Bibou Le Forum
Portail sur la sécurité
 
PortailAccueilRechercherS'enregistrerMembresGroupesConnexion

Partagez | 
 

 [fermé]Infection avec searchqu.com/406

Voir le sujet précédent Voir le sujet suivant Aller en bas 
AuteurMessage
acrylique
bibounet
bibounet


Féminin
Nombre de messages : 11
Age : 30
Localisation : Nord
Date d'inscription : 06/12/2011

MessageSujet: [fermé]Infection avec searchqu.com/406   Mar 6 Déc 2011 - 5:22

Bonjour !

Hé oui, moi aussi j'ai succombé!
En voulant télécharger un film, aïe, suis tombée sur ce virus qui a d'abord bloqué Avaast. J'ai fait un point de restauration sur mon ordi mais rien à faire. Je suis sous Vista. Quelqu'un peut-il m'aider? Youhou ? Merciiiiiiiiiiiiiiiiiiiiii!!!!
santa
Revenir en haut Aller en bas
Laddy
Admin
Admin
avatar

Féminin
Nombre de messages : 7927
Age : 39
Localisation : suisse
Date d'inscription : 14/03/2008

MessageSujet: Re: [fermé]Infection avec searchqu.com/406   Mar 6 Déc 2011 - 7:53

Bonjour

un helper te prendre en charge dès que tu pourras fournir ces différerents rapports :

Télécharge AdwCleaner ( d'Xplode ) sur ton bureau. Lance le, clique sur [Recherche] puis patiente le temps du scan. Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse. Note : Le rapport est également sauvegardé sous C:\AdwCleaner[R1].txt

ZHPDiag :



Clique ici pour Télécharger ZHPDiag ( de Nicolas coolman )


Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut (Coche " Créer une icône sur le bureau " )

  • Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Exécuter en tant qu'administrateur ( Vista/seven )

  • Clique sur la loupe en haut à gauche, puis laisse l'outil scanner

  • Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau

Arrow Poste le contenu du rapport


Si les rapports sont trop longs utilisez ce site : http://www.cijoint.fr/
Cliquez sur Parcourir pour rechercher les rapports puis cliquez sur Cliquez ici pour déposer le fichier
Donnez le lien dans le sujet.
Il est de type : http://www.cijoint.fr/cjlink.php?file=cj201003/abcZ8MD0zB.txt

__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
acrylique
bibounet
bibounet


Féminin
Nombre de messages : 11
Age : 30
Localisation : Nord
Date d'inscription : 06/12/2011

MessageSujet: Re: [fermé]Infection avec searchqu.com/406   Mar 6 Déc 2011 - 11:08

Ok merci !!!
Revenir en haut Aller en bas
acrylique
bibounet
bibounet


Féminin
Nombre de messages : 11
Age : 30
Localisation : Nord
Date d'inscription : 06/12/2011

MessageSujet: Re: [fermé]Infection avec searchqu.com/406   Mar 6 Déc 2011 - 11:09

Voici le scan de AdwClean

# AdwCleaner v1.400 - Rapport créé le 06/12/2011 à 10:08:57
# Mis à jour le 04/12/11 à 22h par Xplode
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
# Nom d'utilisateur : carole - PC-DE-CAROLE (Administrateur)
# Exécuté depuis : C:\Users\carole\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8IPH74O0\28-adwcleaner[1].exe
# Option [Recherche]


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Présent : C:\ProgramData\~0
Dossier Présent : C:\ProgramData\Babylon
Dossier Présent : C:\Users\carole\AppData\Roaming\Babylon
Dossier Présent : C:\Users\carole\AppData\Local\Babylon

***** [Registre] *****

Clé Présente : HKCU\Software\DataMngr
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé Présente : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7}

***** [Navigateurs] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Google Chrome v0.0.0.0

Fichier : C:\Users\carole\AppData\Local\Google\Chrome\User Data\Default\Preferences

Présente : "homepage": "hxxp://www.searchqu.com/406",

*************************

AdwCleaner[R1].txt - [1741 octets] - [06/12/2011 09:41:28]
AdwCleaner[R2].txt - [1672 octets] - [06/12/2011 10:08:57]

########## EOF - C:\AdwCleaner[R2].txt - [1800 octets] ##########
Revenir en haut Aller en bas
acrylique
bibounet
bibounet


Féminin
Nombre de messages : 11
Age : 30
Localisation : Nord
Date d'inscription : 06/12/2011

MessageSujet: Re: [fermé]Infection avec searchqu.com/406   Mar 6 Déc 2011 - 11:25

Je n'arrive pas à ouvrir Cijoint.fr
alors j'essaie de saucissonner le diag de ZHP:

Rapport de ZHPDiag v1.28.2510 par Nicolas Coolman, Update du 03/12/2011
Run by carole at 06/12/2011 09:55:55
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
State : Version à jour.


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
GCIE: Google Chrome v15.0.874.121 (Defaut)
OBIE: Wacom WebTabletPlugin for Netscape v1.1.0.5

---\\ Windows Product Information
~ Langage: Français
Windows Vista Home Premium Edition, 32-bit Service Pack 1 (Build 6001)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : G6MF9
Windows License : OK
Windows Automatic Updates : OK

---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3038 MB (56% free)
System Restore: Activé (Enable)
System drive C: has 68 GB (30%) free of 223 GB

