Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

PC bloqué à cause de fichiers FLV


nicox24
 Share

Messages recommandés

Bonjour à tous,

Je suis nouveau et comme vous vous en doutez, j'ai un souci avec mon pc portable.

Le problème est que lorsque j'ouvre un répertoire avec des fichiers ".flv" dedans, "explorer.exe" bloque mon pc.

J'ai installé ZHPDiag et voici le rapport:

J'ai placé le rapport ici:

Cijoint.fr - Service gratuit de dépôt de fichiers

 

Merci d'avance pour votre aide ;)

Lien vers le commentaire
Partager sur d’autres sites

Bonjour nicox24,

 


Très Important!

 

exclam.gif>>> A faire immédiatement:

- En haut de ce message cliquer sur le bouton "Suivre ce sujet", en choisissant "Notification immédiate" => "Soumettre" tu seras avisé en temps réel pour les réponses apportées à ton sujet et de ce fait, ta machine sera nettoyée dans les meilleurs délais.

Si à la place du bouton "Suivre ce sujet" tu as "Arrêter de suivre ce sujet", c'est que les réglages ont déjà été faits.

- Sauvegarder (en copiant) tous les documents personnels sur un support autre que la partition système: Clé USB, CD/DVD, Disque Dur externe etc.

- TeaTimer de Spybot-S&D peut interférer avec nos utilitaires et causer certains problèmes. Le désactiver dès maintenant s'il est installé sur la machine à traiter: Lancer Spybot-S&D => "Mode Avancé". Outils (à gauche) => "Résident" et Décocher "Résident TeaTimer (...)" => OK.

 

exclam.gif>>> Que faire durant ce nettoyage: Merci de NE PAS utiliser, installer et/ou désinstaller aucun programme à part ceux qui sont proposés à chaque étape ce qui a pour but d'éviter tout problème d'incompatibilité entre les outils.

 

exclam.gif>>> Que faire à la réception de nouvelles instructions:

  • Lire la totalité du message.
  • Certains programmes peuvent créer des problèmes s'ils ne sont pas lancés depuis le Bureau. Aussi, il est demandé de les télécharger et enregistrer DIRECTEMENT sur le Bureau (ou les déplacer avant utilisation par un clic-droit dessus => "Couper" puis clic-droit sur le Bureau => "Coller").
  • Procéder toujours dans l'ordre donné et demander des clarifications si nécessaire AVANT de commencer.
  • NE PAS hésiter à commenter et signaler tout changement (en bien ou en mal) dans le comportement de la machine ou par rapport au problème initial.

exclam.gif>>> Comment répondre:

- Cliquer sur le bouton zeb_bouton.png (et non sur zeb-bouton2.png car je n'ai pas besoin de relire mes messages précédents).

- Coller le contenu des rapports SANS y ajouter AUCUN formatage de texte (en citation, code, couleur etc...), le but étant pour nous faciliter leur interprétation.

De mon côté, j'utilise certains formatages de texte et/ ou certaines couleurs NON PAS pour faire joli mais juste pour attirer l'attention sur certains points afin d'éviter toute mauvaise manipulation risquant de créer des problèmes.

 

exclam.gif>>> Ne pas abandonner son sujet avant d'être informé(e) que tout est OK.


 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment.

 

>>> Utiliser ZHPFix: Sélectionner et copier le texte suivant:

 

M3 - MFPP: Plugins - [nico] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml

M0 - MFSP: prefs.js [nico - 8mo8wdwr.default] Babylon Search

M2 - MFEP: prefs.js [nico - 8mo8wdwr.default\[email protected]] [] Babylon v1.1.8 (.Babylon.)

O2 - BHO: Interest recogniser for Crazyloader (powered by Spointer) - {C5F65718-341D-4e7d-9842-FCB9CC89527E} . (.Crazyloader - Interest Recognizer for Crazyloader.) -- C:\Program Files\CrazyLoader\spointer\extensions\crazyloader_air_ie.dll

O2 - BHO: TBSB00808 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\WebplayerTool\tbunsg8F46.tmp\tbcore3.dll

[MD5.00000000000000000000000000000000] [APT] [RunAsStdUser Task] (...) -- C:\Program Files\ClickPotatoLite\bin\11.0.19.0\ClickPotatoLiteSA.exe (.not file.)

O42 - Logiciel: CrazyLoader - (.Pas de propriétaire.) [HKLM] -- CrazyLoader

[HKCU\Software\AppDataLow\Software\ShoppingReport2]

[HKCU\Software\C:]

[HKCU\Software\Spointer]

[HKLM\Software\Babylon]

O43 - CFD: 22/08/2010 - 22:07:26 - [32700577] ----D- C:\Program Files\CrazyLoader

O43 - CFD: 2/11/2011 - 22:30:58 - [0] ----D- C:\ProgramData\Babylon

O43 - CFD: 2/11/2011 - 22:30:58 - [2641] ----D- C:\Users\nico\AppData\Roaming\Babylon

O43 - CFD: 22/08/2010 - 22:06:44 - [4438] ----D- C:\Users\nico\AppData\Roaming\CrazyLoader

O43 - CFD: 2/11/2011 - 22:30:58 - [3911963] ----D- C:\Users\nico\AppData\Local\Babylon

O43 - CFD: 3/11/2011 - 13:32:54 - [16633] ----D- C:\Users\nico\AppData\Local\crazyloader Air

O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web (Babylon)) - Babylon Search

O87 - FAEL: "{69373DD4-0E9C-4D23-BB2F-17C55F04CB19}" | In - Private - P6 - TRUE | .(.Vity - File Downloader.) -- C:\Program Files\CrazyLoader\crazyloader.exe

O87 - FAEL: "{BF2E6748-2AFC-44C7-9AB2-1489904568AE}" | In - Private - P17 - TRUE | .(.Vity - File Downloader.) -- C:\Program Files\CrazyLoader\crazyloader.exe

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ForceRenive]

[HKLM\Software\Classes\Crazyloader.Spointer]

[HKLM\Software\Classes\Crazyloader.Spointer.1]

[HKLM\Software\Classes\Crazyloader.SpointerCtrl]

[HKLM\Software\Classes\Crazyloader.SpointerCtrl.1]

[HKLM\Software\Classes\ShoppingReport2.HbAx]

[HKLM\Software\Classes\ShoppingReport2.HbAx.1]

[HKLM\Software\Classes\ShoppingReport2.HbInfoBand]

[HKLM\Software\Classes\ShoppingReport2.HbInfoBand.1]

[HKLM\Software\Classes\ShoppingReport2.IEButton]

[HKLM\Software\Classes\ShoppingReport2.IEButton.1]

[HKLM\Software\Classes\ShoppingReport2.IEButtonA]

[HKLM\Software\Classes\ShoppingReport2.IEButtonA.1]

[HKLM\Software\Classes\ShoppingReport2.RprtCtrl]

[HKLM\Software\Classes\ShoppingReport2.RprtCtrl.1]

[HKLM\Software\Classes\suggestmeyes.suggestmeyesbho]

[HKLM\Software\Classes\suggestmeyes.suggestmeyesbho.1]

[HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}]

[HKLM\Software\Classes\TypeLib\{01bcb858-2f62-4f06-a8f4-48f927c15333}]

[HKLM\Software\Classes\Interface\{030C9927-10FC-4169-97A2-55BECD5D88D8}]

[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}]

[HKLM\Software\Classes\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C}]

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}]

[HKLM\Software\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}]

[HKLM\Software\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}]

[HKLM\Software\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}]

[HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}]

[HKLM\Software\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}]

[HKLM\Software\Classes\CLSID\{3E2DFD6A-4E20-4D4C-AA8B-E1F9DBEF3C80}]

[HKLM\Software\Classes\AppID\{442f13bc-2031-42d5-9520-437f65271153}]

[HKLM\Software\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}]

[HKLM\Software\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}]

[HKLM\Software\Classes\Interface\{471E3998-588E-41D5-A874-FA11C44B70DE}]

[HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}]

[HKLM\Software\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}]

[HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}]

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}]

[HKLM\Software\Classes\TypeLib\{63AF3145-D2DC-4F1D-BB3A-3AAD9FEC3430}]

[HKLM\Software\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}]

[HKLM\Software\Classes\CLSID\{6DF77AA3-27AF-46f2-A1DA-B569AC6BEEFF}]

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6DF77AA3-27AF-46f2-A1DA-B569AC6BEEFF}]

[HKLM\Software\Classes\CLSID\{6F6C45E4-E231-4F0F-8CD8-AA5770303EAA}]

[HKLM\Software\Classes\Interface\{6F6C45E4-E231-4F0F-8CD8-AA5770303EAA}]

[HKLM\Software\Classes\CLSID\{714E0876-FCEE-49CE-A429-B9AD8AEFCB56}]

[HKLM\Software\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}]

[HKLM\Software\Classes\CLSID\{86460CE5-46A0-4543-B8FE-2D2AE182A2FE}]

[HKLM\Software\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}]

[HKLM\Software\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}]

[HKLM\Software\Classes\Interface\{a1f1ecd3-4806-44c6-a869-f0dadf11c57c}]

[HKLM\Software\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}]

[HKLM\Software\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}]

[HKLM\Software\Classes\TypeLib\{b035ba6b-57cd-4f72-b545-65be465fcaf6}]

[HKLM\Software\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}]

[HKLM\Software\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}]

[HKLM\Software\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}]

[HKLM\Software\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}]

[HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}]

[HKLM\Software\Classes\CLSID\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}]

[HKLM\Software\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}]

[HKLM\Software\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}]

[HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5F65718-341D-4e7d-9842-FCB9CC89527E}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C5F65718-341D-4e7d-9842-FCB9CC89527E}]

[HKLM\Software\Classes\CLSID\{C5F65718-341D-4e7d-9842-FCB9CC89527E}]

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5F65718-341D-4e7d-9842-FCB9CC89527E}]

[HKLM\Software\Classes\Interface\{c9ae652b-8c99-4ac2-b556-8b501182874e}]

[HKLM\Software\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}]

[HKLM\Software\Classes\TypeLib\{D44FD6F0-9746-484E-B5C4-C66688393872}]

[HKLM\Software\Classes\Interface\{D4E856E7-C034-49BA-BFEF-B785F3CBD7BA}]

[HKLM\Software\Classes\TypeLib\{D530F69A-EB2D-4EC6-BD37-E123AEFCA011}]

[HKLM\Software\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}]

[HKLM\Software\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}]

[HKLM\Software\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB38E21A-0133-419d-92AD-ECDFD5244D6D}]

[HKLM\Software\Microsoft\Internet Explorer\extensions\{DB38E21A-0133-419d-92AD-ECDFD5244D6D}]

[HKLM\Software\Classes\Interface\{DB7A9C36-6C85-48BE-BA8D-151B6B144BE0}]

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBA4B812-2415-4000-AFCB-56F53E668DC5}]

[HKLM\Software\Classes\CLSID\{DD15BCC0-5FE9-4690-A957-99FA60ED9D26}]

[HKLM\Software\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}]

[HKLM\Software\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB620C54-E229-4942-87CE-E717109FC8C6}]

[HKLM\Software\Microsoft\Internet Explorer\extensions\{EB620C54-E229-4942-87CE-E717109FC8C6}]

[HKLM\Software\Classes\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]

[HKLM\Software\Classes\TypeLib\{f244a744-534d-4a46-855f-c0c7e9f27daa}]

[HKLM\Software\Classes\Interface\{F77F3DFC-F5DC-4316-AB50-B50B16F2BEF4}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]

[HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]

[HKLM\Software\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}]

[HKLM\Software\CrazyLoader]

[HKCU\Software\Spointer]

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\CrazyLoader]

[HKLM\Software\Mozilla\Firefox\Extensions]:[email protected]

C:\Program Files\Crazyloader

C:\ProgramData\Babylon

C:\Users\nico\AppData\Roaming\Babylon

C:\Users\nico\AppData\Roaming\Crazyloader

C:\Users\nico\AppData\Local\Babylon

C:\Users\nico\AppData\Local\Crazyloader Air

C:\Users\nico\AppData\LocalLow\BabylonToolbar

C:\Users\nico\AppData\LocalLow\ShoppingReport2

C:\Users\nico\AppData\LocalLow\Toolbar4

C:\Users\nico\AppData\Roaming\Mozilla\Firefox\Profiles\8mo8wdwr.default\Extensions\[email protected]

C:\Users\nico\AppData\Roaming\Mozilla\Firefox\Profiles\8mo8wdwr.default\user.js (.not file.)

O4 - Global Startup: C:\Users\nico\Desktop\adri et stef - Raccourci.lnk . (...) -- H:\=PHOTOS=\PHOTOS\adri et stef (.not file.)

O4 - Global Startup: C:\Users\nico\Desktop\Ecole adri et la panne juillet 2006 - Raccourci.lnk . (...) -- H:\=PHOTOS=\PHOTOS\=PHOTOS=\adri et stef\Ecole adri et la panne juillet 2006 (.not file.)

O4 - Global Startup: C:\Users\nico\Desktop\TUTO - Raccourci.lnk . (...) -- E:\TUTO (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{B86C331C-3E47-43B2-9FCD-4969E257926B}] (...) -- C:\Program Files\Marvell\Miniport Driver\Uninst.exe (.not file.)

O42 - Logiciel: Complitly - (.Complitly.) [HKLM] -- {4FFBB818-B13C-11E0-931D-B2664824019B}_is1

[HKCU\Software\Complitly]

O43 - CFD: 2/11/2011 - 22:32:34 - [780465] ----D- C:\Program Files\Complitly

O43 - CFD: 3/11/2011 - 13:04:52 - [349672] ----D- C:\Users\nico\AppData\Roaming\Complitly

C:\Users\nico\AppData\Local\Temp\log

[MD5.D2F43767F65948B68247D31E523298D9] [sPRF][26/10/2011] (...) -- C:\Users\nico\AppData\Local\Temp\Setup.exe [744461]

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Search the web (Babylon)) - Babylon Search

[HKLM\Software\Classes\AppID\TbCommonUtils.DLL]

[HKLM\Software\Classes\AppID\TbHelper.EXE]

[HKLM\Software\Classes\TbCommonUtils.CommonUtils]

[HKLM\Software\Classes\TbCommonUtils.CommonUtils.1]

[HKLM\Software\Classes\TbHelper.TbDownloadManager]

[HKLM\Software\Classes\TbHelper.TbDownloadManager.1]

[HKLM\Software\Classes\TbHelper.TbPropertyManager]

[HKLM\Software\Classes\TbHelper.TbPropertyManager.1]

[HKLM\Software\Classes\TbHelper.TbRequest]

[HKLM\Software\Classes\TbHelper.TbRequest.1]

[HKLM\Software\Classes\TbHelper.TbTask]

[HKLM\Software\Classes\TbHelper.ToolbarHelper]

[HKLM\Software\Classes\TbHelper.ToolbarHelper.1]

[HKLM\Software\Classes\Toolbar3.ContextMenuNotifier]

[HKLM\Software\Classes\Toolbar3.ContextMenuNotifier.1]

[HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl]

[HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl.1]

[HKLM\Software\Classes\URLSearchHook.ToolbarURLSearchHook]

[HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook]

[HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook.1]

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}]

[HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}]

[HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}]

[HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}]

[HKLM\Software\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}]

[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440}

C:\Users\nico\AppData\Local\Temp\AskSearch

 

EmptyTemp

EmptyFlash

Lancer ZHPFix (raccourci sur le Bureau ZHPFix.png ou "Démarrer" => "Tous les programmes" => "ZHP" => "ZHPFix") et cliquer sur le bouton [H].

Vérifier que toutes les lignes copiées (et rien d'autre) apparaissent dans la fenêtre (et disposées exactement de la même façon) et clique sur le bouton [OK] puis sur sur le bouton [Tous].

Fermer toutes les applications et autres fenêtres en cours désactive (y compris Internet) et désactiver tous les programmes de protection (antivirus, pare-feu et antispyware).

Enfin, clique sur le bouton [Nettoyer] et laisser faire. Redémarrer le PC pour finir le nettoyage si demandé.

 

Copier/ coller le contenu du rapport qui s'ouvre dans la prochaine réponse. Ce rapport est en outre sauvegardé dans ce dossier > C:\Program files\ZHPDiag\ZHPFixReport.txt.

 

 

>>> Télécharger sur le Bureau:

  • Malware Bytes Anti-Malware depuis ici.
  • Security Check (par screen317) depuis ici ou ici.

 

>>> Utiliser Malwarebytes' Anti-Malware (MBAM): Fermer toutes les applications et fenêtres ouvertes et double-cliquer/cliquer-droit sur mbam-setup.exe => "Exécuter en tant qu'administrateur". Suivre les indications en laissant tout par défaut. Cliquer sur "Terminer" sans rien changer.

- Lancer le programme depuis son icône sur le bureau ou depuis "Démarrer" => "Tous les programmes" => "Malwarebytes' Anti-Malware".

- Faire les Mises à jour depuis l'onglet du même nom. Si problème avec les mises à jour automatiques, cliquer ICI pour les télécharger et les installer manuellement.

- Dans l'onglet "Recherche" laisser la case "Exécuter un examen rapide" cochée et cliquer sur "Rechercher". Patienter jusqu'à la fin (affichage de "L'examen s'est terminé normalement...") et cliquer sur "OK", pour fermer ce message.

- Cliquer sur "Afficher les résultats" puis s'assurer que tout est coché et cliquer sur "Supprimer la sélection".

Le programme procède alors au nettoyage. S'il vous demande de redémarrer le PC, ACCEPTER (c'est pour supprimer certains fichiers spécifiques).

A la fin un rapport s'affiche (accessible à tout moment depuis l'onglet "Rapport/Logs" de la fenêtre principale de "MBAM". Copier/coller son contenu dans la prochaine réponse.

 

 

>>> Utiliser SecurityCheck: Fermer toutes les fenêtres et applications ouvertes et double-cliquer/cliquer-droit sur SecurityCheck.exe => "Exécuter en tant qu'administrateur" pour lancer le programme.

Appuyer sur une touche comme demandé et suivre les indications.

Si un des programmes de sécurité demande la permission d'accéder à Internet depuis "dig.exe", acceptez.

Le Rapport "checkup.txt" s'ouvre à la fin. Copier/coller son contenu dans la prochaine réponse.

Ce rapport ne sera pas enregistré automatiquement. Si vous voulez en garder une copie, cliquez sur "Fichier" => "Enregistrer sous", choisissez un endroit (Bureau par exemple) et cliquez sur "Enregistrer" en bas à droite.

