligne supprimée: user_pref("CommunityToolbar.alert.locale", "en");

Ligne supprimée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);

Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Jul 11 2011 17:54:37 GMT+0200");

Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");

Ligne supprimée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);

Ligne supprimée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");

Ligne supprimée: user_pref("CommunityToolbar.alert.showTrayIcon", false);

Ligne supprimée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);

Ligne supprimée: user_pref("CommunityToolbar.alert.userId", "36984b70-4fe1-4de7-8ba7-a38e3ffc5db0");

Ligne supprimée: user_pref("CommunityToolbar.facebook.sessionKey", "2.eazJvCTPjTUat98zJgGocA__.86400.1300046400-10000...

Ligne supprimée: user_pref("CommunityToolbar.facebook.sessionSecret", "LN9wd_v_7TSCCo81BFsf4w__");

Ligne supprimée: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Mar 26 2011 09:18:23 GMT+0100");

Ligne supprimée: user_pref("CommunityToolbar.facebook.userId", "100001568831559");

Ligne supprimée: user_pref("CommunityToolbar.globalUserId", "d2a156be-59d7-40de-99b9-b88e9679981c");

Ligne supprimée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);

Ligne supprimée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);

Ligne supprimée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2801948");

Ligne supprimée: user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sat Jul 02 2011 12:11:32 GMT+0200");

Ligne supprimée: user_pref("ConduitEngine.CTID", "ConduitEngine");

Ligne supprimée: user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Wed Apr 06 2011 08:05:28 GMT+0200");

Ligne supprimée: user_pref("ConduitEngine.FirstServerDate", "12/29/2010 22");

Ligne supprimée: user_pref("ConduitEngine.FirstTime", true);

Ligne supprimée: user_pref("ConduitEngine.FirstTimeFF3", true);

Ligne supprimée: user_pref("ConduitEngine.FixPageNotFoundErrors", false);

Ligne supprimée: user_pref("ConduitEngine.HasUserGlobalKeys", true);

Ligne supprimée: user_pref("ConduitEngine.Initialize", true);

Ligne supprimée: user_pref("ConduitEngine.InitializeCommonPrefs", true);

Ligne supprimée: user_pref("ConduitEngine.InstallationType", "UnknownIntegration");

Ligne supprimée: user_pref("ConduitEngine.InstalledDate", "Wed Dec 29 2010 20:04:00 GMT+0100");

Ligne supprimée: user_pref("ConduitEngine.IsMulticommunity", false);

Ligne supprimée: user_pref("ConduitEngine.IsOpenThankYouPage", false);

Ligne supprimée: user_pref("ConduitEngine.IsOpenUninstallPage", false);

Ligne supprimée: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Dec 30 2010 20:04:00 GMT+0100");

Ligne supprimée: user_pref("ConduitEngine.LastLogin_3.2.5.2", "Thu Dec 30 2010 20:30:05 GMT+0100");

Ligne supprimée: user_pref("ConduitEngine.PublisherContainerWidth", 0);

Ligne supprimée: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);

Ligne supprimée: user_pref("ConduitEngine.SettingsLastCheckTime", "Wed Apr 06 2011 08:05:27 GMT+0200");

Ligne supprimée: user_pref("ConduitEngine.UserID", "UN78959148571048230");

Ligne supprimée: user_pref("ConduitEngine.engineLocale", "fr");

Ligne supprimée: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Dec 30 2010 20:04:00 GMT+0100");

Ligne supprimée: user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Wed Apr 06 2011 08:05:29 GMT+0200");

Ligne supprimée: user_pref("ConduitEngine.initDone", true);

Ligne supprimée: user_pref("ConduitEngine.isAppTrackingManagerOn", true);

-- Fichier Fermé --

 

 

Clé supprimée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}

Clé supprimée: HKLM\Software\Classes\CLSID\{B0CDE31A-5EC1-4F67-8F68-8AABC7B0E94B}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B0CDE31A-5EC1-4F67-8F68-8AABC7B0E94B}