---\\ Logged in mode
~ Computer Name: PC-DE-CAROLE
~ User Name: carole
~ All Users Names: Invité_, carole, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\carole\AppData\Roaming\
~ %Desktop% : C:\Users\carole\Desktop\
~ %Favorites% : C:\Users\carole\Favorites\
~ %LocalAppData% : C:\Users\carole\AppData\Local\
~ %StartMenu% : C:\Users\carole\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 68 Go of 223 Go)
D:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
E:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
F:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.4F554999D7D5F05DAAEBBA7B5BA1089D] - (.Microsoft Corporation - Explorateur Windows.) (.21/05/2009 - 07:29:41.) -- C:\Windows\Explorer.exe [2927104]
[MD5.4B555106290BD117334E9A08761C035A] - (....) (.02/11/2006 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.6CE32F7778061CCC5814D5E0F282D369] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.23/05/2009 - 12:34:57.) -- C:\Windows\system32\wininet.dll [914944]
[MD5.C2610B6BDBEFC053BBDAB4F1B965CB24] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/01/2008 - 03:24:49.) -- C:\Windows\system32\Winlogon.exe [314880]
[MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.21/01/2008 - 09:33:40.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]
[MD5.763E172A55177E478CB419F88FD0BA03] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/01/2008 - 03:24:17.) -- C:\Windows\system32\drivers\AFD.sys [273920]
[MD5.2D9C903DC76A66813D350A562DE40ED9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.21/01/2008 - 03:23:00.) -- C:\Windows\system32\drivers\atapi.sys [21560]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\drivers\Cdfs.sys [70144]
[MD5.1EC25CEA0DE6AC4718BF89F9E1778B57] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/01/2008 - 03:23:02.) -- C:\Windows\system32\drivers\Cdrom.sys [67072]
[MD5.9E635AE5E8AD93E2B5989E2E23679F97] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\drivers\DfsC.sys [75264]
[MD5.C87B1EE051C0464491C1A7B03FA0BC99] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/01/2008 - 03:23:22.) -- C:\Windows\system32\drivers\HDAudBus.sys [53760]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\drivers\IpNat.sys [100864]
[MD5.C4AD205530888404E2B5FC8D9319B119] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.21/01/2008 - 03:24:11.) -- C:\Windows\system32\drivers\MRxSmb.sys [105472]
[MD5.7C5FEE5B1C5728507CD96FB4A13E7A02] - (.Microsoft Corporation - MBT Transport driver.) (.21/01/2008 - 03:24:59.) -- C:\Windows\system32\drivers\netBT.sys [184320]
[MD5.B4EFFE29EB4F15538FD8A9681108492D] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\drivers\ntfs.sys [1081912]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\drivers\rdpdr.sys [248832]
[MD5.031E6BCD53C9B2B9ACE111EAFEC347B6] - (.Microsoft Corporation - SMB Transport driver.) (.21/01/2008 - 03:25:00.) -- C:\Windows\system32\drivers\smb.sys [66560]
[MD5.D09276B1FAB033CE1D40DCBDF303D10F] - (.Microsoft Corporation - TDI Translation Driver.) (.21/01/2008 - 03:24:53.) -- C:\Windows\system32\drivers\tdx.sys [71680]
[MD5.D8B4A53DD2769F226B3EB374374987C9] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/01/2008 - 03:23:21.) -- C:\Windows\system32\drivers\volsnap.sys [227896]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 12/4337
~ Mes musiques (My Musics) : 753/2931
~ Mes Videos (My Videos) : 2/874
~ Mes Favoris (My Favorites) : 3/8
~ Mes Documents (My Documents) : 19/6197
~ Mon Bureau (My Desktop) : 41/1893
~ Menu demarrer (Programs) : 7/27
~ Scan Hidden Files in 00mn 14s



---\\ Processus lancés
[MD5.4022AB54BFA98618163285DCD2A0E0DD] - (.Microsoft Corporation - Microsoft Tablet PC Input Component.) -- C:\Windows\SYSTEM32\WISPTIS.EXE [244224] [PID.]
[MD5.831F4486A43CCDA36470F58C7FBC6C7F] - (.Microsoft Corporation - Tablet PC Input Panel Accessory.) -- C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [300032] [PID.]
[MD5.F9EF088D57DDFC6AE735F4D73FC902EF] - (.Wacom Technology, Corp. - Touch User Mode Driver.) -- C:\Program Files\Tablet\Pen\Pen_TouchUser.exe [2953584] [PID.764]
[MD5.C0BEC075ED4E6FBB78AD97A580276EA1] - (.Sony Corporation - VAIO Update.) -- C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe [870240] [PID.2996]
[MD5.2AE7DC03B58F39AA6D1E0E76E86E92D9] - (.Wacom Technology, Corp. - Tablet user module for consumer driver.) -- C:\Program Files\Tablet\Pen\Pen_TabletUser.exe [1153392] [PID.3888]
[MD5.D38BAD62C1BA493B4B06430AD17C8648] - (.Sony Corporation - SPMgr.exe.) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [1771360] [PID.1028]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.4372]
[MD5.5CE6D96C5210D5B0145EE39C0B8E7C8A] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [835584] [PID.4748]
[MD5.9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F] - (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192] [PID.4756]
[MD5.C61DFED19704FA252702727EFCFF97C3] - (.Sony Corporation - Pas de description.) -- C:\Program Files\sony\ISB Utility\ISBMgr.exe [317280] [PID.4884]
[MD5.1B6B965E5F89CDFD2987E609F7DFAF3D] - (.Sony Corporation - Marketing Tools.) -- C:\Program Files\sony\Marketing Tools\MarketingTools.exe [24576] [PID.5268]
[MD5.E681281D9BFC9D45D3B72532717E5880] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [49152] [PID.5348]
[MD5.4D042B1F1375CF371AFBE0E0276BA627] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe [624248] [PID.5448]
[MD5.2E5212A0BFB98FE0167C92C76C87AFE3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [249064] [PID.5560]
[MD5.47C1DE0A890613FFCFF1D67648EEDF90] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920] [PID.5584]
[MD5.BE98A7F7C1C0CA899983209830E79520] - (...) -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe [618496] [PID.4532]
[MD5.B114DB354D13A21C1AC2B1807EE2F500] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe [273544] [PID.3140]
[MD5.02A1459E1958232C19C2F6EB82B5AAA7] - (.Pas de propriétaire - BambooDock back-end application.) -- C:\Program Files\Bamboo Dock\BambooCore.exe [646232] [PID.4832]
[MD5.F4D0446BA874917354801F210E66F545] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421736] [PID.4696]
[MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816] [PID.4104]
[MD5.B19B204CABFA9F225618EDA4A90C1A2C] - (.Microsoft Corporation - Serveur de personnalisation d’entrée.) -- C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [198656] [PID.2748]
[MD5.F7226AA410954185160067D5FA82F3F2] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3744552] [PID.888]
[MD5.5CF90C68A0A4F16F42F33DA729E67D85] - (.Sony Corporation - VAIO Smart Network.) -- C:\Program Files\sony\Network Utility\LANUtil.exe [270336] [PID.6000]
[MD5.25CA1677AAA3CDC99CD4FCF940886F3C] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [49152] [PID.1508]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.1420]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.1660]
[MD5.6BF7676296D5359AFC135A5397000053] - (.Acresso Corporation - Acresso Software Manager.) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496] [PID.2444]
[MD5.A6D772AA861E673636D48B6EB452ADE3] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [98696] [PID.6252]
[MD5.461A87D7A4304BDA228CF1DBB86D3CE9] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10v_ActiveX.exe [243360] [PID.6792]
[MD5.E654B78D2F1D791B30D0ED9A8195EC22] - (.Microsoft Corporation - Windows Update Automatic Updates.) -- C:\Windows\system32\wuauclt.exe [51224] [PID.6480]
[MD5.3D5EC1DA42C0D2828758B984D14313F5] - (...) -- C:\Users\carole\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8IPH74O0\28-adwcleaner[1].exe [549139] [PID.6748]
[MD5.354DAC3C68AAA2BCCE94EE77F30095FC] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [707072] [PID.7960]
[MD5.F96EBC5A624349D81DCC7600A3C5DC43] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.6672]
~ Scan Processes Running in 00mn 02s