 

 

>>> Rapports demandés à coller directement dans la prochaine réponse[/color]:

  • ZHPFixReport.tx
  • Malwarebytes Anti-Malware log
  • checkup.txt

Un changement quelconque?

============================

 

Edit: Sujet abandonné car sans suite!

============================

Modifié par lance_yien
Lien vers le commentaire
Partager sur d’autres sites

  • 4 weeks later...

Bonjour,

Désolé pour le retard mais j'ai eu quelques problèmes et je n'ai pas eu le temps de me connecter sur le forum :D

J'ai effectué le ZHpFix pour coler votre texte mais ça n'a pas changé.

Dès que j'ouvre un répèrtoir avec un fichier vidéo flv explorer place mon procrsseur à 100% et donc bloque le pc.

 

Encore merci pour votre aide.

 

J'ai effectué les test et voici les rapports:

 

ZHPDiag:

 

Rapport de ZHPDiag v1.28.2155 par Nicolas Coolman, Update du 28/10/2011

Run by nico at 28/11/2011 9:09:48

Web site : ZHPDiag Outil de diagnostic

State :

 

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.7600.16385

MFIE: Mozilla Firefox v3.6.23 (fr) (Defaut)

 

---\\ Windows Product Information

Windows 7 Ultimate Edition, 32-bit (Build 7600)

Windows Server License Manager Script : OK

~ Windows® 7, OEM_SLP channel

System Locked Preinstallation (OEM_SLP) : OK

Windows ID Activation : OK

~ Windows Partial Key : P4K27

Windows License : OK

~ Windows Remaining Initializations Number : 4

Software Protection Service (Protection logicielle) : OK

Windows Automatic Updates : OK

Windows Activation Technologies : OK

 

---\\ System Information

~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel

~ Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 3032 MB (72% free)

System Restore: Activé (Enable)

System drive C: has 28 GB (13%) free of 218 GB

 

---\\ Logged in mode

~ Computer Name: PC-DE-NICO

~ User Name: nico

~ All Users Names: nico, HomeGroupUser$, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O82,O89

Logged in as Administrator

 

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\nico\AppData\Roaming\

~ %Desktop% : C:\Users\nico\Desktop\

~ %Favorites% : C:\Users\nico\Favorites\

~ %LocalAppData% : C:\Users\nico\AppData\Local\

~ %StartMenu% : C:\Users\nico\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\system32\

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 28 Go of 218 Go)

D:\ CD-ROM drive (Not Inserted)

E:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 15 Go)

F:\ Floppy drive, Flash card reader, USB Key (Free 2 Go of 15 Go)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK

~ Scan Security Center in 00mn 00s

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.0DE149051671801AF50D4044C81D7FBD] - (.Microsoft Corporation - Explorateur Windows.) (.28/10/2009 - 19:38:49.) -- C:\Windows\Explorer.exe [2661376]

[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (....) (.14/07/2009 - 2:14:31.) -- C:\Windows\system32\rundll32.exe [44544]

[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 2:14:45.) -- C:\Windows\system32\Wininit.exe [96256]

[MD5.0D874F3BC751CC2198AF2E6783FB8B35] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/07/2009 - 2:16:19.) -- C:\Windows\system32\wininet.dll [977920]

[MD5.8EC6A4AB12B8F3759E21F8E3A388F2CF] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.14/07/2009 - 2:14:45.) -- C:\Windows\system32\Winlogon.exe [285696]

[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Bibliothèque de licences.) (.14/07/2009 - 2:16:15.) -- C:\Windows\system32\sppcomapi.dll [193024]

[MD5.D8714A5FB3141F8226D16861F20C5AC4] - (....) (.14/07/2009 - 9:39:06.) -- C:\Windows\system32\fr-FR\user32.dll.mui [19968]

[MD5.DDC040FDB01EF1712A6B13E52AFB104C] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/07/2009 - 0:12:38.) -- C:\Windows\system32\drivers\AFD.sys [338944]

[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 2:26:15.) -- C:\Windows\system32\drivers\atapi.sys [21584]

[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 0:11:15.) -- C:\Windows\system32\drivers\Cdfs.sys [70656]

[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 0:11:26.) -- C:\Windows\system32\drivers\Cdrom.sys [108544]

[MD5.8E09E52EE2E3CEB199EF3DD99CF9E3FB] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/07/2009 - 0:14:17.) -- C:\Windows\system32\drivers\DfsC.sys [78336]

[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14/07/2009 - 0:50:56.) -- C:\Windows\system32\drivers\HDAudBus.sys [108544]

[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 0:11:24.) -- C:\Windows\system32\drivers\i8042prt.sys [80896]

[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 0:54:29.) -- C:\Windows\system32\drivers\IpNat.sys [101888]

[MD5.F4A054BE78AF7F410129C4B64B07DC9B] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.14/07/2009 - 0:14:26.) -- C:\Windows\system32\drivers\MRxSmb.sys [123392]

[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) (.14/07/2009 - 0:12:21.) -- C:\Windows\system32\drivers\netBT.sys [187904]

[MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.14/07/2009 - 2:20:44.) -- C:\Windows\system32\drivers\ntfs.sys [1210432]

[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 0:45:35.) -- C:\Windows\system32\drivers\Parport.sys [79360]

[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 0:54:34.) -- C:\Windows\system32\drivers\Rasl2tp.sys [78848]

[MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.14/07/2009 - 1:02:58.) -- C:\Windows\system32\drivers\rdpdr.sys [133120]

[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 0:53:41.) -- C:\Windows\system32\drivers\smb.sys [71168]

[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) (.14/07/2009 - 0:12:11.) -- C:\Windows\system32\drivers\tdx.sys [74240]

~ Scan Generic Processes in 00mn 02s

 

 

 

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 12/1330

~ Mes musiques (My Musics) : 208/1040

~ Mes Videos (My Videos) : 9/84

~ Mes Favoris (My Favorites) : 2/24

~ Mes Documents (My Documents) : 652/13602

~ Mon Bureau (My Desktop) : 1/49

~ Menu demarrer (Programs) : 7/49

~ Scan Hidden Files in 01mn 05s

 

 

 

---\\ Processus lancés

[MD5.0A74B5376B81E29BF5D4CDB9FACC5E46] - (.McAfee, Inc. - Common User Interface.) -- C:\Program Files\McAfee\Common Framework\UdaterUI.exe [136512] [PID.2764]

[MD5.00D1FB0073B4A8BD2989EA8FF4CC792B] - (.SupportSoft, Inc. - Dell Support Center Updates.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064] [PID.2784]

[MD5.026423673B8563E9975BDA97ED6273C7] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [449608] [PID.2800]

[MD5.39DA15B313F798372DA59F53355E8477] - (.McAfee, Inc. - McAfee Security Agent Taskbar Extension.) -- C:\Program Files\McAfee\Common Framework\McTray.exe [91456] [PID.2892]

[MD5.9F323EEAFAD860204EAA0630E0A3D7F9] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [696320] [PID.2588]

~ Scan Processes Running in 00mn 01s

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Users\nico\AppData\Roaming\Mozilla\Firefox\Profiles\8mo8wdwr.default\prefs.js

C:\Users\nico\AppData\Roaming\Mozilla\Firefox\Profiles\8mo8wdwr.default\user.js (.not file.)

M3 - MFPP: Plugins - [nico] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml

M3 - MFPP: Plugins - [nico] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml

M3 - MFPP: Plugins - [nico] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml

M3 - MFPP: Plugins - [nico] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml

M3 - MFPP: Plugins - [nico] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml

M3 - MFPP: Plugins - [nico] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml

M3 - MFPP: Plugins - [nico] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml

M0 - MFSP: prefs.js [nico - 8mo8wdwr.default] Babylon Search

M2 - MFEP: prefs.js [nico - 8mo8wdwr.default\[email protected]] [] Babylon v1.1.8 (.Babylon.)

M2 - MFEP: prefs.js [nico - 8mo8wdwr.default\[email protected]] [personas] Personas v1.6.2 (.Chris Beard.)

M2 - MFEP: prefs.js [nico - 8mo8wdwr.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)

M2 - MFEP: prefs.js [nico - 8mo8wdwr.default\{33e0daa6-3af3-d8b5-6752-10e949c61516}] [] Complitly - Speed up your search with your personal search suggestions tool v1.1 (.SimplyGen Ltd..)

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll

P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL

P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll

P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 6.0.12.46.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 2.0.2.40.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 3.0.40818.0.) -- c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8051.1204] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.11.2852] - (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.46] - (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.1662] - (.RealNetworks, Inc. - 6.0.12.46.) -- C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.46] - (.RealNetworks, Inc. - 6.0.12.46.) -- C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

~ Scan Firefox Browser in 00mn 02s

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = Wehplayersearch

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

~ Scan IE Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

 

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Redirection du fichier Hosts (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Scan Hosts File in 00mn 00s

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: TBSB07359 - {42CB2906-3B4F-4A62-B2E0-132481175962} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\zap\tbunsqA268.tmp\tbcore3.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corp. - Microsoft Search Helper Extention.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Interest recogniser for Crazyloader (powered by Spointer) - {C5F65718-341D-4e7d-9842-FCB9CC89527E} . (.Crazyloader - Interest Recognizer for Crazyloader.) -- C:\Program Files\CrazyLoader\spointer\extensions\crazyloader_air_ie.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: TBSB00808 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\WebplayerTool\tbunsg8F46.tmp\tbcore3.dll

~ Scan BHO in 00mn 01s

 

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: WebplayerTool - {CDB982ED-F9D6-4E3B-B94B-96F705D35AD1} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\WebplayerTool\tbunsg8F46.tmp\tbcore3.dll

O3 - Toolbar: zap - {A29B2641-9931-448A-8DE7-B2D63BDC1812} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\zap\tbunsqA268.tmp\tbcore3.dll

~ Scan Toolbar in 00mn 00s

 

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [McAfeeUpdaterUI] . (.McAfee, Inc. - Common User Interface.) -- C:\Program Files\McAfee\Common Framework\udaterui.exe

O4 - HKLM\..\Run: [dellsupportcenter] . (.SupportSoft, Inc. - Dell Support Center Updates.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

O4 - HKUS\S-1-5-18\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-18\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

~ Scan Application in 00mn 00s

 

 

 

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\nico\Desktop\1.lnk . (...) -- C:\LISTES\60'\=PLAYLIST=\1

O4 - Global Startup: C:\Users\nico\Desktop\=MP3=.lnk . (...) -- C:\Users\nico\Music\=MP3=

O4 - Global Startup: C:\Users\nico\Desktop\CyberLink PowerDirector.lnk . (.CyberLink Corp..) -- C:\Program Files\CyberLink\PowerDirector\PDR.exe

O4 - Global Startup: C:\Users\nico\Desktop\DivX Movies.lnk . (...) -- C:\Users\nico\Videos\DivX Movies

O4 - Global Startup: C:\Users\nico\Desktop\Documents.lnk . (...) -- C:\Users\nico\Documents

O4 - Global Startup: C:\Users\nico\Desktop\Duplicate Cleaner.lnk . (.www.DigitalVolcano.co.uk.) -- C:\Program Files\Duplicate Cleaner\DuplicateCleaner.exe

O4 - Global Startup: C:\Users\nico\Desktop\Free M4a to MP3 Converter.lnk . (.ManiacTools.) -- C:\Program Files\Free M4a to MP3 Converter\m4a_converter.exe

O4 - Global Startup: C:\Users\nico\Desktop\LISTES.lnk . (...) -- C:\LISTES

O4 - Global Startup: C:\Users\nico\Desktop\Magic FLAC to MP3 Converter.lnk . (...) -- C:\Program Files\FLAC to MP3 Converter\all2mp3.exe

O4 - Global Startup: C:\Users\nico\Desktop\Manuel utilisateur ASIO4ALL v2.lnk . (...) -- C:\Program Files\ASIO4ALL v2\ASIO4ALL v2 Instruction Manual Fr.pdf

O4 - Global Startup: C:\Users\nico\Desktop\MediaCoder.lnk . (.Sinovation Inc..) -- C:\Program Files\MediaCoder\mediacoder.exe

O4 - Global Startup: C:\Users\nico\Desktop\MixVibes 3DEX.LNK . (.inVIBES.) -- C:\Program Files\MixVibesEX\MixVibes3dex.exe

O4 - Global Startup: C:\Users\nico\Desktop\MixVibes DVS.LNK . (.inVIBES.) -- C:\Program Files\MixVibesDVS\MixVibes.exe

O4 - Global Startup: C:\Users\nico\Desktop\MixVibes PRODUCER2.LNK . (.inVIBES.) -- C:\Program Files\MixVibesProducer2\MixVibesProducer.exe

O4 - Global Startup: C:\Users\nico\Desktop\MP3 - PC.lnk . (...) -- C:\MP3

O4 - Global Startup: C:\Users\nico\Desktop\MP3GainGUI.exe - Raccourci.lnk . (.Snelg Enterprises.) -- C:\Users\nico\Documents\==DJ==\MP3_GAIN\MP3GAIN\MP3GainGUI.exe

O4 - Global Startup: C:\Users\nico\Desktop\Mp3Tools.lnk . (...) -- C:\Users\nico\AppData\Roaming\Microsoft\Installer\{E23F70CB-0703-494F-88BC-F5249462D803}\_0C8AA18182C83C37806C59.exe

O4 - Global Startup: C:\Users\nico\Desktop\My Music Tools.lnk . (...) -- C:\Program Files\Free M4a to MP3 Converter\mymusictools.url

O4 - Global Startup: C:\Users\nico\Desktop\rekordbox 1.3.1.lnk . (...) -- C:\Program Files\Pioneer\rekordbox 1.3.1\Rekordbox.exe

O4 - Global Startup: C:\Users\nico\Desktop\songs - Raccourci.lnk . (...) -- C:\Program Files\UltraStar Deluxe\songs

O4 - Global Startup: C:\Users\nico\Desktop\SOS Photos perdues.lnk . (.GetData Pty Ltd.) -- C:\Program Files\Micro Application\SOS Photos perdues\RecoverMyPhotos.exe

O4 - Global Startup: C:\Users\nico\Desktop\Sqirlz Morph.lnk . (.xiberpix.) -- C:\Program Files\Sqirlz Morph\SqMorph.exe

O4 - Global Startup: C:\Users\nico\Desktop\temp audio - Raccourci.lnk . (...) -- E:\temp audio

O4 - Global Startup: C:\Users\nico\Desktop\Total Video Converter.lnk . (...) -- C:\Program Files\Total Video Converter\tvc.exe

O4 - Global Startup: C:\Users\nico\Desktop\Total Video Player.lnk . (...) -- C:\Program Files\Total Video Converter\tvp.exe

O4 - Global Startup: C:\Users\nico\Desktop\VirtualDJPortable 2- Raccourci.lnk . (.PortableAppZ.blogspot.com.) -- C:\Users\nico\Documents\==DJ==\virtual dj\VirtualDJ_Pro_Portable_7.0.5\VDJ\VirtualDJPortable\VirtualDJPortable.exe

O4 - Global Startup: C:\Users\nico\Desktop\VirtualDJPortable1 - Raccourci.lnk . (.PortableAppZ.blogspot.com.) -- C:\Users\nico\Documents\==DJ==\virtual dj\VirtualDJ_Portable_6.0.8_Multilingual\VirtualDJPortable\VirtualDJPortable.exe

O4 - Global Startup: C:\Users\nico\Desktop\Yass Editor.lnk . (...) -- C:\Program Files\Yass Along 0.9.9\yass.exe

O4 - Global Startup: C:\Users\nico\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\nico\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Users\nico\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Total Video Player.lnk . (...) -- C:\Program Files\Total Video Converter\tvp.exe

~ Scan Global Startup in 00mn 14s

 

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~3\Office12\EXCEL.exe

O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

~ Scan IE Menu Contextuel in 00mn 00s

 

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: &Envoyer à OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO

O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico

~ Scan IE Extra Buttons in 00mn 00s

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll

~ Scan Winsock in 00mn 00s

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{9F5BA563-5B64-4F7F-B20C-C70CFF3909A8}: NameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{35EF9C2A-B6E6-4A68-8EDF-B61A094FEDD7}: DhcpNameServer = 109.88.203.3 212.68.193.196

O17 - HKLM\System\CS1\Services\Tcpip\..\{9F5BA563-5B64-4F7F-B20C-C70CFF3909A8}: NameServer = 192.168.0.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{35EF9C2A-B6E6-4A68-8EDF-B61A094FEDD7}: DhcpNameServer = 109.88.203.3 212.68.193.196

O17 - HKLM\System\CS2\Services\Tcpip\..\{9F5BA563-5B64-4F7F-B20C-C70CFF3909A8}: NameServer = 192.168.0.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{35EF9C2A-B6E6-4A68-8EDF-B61A094FEDD7}: DhcpNameServer = 109.88.203.3 212.68.193.196

~ Scan Domain in 00mn 00s

 

 

 

---\\ Protocole additionnel (O18)

O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\PROGRA~1\MICROS~3\Office12\GRA32A~1.DLL

O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL

O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll

O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll

O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL

O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll

O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

~ Scan Protocole Additionnel in 00mn 01s

 

 

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: GoToAssist . (.Citrix Online, a division of Citrix Systems - Citrix Online GoToAssist.) -- C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\system32\igfxdev.dll

~ Scan Winlogon in 00mn 00s

 

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

~ Scan SSODL in 00mn 00s

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_028821c569ae5894\aestsrv.exe

O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: Dock Login Service (DockLoginService) . (.Stardock Corporation - Dock Login Service.) - C:\Program Files\Dell\DellDock\DockLogin.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: McAfee Engine Service (McAfeeEngineService) . (.McAfee, Inc. - McAfee Engine Service.) - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe

O23 - Service: Service McAfee Framework (McAfeeFramework) . (.McAfee, Inc. - Framework Service.) - C:\Program Files\McAfee\Common Framework\FrameworkService.exe

O23 - Service: McAfee McShield (McShield) . (.McAfee, Inc. - On-Access Scanner service.) - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

O23 - Service: McAfee Task Manager (McTaskManager) . (.McAfee, Inc. - Task Manager.) - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\Windows\system32\mfevtps.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) . (.SupportSoft, Inc. - SupportSoft Agent Service.) - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: Audio Service (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_028821c569ae5894\STacSV.exe

O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) . (...) - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.exe

~ Scan Services in 00mn 02s

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

 

 

 

---\\ BootExecute (O34)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

~ Scan Keys in 00mn 00s

 

 

 

---\\ Tâches planifiées en automatique (O39)

[MD5.00000000000000000000000000000000] [APT] [Launch BCM WLAN Tray] (...) -- C:\Windows\system32\WLTRAY.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [RunAsStdUser Task] (...) -- C:\Program Files\ClickPotatoLite\bin\11.0.19.0\ClickPotatoLiteSA.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{B86C331C-3E47-43B2-9FCD-4969E257926B}] (...) -- C:\Program Files\Marvell\Miniport Driver\Uninst.exe (.not file.)