Clé supprimée: HKLM\Software\Classes\Conduit.Engine

Clé supprimée: HKLM\Software\Classes\Toolbar.CT2801948

Clé supprimée: HKLM\Software\Conduit

Clé supprimée: HKLM\Software\conduitEngine

Clé supprimée: HKCU\Software\AutocompletePro

Clé supprimée: HKCU\Software\Conduit

Clé supprimée: HKCU\Software\AppDataLow\Toolbar

Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit

Clé supprimée: HKCU\Software\AppDataLow\Software\conduitEngine

Clé supprimée: HKCU\Software\AppDataLow\Software\PriceGong

Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8060ED0-EFAD-45A8-9E1B-819A62BEB1AA}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

Clé supprimée: HKLM\Software\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk

 

Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}

 

 

============== SCAN ADDITIONNEL ==============

 

**** Mozilla Firefox Version [5.0 (fr)] ****

 

Plugins\npDivxPlayerPlugin.dll (DivX, Inc)

HKLM_MozillaPlugins\Adobe Reader (x)

Searchplugins\babylon.xml (hxxp://search.babylon.com/web/{searchTerms})

Searchplugins\bing.xml ( hxxp://www.bing.com/search)

Components\browsercomps.dll (Mozilla Foundation)

HKLM_Extensions|{23fcfd51-4958-4f00-80a3-ae97e717ed8b} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video

HKLM_Extensions|{6904342A-8307-11DF-A508-4AE2DFD72085} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa

HKLM_Extensions|{B7082FAA-CB62-4872-9106-E42DD88EDE45} - C:\Program Files (x86)\McAfee\SiteAdvisor

 

-- C:\Users\famille\AppData\Roaming\Mozilla\FireFox\Profiles\dnnw8d13.default --

Extensions\{04253f76-f258-4b03-7b4a-0bebad2ca3e9} (<?xml version="1.0"?><RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:em="http://www.mozilla.org/2004/em-rdf#"><Description about="urn:mozilla:install-manifest"><em:id>{04253f76-f258-4b03-7b4a-0bebad2ca3e9}</em:id>facemoi<em:version>2.0</em:version><em:description>Extension for Facebook</em:description><em:creator>FaceMoi</em:creator><em:contributor>FaceMoi : www.facemoi.com</em:contributor><em:contributor>Who visits my facebook profile - Facemoi</em:contributor><em:iconURL>chrome://facemoi/content/facemoi.png</em:iconURL><em:homepageURL>Who visits my facebook profile - Facemoi</em:homepageURL><em:targetApplication><Description><em:id>{ec8030f7-c20a-464f-9b0e-13a3a9e97384}</em:id><em:minVersion>2.3</em:minVersion><em:maxVersion>4.*</em:maxVersion></Description></em:targetApplication></Description></RDF>)

Prefs.js - browser.download.lastDir, C:\\Users\\famille\\Desktop

Prefs.js - browser.search.defaultenginename, Search the web (Babylon)

Prefs.js - browser.search.defaulturl, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=18173

Prefs.js - browser.search.selectedEngine, Google

Prefs.js - browser.startup.homepage, hxxp://ww.google.fr

Prefs.js - browser.startup.homepage_override.buildID, 20110615151330

Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=adbartrp&AF=18173&q=

 

========================================

 

**** Internet Explorer Version [9.0.8112.16421] ****

 

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896

HKCU_Main|Start Page - hxxp://fr.msn.com/

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm

HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Start Page - hxxp://fr.msn.com/

HKCU_URLSearchHooks|{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - "McAfee SiteAdvisor Toolbar" (c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll)

HKCU_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll)

HKCU_URLSearchHooks|{37483b40-c254-4a72-bda4-22ee90182c1e} - "NCH EN Toolbar" (C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll)

HKLM_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll)

HKLM_URLSearchHooks|{37483b40-c254-4a72-bda4-22ee90182c1e} - "NCH EN Toolbar" (C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll)

HKCU_Toolbar\WebBrowser|{1017A80C-6F09-4548-A84D-EDD6AC9525F0} (C:\Program Files\Lexmark Toolbar\toolband.dll)

HKCU_Toolbar\WebBrowser|{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} (C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll)

HKCU_Toolbar\WebBrowser|{37483B40-C254-4A72-BDA4-22EE90182C1E} (C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll)

HKLM_Toolbar|{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} (c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll)

HKLM_Toolbar|{1017A80C-6F09-4548-A84D-EDD6AC9525F0} (C:\Program Files\Lexmark Toolbar\toolband.dll)

HKLM_Toolbar|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} (C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll)

HKLM_Toolbar|{37483b40-c254-4a72-bda4-22ee90182c1e} (C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll)

HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files (x86)\Veetle\Player\vtl_hfs.exe (?)

HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files (x86)\Veetle\Player\player.exe (?)

HKCU_ElevationPolicy\{A68B194F-D79E-4EE0-A405-AFB259F1FB36} - C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC)

HKCU_ElevationPolicy\{B45B50CC-DCB6-4D3E-B6CA-696CAF40BDF2} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe (Megaupload Limited)

HKCU_ElevationPolicy\{C62FD49E-B4B9-4F6A-AC7C-3474E848E866} - C:\Program Files (x86)\DivX\DivX Plus Web Player\dwpBroker.exe (?)

HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files (x86)\Veetle\Player\vtl_hfax.exe (?)

HKLM_ElevationPolicy\{02DAEBED-1504-4562-A498-4120120DEB8A} - C:\Program Files\Lexmark Toolbar\tbsched.exe (?)

HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)

HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)

HKLM_ElevationPolicy\{291DCC1E-4014-4CCD-8305-D990C4AFD8D5} - C:\Program Files (x86)\NCH_EN\NCH_ENToolbarHelper.exe (?)

HKLM_ElevationPolicy\{5F17E524-3447-4c7d-8E5F-4EFF31CDE3B7} - C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC)

HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files (x86)\Veetle\Player\vtl_hfs.exe (?)

HKLM_ElevationPolicy\{64903E32-AE0B-408D-909C-09A08791F28D} - C:\Program Files (x86)\DivX\DivX Plus Web Player\dwpBroker.exe (?)

HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files (x86)\Veetle\Player\player.exe (?)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files (x86)\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)

HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)

HKLM_ElevationPolicy\{D5793D32-E7C9-4F0E-B76E-A3545761F2E3} - C:\Users\famille\AppData\Local\Conduit\CT2801948\NCH_ENAutoUpdateHelper.exe (x)

HKLM_ElevationPolicy\{D802E3EF-2513-4661-972E-BAD737EFBA88} - C:\Program Files (x86)\DivX\DivX OVS Helper\OVSHelperBroker.exe (DivX, LLC.)

HKLM_ElevationPolicy\{DAABE21E-DB8C-49b8-9511-9E6547ECBC5F} - c:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)

HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files (x86)\Veetle\Player\vtl_hfax.exe (?)

HKLM_ElevationPolicy\{FCAF9570-E42A-4D7D-BB81-FC311AB91B02} - C:\Program Files (x86)\uTorrentBar_FR\uTorrentBar_FRToolbarHelper.exe (?)

HKCU_Extensions\{97ED3A9F-CD6F-473A-8FE1-7505C1B844C3} - "Billeo" (billeo.dll,219)

HKLM_Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66} - "?" (?)

BHO\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (C:\Program Files (x86)\uTorrentBar_FR\tbuTor.dll)

BHO\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - "Lexmark Barre d'outils" (C:\Program Files\Lexmark Toolbar\toolband.dll)

BHO\{27B4851A-3207-45A2-B947-BE8AFE6163AB} - "McAfee Phishing Filter" (c:\PROGRA~2\mcafee\msk\mskapbho.dll)

BHO\{326E768D-4182-46FD-9C16-1449A49795F4} - "DivX Plus Web Player HTML5 <video>" (C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll)

BHO\{37483b40-c254-4a72-bda4-22ee90182c1e} - "NCH EN Toolbar" (C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll)

BHO\{593DDEC6-7468-4cdd-90E1-42DADAA222E9} - "DivX HiQ" (C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll)

BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)

BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)

BHO\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} - "scriptproxy" (C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll)

BHO\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} - "McAfee SiteAdvisor BHO" (c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll)

BHO\{bf00e119-21a3-4fd1-b178-3b8537e75c92} - "IeMonitorBho Class" (C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll)

BHO\{D2C5E510-BE6D-42CC-9F61-E4F939078474} - "Lexmark " (C:\Program Files\Lexmark Printable Web\bho.dll)

BHO\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC} (?)