Revenir en haut Aller en bas
acrylique
bibounet
bibounet


Féminin
Nombre de messages : 11
Age : 30
Localisation : Nord
Date d'inscription : 06/12/2011

MessageSujet: Re: [fermé]Infection avec searchqu.com/406   Mar 6 Déc 2011 - 11:25

La suite :


---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\carole\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://dts.search-results.com
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.searchqu.com
G2 - GCE: Preference [User Data\Default] [jfmjfhklogoienhpfnppmbcbjfjnkonk] RealPlayer HTML5Video Downloader Extension v.1.4 (Activé)
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Google\Picasa3\npPicasa3.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60831.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=12.0.1.647] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=12.0.1.647] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprpchromebrowserrecordext;version=12.0.1.652] - (.RealNetworks, Inc. - RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserre
P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=12.0.1.652] - (.RealNetworks, Inc. - RealPlayer(tm) HTML5VideoShim Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=12.0.1.647] - (.RealNetworks, Inc. - 12.0.1.647.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@wacom.com/wacom-plugin,version=1.1.0.5] - (.Wacom, Inc. - Wacom Dynamic Link Library.) -- C:\Program Files\TabletPlugins\npwacom.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} . (.Adobe Systems Incorporated. - Contribute IE Plugin.) -- C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} . (.Yahoo! Inc - Yahoo! Single Instance for Mail.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} . (.Adobe Systems Incorporated. - Contribute IE Plugin.) -- C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
~ Scan Toolbar in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Google Desktop Search] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O4 - HKLM\..\Run: [ISBMgr.exe] . (.Sony Corporation - Pas de description.) -- C:\Program Files\sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [MarketingTools] . (.Sony Corporation - Marketing Tools.) -- C:\Program Files\sony\Marketing Tools\MarketingTools.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] . (.CANON INC. - CNSLMAIN.) -- C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] . (.Adobe Systems Incorporated - Adobe Version Cue CS3.) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [DNS7reminder] . (.Nuance Communications, Inc. - Ereg.) -- C:\Program Files\Nuance\NaturallySpeaking11\Ereg\Ereg.exe
O4 - HKLM\..\Run: [Samsung PanelMgr] . (...) -- C:\Windows\Samsung\PanelMgr\ssmmgr.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- c:\program files\real\realplayer\Update\realsched.exe
O4 - HKLM\..\Run: [BambooCore] . (.Pas de propriétaire - BambooDock back-end application.) -- C:\Program Files\Bamboo Dock\BambooCore.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKCU\..\Run: [NSUFloatingUI] . (.Sony Corporation - VAIO Smart Network.) -- C:\Program Files\sony\Network Utility\LANUtil.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe
O4 - HKCU\..\Run: [Speech Recognition] . (.Microsoft Corporation - Reconnaissance vocale.) -- C:\Windows\Speech\Common\sapisvr.exe
O4 - HKCU\..\Run: [ISUSPM] . (.Acresso Corporation - Acresso Software Manager.) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-3681874406-3075305074-2765515372-1003\..\Run: [NSUFloatingUI] . (.Sony Corporation - VAIO Smart Network.) -- C:\Program Files\sony\Network Utility\LANUtil.exe
O4 - HKUS\S-1-5-21-3681874406-3075305074-2765515372-1003\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-3681874406-3075305074-2765515372-1003\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe
O4 - HKUS\S-1-5-21-3681874406-3075305074-2765515372-1003\..\Run: [Speech Recognition] . (.Microsoft Corporation - Reconnaissance vocale.) -- C:\Windows\Speech\Common\sapisvr.exe
O4 - HKUS\S-1-5-21-3681874406-3075305074-2765515372-1003\..\Run: [ISUSPM] . (.Acresso Corporation - Acresso Software Manager.) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
O4 - HKUS\S-1-5-21-3681874406-3075305074-2765515372-1003\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\carole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\carole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\carole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\carole\Desktop\administratif - Raccourci.lnk . (...) -- C:\Users\carole\Documents\administratif
O4 - Global Startup: C:\Users\carole\Desktop\Ares.lnk . (.Ares Development Group.) -- C:\Program Files\Ares\Ares.exe
O4 - Global Startup: C:\Users\carole\Desktop\Continue SweetIM Installation.lnk . (.SweetIM Technologies, Ltd..) -- C:\Users\carole\AppData\Local\Temp\SweetIMReinstall\SweetImSetup[1].exe
O4 - Global Startup: C:\Users\carole\Desktop\Documents - Raccourci.lnk . (...) -- C:\Users\carole\Documents
O4 - Global Startup: C:\Users\carole\Desktop\Images - Raccourci.lnk . (...) -- C:\Users\carole\Documents\Pictures
O4 - Global Startup: C:\Users\carole\Desktop\Media Player Classic - Home Cinema.lnk . (.MPC-HC Team.) -- C:\Program Files\Media Player Classic - Home Cinema\mpc-hc.exe
O4 - Global Startup: C:\Users\carole\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\carole\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
O4 - Global Startup: C:\Users\carole\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 00s