[MD5.8F653D52379DA611170BB6DE32BACB72] [APT] [nico - Start WLAN Tray Applet] (.Dell Inc..) -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe

~ Scan Scheduled Task in 00mn 09s

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\system32\drivers\csc.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys

O41 - Driver: McAfee Inc. mfetdik (mfetdik) . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - C:\Windows\system32\drivers\mfetdik.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys

~ Scan Drivers in 00mn 01s

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: ASIO4ALL - (.Pas de propriétaire.) [HKLM] -- ASIO4ALL

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Reader 9 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A90000000001}

O42 - Logiciel: Advanced Audio FX Engine - (.Creative Technology Ltd.) [HKLM] -- Advanced Audio FX Engine

O42 - Logiciel: All To MP3 Converter 2.8 - (.All To MP3 Converter.) [HKLM] -- All To MP3 Converter_is1

O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {EE6097DD-05F4-4178-9719-D3170BF098E8}

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}

O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver

O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {D6E592B3-67DA-4BBB-9783-E1838FB253A2}

O42 - Logiciel: Choice Guard - (.Microsoft Corporation.) [HKLM] -- {8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}

O42 - Logiciel: Complitly - (.Complitly.) [HKLM] -- {4FFBB818-B13C-11E0-931D-B2664824019B}_is1

O42 - Logiciel: Configuration DivX - (.DivX, Inc. .) [HKLM] -- DivX Setup.divx.com

O42 - Logiciel: Conseiller de mise à niveau vers Windows 7 - (.Microsoft Corporation.) [HKLM] -- {9D10CB57-B085-44c3-B435-2D193BA153F0}

O42 - Logiciel: Cool Edit Pro 2.0 - (.Pas de propriétaire.) [HKLM] -- Cool Edit Pro 2.0

O42 - Logiciel: CrazyLoader - (.Pas de propriétaire.) [HKLM] -- CrazyLoader

O42 - Logiciel: CyberLink PhotoNow - (.CyberLink Corp..) [HKLM] -- InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}

O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}

O42 - Logiciel: Dell DataSafe Online - (.Dell, Inc..) [HKLM] -- {13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}

O42 - Logiciel: Dell Dock - (.Dell.) [HKLM] -- {E00B477F-8558-45DA-B25A-69935FB89A94}

O42 - Logiciel: Dell Edoc Viewer - (.Dell Inc.) [HKLM] -- {3138EAD3-700B-4A10-B617-B3F8096EE30D}

O42 - Logiciel: Dell Getting Started Guide - (.Dell Inc..) [HKLM] -- {7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}

O42 - Logiciel: Dell Support Center (Logiciel de support) - (.Dell.) [HKLM] -- {E3BFEE55-39E2-4BE0-B966-89FE583822C1}

O42 - Logiciel: Dell Touchpad - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey

O42 - Logiciel: Dell Video Chat - (.SightSpeed Inc..) [HKLM] -- Dell Video Chat

O42 - Logiciel: Dell Webcam Central - (.Creative Technology Ltd.) [HKLM] -- Dell Webcam Central

O42 - Logiciel: Dell Wireless WLAN Card Utility - (.Dell Inc..) [HKLM] -- Dell Wireless WLAN Card Utility

O42 - Logiciel: Duplicate Cleaner 1.2 - (.Digital Volcano.) [HKLM] -- Duplicate Cleaner_is1

O42 - Logiciel: Firebird SQL Server - MAGIX Edition - (.MAGIX AG.) [HKLM] -- Firebird SQL Server US

O42 - Logiciel: Free M4a to MP3 Converter 6.2 - (.ManiacTools.com.) [HKLM] -- Free M4a to MP3 Converter_is1

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {43563ACB-371B-4C58-8979-B192B390424C}

O42 - Logiciel: GoToAssist 8.0.0.514 - (.Pas de propriétaire.) [HKLM] -- GoToAssist

O42 - Logiciel: HashCheck Shell Extension (x86-32) - (.Kai Liu.) [HKLM] -- HashCheck Shell Extension

O42 - Logiciel: Hauppauge TV Tuner Driver - (.Hauppauge Computer Works.) [HKLM] -- {AF094932-91E6-4EF8-8AB8-1C7226DFEECB}

O42 - Logiciel: IDT Audio - (.IDT.) [HKLM] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {3CCB732A-E472-4CF9-B1EE-F18365341FE0}

O42 - Logiciel: Integrated Webcam Driver (1.00.04.0310) - (.Creative Technology Ltd..) [HKLM] -- Creative OA013

O42 - Logiciel: Intel PROSet Wireless - (.Pas de propriétaire.) [HKLM] -- ProInst

O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI

O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}

O42 - Logiciel: Java 6 Update 13 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216013FF}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}

O42 - Logiciel: K-Lite Mega Codec Pack 4.1.4 - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1

O42 - Logiciel: Live! Cam Avatar Creator - (.Creative Technology Ltd.) [HKLM] -- {65D0C510-D7B6-4438-9FC8-E6B91115AB0D}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: Magic FLAC to MP3 Converter 3.72 - (.Magic Video.) [HKLM] -- Magic FLAC to MP3 Converter_is1

O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: McAfee Agent - (.McAfee, Inc..) [HKLM] -- {AA951B10-7089-4D60-B288-516E641F48E6}

O42 - Logiciel: McAfee VirusScan Enterprise - (.McAfee, Inc..) [HKLM] -- {147BCE03-C0F1-4C9F-8157-6A89B6D2D973}

O42 - Logiciel: MediaCoder 0.6.0 - (.Stanley Huang.) [HKLM] -- MediaCoder

O42 - Logiciel: Microsoft Default Manager - (.Microsoft Corporation.) [HKLM] -- {095B1DCF-5E8B-47EC-9B18-481918A731DB}

O42 - Logiciel: Microsoft Office Access MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Access Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0117-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE

O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Groove MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00BA-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Groove MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00BA-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Groove Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0114-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Language Pack 2007 - French/Français - (.Microsoft Corporation.) [HKLM] -- OMUI.fr-fr

O42 - Logiciel: Microsoft Office O MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0100-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office OneNote MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Publisher MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office SharePoint Designer MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0017-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0115-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office X MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0101-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {299CF645-48C7-4FA1-8BCD-5CE200CF180D}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}

O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710}

O42 - Logiciel: MixVibes 3DEX uninstall - (.Pas de propriétaire.) [HKLM] -- MixVibes3dex.exe

O42 - Logiciel: MixVibes DVS uninstall - (.Pas de propriétaire.) [HKLM] -- MixVibes.exe

O42 - Logiciel: MixVibes PRODUCER uninstall - (.Pas de propriétaire.) [HKLM] -- MixVibesProducer.exe

O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}

O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 - fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack - fra

O42 - Logiciel: Mozilla Firefox (3.6.23) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.23)

O42 - Logiciel: Mp3Tools - (.RAMSES.) [HKLM] -- {E23F70CB-0703-494F-88BC-F5249462D803}

O42 - Logiciel: Native Instruments Traktor 2 - (.Native Instruments.) [HKLM] -- Native Instruments Traktor 2

O42 - Logiciel: Native Instruments Traktor 2 - (.Native Instruments.) [HKLM] -- {A8EC0CC0-AD8D-4244-B080-424EDF7A7634}

O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}

O42 - Logiciel: PowerDVD DX - (.Dell Corp..) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}

O42 - Logiciel: QuickSet - (.Dell Inc..) [HKLM] -- {C4972073-2BFE-475D-8441-564EA97DA161}

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}

O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}

O42 - Logiciel: Roxio Burn - (.Roxio.) [HKLM] -- {A33E7B0C-B99C-4EC9-B702-8A328B161AF9}

O42 - Logiciel: Roxio Burn - (.Roxio.) [HKLM] -- {B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}

O42 - Logiciel: Roxio Creator Audio - (.Roxio.) [HKLM] -- {73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}

O42 - Logiciel: Roxio Creator Copy - (.Roxio.) [HKLM] -- {B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}

O42 - Logiciel: Roxio Creator DE - (.Roxio.) [HKLM] -- {09760D42-E223-42AD-8C3E-55B47D0DDAC3}

O42 - Logiciel: Roxio Creator DE - (.Roxio.) [HKLM] -- {ED439A64-F018-4DD4-8BA5-328D85AB09AB}

O42 - Logiciel: Roxio Creator Data - (.Roxio.) [HKLM] -- {08E81ABD-79F7-49C2-881F-FD6CB0975693}

O42 - Logiciel: Roxio Creator Tools - (.Roxio.) [HKLM] -- {1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}

O42 - Logiciel: Roxio Express Labeler 3 - (.Roxio.) [HKLM] -- {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}

O42 - Logiciel: Roxio Update Manager - (.Roxio.) [HKLM] -- {30465B6C-B53F-49A1-9EBA-A3F187AD502E}

O42 - Logiciel: SOS Photos perdues - (.Micro Application.) [HKLM] -- SOS Photos perdues_is1

O42 - Logiciel: Sqirlz Morph - (.xiberpix.) [HKLM] -- Sqirlz Morph

O42 - Logiciel: Text-To-Speech-Runtime - (.Magix Development GmbH.) [HKLM] -- {7B3F0113-E63C-4D6D-AF19-111A3165CCA2}

O42 - Logiciel: Total Video Converter 3.12 080330 - (.EffectMatrix Inc..) [HKLM] -- Total Video Converter 3.12_is1

O42 - Logiciel: Trojan Remover 6.8.1 - (.Simply Super Software.) [HKLM] -- Trojan Remover_is1

O42 - Logiciel: USB Driver for Panasonic DVC - (.Panasonic.) [HKLM] -- InstallShield_{6304CCF6-3343-4DA5-96B6-84B3A644B93B}

O42 - Logiciel: UltraStar Deluxe - (.USDX Team.) [HKLM] -- UltraStar Deluxe

O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053 - (.DivX, Inc.) [HKLM] -- {5EE7D259-D137-4438-9A5F-42F432EC0421}

O42 - Logiciel: VERSAMIX uninstall - (.Pas de propriétaire.) [HKLM] -- VersaMix.exe

O42 - Logiciel: VLC media player 0.9.6 - (.VideoLAN Team.) [HKLM] -- VLC media player

O42 - Logiciel: WIDCOMM Bluetooth Software - (.Broadcom Corporation.) [HKLM] -- {9E9D49A4-1DF4-4138-B7DB-5D87A893088E}

O42 - Logiciel: WebplayerTool - (.kreapixel.) [HKLM] -- WebplayerTool

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {01523985-2098-43AF-9C97-12B07BE02A9B}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {F69E83CF-B440-43F8-89E6-6EA80712109B}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {63DC2DA0-2A6C-4C38-9249-B75395458657}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {059C042E-796A-4ACC-A81A-ECC2010BB78C}

O42 - Logiciel: Windows Live Sync - (.Microsoft Corporation.) [HKLM] -- {67D0313C-4F15-437D-9A2D-C1564088A26A}

O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {915809D6-1F93-45F2-9699-5F1DA64DC24B}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {2231CE39-B963-4B9D-823A-F412ECA637B1}

O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

O42 - Logiciel: Windows Movie Maker 2.6 - (.Microsoft Corporation.) [HKLM] -- {B3DAF54F-DB25-4586-9EF1-96D24BB14088}

O42 - Logiciel: Yass Along 0.9.9 - (.Pas de propriétaire.) [HKLM] -- Yass Along 0.9.9

O42 - Logiciel: rekordbox 1.3.1 - (.Pioneer.) [HKLM] -- Pioneer rekordbox 1.3.1

O42 - Logiciel: zap - (.zap.) [HKLM] -- zap

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ALWIL Software]

[HKCU\Software\ASIO4ALL v2 by Wuschel]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\ShoppingReport2]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Broadcom]

[HKCU\Software\BrowserTemp]

[HKCU\Software\C:]

[HKCU\Software\CDDB]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\Complitly]

[HKCU\Software\CoreVorbis]

[HKCU\Software\Creative Tech]

[HKCU\Software\CyberLink]

[HKCU\Software\DSP-worx]

[HKCU\Software\Dell]

[HKCU\Software\DigitalVolcano]

[HKCU\Software\DivXNetworks]

[HKCU\Software\DivX]

[HKCU\Software\GNU]

[HKCU\Software\Gabest]

[HKCU\Software\GetData]

[HKCU\Software\Google]

[HKCU\Software\GotClip Downloader]

[HKCU\Software\Haali]

[HKCU\Software\IDT]

[HKCU\Software\Intel]

[HKCU\Software\JavaSoft]

[HKCU\Software\LitexMedia]

[HKCU\Software\MAGIX]

[HKCU\Software\Macromedia]

[HKCU\Software\Macrovision]

[HKCU\Software\Magix Development]

[HKCU\Software\MainConcept]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\ManiacTools]

[HKCU\Software\McAfee]

[HKCU\Software\MediaInfo]

[HKCU\Software\MicroVision]

[HKCU\Software\Native Instruments]

[HKCU\Software\Netscape]

[HKCU\Software\ODBC]

[HKCU\Software\ParetoLogic]

[HKCU\Software\Policies]

[HKCU\Software\RocketDock]

[HKCU\Software\Roxio]

[HKCU\Software\SWiSHzone.com]

[HKCU\Software\Simply Super Software]

[HKCU\Software\Sonic]

[HKCU\Software\Spointer]

[HKCU\Software\SupportSoft]

[HKCU\Software\Synaptics]

[HKCU\Software\Syntrillium]

[HKCU\Software\Sysinternals]

[HKCU\Software\Trolltech]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\VirtualDJ]

[HKCU\Software\Viscom Software]

[HKCU\Software\Widcomm]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\inVIBES]

[HKCU\Software\qpratools.com]

[HKCU\Software\rOva]

[HKCU\Software\xiberpix]

[HKLM\Software\ALWIL Software]

[HKLM\Software\ASIO]

[HKLM\Software\ATI Technologies]

[HKLM\Software\Adobe]

[HKLM\Software\America Online]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\Babylon]

[HKLM\Software\BcmSetup]

[HKLM\Software\Broadcom]

[HKLM\Software\BrowserChoice]

[HKLM\Software\CDDB]

[HKLM\Software\Citrix]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Codec Tweak Tool]

[HKLM\Software\Creative Tech]

[HKLM\Software\Creative]

[HKLM\Software\CyberLink]

[HKLM\Software\Dell Computer Corporation]

[HKLM\Software\Dell]

[HKLM\Software\DivXNetworks]

[HKLM\Software\DivX]

[HKLM\Software\GNU]

[HKLM\Software\Gabest]

[HKLM\Software\Google]

[HKLM\Software\HaaliMkx]

[HKLM\Software\Hauppauge]

[HKLM\Software\IDT]

[HKLM\Software\InstallShield]

[HKLM\Software\InstalledOptions]

[HKLM\Software\Intel]

[HKLM\Software\InterVideo]

[HKLM\Software\JavaSoft]

[HKLM\Software\KLCodecPack]

[HKLM\Software\KasperskyLab]

[HKLM\Software\Licenses]

[HKLM\Software\Macromedia]

[HKLM\Software\Magix Development]

[HKLM\Software\Magix]

[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\McAfeeInstaller]

[HKLM\Software\McAfee]

[HKLM\Software\MicroVision]

[HKLM\Software\MimarSinan]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\Native Instruments]

[HKLM\Software\Network Associates]

[HKLM\Software\ODBC]

[HKLM\Software\PC-Doctor]

[HKLM\Software\ParetoLogic]

[HKLM\Software\Policies]

[HKLM\Software\Propellerhead Software]

[HKLM\Software\RealNetworks]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Roxio]

[HKLM\Software\S3R521]

[HKLM\Software\SightSpeed Inc]

[HKLM\Software\Simply Super Software]

[HKLM\Software\SimplyGen]

[HKLM\Software\Sonic]

[HKLM\Software\SupportSoft]

[HKLM\Software\Synaptics]

[HKLM\Software\Syntrillium]

[HKLM\Software\TrendMicro]

[HKLM\Software\VideoLAN]

[HKLM\Software\WOW6432Node]

[HKLM\Software\Widcomm]

[HKLM\Software\WinRAR]

[HKLM\Software\Xvid Team]

[HKLM\Software\Yass Along]

[HKLM\Software\Yass]

[HKLM\Software\iTinySoft]

[HKLM\Software\mozilla.org]

[HKLM\Software\vLite]

[HKLM\Software\xiberpix]

~ Scan Softwares in 00mn 00s

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 30/04/2011 - 0:35:42 - [78651998] ----D- C:\Program Files\=VirtualDJ

O43 - CFD: 11/04/2010 - 21:03:36 - [168607647] ----D- C:\Program Files\Adobe

O43 - CFD: 13/04/2010 - 16:54:16 - [0] ----D- C:\Program Files\Alwil Software

O43 - CFD: 17/12/2010 - 2:58:12 - [2221118] ----D- C:\Program Files\Apple Software Update

O43 - CFD: 10/05/2010 - 15:40:46 - [532302] ----D- C:\Program Files\ASIO4ALL v2

O43 - CFD: 14/04/2010 - 15:07:22 - [14433406] ----D- C:\Program Files\ATI

O43 - CFD: 14/04/2010 - 15:06:56 - [0] ----D- C:\Program Files\ATI Technologies

O43 - CFD: 11/04/2010 - 21:03:40 - [3553384] ----D- C:\Program Files\Citrix

O43 - CFD: 2/11/2011 - 22:32:50 - [1474771750] ----D- C:\Program Files\Common Files

O43 - CFD: 2/11/2011 - 22:32:34 - [780465] ----D- C:\Program Files\Complitly

O43 - CFD: 21/11/2011 - 13:57:56 - [30623936] ----D- C:\Program Files\coolpro2

O43 - CFD: 22/08/2010 - 22:07:26 - [32700577] ----D- C:\Program Files\CrazyLoader

O43 - CFD: 11/04/2010 - 21:03:54 - [14954414] ----D- C:\Program Files\Creative

O43 - CFD: 11/04/2010 - 21:03:54 - [114688] ----D- C:\Program Files\Creative Live! Cam

O43 - CFD: 26/07/2010 - 18:23:40 - [416611618] ----D- C:\Program Files\CyberLink

O43 - CFD: 11/04/2010 - 21:04:06 - [44808749] ----D- C:\Program Files\Dell

O43 - CFD: 11/04/2010 - 21:04:14 - [13676974] ----D- C:\Program Files\Dell DataSafe Online