 

========================================

 

C:\Program Files (x86)\Ad-Remover\Quarantine: 250 Fichier(s)

C:\Program Files (x86)\Ad-Remover\Backup: 32 Fichier(s)

 

C:\Ad-Report-CLEAN[1].txt - 30/12/2010 21:54:22 (7187 Octet(s))

C:\Ad-Report-CLEAN[2].txt - 09/08/2011 19:41:46 (21586 Octet(s))

C:\Ad-Report-SCAN[1].txt - 30/12/2010 21:50:44 (7083 Octet(s))

C:\Ad-Report-SCAN[2].txt - 09/08/2011 19:36:18 (22724 Octet(s))

 

Fin à: 19:44:21, 09/08/2011

 

============== E.O.F ==============

[pear]

Ca doit déjà s'amélioreR§

 

Représentez un nouveau Zhpdiag, svp.

[franck de Marseille]

Par contre concernant Mbam :

 

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Version de la base de données: 4431

 

Windows 6.0.6001 Service Pack 1

Internet Explorer 7.0.6001.18000

 

15/08/2010 12:11:11

mbam-log-2010-08-15 (12-11-11).txt

 

Type d'examen: Examen complet (C:\|D:\|L:\|)

Elément(s) analysé(s): 346943

Temps écoulé: 1 heure(s), 13 minute(s), 56 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 3

Valeur(s) du Registre infectée(s): 4

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 1

Fichier(s) infecté(s): 20

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{549b5ca7-4a86-11d7-a4df-000874180bb3} (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{549b5ca7-4a86-11d7-a4df-000874180bb3} (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\AnVi (Rogue.AnVi) -> Quarantined and deleted successfully.

 

Valeur(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus (Rogue.AntiVirus) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wmsdk64_32.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\24d1ca9a-a864-4f7b-86fe-495eb56529d8 (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\7bde84a2-f58f-46ec-9eac-f1f90fead080 (Malware.Trace) -> Quarantined and deleted successfully.

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi (Rogue.AntiVirus) -> Quarantined and deleted successfully.

 

Fichier(s) infecté(s):

C:\Users\famille\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PI11YB24\5-direct[1].ex (Rootkit.TDSS) -> Quarantined and deleted successfully.

C:\Users\famille\AppData\Local\Temp\asd2FF5.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Users\famille\AppData\Local\Temp\dhdhtrdhdrtr5y (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Users\famille\AppData\Local\Temp\expand32xp.dll (Trojan.FakeAV) -> Quarantined and deleted successfully.

C:\Users\famille\AppData\Local\Temp\tmp2922.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Users\famille\AppData\Local\Temp\tmp3033.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Users\famille\AppData\Local\Temp\tmpA85F.tmp.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.

C:\Users\famille\AppData\Local\Temp\topwesitjh (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Users\famille\Documents\VICTOR\dossier\tmplus\Updater.exe (Rogue.Agent) -> Quarantined and deleted successfully.

C:\Users\famille\Downloads\adobeflashplayerv10.0.45.2.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\About.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully.

C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\Activate.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully.

C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\Antivirus Support.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully.

C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\Antivirus.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully.

C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\Buy.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully.

C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\Scan.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully.

C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\Settings.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully.

C:\Users\famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\Update.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully.

C:\Users\famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antivirus.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully.

C:\Users\famille\AppData\Roaming\AnVi\avt.exe (Rogue.AntiVirus) -> Quarantined and deleted successfully.

 

J'ai encore autre chose :

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

 

Version de la base de données: 7418

 

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

 

09/08/2011 21:05:39

mbam-log-2011-08-09 (21-05-39).txt

 

Type d'examen: Examen complet (C:\|D:\|L:\|)

Elément(s) analysé(s): 371513

Temps écoulé: 58 minute(s), 0 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 3

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

c:\Users\famille\downloads\plugin_vlc.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

l:\system volume information\_restore{7b8a76dd-dd2b-4c55-a7a2-f9f2aee1e818}\RP95\A0201999.exe (Riskware.Tool.CK) -> Quarantined and deleted successfully.

l:\victor\VICTOR\cheatengine54.exe (Riskware.Tool.CK) -> Quarantined and deleted successfully.