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\Windows\system32\GPhotos.scr
O8 - Extra context menu item: Ajouter au fichier PDF existant . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O8 - Extra context menu item: Convertir en Adobe PDF . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O8 - Extra context menu item: Convertir la sélection en Adobe PDF . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files\MICROS~2\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll
~ Scan IE Menu Contextuel in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Envoyer à OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-fr.cab
~ Scan Objets ActiveX in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF279147-D880-48B0-B7B1-C44C65ECC2E0}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF279147-D880-48B0-B7B1-C44C65ECC2E0}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{BF279147-D880-48B0-B7B1-C44C65ECC2E0}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{BF279147-D880-48B0-B7B1-C44C65ECC2E0}: DhcpDomain = lan
O17 - HKLM\System\CS3\Services\Tcpip\..\{BF279147-D880-48B0-B7B1-C44C65ECC2E0}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS3\Services\Tcpip\..\{BF279147-D880-48B0-B7B1-C44C65ECC2E0}: DhcpDomain = lan
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) -- C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (...) -- igfxdev.dll
O20 - Winlogon Notify: VESWinlogon . (.Sony Corporation - VAIO Event Service (Winlogon Notification M.) -- C:\Windows\system32\VESWinlogon.dll
~ Scan Winlogon in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files\Google\GOOGLE~1\GOEC62~1.dll (.not file.)
~ Scan AppInit DLL in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ Scan SSODL in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) . (.Pas de propriétaire - Inkjet Printer/Scanner Extended Servey Prog.) - C:\Program Files\Canon\IJPLM\ijplmsvc.exe
O23 - Service: NSUService (NSUService) . (.Sony Corporation - VAIO Smart Network.) - C:\Program Files\sony\Network Utility\NSUService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Windows\RTKAUDIOSERVICE.exe
O23 - Service: TabletServicePen (TabletServicePen) . (.Wacom Technology, Corp. - Tablet Service for consumer driver.) - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
O23 - Service: Wacom Consumer Touch Service (TouchServicePen) . (.Wacom Technology, Corp. - Touch Service.) - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
O23 - Service: VAIO Event Service (VAIO Event Service) . (.Sony Corporation - VAIO Event Service (Service Module).) - C:\Program Files\sony\VAIO Event Service\VESMgr.exe
O23 - Service: (VAIO Power Management) . (.Sony Corporation - SPMService.exe.) - C:\Program Files\sony\VAIO Power Management\SPMService.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) . (.Sony Corporation - VAIO Content Folder Watcher.) - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) . (.Sony Corporation - VAIO Entertainment Database Service.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: Yahoo! Updater (YahooAUService) . (.Yahoo! Inc. - AutoUpater Service Module.) - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
~ Scan Services in 00mn 01s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.FD8DCAE8AAE888D8BAD0E6C2DAAAFB6D] [APT] [RealUpgradeLogonTaskS-1-5-21-3681874406-3075305074-2765515372-1003] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
[MD5.FD8DCAE8AAE888D8BAD0E6C2DAAAFB6D] [APT] [RealUpgradeLogonTaskS-1-5-21-3681874406-3075305074-2765515372-1004] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
[MD5.FD8DCAE8AAE888D8BAD0E6C2DAAAFB6D] [APT] [RealUpgradeScheduledTaskS-1-5-21-3681874406-3075305074-2765515372-1003] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
[MD5.FD8DCAE8AAE888D8BAD0E6C2DAAAFB6D] [APT] [RealUpgradeScheduledTaskS-1-5-21-3681874406-3075305074-2765515372-1004] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
[MD5.880585A82D9DED1A6A040EDED6A661EC] [APT] [Me&My VAIO] (.Sony Corporation.) -- C:\Program Files\sony\Me&My VAIO\QLGuide.exe
[MD5.C0BEC075ED4E6FBB78AD97A580276EA1] [APT] [VAIO Update] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
~ Scan Scheduled Task in 00mn 04s

Revenir en haut Aller en bas
acrylique
bibounet
bibounet


Féminin
Nombre de messages : 11
Age : 30
Localisation : Nord
Date d'inscription : 06/12/2011

MessageSujet: Re: [fermé]Infection avec searchqu.com/406   Mar 6 Déc 2011 - 11:26