O43 - CFD: 11/04/2010 - 21:04:14 - [14193056] ----D- C:\Program Files\Dell Inc

O43 - CFD: 11/04/2010 - 21:04:44 - [88905259] ----D- C:\Program Files\Dell Support Center

O43 - CFD: 11/04/2010 - 21:04:52 - [22501445] ----D- C:\Program Files\Dell Video Chat

O43 - CFD: 11/04/2010 - 21:05:00 - [264797136] ----D- C:\Program Files\Dell Webcam

O43 - CFD: 22/08/2010 - 20:34:56 - [94660041] ----D- C:\Program Files\DivX

O43 - CFD: 14/11/2010 - 17:22:30 - [1109356] ----D- C:\Program Files\Duplicate Cleaner

O43 - CFD: 14/07/2009 - 10:01:32 - [83226132] ----D- C:\Program Files\DVD Maker

O43 - CFD: 11/04/2010 - 21:34:18 - [0] -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 30/04/2011 - 0:35:44 - [3857040] ----D- C:\Program Files\FLAC to MP3 Converter

O43 - CFD: 9/12/2010 - 16:44:36 - [3945205] ----D- C:\Program Files\Free M4a to MP3 Converter

O43 - CFD: 22/08/2010 - 20:32:14 - [0] ----D- C:\Program Files\Google

O43 - CFD: 2/11/2011 - 23:28:08 - [830547] ----D- C:\Program Files\HCW17

O43 - CFD: 14/04/2010 - 15:47:06 - [48034018] ----D- C:\Program Files\IDT

O43 - CFD: 26/07/2010 - 18:24:54 - [45798846] --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 14/04/2010 - 14:59:38 - [69975907] ----D- C:\Program Files\Intel

O43 - CFD: 2/07/2011 - 10:55:40 - [5594141] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 11/04/2010 - 21:05:14 - [90398696] ----D- C:\Program Files\Java

O43 - CFD: 11/04/2010 - 21:35:56 - [55505975] ----D- C:\Program Files\K-Lite Codec Pack

O43 - CFD: 3/08/2010 - 13:51:46 - [11470066] ----D- C:\Program Files\LitexMedia

O43 - CFD: 3/11/2011 - 17:03:32 - [7003649] ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 14/04/2010 - 9:45:28 - [169890453] ----D- C:\Program Files\McAfee

O43 - CFD: 24/11/2011 - 7:24:00 - [42685766] ----D- C:\Program Files\MediaCoder

O43 - CFD: 10/08/2011 - 15:20:36 - [5688696] ----D- C:\Program Files\Micro Application

O43 - CFD: 11/04/2010 - 21:05:20 - [1191560] ----D- C:\Program Files\Microsoft

O43 - CFD: 14/07/2009 - 10:01:22 - [147812402] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 6/01/2011 - 13:06:50 - [875892351] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 11/04/2010 - 21:37:26 - [15461451] ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD: 11/04/2010 - 21:05:34 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD: 11/04/2010 - 21:05:34 - [2188837] ----D- C:\Program Files\Microsoft Sync Framework

O43 - CFD: 6/01/2011 - 13:06:22 - [14904] ----D- C:\Program Files\Microsoft Visual Studio

O43 - CFD: 6/01/2011 - 13:02:38 - [64816736] ----D- C:\Program Files\Microsoft Visual Studio 8

O43 - CFD: 11/04/2010 - 21:05:34 - [9275048] ----D- C:\Program Files\Microsoft Windows 7 Upgrade Advisor

O43 - CFD: 2/07/2011 - 10:55:30 - [144949414] ----D- C:\Program Files\Microsoft Works

O43 - CFD: 6/01/2011 - 13:05:02 - [8152064] ----D- C:\Program Files\Microsoft.NET

O43 - CFD: 2/07/2011 - 10:55:30 - [127386711] ----D- C:\Program Files\MixVibesDVS

O43 - CFD: 31/05/2010 - 11:38:58 - [44273902] ----D- C:\Program Files\MixVibesEX

O43 - CFD: 2/07/2011 - 10:55:30 - [11626997] ----D- C:\Program Files\MixVibesLE-HOME1

O43 - CFD: 10/05/2010 - 15:09:24 - [56039310] ----D- C:\Program Files\MixVibesProducer

O43 - CFD: 2/07/2011 - 10:55:30 - [614787257] ----D- C:\Program Files\MixVibesProducer2

O43 - CFD: 28/06/2010 - 13:13:38 - [9336778] ----D- C:\Program Files\Movie Maker 2.6

O43 - CFD: 24/11/2011 - 20:51:04 - [31936695] ----D- C:\Program Files\Mozilla Firefox

O43 - CFD: 2/08/2010 - 16:14:16 - [33295648] ----D- C:\Program Files\Mp3Tools

O43 - CFD: 6/01/2011 - 13:07:10 - [26521] ----D- C:\Program Files\MSBuild

O43 - CFD: 18/07/2011 - 15:48:02 - [142663884] ----D- C:\Program Files\Native Instruments

O43 - CFD: 12/10/2010 - 6:52:44 - [64836475] ----D- C:\Program Files\Pioneer

O43 - CFD: 17/12/2010 - 3:00:14 - [76322555] ----D- C:\Program Files\QuickTime

O43 - CFD: 14/04/2010 - 15:04:32 - [7893866] ----D- C:\Program Files\Realtek

O43 - CFD: 14/07/2009 - 5:52:32 - [38691585] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 28/10/2009 - 2:35:16 - [15493673] ----D- C:\Program Files\RocketDock

O43 - CFD: 2/05/2011 - 7:42:10 - [32209292] ----D- C:\Program Files\Roxio

O43 - CFD: 11/05/2011 - 6:11:00 - [4726610] ----D- C:\Program Files\Sqirlz Morph

O43 - CFD: 8/05/2010 - 20:46:50 - [0] ----D- C:\Program Files\Sun

O43 - CFD: 11/04/2010 - 20:59:48 - [37742876] ----D- C:\Program Files\Synaptics

O43 - CFD: 26/07/2010 - 19:07:14 - [27495669] ----D- C:\Program Files\Total Video Converter

O43 - CFD: 14/04/2010 - 9:03:02 - [10143661] ----D- C:\Program Files\Trojan Remover

O43 - CFD: 3/11/2011 - 20:47:42 - [34810277062] ----D- C:\Program Files\UltraStar Deluxe

O43 - CFD: 14/07/2009 - 5:53:24 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 11/04/2010 - 21:07:32 - [50490183] ----D- C:\Program Files\VideoLAN

O43 - CFD: 30/04/2011 - 0:35:44 - [18030] ----D- C:\Program Files\VirtualDJ

O43 - CFD: 2/11/2011 - 22:29:22 - [7218329] ----D- C:\Program Files\WebplayerTool

O43 - CFD: 14/04/2010 - 15:18:06 - [87562303] ----D- C:\Program Files\WIDCOMM

O43 - CFD: 11/04/2010 - 21:07:38 - [0] ----D- C:\Program Files\Windows Calendar

O43 - CFD: 11/04/2010 - 21:07:40 - [0] ----D- C:\Program Files\Windows Collaboration

O43 - CFD: 14/07/2009 - 9:39:40 - [3049984] ----D- C:\Program Files\Windows Defender

O43 - CFD: 14/07/2009 - 10:01:30 - [7013496] ----D- C:\Program Files\Windows Journal

O43 - CFD: 11/04/2010 - 21:07:42 - [136765907] ----D- C:\Program Files\Windows Live

O43 - CFD: 11/04/2010 - 21:07:42 - [245112] ----D- C:\Program Files\Windows Live SkyDrive

O43 - CFD: 2/07/2011 - 10:55:40 - [6239744] ----D- C:\Program Files\Windows Mail

O43 - CFD: 2/07/2011 - 10:55:40 - [6640555] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 11/04/2010 - 21:34:18 - [5019900] ----D- C:\Program Files\Windows NT

O43 - CFD: 11/04/2010 - 21:07:42 - [0] ----D- C:\Program Files\Windows Photo Gallery

O43 - CFD: 30/04/2011 - 0:35:52 - [4417800] ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 14/07/2009 - 5:52:34 - [189440] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 14/07/2009 - 9:39:40 - [107451216] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 30/04/2011 - 0:35:44 - [4494409] ----D- C:\Program Files\WinRAR

O43 - CFD: 22/08/2010 - 19:33:36 - [27080122] ----D- C:\Program Files\Yass Along 0.9.9

O43 - CFD: 2/11/2011 - 22:29:26 - [3789264] ----D- C:\Program Files\zap

O43 - CFD: 28/11/2011 - 9:11:10 - [4267215] ----D- C:\Program Files\ZHPDiag

O43 - CFD: 11/04/2010 - 21:03:40 - [4600350] ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 17/12/2010 - 2:58:24 - [54774793] ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 14/04/2010 - 9:45:30 - [26828] ----D- C:\Program Files\Common Files\Cisco Systems

O43 - CFD: 6/01/2011 - 13:06:22 - [92976] ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD: 22/08/2010 - 20:33:30 - [24006656] ----D- C:\Program Files\Common Files\DivX Shared

O43 - CFD: 28/06/2010 - 13:00:14 - [7223875] ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD: 14/04/2010 - 9:45:26 - [501393569] ----D- C:\Program Files\Common Files\McAfee

O43 - CFD: 6/01/2011 - 13:07:28 - [335086752] ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD: 18/07/2011 - 15:48:04 - [165039876] ----D- C:\Program Files\Common Files\Native Instruments

O43 - CFD: 25/08/2010 - 8:29:40 - [4809008] ----D- C:\Program Files\Common Files\PX Storage Engine

O43 - CFD: 11/04/2010 - 21:03:46 - [4221400] ----D- C:\Program Files\Common Files\Reallusion

O43 - CFD: 11/04/2010 - 21:03:50 - [38298909] ----D- C:\Program Files\Common Files\Roxio Shared

O43 - CFD: 14/07/2009 - 3:37:06 - [2702] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 11/04/2010 - 21:03:50 - [1088248] ----D- C:\Program Files\Common Files\Sonic Shared

O43 - CFD: 14/07/2009 - 3:37:06 - [41103783] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 11/04/2010 - 21:03:50 - [7526487] ----D- C:\Program Files\Common Files\supportsoft

O43 - CFD: 11/04/2010 - 21:03:50 - [733760] ----D- C:\Program Files\Common Files\SureThing Shared

O43 - CFD: 6/01/2011 - 13:01:32 - [44631344] ----D- C:\Program Files\Common Files\System

O43 - CFD: 11/04/2010 - 21:03:52 - [240110428] ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD: 11/04/2010 - 21:07:58 - [763] ----D- C:\ProgramData\Adobe

O43 - CFD: 14/04/2010 - 9:10:18 - [15336] ----D- C:\ProgramData\Alwil Software

O43 - CFD: 17/12/2010 - 2:58:10 - [20614656] ----D- C:\ProgramData\Apple

O43 - CFD: 17/12/2010 - 2:59:14 - [26896384] ----D- C:\ProgramData\Apple Computer

O43 - CFD: 14/07/2009 - 5:53:56 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 13/04/2010 - 16:20:10 - [491764] ----D- C:\ProgramData\Avira

O43 - CFD: 2/11/2011 - 22:30:58 - [0] ----D- C:\ProgramData\Babylon

O43 - CFD: 11/04/2010 - 21:34:18 - [0] -SH-D- C:\ProgramData\Bureau

O43 - CFD: 11/04/2010 - 21:07:58 - [72769] ----D- C:\ProgramData\Creative

O43 - CFD: 7/09/2011 - 11:27:04 - [0] ----D- C:\ProgramData\CyberLink

O43 - CFD: 7/10/2010 - 21:41:30 - [3286054] ----D- C:\ProgramData\Dell

O43 - CFD: 14/07/2009 - 5:53:56 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 22/08/2010 - 20:34:58 - [3375482] ----D- C:\ProgramData\DivX

O43 - CFD: 14/07/2009 - 5:53:56 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 11/04/2010 - 21:34:18 - [0] -SH-D- C:\ProgramData\Favoris

O43 - CFD: 14/07/2009 - 5:53:56 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 22/08/2010 - 20:32:14 - [0] ----D- C:\ProgramData\Google

O43 - CFD: 11/04/2010 - 21:07:58 - [365] ----D- C:\ProgramData\InstallShield

O43 - CFD: 14/04/2010 - 8:57:02 - [20480] ----D- C:\ProgramData\Kaspersky Lab

O43 - CFD: 14/04/2010 - 15:33:34 - [3552792] ----D- C:\ProgramData\Macrovision

O43 - CFD: 14/04/2010 - 16:15:08 - [5070140] ----D- C:\ProgramData\MAGIX

O43 - CFD: 3/11/2011 - 17:03:30 - [7380864] ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 14/04/2010 - 9:46:00 - [16273072] ----D- C:\ProgramData\McAfee

O43 - CFD: 11/04/2010 - 21:34:18 - [0] -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 6/01/2011 - 13:05:02 - [250487355] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 10/08/2011 - 21:45:26 - [229534] ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 11/04/2010 - 21:34:18 - [0] -SH-D- C:\ProgramData\Modèles

O43 - CFD: 18/07/2011 - 15:48:02 - [164153523] ----D- C:\ProgramData\Native Instruments

O43 - CFD: 4/05/2011 - 10:46:10 - [0] ----D- C:\ProgramData\ParetoLogic

O43 - CFD: 16/10/2009 - 11:11:16 - [0] ----D- C:\ProgramData\PCDr

O43 - CFD: 11/04/2010 - 21:35:40 - [0] ----D- C:\ProgramData\Real

O43 - CFD: 2/05/2011 - 9:07:56 - [0] ----D- C:\ProgramData\Roxio

O43 - CFD: 14/04/2010 - 9:01:42 - [7092219] ----D- C:\ProgramData\Simply Super Software

O43 - CFD: 2/05/2011 - 7:33:44 - [6457] ----D- C:\ProgramData\Sonic

O43 - CFD: 14/07/2009 - 5:53:56 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 11/04/2010 - 21:08:38 - [27307356] ----D- C:\ProgramData\SupportSoft

O43 - CFD: 24/11/2011 - 6:47:38 - [0] ---AD- C:\ProgramData\TEMP

O43 - CFD: 14/07/2009 - 5:53:56 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 14/04/2010 - 15:34:10 - [16808349] ----D- C:\ProgramData\Uninstall

O43 - CFD: 11/04/2010 - 21:08:54 - [0] ----D- C:\ProgramData\WindowsSearch

O43 - CFD: 18/07/2011 - 15:48:58 - [16836525] --H-D- C:\ProgramData\{4A818508-3355-4FBC-B302-D53B599DD9D5}

O43 - CFD: 11/04/2010 - 21:14:14 - [4154570] ----D- C:\Users\nico\AppData\Roaming\Adobe

O43 - CFD: 2/11/2011 - 22:30:58 - [2641] ----D- C:\Users\nico\AppData\Roaming\Babylon

O43 - CFD: 3/11/2011 - 13:04:52 - [349672] ----D- C:\Users\nico\AppData\Roaming\Complitly

O43 - CFD: 22/08/2010 - 22:06:44 - [4438] ----D- C:\Users\nico\AppData\Roaming\CrazyLoader

O43 - CFD: 11/04/2010 - 21:14:14 - [550] ----D- C:\Users\nico\AppData\Roaming\Creative

O43 - CFD: 7/09/2011 - 11:27:10 - [2861389] ----D- C:\Users\nico\AppData\Roaming\CyberLink

O43 - CFD: 11/04/2010 - 21:14:14 - [103060] ----D- C:\Users\nico\AppData\Roaming\Dell

O43 - CFD: 26/08/2010 - 12:47:56 - [220160] ----D- C:\Users\nico\AppData\Roaming\DivX

O43 - CFD: 3/05/2011 - 12:22:26 - [747] ----D- C:\Users\nico\AppData\Roaming\DriverCure

O43 - CFD: 10/05/2011 - 19:31:14 - [199] ----D- C:\Users\nico\AppData\Roaming\dvdcss

O43 - CFD: 10/02/2011 - 23:52:00 - [45] ----D- C:\Users\nico\AppData\Roaming\Identities

O43 - CFD: 14/04/2010 - 15:02:06 - [0] ----D- C:\Users\nico\AppData\Roaming\InstallShield

O43 - CFD: 2/07/2011 - 10:55:30 - [2048] ----D- C:\Users\nico\AppData\Roaming\invibes

O43 - CFD: 11/04/2010 - 21:14:14 - [18469] ----D- C:\Users\nico\AppData\Roaming\Macromedia

O43 - CFD: 7/10/2010 - 10:58:08 - [253] ----D- C:\Users\nico\AppData\Roaming\Macrovision

O43 - CFD: 14/04/2010 - 16:15:56 - [11319] ----D- C:\Users\nico\AppData\Roaming\MAGIX

O43 - CFD: 3/11/2011 - 17:03:40 - [1935270] ----D- C:\Users\nico\AppData\Roaming\Malwarebytes

O43 - CFD: 14/07/2009 - 10:00:34 - [0] ----D- C:\Users\nico\AppData\Roaming\Media Center Programs

O43 - CFD: 14/04/2010 - 15:25:28 - [100] ----D- C:\Users\nico\AppData\Roaming\Media Player Classic

O43 - CFD: 10/08/2011 - 21:45:26 - [10596785] -S--D- C:\Users\nico\AppData\Roaming\Microsoft

O43 - CFD: 9/06/2010 - 12:46:36 - [424601] ----D- C:\Users\nico\AppData\Roaming\MixVibes

O43 - CFD: 12/04/2010 - 12:40:38 - [7657352] ----D- C:\Users\nico\AppData\Roaming\Mozilla

O43 - CFD: 3/05/2011 - 12:22:26 - [50272] ----D- C:\Users\nico\AppData\Roaming\ParetoLogic

O43 - CFD: 12/10/2010 - 6:53:16 - [35713619] ----D- C:\Users\nico\AppData\Roaming\Pioneer

O43 - CFD: 14/04/2010 - 15:49:26 - [8297] ----D- C:\Users\nico\AppData\Roaming\Roxio

O43 - CFD: 14/04/2010 - 15:33:18 - [1547054] ----D- C:\Users\nico\AppData\Roaming\Roxio Log Files

O43 - CFD: 14/04/2010 - 9:01:42 - [3691447] ----D- C:\Users\nico\AppData\Roaming\Simply Super Software

O43 - CFD: 11/04/2010 - 21:14:26 - [174152] ----D- C:\Users\nico\AppData\Roaming\Syntrillium