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d'installation du Lecteur Windows Media de Microsoft.) -- C:\Windows\system32\unregmp2.exe
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Microsoft VM - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Microsoft Corporation - Microsoft® VM.) -- C:\Windows\System32\msjava.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player.) -- C:\Windows\system32\wmp.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Shockwave Flash Object - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.3 r183.) -- C:\Windows\System32\Macromed\Flash\Flash10v.ocx
~ Scan Active Setup in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: (DMICall) . (.Sony Corporation - Windows 2000 DMI Call Kernel Driver.) - C:\Windows\system32\DRIVERS\DMICall.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\system32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Tcpip) . (.Microsoft Corporation - TCP/IP Driver.) - C:\Windows\system32\drivers\tcpip.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 2007 Microsoft Office system - (.Microsoft Corporation.) [HKLM] -- PROHYBRIDR
O42 - Logiciel: AHV content for Acrobat and Flash - (.Adobe Systems Incorporated.) [HKLM] -- {6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {FDB3B167-F4FA-461D-976F-286304A57B2A}
O42 - Logiciel: Adobe After Effects CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {EB0202F7-016A-410C-ADE4-40F848CCC661}
O42 - Logiciel: Adobe After Effects CS3 Presets - (.Adobe Systems Incorporated.) [HKLM] -- {193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}
O42 - Logiciel: Adobe Anchor Service CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {90176341-0A8B-4CCC-A78D-F862228A6B95}
O42 - Logiciel: Adobe Asset Services CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
O42 - Logiciel: Adobe Bridge CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {9C9824D9-9000-4373-A6A5-D0E5D4831394}
O42 - Logiciel: Adobe Bridge Start Meeting - (.Adobe Systems Incorporated.) [HKLM] -- {08B32819-6EEF-4057-AEDA-5AB681A36A23}
O42 - Logiciel: Adobe BridgeTalk Plugin CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}
O42 - Logiciel: Adobe CMaps - (.Adobe Systems Incorporated.) [HKLM] -- {A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
O42 - Logiciel: Adobe Camera Raw 4.0 - (.Adobe Systems Incorporated.) [HKLM] -- {B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
O42 - Logiciel: Adobe Color - Photoshop Specific - (.Adobe Systems Incorporated.) [HKLM] -- {A2D81E70-2A98-4A08-A628-94388B063C5E}
O42 - Logiciel: Adobe Color Common Settings - (.Adobe Systems Incorporated.) [HKLM] -- {DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
O42 - Logiciel: Adobe Color EU Recommended Settings - (.Adobe Systems Incorporated.) [HKLM] -- {73B5D990-04EA-4751-B10F-5534770B91F2}
O42 - Logiciel: Adobe Color JA Extra Settings - (.Adobe Systems Incorporated.) [HKLM] -- {DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
O42 - Logiciel: Adobe Color NA Extra Settings - (.Adobe Systems Incorporated.) [HKLM] -- {FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
O42 - Logiciel: Adobe Contribute CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {F84ADE4E-9220-4324-994D-801EDD9DD251}
O42 - Logiciel: Adobe Creative Suite 3 Master Collection - (.Adobe Systems Incorporated.) [HKLM] -- {5D2398DF-3022-4820-93BA-F1175FBEA9CA}
O42 - Logiciel: Adobe Default Language CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
O42 - Logiciel: Adobe Device Central CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
O42 - Logiciel: Adobe Dreamweaver CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {4BDB76C6-902E-41D5-9064-68768E02886B}
O42 - Logiciel: Adobe Encore CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {54B2EAD9-A110-43F7-B010-2859A1BD2AFE}
O42 - Logiciel: Adobe Encore CS3 Codecs - (.Adobe Systems Incorporated.) [HKLM] -- {B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}
O42 - Logiciel: Adobe ExtendScript Toolkit 2 - (.Adobe Systems Incorporated.) [HKLM] -- {C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
O42 - Logiciel: Adobe Extension Manager CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {BE5F3842-8309-4754-92D5-83E02E6077A3}
O42 - Logiciel: Adobe Fireworks CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {21C4D775-368A-46C4-8DC3-4207165B7115}
O42 - Logiciel: Adobe Flash CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {80FD3971-8482-49C8-BA8C-B6464A15882F}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 9 Plugin - (.Adobe Systems, Inc..) [HKLM] -- {88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}
O42 - Logiciel: Adobe Flash Video Encoder - (.Adobe Systems Incorporated.) [HKLM] -- {1B0BCA28-1F11-4D60-8A2F-DEBE04B5341E}
O42 - Logiciel: Adobe Fonts All - (.Adobe Systems Incorporated.) [HKLM] -- {6ABE0BEE-D572-4FE8-B434-9E72A289431B}
O42 - Logiciel: Adobe Help Viewer CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {7ACFB90E-8FD0-4397-AD3A-5195412623A3}
O42 - Logiciel: Adobe Illustrator CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {6E08CE13-C2AB-4749-9335-5900B958929E}
O42 - Logiciel: Adobe InDesign CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {FE8327F9-3AC1-4586-8C7E-3DEE2BC92441}
O42 - Logiciel: Adobe InDesign CS3 Icon Handler - (.Adobe Systems Incorporated.) [HKLM] -- {EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
O42 - Logiciel: Adobe Linguistics CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {54793AA1-5001-42F4-ABB6-C364617C6078}
O42 - Logiciel: Adobe MotionPicture Color Files - (.Adobe Systems Incorporated.) [HKLM] -- {6B708481-748A-4EB4-97C1-CD386244FF77}
O42 - Logiciel: Adobe PDF Library Files - (.Adobe Systems Incorporated.) [HKLM] -- {D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
O42 - Logiciel: Adobe Photoshop CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {C1FA4B3B-1625-4922-9C9D-780E8FCE161A}
O42 - Logiciel: Adobe Premiere Pro CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}
O42 - Logiciel: Adobe Premiere Pro CS3 Functional Content - (.Adobe Systems Incorporated.) [HKLM] -- {50F102CA-4BE2-41A9-9810-5BB05EB91B9A}
O42 - Logiciel: Adobe Premiere Pro CS3 Third Party Content - (.Adobe Systems Incorporated.) [HKLM] -- {485ACF57-F364-440A-8496-E1E81C8FA1AA}
O42 - Logiciel: Adobe Reader 9.4.5 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
O42 - Logiciel: Adobe SING CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {B671CBFD-4109-4D35-9252-3062D3CCB7B2}
O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] -- {1628F6BD-5ED1-4FD1-B90F-C106AF4E00F0}
O42 - Logiciel: Adobe Soundbooth CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}
O42 - Logiciel: Adobe Soundbooth CS3 Codecs - (.Adobe Systems Incorporated.) [HKLM] -- {0327FA9D-975C-448C-A086-577D57BB25B8}
O42 - Logiciel: Adobe Stock Photos CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {29E5EA97-5F74-4A57-B8B2-D4F169117183}
O42 - Logiciel: Adobe Type Support - (.Adobe Systems Incorporated.) [HKLM] -- {8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
O42 - Logiciel: Adobe Update Manager CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {E69AE897-9E0B-485C-8552-7841F48D42D8}
O42 - Logiciel: Adobe Version Cue CS3 Client - (.Adobe Systems Incorporated.) [HKLM] -- {D0DFF92A-492E-4C40-B862-A74A173C25C5}
O42 - Logiciel: Adobe Version Cue CS3 Server - (.Adobe Systems Incorporated.) [HKLM] -- {1D58229F-C505-45CA-8223-F35F3A34B963}
O42 - Logiciel: Adobe Video Profiles - (.Adobe Systems Incorporated.) [HKLM] -- {845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}
O42 - Logiciel: Adobe WAS CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {C5BD220A-EFE8-48A5-B70E-9503D535FACE}
O42 - Logiciel: Adobe WinSoft Linguistics Plugin - (.Adobe Systems Incorporated.) [HKLM] -- {184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
O42 - Logiciel: Adobe XMP DVA Panels CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {0224CACC-994D-45F8-B973-D65056EA9C2F}
O42 - Logiciel: Adobe XMP Panels CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {D5A31AB1-345D-47C7-A87B-036A669F6DF1}
O42 - Logiciel: Ajouter ou supprimer Adobe Creative Suite 3 Master Collection - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_b5d5789539ea1f004a4defceea74312
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {343666E2-A059-48AC-AD67-230BF74E2DB2}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {8153ED9A-C94A-426E-9880-5E6775C08B62}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: ArcSoft Magic-i Visual Effects 2 - (.ArcSoft.) [HKLM] -- {7BB90344-0647-468E-925A-7F69F7983421}
O42 - Logiciel: ArcSoft WebCam Companion 2 - (.ArcSoft.) [HKLM] -- {9973498D-EA29-4A68-BE0B-C88D6E03E928}
O42 - Logiciel: Ares 2.1.7 - (.Ares Development Group.) [HKLM] -- Ares
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
O42 - Logiciel: Bamboo - (.Wacom Technology Corp..) [HKLM] -- Pen Tablet Driver
O42 - Logiciel: Bamboo Dock - (.Wacom Europe GmbH.) [HKLM] -- wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
O42 - Logiciel: Bamboo Dock - (.Wacom Europe GmbH.) [HKLM] -- {4EBFAB00-674D-27E3-91B0-3BAA73FC6FA6}
O42 - Logiciel: Bamboo Dock 3.3 - (.Wacom Co., Ltd..) [HKLM] -- Bamboo Dock
O42 - Logiciel: Bamboo Explore - (.Wacom Europe GmbH.) [HKLM] -- Bamboo Explore
O42 - Logiciel: Big Fish Games Suite de jeu - (.Pas de propriétaire.) [HKLM] -- BFG-Big Fish Games Suite de jeu
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B}
O42 - Logiciel: Canon Utilities CameraWindow - (.Canon Inc..) [HKLM] -- CameraWindowLauncher
O42 - Logiciel: Canon Utilities CameraWindow DC - (.Canon Inc..) [HKLM] -- CameraWindowDC
O42 - Logiciel: Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- CameraWindowDVC6
O42 - Logiciel: Canon Utilities Easy-PhotoPrint EX - (.Pas de propriétaire.) [HKLM] -- Easy-PhotoPrint EX
O42 - Logiciel: Canon Utilities MyCamera - (.Canon Inc..) [HKLM] -- MyCamera
O42 - Logiciel: Canon Utilities MyCamera DC - (.Canon Inc..) [HKLM] -- MyCameraDC
O42 - Logiciel: Canon Utilities PhotoStitch - (.Canon Inc..) [HKLM] -- PhotoStitch
O42 - Logiciel: Canon Utilities RemoteCapture Task for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- RemoteCaptureTask
O42 - Logiciel: Canon Utilities Solution Menu - (.Pas de propriétaire.) [HKLM] -- CanonSolutionMenu
O42 - Logiciel: Canon Utilities ZoomBrowser EX - (.Canon Inc..) [HKLM] -- ZoomBrowser EX
O42 - Logiciel: Canon ZoomBrowser EX Memory Card Utility - (.Canon Inc..) [HKLM] -- ZoomBrowser EX Memory Card Utility
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {9EAC0E21-510E-4259-A9C6-F5D5B8969036}
O42 - Logiciel: Click to Disc - (.Sony Corporation.) [HKLM] -- {68A69CFF-130D-4CDE-AB0E-7374ECB144C8}
O42 - Logiciel: Click to Disc Editor - (.Sony Corporation.) [HKLM] -- InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}
O42 - Logiciel: Dragon NaturallySpeaking 11 - (.Nuance Communications Inc..) [HKLM] -- {EFFA53BC-8C04-2E21-3D90-A13B1697B0CA}
O42 - Logiciel: Enregistrement utilisateur de Canon MP240 series - (.Pas de propriétaire.) [HKLM] -- Enregistrement utilisateur de Canon MP240 series
O42 - Logiciel: Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français) - (.Microsoft Corporation.) [HKLM] -- {3380F354-C5F7-4E71-8F51-EEE6C3F06C62}
O42 - Logiciel: Free Mp3 Wma Converter V 1.9 - (.Koyote Soft.) [HKLM] -- Free Mp3 Wma Converter_is1
O42 - Logiciel: Gestion de l’alimentation de VAIO - (.Sony Corporation.) [HKLM] -- {5F5867F0-2D23-4338-A206-01A76C823924}
O42 - Logiciel: Gestionnaire de contacts professionnels pour Outlook 2007 SP2 - (.Microsoft Corporation.) [HKLM] -- Business Contact Manager
O42 - Logiciel: Gestionnaire de contacts professionnels pour Outlook 2007 SP2 - (.Microsoft Corporation.) [HKLM] -- {69ca8988-1c6c-4285-b8af-db780a6e42af}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}
O42 - Logiciel: HDAUDIO SoftV92 Data Fax Modem with SmartCP - (.Pas de propriétaire.) [HKLM] -- CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Inkjet Printer/Scanner Extended Survey Program - (.Pas de propriétaire.) [HKLM] -- CANONIJPLM100
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}
O42 - Logiciel: Intel PROSet Wireless - (.Pas de propriétaire.) [HKLM] -- ProInst
O42 - Logiciel: Java(TM) 6 Update 24 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216017FF}
O42 - Logiciel: Java(TM) 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: Maintenance de Samsung CLX-3180 Series - (.Samsung Electronics Co., Ltd..) [HKLM] -- Samsung CLX-3180 Series
O42 - Logiciel: Me&My VAIO - (.Sony Corporation.) [HKLM] -- {76D7CCD6-8369-405C-B494-5F34FAE67249}
O42 - Logiciel: Media Player Classic - Home Cinema v1.5.2.3456 - (.MPC-HC Team.) [HKLM] -- {2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Office 2003 Web Components - (.Microsoft Corporation.) [HKLM] -- {90A4040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft Office 2007 Primary Interop Assemblies - (.Microsoft Corporation.) [HKLM] -- {50120000-1105-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Professional Hybrid 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Small Business Connectivity Components - (.Microsoft Corporation.) [HKLM] -- {A939D341-5A04-4E0A-BB55-3E65B386432D}
O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 - (.Microsoft Corporation.) [HKLM] -- Microsoft SQL Server 2005
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) - (.Microsoft Corporation.) [HKLM] -- {480DBB60-F0B6-45F2-B26F-1A2E11197791}
O42 - Logiciel: Microsoft SQL Server Native Client - (.Microsoft Corporation.) [HKLM] -- {1F24E48F-7692-4E89-8784-68DD4D2712A0}
O42 - Logiciel: Microsoft SQL Server VSS Writer - (.Microsoft Corporation.) [HKLM] -- {A30179B7-997A-4D47-AA43-57AE59A9C78B}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {A49F249F-0C91-497F-86DF-B2585E8E76B7}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Music Transfer - (.Sony Corporation.) [HKLM] -- {CE2121C6-C94D-4A73-8EA4-6943F33EE335}
O42 - Logiciel: OpenMG Secure Module 5.1.00 - (.Sony Corporation.) [HKLM] -- InstallShield_{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}
O42 - Logiciel: Outil de restauration de données VAIO - (.Sony Corporation.) [HKLM] -- {57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PDF Settings - (.Adobe Systems Incorporated.) [HKLM] -- {AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {7BE15435-2D3E-4B58-867F-9C75BED0208C}
O42 - Logiciel: Readiris Pro 10 - (.Pas de propriétaire.) [HKLM] -- {14D08502-FEE4-40E5-90D3-8A967A1D8BA2}
O42 - Logiciel: RealNetworks - Microsoft Visual C++ 2008 Runtime - (.RealNetworks, Inc.) [HKLM] -- {7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0
O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Roxio Central Audio - (.Roxio.) [HKLM] -- {73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
O42 - Logiciel: Roxio Central Copy - (.Roxio.) [HKLM] -- {B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
O42 - Logiciel: Roxio Central Core - (.Roxio.) [HKLM] -- {ED439A64-F018-4DD4-8BA5-328D85AB09AB}
O42 - Logiciel: Roxio Central Data - (.Roxio.) [HKLM] -- {08E81ABD-79F7-49C2-881F-FD6CB0975693}
O42 - Logiciel: Roxio Central Tools - (.Roxio.) [HKLM] -- {1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
O42 - Logiciel: Roxio Easy Media Creator 10 LJ - (.Roxio.) [HKLM] -- {537BF16E-7412-448C-95D8-846E85A1D817}
O42 - Logiciel: Roxio Easy Media Creator Home - (.Roxio.) [HKLM] -- {FE51662F-D8F6-43B5-99D9-D4894AF00F83}