O43 - CFD: 9/12/2010 - 13:37:12 - [13824] ----D- C:\Users\nico\AppData\Roaming\Template

O43 - CFD: 2/07/2011 - 10:55:32 - [443520] ----D- C:\Users\nico\AppData\Roaming\vlc

O43 - CFD: 24/11/2009 - 11:16:40 - [0] ----D- C:\Users\nico\AppData\Roaming\WinRAR

O43 - CFD: 11/04/2010 - 21:14:06 - [47881053] ----D- C:\Users\nico\AppData\Local\Adobe

O43 - CFD: 17/12/2010 - 2:58:14 - [0] ----D- C:\Users\nico\AppData\Local\Apple

O43 - CFD: 17/02/2011 - 13:13:14 - [2632] ----D- C:\Users\nico\AppData\Local\Apple Computer

O43 - CFD: 11/04/2010 - 21:01:56 - [0] -SH-D- C:\Users\nico\AppData\Local\Application Data

O43 - CFD: 2/11/2011 - 22:30:58 - [3911963] ----D- C:\Users\nico\AppData\Local\Babylon

O43 - CFD: 14/04/2010 - 15:22:38 - [0] ----D- C:\Users\nico\AppData\Local\Broadcom

O43 - CFD: 24/11/2011 - 21:22:20 - [16643] ----D- C:\Users\nico\AppData\Local\crazyloader Air

O43 - CFD: 21/10/2009 - 10:59:18 - [0] ----D- C:\Users\nico\AppData\Local\DataSafeOnline

O43 - CFD: 25/10/2011 - 1:20:30 - [103799] ----D- C:\Users\nico\AppData\Local\Dell

O43 - CFD: 19/07/2011 - 18:40:28 - [38826252] ----D- C:\Users\nico\AppData\Local\ElevatedDiagnostics

O43 - CFD: 22/08/2010 - 20:32:12 - [0] ----D- C:\Users\nico\AppData\Local\Google

O43 - CFD: 11/04/2010 - 21:01:56 - [0] -SH-D- C:\Users\nico\AppData\Local\Historique

O43 - CFD: 6/01/2011 - 15:45:50 - [1403745033] ----D- C:\Users\nico\AppData\Local\Microsoft

O43 - CFD: 11/04/2010 - 21:14:06 - [4447] ----D- C:\Users\nico\AppData\Local\Microsoft Corporation

O43 - CFD: 30/05/2011 - 8:39:58 - [110668] ----D- C:\Users\nico\AppData\Local\Microsoft Games

O43 - CFD: 6/01/2011 - 13:00:58 - [0] ----D- C:\Users\nico\AppData\Local\Microsoft Help

O43 - CFD: 2/05/2011 - 7:42:10 - [57368] ----D- C:\Users\nico\AppData\Local\MicroVision Applications

O43 - CFD: 12/04/2010 - 12:40:06 - [56348963] ----D- C:\Users\nico\AppData\Local\Mozilla

O43 - CFD: 7/09/2011 - 11:27:18 - [11083] ----D- C:\Users\nico\AppData\Local\PowerDVD DX

O43 - CFD: 11/04/2010 - 21:14:06 - [2198] ----D- C:\Users\nico\AppData\Local\Stardock_Corporation

O43 - CFD: 11/04/2010 - 21:14:06 - [17320317] ----D- C:\Users\nico\AppData\Local\SupportSoft

O43 - CFD: 28/11/2011 - 9:07:46 - [183636822] ----D- C:\Users\nico\AppData\Local\Temp

O43 - CFD: 11/04/2010 - 21:01:56 - [0] -SH-D- C:\Users\nico\AppData\Local\Temporary Internet Files

O43 - CFD: 11/04/2010 - 21:14:14 - [71141862] ----D- C:\Users\nico\AppData\Local\VirtualStore

O43 - CFD: 28/06/2010 - 13:21:38 - [0] ----D- C:\Users\nico\AppData\Local\WMTools Downloaded Files

~ Scan Program Folder in 01mn 28s

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.C29E69B826C8188E86E5389E0D894BAF] - 28/11/2011 - 8:06:02 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1532276]

O44 - LFC:[MD5.3F6562742D50EBF0CE57D44CE889880C] - 28/11/2011 - 8:06:02 ---A- . (...) -- C:\Windows\system32\perfc009.dat [104412]

O44 - LFC:[MD5.0C31029A57DAABAEB15C2D48943ABB32] - 28/11/2011 - 8:06:02 ---A- . (...) -- C:\Windows\system32\perfc00C.dat [128562]

O44 - LFC:[MD5.6A24CCD8DC993EC31D717124724EDCB4] - 28/11/2011 - 8:06:02 ---A- . (...) -- C:\Windows\system32\perfh009.dat [610094]

O44 - LFC:[MD5.C6C005632F13242D6AC13C0AF4FF3371] - 28/11/2011 - 8:06:02 ---A- . (...) -- C:\Windows\system32\perfh00C.dat [697760]

O44 - LFC:[MD5.94E4E5412D8FE80BB3EF6BF63ED50ACB] - 28/11/2011 - 8:32:20 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1544458]

O44 - LFC:[MD5.C0B4831AB51C1EA7F2705515A49B5216] - 28/11/2011 - 9:07:15 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.A5763BE7FC808AA1D93BB36EAFEED1FC] - 28/11/2011 - 9:07:16 ---A- . (...) -- C:\Windows\setupact.log [3988639]

O44 - LFC:[MD5.C486F98863FFF7EEB24866AD1B99452C] - 3/11/2011 - 15:04:49 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]

O44 - LFC:[MD5.69A6268D7F81E53D568AB4E7E991CAF3] - 3/11/2011 - 17:03:25 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [22216]

O44 - LFC:[MD5.322E19C14B481DB31E48B0A2F1A20C23] - 3/11/2011 - 20:33:41 ---A- . (...) -- C:\Windows\PFRO.log [15172]

O44 - LFC:[MD5.AEF52C0DE297465253DDAEAF10860464] - 21/11/2011 - 13:08:05 ---A- . (...) -- C:\Windows\system.ini [245]

O44 - LFC:[MD5.EA115791E37629192F2C6ADA34CEBC56] - 21/11/2011 - 13:08:05 ---A- . (...) -- C:\Windows\win.ini [247]

O44 - LFC:[MD5.A7C5BF3386ED615EC0BA04FDA945C443] - 18/11/2011 - 21:44:38 ---A- . (...) -- C:\Windows\system32\FNTCACHE.DAT [457800]

~ Scan Files in 02mn 02s

 

 

 

---\\ Déni du service (Local Security Authority) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\system32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\system32\kerberos.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\system32\schannel.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\system32\wdigest.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\system32\tspkg.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\system32\pku2u.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 00s

 

 

 

---\\ MountPoints2 Shell Key (O51)

O51 - MPSK:{667efac3-bf85-11e0-876c-002564699aa8}\AutoRun\command. (...) -- F:\LaunchU3.exe (.not file.)

~ Scan Keys in 00mn 01s

 

 

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll

O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\system32\ac3acm.acm

O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\Windows\system32\lameACM.acm

O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (...) -- C:\Windows\system32\ff_vfw.dll

O52 - TDSD: \Drivers32\"VIDC.YV12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\system32\DivX.dll

O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\system32\DivX.dll

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\system32\ac3acm.acm

O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (...) -- C:\Windows\system32\ff_vfw.dll

O52 - TDSD: \drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.98" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.9.2 Codec" . (...) -- (.not file.)

~ Scan Keys in 00mn 00s

 

 

 

---\\ ShareTools MSconfig StartupReg (O53)

O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

O53 - SMSR:HKLM\...\startupreg\Broadcom Wireless Manager UI [Key] . (.Dell Inc. - Dell Wireless WLAN Card Wireless Network Tr.) -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe

O53 - SMSR:HKLM\...\startupreg\Dell DataSafe Online [Key] . (.Pas de propriétaire - DataSafeOnline.) -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe

O53 - SMSR:HKLM\...\startupreg\Dell Webcam Central [Key] . (.Creative Technology Ltd - WebcamDell2.exe.) -- C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

O53 - SMSR:HKLM\...\startupreg\dellsupportcenter [Key] . (.SupportSoft, Inc. - Dell Support Center Updates.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe

O53 - SMSR:HKLM\...\startupreg\Desktop Disc Tool [Key] . (.Pas de propriétaire - Roxio Burn Launcher.) -- C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe

O53 - SMSR:HKLM\...\startupreg\DivXUpdate [Key] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe

O53 - SMSR:HKLM\...\startupreg\GrooveMonitor [Key] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe

O53 - SMSR:HKLM\...\startupreg\IAAnotif [Key] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe

O53 - SMSR:HKLM\...\startupreg\Microsoft Default Manager [Key] . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe

O53 - SMSR:HKLM\...\startupreg\PDVDDXSrv [Key] . (.CyberLink Corp. - CyberLink PowerDVD Resident Program.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

O53 - SMSR:HKLM\...\startupreg\Persistence [Key] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe

O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe

O53 - SMSR:HKLM\...\startupreg\ShStatEXE [Key] . (.McAfee, Inc. - VirusScan tray icon.) -- C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.exe

O53 - SMSR:HKLM\...\startupreg\SynTPEnh [Key] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O53 - SMSR:HKLM\...\startupreg\SysTrayApp [Key] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe

O53 - SMSR:HKLM\...\startupreg\TrojanScanner [Key] . (.Simply Super Software - Trojan Scanner.) -- C:\Program Files\Trojan Remover\Trjscan.exe

~ Scan SMSR Keys in 00mn 01s

 

 

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "VerboseStatus"=1

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

~ Scan Keys in 00mn 00s

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 10/06/2009 - 2:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422976]

O58 - SDL:[MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - 13/07/2009 - 2:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297552]

O58 - SDL:[MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - 13/07/2009 - 2:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [146512]

O58 - SDL:[MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - 14/07/2009 - 2:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [14400]

O58 - SDL:[MD5.2101A86C25C154F8314B24EF49D7FBC2] - 10/06/2009 - 2:26:15 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [79952]

O58 - SDL:[MD5.EA43AF0C423FF267355F74E7A53BDABA] - 10/06/2009 - 2:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\system32\drivers\amdsbs.sys [159312]

O58 - SDL:[MD5.B81C2B5616F6420A9941EA093A92B150] - 13/07/2009 - 2:26:15 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [23616]

O58 - SDL:[MD5.2932004F49677BD84DBC72EDB754FFB3] - 13/07/2009 - 2:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [76368]

O58 - SDL:[MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - 13/07/2009 - 2:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [86608]

O58 - SDL:[MD5.BD8869EB9CDE6BBE4508D869929869EE] - 13/07/2009 - 23:02:49 ---A- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\Windows\system32\drivers\b57nd60x.sys [229888]

O58 - SDL:[MD5.EB4434444E2721D721A8AC8D5D2AD26B] - 14/04/2010 - 8:06:08 ---A- . (.Broadcom Corporation - Broadcom iLine10 PCI Network Adapter Proxy Protocol Driver.) -- C:\Windows\system32\drivers\bcm42rly.sys [18424]

O58 - SDL:[MD5.919832D1A7D067119CD5EE29BA76327A] - 14/04/2010 - 8:06:16 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\system32\drivers\BCMWL6.SYS [2506232]

O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 14/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]

O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 14/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]

O58 - SDL:[MD5.845B8CE732E67F3B4133164868C666EA] - 14/07/2009 - 1:57:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [272128]

O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 14/07/2009 - 23:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]

O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 14/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]

O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 14/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]

O58 - SDL:[MD5.D57D29132EFE13A83133D9BD449E0CF1] - 14/04/2010 - 10:42:34 ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\Windows\system32\drivers\btwaudio.sys [86056]

O58 - SDL:[MD5.D282C14A69357D0E1BAFAECC2CA98C3A] - 14/04/2010 - 10:42:34 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\Windows\system32\drivers\btwavdt.sys [108072]

O58 - SDL:[MD5.AAFD7CB76BA61FBB08E302DA208C974A] - 14/04/2010 - 10:42:34 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\Windows\system32\drivers\btwl2cap.sys [29472]

O58 - SDL:[MD5.02EB4D2B05967DF2D32F29C84AB1FB17] - 14/04/2010 - 10:42:32 ---A- . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\Windows\system32\drivers\btwrchid.sys [18344]

O58 - SDL:[MD5.1A231ABEC60FD316EC54C66715543CEC] - 10/06/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbdx.sys [430080]

O58 - SDL:[MD5.B025339FBC76547DB7D9633D83D0706D] - 14/04/2010 - 2:00:00 ---A- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdr4_xp.sys [9072]

O58 - SDL:[MD5.2EDE09C61866FAC671953576FE4CA3BC] - 14/04/2010 - 2:00:00 ---A- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdralw2k.sys [9200]

O58 - SDL:[MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - 14/07/2009 - 2:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [15952]

O58 - SDL:[MD5.5CBF20674BE8364FEBB6A13451A42F0A] - 13/04/2010 - 11:44:24 ---A- . (.Infowatch - Cryptographic Algorithm Lib Driver..) -- C:\Windows\system32\drivers\CSCrySec.sys [88632]

O58 - SDL:[MD5.2C3F213EDDD231099FB779A45D7680E0] - 13/04/2010 - 11:44:24 ---A- . (.Infowatch - Virtual Volume Container Driver (wxp).) -- C:\Windows\system32\drivers\CSVirtualDiskDrv.sys [39352]

O58 - SDL:[MD5.0F538DF1673E5216F3BAACB6911D9D0F] - 16/10/2009 - 16:48:20 ---A- . (.Creative Technology Ltd. - Advanced Audio FX Driver.) -- C:\Windows\system32\drivers\CtAudDrv.sys [134144]

O58 - SDL:[MD5.9A6CA307151505730DBFC91D97F01C7E] - 16/10/2009 - 19:05:16 ---A- . (.Creative Technology Ltd. - Video Class Upper Filter Driver.) -- C:\Windows\system32\drivers\CtClsFlt.sys [143968]

O58 - SDL:[MD5.8B30250D573A8F6B4BD23195160D8707] - 10/06/2009 - 2:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [70720]

O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 10/06/2009 - 2:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [453712]

O58 - SDL:[MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - 10/06/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbdx.sys [3100160]

O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [26624]

O58 - SDL:[MD5.295FDC419039090EB8B49FFDBB374549] - 13/07/2009 - 2:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [67152]

O58 - SDL:[MD5.0BAA4115DFFFD6A6D809A89D65E1281A] - 14/04/2010 - 10:09:36 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStor.sys [331288]

O58 - SDL:[MD5.934AF4D7C5F457B9F0743F4299B77B67] - 10/06/2009 - 2:20:36 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStorV.sys [332352]

O58 - SDL:[MD5.F301F532086D05B5396C248B0A108911] - 14/04/2010 - 10:09:26 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys [5915648]

O58 - SDL:[MD5.4173FF5708F3236CF25195FECD742915] - 13/07/2009 - 2:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41040]

O58 - SDL:[MD5.EB119A53CCF2ACC000AC71B065B78FEF] - 13/07/2009 - 2:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [95824]

O58 - SDL:[MD5.8ADE1C877256A22E49B75D1CC9161F9C] - 13/07/2009 - 2:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89168]

O58 - SDL:[MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - 13/07/2009 - 2:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [54864]

O58 - SDL:[MD5.0A036C7D7CAB643A7F07135AC47E0524] - 13/07/2009 - 2:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96848]

O58 - SDL:[MD5.69A6268D7F81E53D568AB4E7E991CAF3] - 3/11/2011 - 17:00:50 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [22216]

O58 - SDL:[MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - 10/06/2009 - 2:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\system32\drivers\megasas.sys [30800]

O58 - SDL:[MD5.DCBAB2920C75F390CAF1D29F675D03D6] - 13/07/2009 - 2:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [235584]

O58 - SDL:[MD5.4D81C0E4ED846E9A70B881891A5598AB] - 14/04/2010 - 19:07:00 ---A- . (.McAfee, Inc. - Access Protection Filter Driver.) -- C:\Windows\system32\drivers\mfeapfk.sys [75704]

O58 - SDL:[MD5.FF75F47EC2A9EA3E780A9D08DABA1276] - 14/04/2010 - 19:07:00 ---A- . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\Windows\system32\drivers\mfeavfk.sys [91672]

O58 - SDL:[MD5.5A3B000FDCCF826FFB74E76B0474C856] - 14/04/2010 - 19:07:00 ---A- . (.McAfee, Inc. - Buffer Overflow Protection Driver.) -- C:\Windows\system32\drivers\mfebopk.sys [43288]

O58 - SDL:[MD5.8E6B4E55D3A33B92693F7081EC018C39] - 14/04/2010 - 19:07:00 ---A- . (.McAfee, Inc. - McAfee Link Driver.) -- C:\Windows\system32\drivers\mfehidk.sys [343664]

O58 - SDL:[MD5.FA097D72A439C3A387FE38A654DF44C5] - 14/04/2010 - 19:07:00 ---A- . (.McAfee, Inc. - McAfee Code Analysis Driver.) -- C:\Windows\system32\drivers\mferkdet.sys [65448]

O58 - SDL:[MD5.A45D0C099A478DE5CBD0D6E8466BECD5] - 14/04/2010 - 19:07:00 ---A- . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) -- C:\Windows\system32\drivers\mfetdik.sys [63728]

O58 - SDL:[MD5.A25B4CEC85388F2E88567B4D629AA6E4] - 28/06/2010 - 0:39:52 ---A- . (.Matsushita Electric Industrial Co., Ltd. - Panasonic DVC SERIAL Port Driver.) -- C:\Windows\system32\drivers\mtdv2ks2.sys [11648]

O58 - SDL:[MD5.CD3C06F56104BAC9268587BF1C25A84C] - 28/06/2010 - 9:07:38 ---A- . (.Matsushita Electric Industrial Co., Ltd. - Panasonic DVC SERIAL-USB Driver.) -- C:\Windows\system32\drivers\mtdv2ku2.sys [12288]

O58 - SDL:[MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - 13/07/2009 - 2:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [44624]

O58 - SDL:[MD5.3F3D04B1D08D43C16EA7963954EC768D] - 13/07/2009 - 2:20:44 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [117312]

O58 - SDL:[MD5.C99F251A5DE63C6F129CF71933ACED0F] - 10/06/2009 - 2:20:44 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [142416]

O58 - SDL:[MD5.EC528056B89D15755ABB624E55949E44] - 7/06/2007 - 16:00:02 ---A- . (.Creative Technology Ltd. - Advanced Audio FX Driver.) -- C:\Windows\system32\drivers\OA013Afx.sys [148056]