O42 - Logiciel: Scan Assistant - (.Samsung Electronics Co., Ltd..) [HKLM] -- {BF6CF460-40C3-49BA-800A-4B934B6498B1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB957789) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7559E742-FF9F-4FAE-B279-008ED296CB4D}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB957789) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{7559E742-FF9F-4FAE-B279-008ED296CB4D}
O42 - Logiciel: Setting Utility Series - (.Sony Corporation.) [HKLM] -- {A7DA438C-2E43-4C20-BFDA-C1F4A6208558}
O42 - Logiciel: Skype™ 5.3 - (.Skype Technologies S.A..) [HKLM] -- {5335DADB-34BA-4AE8-A519-648D78498846}
O42 - Logiciel: SmarThru 4 - (.Samsung Electronics Co., Ltd..) [HKLM] -- {90F1943D-EA4A-4460-B59F-30023F3BA69A}
O42 - Logiciel: Software Info for Me&My VAIO - (.Sony Corporation.) [HKLM] -- {69C8B1E3-2665-4A0F-B049-67746E5C4CE3}
O42 - Logiciel: Sony Picture Utility - (.Sony Corporation.) [HKLM] -- {D5068583-D569-468B-9755-5FBF5848F46F}
O42 - Logiciel: Sony Video Shared Library - (.Sony Corporation.) [HKLM] -- {01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}
O42 - Logiciel: Support de Présentation VAIO - (.Sony Corporation.) [HKLM] -- {2018C019-30D9-4240-8C01-0865C10DCF5A}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 Help (KB957246) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{80E46078-C1C5-4AE8-8744-3EAFC812E118}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb968503) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{5DD98950-4D10-4B79-8BF6-59726705207D}
O42 - Logiciel: VAIO Content Folder Setting - (.Sony Corporation.) [HKLM] -- {23825B69-36DF-4DAD-9CFD-118D11D80F16}
O42 - Logiciel: VAIO Content Folder Watcher - (.Sony Corporation.) [HKLM] -- {327B75F0-92AF-420A-988F-FA596A218E0B}
O42 - Logiciel: VAIO Content Metadata Intelligent Analyzing Manager - (.Sony Corporation.) [HKLM] -- {FD72E69E-CF34-4071-BFD6-FD081A365E2C}
O42 - Logiciel: VAIO Content Metadata Manager Setting - (.Sony Corporation.) [HKLM] -- {FE697886-F392-4E0D-A0C0-47587BF60992}
O42 - Logiciel: VAIO Content Metadata XML Interface Library - (.Sony Corporation.) [HKLM] -- {CB8A8696-93EC-414E-A752-850AB133F68A}
O42 - Logiciel: VAIO Control Center - (.Sony Corporation.) [HKLM] -- {72042FA6-5609-489F-A8EA-3C2DD650F667}
O42 - Logiciel: VAIO DVD Menu Data Basic - (.Sony Corporation.) [HKLM] -- {596BED91-A1D8-4DF1-8CD1-1C777F7588AC}
O42 - Logiciel: VAIO Entertainment Platform - (.Sony Corporation.) [HKLM] -- {6B1F20F2-6321-4669-A58C-33DF8E7517FF}
O42 - Logiciel: VAIO Event Service - (.Sony Corporation.) [HKLM] -- {C7477742-DDB4-43E5-AC8D-0259E1E661B1}
O42 - Logiciel: VAIO Launcher - (.Sony Corporation.) [HKLM] -- {15D5C238-4C2E-4AEA-A66D-D6989A4C586B}
O42 - Logiciel: VAIO Marketing Tools - (.Sony Corporation.) [HKLM] -- MarketingTools
O42 - Logiciel: VAIO Media plus - (.Sony Corporation.) [HKLM] -- {8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}
O42 - Logiciel: VAIO Media plus Opening Movie - (.Sony Corporation.) [HKLM] -- {9238E8A4-BEBA-43A3-B926-769BDBF194C5}
O42 - Logiciel: VAIO Movie Story - (.Sony Corporation.) [HKLM] -- {B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}
O42 - Logiciel: VAIO Movie Story Template Data - (.Sony Corporation.) [HKLM] -- {6FA8BA2C-052B-4072-B8E2-2302C268BE9E}
O42 - Logiciel: VAIO MusicBox - (.Sony Corporation.) [HKLM] -- {4EA55D20-27FB-45D7-8726-147E8A5F6C62}
O42 - Logiciel: VAIO MusicBox Sample Music - (.Sony Corporation.) [HKLM] -- {98FC7A64-774B-49B5-B046-4B4EBC053FA9}
O42 - Logiciel: VAIO Original Function Setting - (.Sony Corporation.) [HKLM] -- {A63E7492-A0BC-4BB9-89A7-352965222380}
O42 - Logiciel: VAIO Smart Network - (.Sony Corporation.) [HKLM] -- {3B659FAD-E772-44A3-B7E7-560FF084669F}
O42 - Logiciel: VAIO Update 4 - (.Sony Corporation.) [HKLM] -- {83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}
O42 - Logiciel: VAIO Wallpaper Contents - (.Sony Corporation.) [HKLM] -- {D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}
O42 - Logiciel: Visual C++ 9.0 Runtime for Dragon NaturallySpeaking - (.Nuance Communications Inc..) [HKLM] -- {4A5A427F-BA39-4BF0-9999-9A47FBE60C9F}
O42 - Logiciel: WebTablet IE Plugin - (.Wacom Technology Corp..) [HKLM] -- Wacom WebTabletPlugin for IE
O42 - Logiciel: WebTablet Netscape Plugin - (.Wacom Technology Corp..) [HKLM] -- Wacom WebTabletPlugin for Netscape
O42 - Logiciel: WinDVD for VAIO - (.InterVideo Inc..) [HKLM] -- InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {ED00D08A-3C5F-488D-93A0-A04F21F23956}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}
O42 - Logiciel: Yahoo! Software Update - (.Pas de propriétaire.) [HKLM] -- Yahoo! Software Update
O42 - Logiciel: Yahoo! Toolbar - (.Pas de propriétaire.) [HKLM] -- Yahoo! Companion
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {3127F76D-5335-4AC7-BD1E-2F5247A23C24}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ABU]
[HKCU\Software\ALWIL Software]
[HKCU\Software\ATI]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Aurigma]
[HKCU\Software\AppDataLow\Google]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\ArcSoft]
[HKCU\Software\Ares]
[HKCU\Software\CanonBJ]
[HKCU\Software\Canon]
[HKCU\Software\Canon_Inc_IC]
[HKCU\Software\Classes.crx]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Datamngr]
[HKCU\Software\DivXNetworks]
[HKCU\Software\Dragon Systems]
[HKCU\Software\EPSON]
[HKCU\Software\FLEXnet]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\InstallShield]
[HKCU\Software\Intel]
[HKCU\Software\InterVideo]
[HKCU\Software\JavaSoft]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\MainConcept (Adobe2)]
[HKCU\Software\MainConcept]
[HKCU\Software\Minnetonka Audio Software]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\PDFCreator]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\Roxio]
[HKCU\Software\SSPrint]
[HKCU\Software\SSScan]
[HKCU\Software\Samsung]
[HKCU\Software\ScanSoft]
[HKCU\Software\Skype]
[HKCU\Software\Sony Corporation]
[HKCU\Software\Synaptics]
[HKCU\Software\Sysinternals]
[HKCU\Software\Trolltech]
[HKCU\Software\Wacom]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yahoo]
[HKCU\Software\keyhole.com]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\America Online]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\CDDB]
[HKLM\Software\CXT]
[HKLM\Software\Canon]
[HKLM\Software\Canon_Inc_IC]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conexant Systems Inc ]
[HKLM\Software\Conexant]
[HKLM\Software\Corel]
[HKLM\Software\Debug]
[HKLM\Software\Digital River]
[HKLM\Software\DivXNetworks]
[HKLM\Software\Dragon Systems]
[HKLM\Software\EPSON]
[HKLM\Software\GEAR Software]
[HKLM\Software\Gabest]
[HKLM\Software\Google]
[HKLM\Software\I.R.I.S.]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Licenses]
[HKLM\Software\MAXSOFT-OCRON]
[HKLM\Software\Macromedia]
[HKLM\Software\Macrovision]
[HKLM\Software\MimarSinan]
[HKLM\Software\Minnetonka Audio Software]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nuance]
[HKLM\Software\ODBC]
[HKLM\Software\PDFCreator]
[HKLM\Software\Policies]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Roxio]
[HKLM\Software\SPanel]
[HKLM\Software\SRS Labs]
[HKLM\Software\SSPrint]
[HKLM\Software\SSScan]
[HKLM\Software\Samsung Electronics Co., Ltd.]
[HKLM\Software\Samsung]
[HKLM\Software\ScanSoft]
[HKLM\Software\SiteAdvisor]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Corporation]
[HKLM\Software\Synaptics]
[HKLM\Software\Voice]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Wacom]
[HKLM\Software\Waves Audio]
[HKLM\Software\Windows]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\Yahoo]
[HKLM\Software\illiminable]
~ Scan Softwares in 00mn 00s
Revenir en haut Aller en bas
acrylique
bibounet
bibounet