O58 - SDL:[MD5.2CF21D5F8F1B74BB1922135AC2B12DDB] - 6/03/2009 - 6:30:08 ---A- . (.Creative Technology Ltd. - Video Class Upper Filter Driver.) -- C:\Windows\system32\drivers\OA013Ufd.sys [133632]

O58 - SDL:[MD5.0E1B4F70A1E7D49235A04860E77E9BFA] - 9/03/2009 - 16:00:00 ---A- . (.Creative Technology Ltd. - Video Capture Device Driver.) -- C:\Windows\system32\drivers\OA013Vid.sys [271712]

O58 - SDL:[MD5.AB95ECF1F6659A60DDC166D8315B0751] - 10/06/2009 - 2:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1383488]

O58 - SDL:[MD5.B4DD51DD25182244B86737DC51AF2270] - 13/07/2009 - 2:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106064]

O58 - SDL:[MD5.D97D8259293B7A82CB891F37F997DF3F] - 16/10/2009 - 1:28:06 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for Vista.) -- C:\Windows\system32\drivers\RTSTOR.sys [62976]

O58 - SDL:[MD5.ADD91189BF904E66EFBBF348BC703EDD] - 14/04/2010 - 15:14:14 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/win7.) -- C:\Windows\system32\drivers\RtsUStor.sys [165888]

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 14/07/2009 - 21:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]

O58 - SDL:[MD5.A9F0486851BECB6DDA1D89D381E71055] - 10/06/2009 - 2:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [40016]

O58 - SDL:[MD5.3727097B55738E2F554972C3BE5BC1AA] - 13/07/2009 - 2:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [77888]

O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 11/04/2010 - 0:00:00 ---A- . (...) -- C:\Windows\system32\drivers\sptd.sys [722416]

O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 13/07/2009 - 2:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [21072]

O58 - SDL:[MD5.02B3EF45094F090E397EEA46CBED7B9E] - 14/04/2010 - 1:03:00 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\system32\drivers\stwrt.sys [423424]

O58 - SDL:[MD5.292307A8E0DDCE66E8D5DFA2635F72A5] - 14/04/2010 - 18:26:10 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [212912]

O58 - SDL:[MD5.12525F65E8C561B66E0BCE2DE2018C0C] - 4/05/2010 - 19:06:28 ---A- . (.Sun Microsystems, Inc. - VirtualBox Support Driver.) -- C:\Windows\system32\drivers\VBoxDrv.sys [123856]

O58 - SDL:[MD5.B9D3C274E937A15FD2CEF8AA1E4C3477] - 4/05/2010 - 19:06:30 ---A- . (.Sun Microsystems, Inc. - VirtualBox Host-Only Network Adapter Driver.) -- C:\Windows\system32\drivers\VBoxNetAdp.sys [99728]

O58 - SDL:[MD5.98512471208A41F275073F6B56567D71] - 4/05/2010 - 18:13:54 ---A- . (.Sun Microsystems, Inc. - VirtualBox USB driver.) -- C:\Windows\system32\drivers\VBoxUSB.sys [31824]

O58 - SDL:[MD5.4AC4D33350CDD927CD575934CF983E68] - 4/05/2010 - 19:06:26 ---A- . (.Sun Microsystems, Inc. - VirtualBox USB Monitor Driver.) -- C:\Windows\system32\drivers\VBoxUSBMon.sys [41680]

O58 - SDL:[MD5.E43574F6A56A0EE11809B48C09E4FD3C] - 14/07/2009 - 2:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [16976]

O58 - SDL:[MD5.9DFA0CC2F8855A04816729651175B631] - 10/06/2009 - 2:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [141904]

O58 - SDL:[MD5.EBA227CC7C078005ED6076960587477D] - 16/10/2009 - 14:20:06 ---A- . (.Marvell - Miniport Driver for Marvell Yukon Ethernet Controller..) -- C:\Windows\system32\drivers\yk60x86.sys [311808]

O58 - SDL:[MD5.30B73EB97218A16CBC6DE535782A1B35] - 28/09/2009 - 9:22:00 ---A- . (...) -- C:\Windows\system32\drivers\yk62x86.sys [315392]

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\system32\country.sys [27097]

O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]

O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]

O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]

O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]

O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]

O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]

O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]

O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]

~ Scan Drivers in 00mn 07s

 

 

 

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis

O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ Scan ADS in 00mn 00s

 

 

 

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\adp94xx.sys - No object(No service) .(.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) - LEGACY_ADP94XX

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\adpahci.sys - No object(No service) .(.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) - LEGACY_ADPAHCI

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\adpu320.sys - No object(No service) .(.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) - LEGACY_ADPU320

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\djsvs.sys - No object(No service) .(.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) - LEGACY_AIC78XX

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\aliide.sys - No object(No service) .(.Acer Laboratories Inc. - ALi mini IDE Driver.) - LEGACY_ALIIDE

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\amdsata.sys - No object(No service) .(.Advanced Micro Devices - AHCI 1.2 Device Driver.) - LEGACY_AMDSATA

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\amdsbs.sys - No object(No service) .(.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) - LEGACY_AMDSBS

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\arc.sys - No object(No service) .(.Adaptec, Inc. - Adaptec RAID Storport Driver.) - LEGACY_ARC

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\arcsas.sys - No object(No service) .(.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) - LEGACY_ARCSAS

O64 - Services: CurCS - 17/07/2009 - C:\Windows\system32\drivers\BCM42RLY.sys - No object(No service) .(.Broadcom Corporation - Broadcom iLine10 PCI Network Adapter Pr.) - LEGACY_BCM42RLY

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\cmdide.sys - No object(No service) .(.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) - LEGACY_CMDIDE

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\elxstor.sys - No object(No service) .(.Emulex - Storport Miniport Driver for LightPulse HBA.) - LEGACY_ELXSTOR

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\HpSAMD.sys - No object(No service) .(.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) - LEGACY_HPSAMD

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\iaStorV.sys - No object(No service) .(.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) - LEGACY_IASTORV

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\iirsp.sys - No object(No service) .(.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) - LEGACY_IIRSP

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\lsi_fc.sys - No object(No service) .(.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) - LEGACY_LSI_FC

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\lsi_sas.sys - No object(No service) .(.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) - LEGACY_LSI_SAS

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\lsi_sas2.sys - No object(No service) .(.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) - LEGACY_LSI_SAS2

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\lsi_scsi.sys - No object(No service) .(.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) - LEGACY_LSI_SCSI

O64 - Services: CurCS - 31/08/2011 - C:\Windows\system32\drivers\mbam.sys - MBAMProtector(MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMPROTECTOR

O64 - Services: CurCS - ??/??/???? - C:\Windows\system32\drivers\mbamswissarmy.sys (.not file.) - MBAMSwissArmy (MBAMSwissArmy) .(...) - LEGACY_MBAMSWISSARMY

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\megasas.sys - No object(No service) .(.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) - LEGACY_MEGASAS

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\MegaSR.sys - No object(No service) .(.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) - LEGACY_MEGASR

O64 - Services: CurCS - 22/10/2009 - C:\Windows\system32\drivers\mfeapfk.sys - No object(No service) .(.McAfee, Inc. - Access Protection Filter Driver.) - LEGACY_MFEAPFK

O64 - Services: CurCS - 22/10/2009 - C:\Windows\system32\drivers\mfeavfk.sys - No object(No service) .(.McAfee, Inc. - Anti-Virus File System Filter Driver.) - LEGACY_MFEAVFK

O64 - Services: CurCS - 22/10/2009 - C:\Windows\system32\drivers\mfebopk.sys - No object(No service) .(.McAfee, Inc. - Buffer Overflow Protection Driver.) - LEGACY_MFEBOPK

O64 - Services: CurCS - 22/10/2009 - C:\Windows\system32\drivers\mfehidk.sys - No object(No service) .(.McAfee, Inc. - McAfee Link Driver.) - LEGACY_MFEHIDK

O64 - Services: CurCS - 22/10/2009 - C:\Windows\system32\drivers\mferkdet.sys - No object(No service) .(.McAfee, Inc. - McAfee Code Analysis Driver.) - LEGACY_MFERKDET

O64 - Services: CurCS - 22/10/2009 - C:\Windows\system32\drivers\mfetdik.sys - No object(No service) .(.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - LEGACY_MFETDIK

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\nfrd960.sys - No object(No service) .(.IBM Corporation - IBM ServeRAID Controller Driver.) - LEGACY_NFRD960

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\nvraid.sys - No object(No service) .(.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) - LEGACY_NVRAID

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\nvstor.sys - No object(No service) .(.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) - LEGACY_NVSTOR

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\ql2300.sys - No object(No service) .(.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) - LEGACY_QL2300

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\ql40xx.sys - No object(No service) .(.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) - LEGACY_QL40XX

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\SiSRaid2.sys - No object(No service) .(.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) - LEGACY_SISRAID2

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\sisraid4.sys - No object(No service) .(.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) - LEGACY_SISRAID4

O64 - Services: CurCS - ??/??/???? - C:\Windows\system32\Drivers\sptd.sys - No object (No service) .(...) - LEGACY_SPTD

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\stexstor.sys - No object(No service) .(.Promise Technology - Promise SuperTrak EX Series Driver for Win.) - LEGACY_STEXSTOR

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\viaide.sys - No object(No service) .(.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) - LEGACY_VIAIDE

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\vsmraid.sys - No object(No service) .(.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) - LEGACY_VSMRAID

~ Scan Services in 00mn 02s

 

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web (Babylon)) - Babylon Search

O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Search the web (Babylon)) - Babylon Search

O69 - SBI: SearchScopes [HKCU] {269707AD-57DA-4EE2-8D29-D0481C6EA9C5} [DefaultScope] - (Live Search) - Bing

~ Scan Keys in 00mn 00s

 

 

 

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.42BADC1D2F03A8B1E4875740D3D49336] [sPRF][29/06/2011] (.Igor Pavlov - 7-Zip Standalone Console.) -- C:\Users\nico\AppData\Local\Temp\7za.exe [587776]

[MD5.CEEF44A0802E37B936FDD1B478C9C903] [sPRF][14/07/2009] (...) -- C:\Users\nico\AppData\Local\Temp\Dell_HCW17_Installer.exe [1785991]

[MD5.9495FF73014B8A17BD4798911AD097FA] [sPRF][20/09/2011] (...) -- C:\Users\nico\AppData\Local\Temp\Extract.bat [87]

[MD5.0D8D8BBEB2702A9CB0556DB85FE76CAD] [sPRF][13/04/2010] (.Adobe Systems Incorporated - Adobe® Flash® Player Plugin Installer.) -- C:\Users\nico\AppData\Local\Temp\FlashPlayerUpdate.exe [1924264]

[MD5.58CF006F4509D6C29F20138CBE9E7AD5] [sPRF][2/11/2011] (...) -- C:\Users\nico\AppData\Local\Temp\GinoPlayer_Setup.exe [934076]

[MD5.8525CB5D57FBB87967169BC0735BDE57] [sPRF][2/11/2011] (.Complitly - Complitly Setup.) -- C:\Users\nico\AppData\Local\Temp\Kreapixel_addonAcPro.exe [579904]

[MD5.5A432A042DAE460ABE7199B758E8606C] [sPRF][27/10/2006] (.Microsoft Corporation - Office Source Engine.) -- C:\Users\nico\AppData\Local\Temp\ose00000.exe [145184]

[MD5.42025582C6E3CCC5B8D8E59FECDC5CB8] [sPRF][10/10/2011] (.Macromedia, Inc. - Macromedia Flash Player 8.0 r22.) -- C:\Users\nico\AppData\Local\Temp\push.exe [2563171]

[MD5.D2F43767F65948B68247D31E523298D9] [sPRF][26/10/2011] (...) -- C:\Users\nico\AppData\Local\Temp\Setup.exe [744461]

[MD5.B53840DCAC0FDD4DBD7448E7445B704B] [sPRF][6/10/2011] (...) -- C:\Users\nico\AppData\Local\Temp\tool.exe [3620469]

[MD5.2DA4A3EBD6AC48168A37D0BE8A790D0F] [sPRF][10/05/2010] (.MAGIX AG - unwise_adf.) -- C:\Users\nico\AppData\Local\Temp\unwise.exe [201944]

[MD5.973062C14613925C4E5671ECFAB845DE] [sPRF][25/10/2011] (...) -- C:\Users\nico\AppData\Local\Temp\zap.exe [1631566]

[MD5.DDD485EF42ED440678F70BA9DB49B809] [sPRF][27/04/2010] (.Dell, Inc. - Setup Launcher Unicode.) -- C:\Users\nico\AppData\Roaming\DataSafeDotNet.exe [917504]

[MD5.8CE7705CB43B03BB7970B04087C7758F] [sPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [29616]

[MD5.01E2ECA759056F23C73A035FDABB2D6D] [sPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [201648]

[MD5.0C135B4FEFF52ED92CF08BB3F0A75A90] [sPRF][11/09/2006] (.Macrovision Corporation - Macrovision Software Manager Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [484272]

~ Scan Files in 00mn 06s

 

 

 

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "{694C39F8-CC91-4703-8471-FCFE96F80D3B}" | In - None - P6 - TRUE | .(.CyberLink Corp. - CyberLink PowerDVD Resident Program.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

O87 - FAEL: "{6E06749B-9DC5-4BE6-BC69-4C93BD969331}" | In - None - P6 - TRUE | .(.CyberLink Corp. - CyberLink PowerDVD DX.) -- C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe

O87 - FAEL: "{09FAF6F8-0E5B-4158-A17D-9CCC7C4EAE09}" | In - Public - P17 - TRUE | .(.Dell Inc. and SightSpeed Inc. - Dell Video Chat by SightSpeed.) -- C:\Program Files\Dell Video Chat\DellVideoChat.exe

O87 - FAEL: "{80F5FC4D-F18C-4297-AD58-CDAE37EDA5A4}" | In - Public - P6 - TRUE | .(.Dell Inc. and SightSpeed Inc. - Dell Video Chat by SightSpeed.) -- C:\Program Files\Dell Video Chat\DellVideoChat.exe

O87 - FAEL: "{9D04BDB3-F38C-45B8-9D0E-F4C0FE3D7A6E}" | In - Private - P6 - TRUE | .(.McAfee, Inc. - Framework Service.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe

O87 - FAEL: "{A7FC73AA-ADAD-493A-BFE7-72EA8121F173}" | In - Private - P17 - TRUE | .(.McAfee, Inc. - Framework Service.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe

O87 - FAEL: "TCP Query User{B6FEB127-4C21-48F0-9D9F-D57DC5BA7F03}C:\program files\sun\virtualbox\virtualbox.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\sun\virtualbox\virtualbox.exe (.not file.)

O87 - FAEL: "UDP Query User{F235890A-208B-4CB0-A014-FF4B0E0F4FE2}C:\program files\sun\virtualbox\virtualbox.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\sun\virtualbox\virtualbox.exe (.not file.)

O87 - FAEL: "{A704C8C1-AB6C-4312-9E74-AF09AE721862}" | In - None - P17 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- C:\Program Files\CyberLink\PowerDirector\PDR.exe

O87 - FAEL: "{69373DD4-0E9C-4D23-BB2F-17C55F04CB19}" | In - Private - P6 - TRUE | .(.Vity - File Downloader.) -- C:\Program Files\CrazyLoader\crazyloader.exe

O87 - FAEL: "{BF2E6748-2AFC-44C7-9AB2-1489904568AE}" | In - Private - P17 - TRUE | .(.Vity - File Downloader.) -- C:\Program Files\CrazyLoader\crazyloader.exe

O87 - FAEL: "{F4D0969E-59A9-49E6-AFF4-403285C6C2B1}" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\javaw.exe

O87 - FAEL: "{7C807411-5A25-44BE-95BD-0C40BD457870}" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\javaw.exe

O87 - FAEL: "{F6DA125F-722D-455E-8610-4E1EF9FDC948}" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Program Files\Java\jre6\bin\javaws.exe

O87 - FAEL: "{4D839B4C-42E8-4469-B469-55ADEACE0D91}" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Program Files\Java\jre6\bin\javaws.exe

O87 - FAEL: "TCP Query User{32398BDF-B43F-47C1-8551-5801E5F78F66}C:\program files\java\jre6\launch4j-tmp\crazyloader.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\java\jre6\launch4j-tmp\crazyloader.exe (.not file.)

O87 - FAEL: "UDP Query User{708B8EA3-69C8-4849-8BFA-F922F3797A82}C:\program files\java\jre6\launch4j-tmp\crazyloader.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\java\jre6\launch4j-tmp\crazyloader.exe (.not file.)

O87 - FAEL: "TCP Query User{EBC1D34C-4437-4B9C-9B3E-B6A679D44C4E}C:\users\nico\appdata\local\temp\jdic_0_9_5\ieembed.exe" | In - Private - P6 - TRUE | .(.JDesktop Integration Components (JDIC) Proj.) -- C:\users\nico\appdata\local\temp\jdic_0_9_5\ieembed

O87 - FAEL: "UDP Query User{94527FD9-01D6-4AF7-8806-17D5CF5D401B}C:\users\nico\appdata\local\temp\jdic_0_9_5\ieembed.exe" | In - Private - P17 - TRUE | .(.JDesktop Integration Components (JDIC) Proj.) -- C:\users\nico\appdata\local\temp\jdic_0_9_5\ieembe

O87 - FAEL: "TCP Query User{CEBCE374-E861-47D0-8157-CED37902C534}C:\program files\pioneer\rekordbox 1.3.1\psvnfsd.exe" | In - Public - P6 - TRUE | .(.Pioneer Corporation..) -- C:\program files\pioneer\rekordbox 1.3.1\psvnfsd.exe

O87 - FAEL: "UDP Query User{D799E08A-FA82-4DA1-BCBA-A2530C98B408}C:\program files\pioneer\rekordbox 1.3.1\psvnfsd.exe" | In - Public - P17 - TRUE | .(.Pioneer Corporation..) -- C:\program files\pioneer\rekordbox 1.3.1\psvnfsd.exe

O87 - FAEL: "TCP Query User{28BDC5CA-91A3-4E93-A715-9989C510F1D8}C:\program files\pioneer\rekordbox 1.3.1\psvlinksysmgr.exe" | In - Public - P6 - TRUE | .(.Pioneer Corporation..) -- C:\program files\pioneer\rekordbox 1.3.1\psvlinksysmgr.exe

O87 - FAEL: "UDP Query User{93BEC970-7E71-41E1-99A1-5BD43C1A6278}C:\program files\pioneer\rekordbox 1.3.1\psvlinksysmgr.exe" | In - Public - P17 - TRUE | .(.Pioneer Corporation..) -- C:\program files\pioneer\rekordbox 1.3.1\psvlinksysmgr.exe

O87 - FAEL: "TCP Query User{4CE812D4-C295-4872-B1D7-4CB90D8C1A01}C:\program files\pioneer\rekordbox 1.3.1\rekordbox.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files\pioneer\rekordbox 1.3.1\rekordbox.exe

O87 - FAEL: "UDP Query User{2006FA50-2C7B-4160-B6F2-301A5C21FD03}C:\program files\pioneer\rekordbox 1.3.1\rekordbox.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files\pioneer\rekordbox 1.3.1\rekordbox.exe

~ Scan Firewall in 00mn 05s

 

 

 

---\\ Scan Additionnel (O88)

Database Version : 8789 - (28/10/2011)

Clés trouvées (Keys found) : 99

Valeurs trouvées (Values found) : 2

Dossiers trouvés (Folders found) : 14

Fichiers trouvés (Files found) : 0

 

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ForceRenive] =>PUP.OfferBox

[HKLM\Software\Classes\AppID\TbCommonUtils.DLL] =>Toolbar.Agent

[HKLM\Software\Classes\AppID\TbHelper.EXE] =>Toolbar.Agent

[HKLM\Software\Classes\Crazyloader.Spointer] =>Adware.SPointer

[HKLM\Software\Classes\Crazyloader.Spointer.1] =>Adware.SPointer

[HKLM\Software\Classes\Crazyloader.SpointerCtrl] =>Adware.SPointer

[HKLM\Software\Classes\Crazyloader.SpointerCtrl.1] =>Adware.SPointer

[HKLM\Software\Classes\suggestmeyes.suggestmeyesbho] =>Adware.PredictAd

[HKLM\Software\Classes\suggestmeyes.suggestmeyesbho.1] =>Adware.PredictAd

[HKLM\Software\Classes\TbCommonUtils.CommonUtils] =>Toolbar.Agent

[HKLM\Software\Classes\TbCommonUtils.CommonUtils.1] =>Toolbar.Agent

[HKLM\Software\Classes\TbHelper.TbDownloadManager] =>Toolbar.Agent

[HKLM\Software\Classes\TbHelper.TbDownloadManager.1] =>Toolbar.Agent

[HKLM\Software\Classes\TbHelper.TbPropertyManager] =>Toolbar.Agent

[HKLM\Software\Classes\TbHelper.TbPropertyManager.1] =>Toolbar.Agent

[HKLM\Software\Classes\TbHelper.TbRequest] =>Toolbar.Agent

[HKLM\Software\Classes\TbHelper.TbRequest.1] =>Toolbar.Agent

[HKLM\Software\Classes\TbHelper.TbTask] =>Toolbar.Agent

[HKLM\Software\Classes\TbHelper.TbTask.1] =>Toolbar.Agent

[HKLM\Software\Classes\TbHelper.ToolbarHelper] =>Toolbar.Agent

[HKLM\Software\Classes\TbHelper.ToolbarHelper.1] =>Toolbar.Agent

[HKLM\Software\Classes\Toolbar3.ContextMenuNotifier] =>Toolbar.Agent

[HKLM\Software\Classes\Toolbar3.ContextMenuNotifier.1] =>Toolbar.Agent

[HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl] =>Toolbar.Agent

[HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl.1] =>Toolbar.Agent

[HKLM\Software\Classes\URLSearchHook.ToolbarURLSearchHook] =>Toolbar.Agent

[HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook] =>Adware.Agent

[HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook.1] =>Adware.Agent

[HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] =>Adware.SocialSkinz

[HKLM\Software\Classes\TypeLib\{01bcb858-2f62-4f06-a8f4-48f927c15333}] =>Adware.PredictAd

[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Adware.Agent

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Adware.MyWebSearch

[HKLM\Software\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}] =>Adware.SocialSkinz

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}] =>Toolbar.Agent

[HKLM\Software\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}] =>Adware.SocialSkinz

[HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent

[HKLM\Software\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}] =>Adware.SocialSkinz

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon

[HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon

[HKLM\Software\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}] =>Adware.SocialSkinz

[HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz

[HKLM\Software\Classes\AppID\{442f13bc-2031-42d5-9520-437f65271153}] =>Adware.PredictAd

[HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}] =>Toolbar.Conduit

[HKLM\Software\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}] =>Adware.SocialSkinz

[HKLM\Software\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}] =>Adware.SocialSkinz

[HKLM\Software\Classes\Interface\{471E3998-588E-41D5-A874-FA11C44B70DE}] =>PUP.OfferBox

[HKLM\Software\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz

[HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] =>Adware.SocialSkinz

[HKLM\Software\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}] =>Adware.SocialSkinz

[HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz

[HKLM\Software\Classes\TypeLib\{63AF3145-D2DC-4F1D-BB3A-3AAD9FEC3430}] =>PUP.OfferBox

[HKLM\Software\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}] =>Adware.SocialSkinz

[HKLM\Software\Classes\CLSID\{6DF77AA3-27AF-46f2-A1DA-B569AC6BEEFF}] =>PUP.OfferBox

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6DF77AA3-27AF-46f2-A1DA-B569AC6BEEFF}] =>PUP.OfferBox

[HKLM\Software\Classes\CLSID\{6F6C45E4-E231-4F0F-8CD8-AA5770303EAA}] =>PUP.OfferBox

[HKLM\Software\Classes\Interface\{6F6C45E4-E231-4F0F-8CD8-AA5770303EAA}] =>PUP.OfferBox

[HKLM\Software\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}] =>Adware.SocialSkinz

[HKLM\Software\Classes\CLSID\{86460CE5-46A0-4543-B8FE-2D2AE182A2FE}] =>PUP.OfferBox

[HKLM\Software\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}] =>Adware.SocialSkinz

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}] =>Toolbar.Babylon

[HKLM\Software\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}] =>Adware.SocialSkinz

[HKLM\Software\Classes\Interface\{a1f1ecd3-4806-44c6-a869-f0dadf11c57c}] =>Adware.SmartShopper

[HKLM\Software\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}] =>Adware.SocialSkinz

[HKLM\Software\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}] =>Adware.SocialSkinz

[HKLM\Software\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}] =>Adware.SocialSkinz

[HKLM\Software\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}] =>Hijacker.Seeearch

[HKLM\Software\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}] =>Adware.SocialSkinz

[HKLM\Software\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon

[HKLM\Software\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}] =>Adware.SocialSkinz

[HKLM\Software\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}] =>Adware.SocialSkinz

[HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}] =>Hijacker.Seeearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5F65718-341D-4e7d-9842-FCB9CC89527E}] =>Adware.SPointer

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C5F65718-341D-4e7d-9842-FCB9CC89527E}] =>Adware.SPointer

[HKLM\Software\Classes\CLSID\{C5F65718-341D-4e7d-9842-FCB9CC89527E}] =>Adware.SPointer

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5F65718-341D-4e7d-9842-FCB9CC89527E}] =>Adware.SPointer

[HKLM\Software\Classes\Interface\{c9ae652b-8c99-4ac2-b556-8b501182874e}] =>Adware.PredictAd

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.AskSBar

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.AskSBar

[HKLM\Software\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}] =>Adware.SocialSkinz

[HKLM\Software\Classes\Interface\{D4E856E7-C034-49BA-BFEF-B785F3CBD7BA}] =>PUP.OfferBox

[HKLM\Software\Classes\TypeLib\{D530F69A-EB2D-4EC6-BD37-E123AEFCA011}] =>PUP.OfferBox

[HKLM\Software\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}] =>Adware.SocialSkinz

[HKLM\Software\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}] =>Adware.SocialSkinz

[HKLM\Software\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}] =>Adware.SocialSkinz

[HKLM\Software\Classes\Interface\{DB7A9C36-6C85-48BE-BA8D-151B6B144BE0}] =>PUP.OfferBox

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBA4B812-2415-4000-AFCB-56F53E668DC5}] =>PUP.OfferBox

[HKLM\Software\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}] =>Toolbar.Babylon

[HKLM\Software\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] =>Adware. BullseyeToolbar

[HKLM\Software\Classes\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] =>Adware.SocialSkinz

[HKLM\Software\Classes\Interface\{F77F3DFC-F5DC-4316-AB50-B50B16F2BEF4}] =>PUP.OfferBox

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.SocialSkinz

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.SocialSkinz

[HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.SocialSkinz

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.SocialSkinz

[HKLM\Software\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}] =>Adware.SocialSkinz

[HKLM\Software\CrazyLoader] =>Adware.SPointer

[HKCU\Software\Spointer] =>Adware.SPointer

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\CrazyLoader] =>Adware.SPointer

[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.AskSBar

[HKLM\Software\Mozilla\Firefox\Extensions]:[email protected] =>Adware.SPointer

C:\Program Files\Crazyloader =>Adware.SPointer

C:\ProgramData\Babylon =>Toolbar.Babylon

C:\Users\nico\AppData\Roaming\Babylon =>Toolbar.Babylon

C:\Users\nico\AppData\Roaming\Crazyloader =>Adware.SPointer

C:\Users\nico\AppData\Local\Babylon =>Toolbar.Babylon

C:\Users\nico\AppData\Local\Crazyloader Air =>Adware.SPointer

C:\Users\nico\AppData\LocalLow\BabylonToolbar =>Toolbar.Babylon

C:\Users\nico\AppData\LocalLow\ShoppingReport2 =>Adware.ShoppingReport2

C:\Users\nico\AppData\LocalLow\Toolbar4 =>Toolbar.Conduit

C:\Users\nico\AppData\Local\Temp\AskSearch =>Toolbar.AskBarDis

C:\Users\nico\AppData\Local\Temp\log =>Worm.Silly

C:\Users\nico\AppData\Roaming\Mozilla\Firefox\Profiles\8mo8wdwr.default\Extensions\[email protected] =>Toolbar.Babylon

~ Scan Additionnel in 00mn 30s

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 14/04/2010 81920 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_028821c569ae5894\aestsrv.exe

SR - | Auto 14/04/2010 582944 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

SR - | Auto 16/10/2009 155648 | (DockLoginService) . (.Stardock Corporation.) - C:\Program Files\Dell\DellDock\DockLogin.exe

SS - | Demand 0 | (FirebirdServerMAGIXInstance) . (...) - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe

SS - | Demand 16/10/2009 16680 | (GoToAssist) . (.Citrix Online, a division of Citrix Systems.) - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe

SR - | Auto 16/10/2009 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

SR - | Auto 3/11/2011 366152 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

SS - | Auto 14/04/2010 21256 | (McAfeeEngineService) . (.McAfee, Inc..) - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe

SS - | Auto 14/04/2010 103744 | (McAfeeFramework) . (.McAfee, Inc..) - C:\Program Files\McAfee\Common Framework\FrameworkService.exe

SS - | Auto 14/04/2010 146448 | (McShield) . (.McAfee, Inc..) - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

SS - | Auto 14/04/2010 66896 | (McTaskManager) . (.McAfee, Inc..) - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

SS - | Auto 14/04/2010 70728 | C:\Windows\system32\mfevtps.exe (mfevtp) . (.McAfee, Inc..) - C:\Windows\system32\mfevtps.exe

SR - | Auto 241734 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

SR - | Auto 16/10/2009 201968 | (sprtsvc_DellSupportCenter) . (.SupportSoft, Inc..) - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

SR - | Auto 14/04/2010 229458 | (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_028821c569ae5894\STacSV.exe

SS - | Demand 16/10/2009 74384 | (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

SR - | Auto 26112 | (wltrysvc) . (...) - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.exe

SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

~ Scan Services in 00mn 32s

 

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

~ Scan MBR in 00mn 34s

 

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by nico at 28/11/2011 9:16:21

 

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

~ Scan MBR in 00mn 36s

 

 

 

---\\ Liste des émulateurs de CD/DVD (Hook du MBR)

O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 11/04/2010 - 0:00:00 ---A- . (...) -- C:\Windows\system32\drivers\sptd.sys [722416]

~ Scan Emulateurs in 00mn 36s

 

 

 

End of the scan (1502 lines in 06mn 33s)(0)

 

fixit texte.txt:

 

M3 - MFPP: Plugins - [nico] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml

M0 - MFSP: prefs.js [nico - 8mo8wdwr.default] Babylon Search

M2 - MFEP: prefs.js [nico - 8mo8wdwr.default\[email protected]] [] Babylon v1.1.8 (.Babylon.)

O2 - BHO: Interest recogniser for Crazyloader (powered by Spointer) - {C5F65718-341D-4e7d-9842-FCB9CC89527E} . (.Crazyloader - Interest Recognizer for Crazyloader.) -- C:\Program Files\CrazyLoader\spointer\extensions\crazyloader_air_ie.dll

O2 - BHO: TBSB00808 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\WebplayerTool\tbunsg8F46.tmp\tbcore3.dll

[MD5.00000000000000000000000000000000] [APT] [RunAsStdUser Task] (...) -- C:\Program Files\ClickPotatoLite\bin\11.0.19.0\ClickPotatoLiteSA.exe (.not file.)

O42 - Logiciel: CrazyLoader - (.Pas de propriétaire.) [HKLM] -- CrazyLoader

[HKCU\Software\AppDataLow\Software\ShoppingReport2]

[HKCU\Software\C:]

[HKCU\Software\Spointer]

[HKLM\Software\Babylon]

O43 - CFD: 22/08/2010 - 22:07:26 - [32700577] ----D- C:\Program Files\CrazyLoader

O43 - CFD: 2/11/2011 - 22:30:58 - [0] ----D- C:\ProgramData\Babylon

O43 - CFD: 2/11/2011 - 22:30:58 - [2641] ----D- C:\Users\nico\AppData\Roaming\Babylon

O43 - CFD: 22/08/2010 - 22:06:44 - [4438] ----D- C:\Users\nico\AppData\Roaming\CrazyLoader

O43 - CFD: 2/11/2011 - 22:30:58 - [3911963] ----D- C:\Users\nico\AppData\Local\Babylon

O43 - CFD: 3/11/2011 - 13:32:54 - [16633] ----D- C:\Users\nico\AppData\Local\crazyloader Air

O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web (Babylon)) - Babylon Search

O87 - FAEL: "{69373DD4-0E9C-4D23-BB2F-17C55F04CB19}" | In - Private - P6 - TRUE | .(.Vity - File Downloader.) -- C:\Program Files\CrazyLoader\crazyloader.exe

O87 - FAEL: "{BF2E6748-2AFC-44C7-9AB2-1489904568AE}" | In - Private - P17 - TRUE | .(.Vity - File Downloader.) -- C:\Program Files\CrazyLoader\crazyloader.exe

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ForceRenive]

[HKLM\Software\Classes\Crazyloader.Spointer]

[HKLM\Software\Classes\Crazyloader.Spointer.1]

[HKLM\Software\Classes\Crazyloader.SpointerCtrl]

[HKLM\Software\Classes\Crazyloader.SpointerCtrl.1]

[HKLM\Software\Classes\ShoppingReport2.HbAx]

[HKLM\Software\Classes\ShoppingReport2.HbAx.1]

[HKLM\Software\Classes\ShoppingReport2.HbInfoBand]

[HKLM\Software\Classes\ShoppingReport2.HbInfoBand.1]

[HKLM\Software\Classes\ShoppingReport2.IEButton]

[HKLM\Software\Classes\ShoppingReport2.IEButton.1]

[HKLM\Software\Classes\ShoppingReport2.IEButtonA]

[HKLM\Software\Classes\ShoppingReport2.IEButtonA.1]

[HKLM\Software\Classes\ShoppingReport2.RprtCtrl]

[HKLM\Software\Classes\ShoppingReport2.RprtCtrl.1]

[HKLM\Software\Classes\suggestmeyes.suggestmeyesbho]

[HKLM\Software\Classes\suggestmeyes.suggestmeyesbho.1]

[HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}]

[HKLM\Software\Classes\TypeLib\{01bcb858-2f62-4f06-a8f4-48f927c15333}]

[HKLM\Software\Classes\Interface\{030C9927-10FC-4169-97A2-55BECD5D88D8}]

[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}]

[HKLM\Software\Classes\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C}]

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}]

[HKLM\Software\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}]

[HKLM\Software\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}]

[HKLM\Software\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}]

[HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}]

[HKLM\Software\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}]

[HKLM\Software\Classes\CLSID\{3E2DFD6A-4E20-4D4C-AA8B-E1F9DBEF3C80}]

[HKLM\Software\Classes\AppID\{442f13bc-2031-42d5-9520-437f65271153}]

[HKLM\Software\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}]

[HKLM\Software\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}]

[HKLM\Software\Classes\Interface\{471E3998-588E-41D5-A874-FA11C44B70DE}]

[HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}]

[HKLM\Software\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}]

[HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}]

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}]

[HKLM\Software\Classes\TypeLib\{63AF3145-D2DC-4F1D-BB3A-3AAD9FEC3430}]

[HKLM\Software\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}]

[HKLM\Software\Classes\CLSID\{6DF77AA3-27AF-46f2-A1DA-B569AC6BEEFF}]

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6DF77AA3-27AF-46f2-A1DA-B569AC6BEEFF}]

[HKLM\Software\Classes\CLSID\{6F6C45E4-E231-4F0F-8CD8-AA5770303EAA}]

[HKLM\Software\Classes\Interface\{6F6C45E4-E231-4F0F-8CD8-AA5770303EAA}]

[HKLM\Software\Classes\CLSID\{714E0876-FCEE-49CE-A429-B9AD8AEFCB56}]

[HKLM\Software\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}]

[HKLM\Software\Classes\CLSID\{86460CE5-46A0-4543-B8FE-2D2AE182A2FE}]

[HKLM\Software\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}]

[HKLM\Software\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}]

[HKLM\Software\Classes\Interface\{a1f1ecd3-4806-44c6-a869-f0dadf11c57c}]

[HKLM\Software\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}]

[HKLM\Software\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}]

[HKLM\Software\Classes\TypeLib\{b035ba6b-57cd-4f72-b545-65be465fcaf6}]

[HKLM\Software\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}]

[HKLM\Software\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}]

[HKLM\Software\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}]

[HKLM\Software\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}]

[HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}]

[HKLM\Software\Classes\CLSID\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}]

[HKLM\Software\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}]

[HKLM\Software\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}]

[HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5F65718-341D-4e7d-9842-FCB9CC89527E}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C5F65718-341D-4e7d-9842-FCB9CC89527E}]

[HKLM\Software\Classes\CLSID\{C5F65718-341D-4e7d-9842-FCB9CC89527E}]

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5F65718-341D-4e7d-9842-FCB9CC89527E}]

[HKLM\Software\Classes\Interface\{c9ae652b-8c99-4ac2-b556-8b501182874e}]

[HKLM\Software\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}]

[HKLM\Software\Classes\TypeLib\{D44FD6F0-9746-484E-B5C4-C66688393872}]

[HKLM\Software\Classes\Interface\{D4E856E7-C034-49BA-BFEF-B785F3CBD7BA}]

[HKLM\Software\Classes\TypeLib\{D530F69A-EB2D-4EC6-BD37-E123AEFCA011}]

[HKLM\Software\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}]

[HKLM\Software\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}]

[HKLM\Software\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB38E21A-0133-419d-92AD-ECDFD5244D6D}]

[HKLM\Software\Microsoft\Internet Explorer\extensions\{DB38E21A-0133-419d-92AD-ECDFD5244D6D}]

[HKLM\Software\Classes\Interface\{DB7A9C36-6C85-48BE-BA8D-151B6B144BE0}]

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBA4B812-2415-4000-AFCB-56F53E668DC5}]

[HKLM\Software\Classes\CLSID\{DD15BCC0-5FE9-4690-A957-99FA60ED9D26}]

[HKLM\Software\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}]

[HKLM\Software\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB620C54-E229-4942-87CE-E717109FC8C6}]

[HKLM\Software\Microsoft\Internet Explorer\extensions\{EB620C54-E229-4942-87CE-E717109FC8C6}]

[HKLM\Software\Classes\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]

[HKLM\Software\Classes\TypeLib\{f244a744-534d-4a46-855f-c0c7e9f27daa}]

[HKLM\Software\Classes\Interface\{F77F3DFC-F5DC-4316-AB50-B50B16F2BEF4}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]

[HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]

[HKLM\Software\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}]

[HKLM\Software\CrazyLoader]

[HKCU\Software\Spointer]

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\CrazyLoader]

[HKLM\Software\Mozilla\Firefox\Extensions]:[email protected]

C:\Program Files\Crazyloader

C:\ProgramData\Babylon

C:\Users\nico\AppData\Roaming\Babylon

C:\Users\nico\AppData\Roaming\Crazyloader

C:\Users\nico\AppData\Local\Babylon

C:\Users\nico\AppData\Local\Crazyloader Air

C:\Users\nico\AppData\LocalLow\BabylonToolbar

C:\Users\nico\AppData\LocalLow\ShoppingReport2

C:\Users\nico\AppData\LocalLow\Toolbar4

C:\Users\nico\AppData\Roaming\Mozilla\Firefox\Profiles\8mo8wdwr.default\Extensions\[email protected]

C:\Users\nico\AppData\Roaming\Mozilla\Firefox\Profiles\8mo8wdwr.default\user.js (.not file.)

O4 - Global Startup: C:\Users\nico\Desktop\adri et stef - Raccourci.lnk . (...) -- H:\=PHOTOS=\PHOTOS\adri et stef (.not file.)

O4 - Global Startup: C:\Users\nico\Desktop\Ecole adri et la panne juillet 2006 - Raccourci.lnk . (...) -- H:\=PHOTOS=\PHOTOS\=PHOTOS=\adri et stef\Ecole adri et la panne juillet 2006 (.not file.)

O4 - Global Startup: C:\Users\nico\Desktop\TUTO - Raccourci.lnk . (...) -- E:\TUTO (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{B86C331C-3E47-43B2-9FCD-4969E257926B}] (...) -- C:\Program Files\Marvell\Miniport Driver\Uninst.exe (.not file.)

O42 - Logiciel: Complitly - (.Complitly.) [HKLM] -- {4FFBB818-B13C-11E0-931D-B2664824019B}_is1

[HKCU\Software\Complitly]

O43 - CFD: 2/11/2011 - 22:32:34 - [780465] ----D- C:\Program Files\Complitly

O43 - CFD: 3/11/2011 - 13:04:52 - [349672] ----D- C:\Users\nico\AppData\Roaming\Complitly

C:\Users\nico\AppData\Local\Temp\log

[MD5.D2F43767F65948B68247D31E523298D9] [sPRF][26/10/2011] (...) -- C:\Users\nico\AppData\Local\Temp\Setup.exe [744461]

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Search the web (Babylon)) - Babylon Search

[HKLM\Software\Classes\AppID\TbCommonUtils.DLL]

[HKLM\Software\Classes\AppID\TbHelper.EXE]

[HKLM\Software\Classes\TbCommonUtils.CommonUtils]

[HKLM\Software\Classes\TbCommonUtils.CommonUtils.1]

[HKLM\Software\Classes\TbHelper.TbDownloadManager]

[HKLM\Software\Classes\TbHelper.TbDownloadManager.1]

[HKLM\Software\Classes\TbHelper.TbPropertyManager]

[HKLM\Software\Classes\TbHelper.TbPropertyManager.1]

[HKLM\Software\Classes\TbHelper.TbRequest]

[HKLM\Software\Classes\TbHelper.TbRequest.1]

[HKLM\Software\Classes\TbHelper.TbTask]

[HKLM\Software\Classes\TbHelper.ToolbarHelper]

[HKLM\Software\Classes\TbHelper.ToolbarHelper.1]

[HKLM\Software\Classes\Toolbar3.ContextMenuNotifier]

[HKLM\Software\Classes\Toolbar3.ContextMenuNotifier.1]

[HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl]

[HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl.1]

[HKLM\Software\Classes\URLSearchHook.ToolbarURLSearchHook]

[HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook]

[HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook.1]

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}]

[HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}]

[HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}]

[HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}]

[HKLM\Software\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}]

[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440}

C:\Users\nico\AppData\Local\Temp\AskSearch

 

EmptyTemp

EmptyFlash

 

 

mbam-log:

 

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

 

Version de la base de données: 8171

 

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

 

28/11/2011 10:57:33

mbam-log-2011-11-28 (10-57-33).txt

 

Type d'examen: Examen rapide

Elément(s) analysé(s): 168335

Temps écoulé: 10 minute(s), 2 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 2

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

c:\$Recycle.Bin\s-1-5-21-2764559031-552997608-661821618-1000\$RJXJF7Z.exe (Adware.Dropper) -> Quarantined and deleted successfully.

c:\Users\nico\downloads\webplayer.exe (Adware.Dropper) -> Quarantined and deleted successfully.

 

checkup.txt:

 

Results of screen317's Security Check version 0.99.28

Windows 7 x86

Internet Explorer 8 Out of date!

``````````````````````````````

Antivirus/Firewall Check:

McAfee VirusScan Enterprise

McAfee Agent

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

HijackThis 2.0.2

Duplicate Cleaner 1.2

Java 6 Update 13

Java version out of date!

Adobe Flash Player 11.0.1.152

Adobe Reader 9 Adobe Reader out of date!

Mozilla Firefox ((3.6.23)) Firefox out of Date!

````````````````````````````````

Process Check:

objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe

Malwarebytes' Anti-Malware mbamgui.exe

McAfee VirusScan Enterprise EngineServer.exe

McAfee VirusScan Enterprise VsTskMgr.exe

McAfee VirusScan Enterprise Mcshield.exe

McAfee VirusScan Enterprise mfeann.exe

``````````End of Log````````````

Lien vers le commentaire
Partager sur d’autres sites

Petit problème pour inscrire les rapports, ils ne s'affichent pas :-?

Je ne me souviens plus comment télécharger ces rapport.

Pouvez-vous me le rappeler?

Merci

nicox24

Lien vers le commentaire
Partager sur d’autres sites

Bonjour, lance_yien :grin6:

A première vue le site cijuint.fr est fermé.

J'ai placé mes rapports sur un autre serveur, j'espère que ça ira :grin6:

Voici les liens des rapports:

File name: checkup.txt File size: 1.16 KB

File name: fixit texte.txt File size: 12.8 KB

File name: mbam-log-2011-11-28 (10-57-33).txt File size: 1.2 KB

File name: ZHPDiag2.Txt File size: 137.81 KB

 

J'espère que vous pourez m'aider d'avance merci. :hello:

nicox24

Modifié par nicox24
Lien vers le commentaire
Partager sur d’autres sites

Bonjour nicox24,

 

1- Qui t'a parlé su site cijuint.fr? Dans mon message il était écrit en gras et en rouge qu'il faut coller directement les rapports.

Seul certain rapports doives être hébergés parce que trop lourds pour les limites du forum et dans ce cas on te le dit clairement.

2- Le site où tu as placé tes fichiers demande une inscription pour accéder aux fichiers.

En tous cas vu l'âge des rapports, ils ne peuvent plus nous être utiles.

--

 

Je te propose donc de faire ceci (dans l'ordre):

 

>>> Utiliser Malwarebytes' Anti-Malware et SecurityCheck: Relancer Malwarebytes' Anti-Malware, Faire les Mises à jour depuis l'onglet du même nom et l'utiliser comme indiqué dans le message précédent.

Relancer SecurityCheck et l'utiliser comme indiqué dans le message précédent.

Copier/coller les rapports dans la prochaine réponse.

 

 

>>> ZHPDiag/ Analyse: Fermer toutes les applications et fenêtres ouvertes et lancer ZHPDiag via l'icône "ZHPDiag" ou "Démarrer" => "Tous les programmes" => "ZHP" => "ZHPDiag". Cliquer sur Lancer le diagnostic (loupe) et patienter jusqu'à la fin (en cas de blocage sur O80, cliquer sur le tournevis pour le décocher).

Un rapport "ZHPDiag.txt" sera généré et sauvegardé automatiquement sur le Bureau.

NE PAS le poster directement ici car souvent trop long pour les limites du forum mais,

Aller sur cjoint.comicne2cjoint.png et cliquer sur Parcourir.

Chercher le fichier et cliquer dessus puis cliquer sur Créer le lien CJoint.

Dans la page suivante --> , une adresse (http//...) sera créée. La copier /coller dans la prochaine réponse.

Lien vers le commentaire
Partager sur d’autres sites

Bonjour lance_yien

 

Voici le rapport Malwarebytes:

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

 

Version de la base de données: 8279

 

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

 

30/11/2011 18:01:50

mbam-log-2011-11-30 (18-01-50).txt

 

Type d'examen: Examen rapide

Elément(s) analysé(s): 170036

Temps écoulé: 11 minute(s), 59 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

Voici le rapport ZHPDiad:

Rapport

Lien vers le commentaire
Partager sur d’autres sites

J'attends le rapport de "SecurityCheck".

--

 

...

exclam.gif>>> Comment répondre:

...

- Coller le contenu des rapports SANS y ajouter AUCUN formatage de texte (en citation, code, couleur etc...), le but étant pour nous faciliter leur interprétation.

De mon côté, j'utilise certains formatages de texte et/ ou certaines couleurs NON PAS pour faire joli mais juste pour attirer l'attention sur certains points afin d'éviter toute mauvaise manipulation risquant de créer des problèmes...

Lien vers le commentaire
Partager sur d’autres sites

Voici le rapport "SecurityCheck" (SANS y ajouter AUCUN formatage de texte) :

Results of screen317's Security Check version 0.99.28

Windows 7 x86

Internet Explorer 8 Out of date!

``````````````````````````````

Antivirus/Firewall Check:

McAfee VirusScan Enterprise

McAfee Agent

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

HijackThis 2.0.2

Duplicate Cleaner 1.2

Java 6 Update 13

Java version out of date!

Adobe Flash Player 11.0.1.152

Adobe Reader 9 Adobe Reader out of date!

Mozilla Firefox ((3.6.23)) Firefox out of Date!

````````````````````````````````

Process Check:

objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe

Malwarebytes' Anti-Malware mbamgui.exe

McAfee VirusScan Enterprise EngineServer.exe

McAfee VirusScan Enterprise VsTskMgr.exe

McAfee VirusScan Enterprise Mcshield.exe

McAfee VirusScan Enterprise mfeann.exe

``````````End of Log````````````

Lien vers le commentaire
Partager sur d’autres sites

Voici le rapport "SecurityCheck" (SANS y ajouter AUCUN formatage de texte) :

Ce n'ai pas grave, on ne va pas insister. On fait vite pour en finir.

--

 

>>> Utiliser ZHPFix: Sélectionner et copier le texte suivant:

 

M0 - MFSP: prefs.js [nico - 8mo8wdwr.default] Babylon Search

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = Wehplayersearch

O2 - BHO: TBSB07359 - {42CB2906-3B4F-4A62-B2E0-132481175962} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\zap\tbunsqA268.tmp\tbcore3.dll

O3 - Toolbar: WebplayerTool - {CDB982ED-F9D6-4E3B-B94B-96F705D35AD1} . (...) -- C:\Program Files\WebplayerTool\tbunsg8F46.tmp\tbcore3.dll

O3 - Toolbar: zap - {A29B2641-9931-448A-8DE7-B2D63BDC1812} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\zap\tbunsqA268.tmp\tbcore3.dll

O42 - Logiciel: WebplayerTool - (.kreapixel.) [HKLM] -- WebplayerTool

O42 - Logiciel: zap - (.zap.) [HKLM] -- zap

O43 - CFD: 2/11/2011 - 22:29:22 - [4562073] ----D- C:\Program Files\WebplayerTool

O43 - CFD: 2/11/2011 - 22:29:26 - [3789264] ----D- C:\Program Files\zap

[HKCU\Software\JavaSoft\Prefs\crazyloader]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42CB2906-3B4F-4A62-B2E0-132481175962}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{42CB2906-3B4F-4A62-B2E0-132481175962}]

[HKLM\Software\Classes\CLSID\{42CB2906-3B4F-4A62-B2E0-132481175962}]

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42CB2906-3B4F-4A62-B2E0-132481175962}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A29B2641-9931-448A-8DE7-B2D63BDC1812}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A29B2641-9931-448A-8DE7-B2D63BDC1812}]

[HKLM\Software\Classes\CLSID\{A29B2641-9931-448A-8DE7-B2D63BDC1812}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}]

[HKLM\Software\Classes\CLSID\{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}]

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WebplayerTool]

C:\Program Files\WebplayerTool

C:\Users\nico\AppData\Roaming\Mozilla\Firefox\Profiles\8mo8wdwr.default\user.js (.not file.)

O87 - FAEL: "TCP Query User{EBC1D34C-4437-4B9C-9B3E-B6A679D44C4E}C:\users\nico\appdata\local\temp\jdic_0_9_5\ieembed.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\nico\appdata\local\temp\jdic_0_9_5\ieembed.exe (.not file.)

O87 - FAEL: "UDP Query User{94527FD9-01D6-4AF7-8806-17D5CF5D401B}C:\users\nico\appdata\local\temp\jdic_0_9_5\ieembed.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\nico\appdata\local\temp\jdic_0_9_5\ieembed.exe (.not file.)

C:\Users\nico\AppData\Local\Temp\log

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

[HKLM\Software\Classes\TBSB00808.IEToolbar]

[HKLM\Software\Classes\TBSB00808.IEToolbar.1]

[HKLM\Software\Classes\TBSB00808.TBSB00808]

[HKLM\Software\Classes\TBSB00808.TBSB00808.3]

[HKLM\Software\Classes\TBSB07359.IEToolbar]

[HKLM\Software\Classes\TBSB07359.IEToolbar.1]

[HKLM\Software\Classes\TBSB07359.TBSB07359]

[HKLM\Software\Classes\TBSB07359.TBSB07359.3]

[HKLM\Software\Classes\Toolbar3.SearchProviderManager]

[HKLM\Software\Classes\Toolbar3.SearchProviderManager.1]

[HKLM\Software\Classes\Toolbar3.TBSB00808]

[HKLM\Software\Classes\Toolbar3.TBSB00808.1]

[HKLM\Software\Classes\Toolbar3.TBSB07359]

[HKLM\Software\Classes\Toolbar3.TBSB07359.1]

[HKCU\Software\{6CE7C514-0D4F-4701-B70E-7A8DE3429FE3}]

[HKCU\Software\{C5C31551-23FC-4895-B1C7-E209163DECA5}]

[HKLM\Software\BrowserChoice]

OPT:O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

 

EmptyTemp

EmptyFlash

Lancer ZHPFix (raccourci sur le Bureau ZHPFix.png ou "Démarrer" => "Tous les programmes" => "ZHP" => "ZHPFix") et cliquer sur le bouton [H].

Vérifier que toutes les lignes copiées (et rien d'autre) apparaissent dans la fenêtre (et disposées exactement de la même façon) et clique sur le bouton [OK] puis sur sur le bouton [Tous].

Fermer toutes les applications et autres fenêtres en cours (y compris Internet) et désactiver les programmes de protection (antivirus, pare-feu et antispyware).

Enfin, cliquer sur le bouton [Nettoyer] et laisser faire.

Redémarrer le PC pour finir le nettoyage si demandé et copier/ coller le contenu du rapport "ZHPFixReport.txt" qui s'ouvre dans la prochaine réponse. Ce rapport est en outre sauvegardé ici: C:\Program files\ZHPDiag\ZHPFixReport.txt.

 

 

>>> Mises à jour: Toute ancienne version d'un programme quel qu'il soit peut comporter des vulnérabilités susceptibles d'être exploitées pour infecter un PC.

Les versions des programmes suivants ne sont pas à jour. Suivre les indications pour chacun pour corriger le problème.

  • Java: Utiliser, IMPÉRATIVEMENT, Internet Explorer pour téléchargez (sur le Bureau) la dernière version qui correspond à votre Système d'exploitation (32 ou 64 bits): Téléchargements Java pour tous les systèmes d'exploitation.
     
    java.png


     
    Avant l'installation il est important de commencer par supprimer TOUTES les anciennes versions dans votre machine parce qu'elles peuvent contenir des vulnérabilités de sécurité:
    Cliquer sur "Démarrer" => "Panneau de configuration" => "Ajout/ Suppression de Programmes".
    Chercher, dans la liste les lignes concernant Java (J2SE Runtime Environment.... ) et repérables avec cette icône java01.jpg.
    Sélectionner une ligne à la fois et cliquer sur Modifier/ Supprimer.
    Quand il n'y en a plus, fermer tout et installer la nouvelle version en cliquant sur le fichier que vous avez téléchargé.

  • Firefox: Lancer FF et cliquer sur le ? puis sur "Rechercher des mises à jour...". Suivre les indications. Ou le télécharger depuis ici.
  • Adobe Acrobat Reader: Le désinstaller et télécharger la dernière version ici (Décocher la case "Inclure dans votre téléchargement").

 

 

>>> As-tu d'autres soucis?

Lien vers le commentaire
Partager sur d’autres sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

 Share

  • En ligne récemment   0 membre est en ligne

    Aucun utilisateur enregistré regarde cette page.

×
×
  • Créer...