Féminin
Nombre de messages : 11
Age : 30
Localisation : Nord
Date d'inscription : 06/12/2011

MessageSujet: Re: [fermé]Infection avec searchqu.com/406   Mar 6 Déc 2011 - 11:27


---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 06/12/2011 - 09:56:36 - [7,536] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 26/09/2011 - 18:48:30 - [1143,061] ----D- C:\Program Files\Adobe
O43 - CFD: 23/01/2010 - 23:17:14 - [204,413] ----D- C:\Program Files\Alwil Software
O43 - CFD: 06/09/2011 - 15:29:54 - [2,316] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 20/05/2009 - 15:18:38 - [57,916] ----D- C:\Program Files\ArcSoft
O43 - CFD: 30/10/2011 - 16:37:22 - [4,783] ----D- C:\Program Files\Ares
O43 - CFD: 22/10/2008 - 10:25:22 - [13,613] ----D- C:\Program Files\ATI
O43 - CFD: 20/05/2009 - 14:40:26 - [107,989] ----D- C:\Program Files\ATI Technologies
O43 - CFD: 06/10/2011 - 12:45:02 - [14,535] ----D- C:\Program Files\Bamboo Dock
O43 - CFD: 25/09/2011 - 17:21:06 - [4,427] ----D- C:\Program Files\Bamboo Explore
O43 - CFD: 20/05/2009 - 14:38:56 - [153,459] ----D- C:\Program Files\Big Fish Games Suite de jeu
O43 - CFD: 15/11/2011 - 18:27:52 - [0,586] ----D- C:\Program Files\Bonjour
O43 - CFD: 10/06/2011 - 19:13:08 - [398,653] ----D- C:\Program Files\Canon
O43 - CFD: 20/05/2009 - 15:22:28 - [5,932] ----D- C:\Program Files\Cisco
O43 - CFD: 05/12/2011 - 18:31:04 - [2005,129] ----D- C:\Program Files\Common Files
O43 - CFD: 22/10/2008 - 10:42:44 - [1,012] ----D- C:\Program Files\CONEXANT
O43 - CFD: 25/01/2010 - 09:48:16 - [0] ----D- C:\Program Files\EPSON
O43 - CFD: 20/05/2009 - 19:43:30 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 31/05/2010 - 16:11:32 - [22,294] ----D- C:\Program Files\Free Audio Pack
O43 - CFD: 21/11/2011 - 09:13:00 - [528,291] ----D- C:\Program Files\Google
O43 - CFD: 05/12/2011 - 19:00:28 - [34,213] ----D- C:\Program Files\iLivid
O43 - CFD: 11/10/2011 - 17:35:08 - [225,082] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 20/05/2009 - 15:22:26 - [62,924] ----D- C:\Program Files\Intel
O43 - CFD: 29/05/2009 - 07:47:46 - [5,634] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 20/05/2009 - 15:21:50 - [121,718] ----D- C:\Program Files\InterVideo
O43 - CFD: 15/11/2011 - 18:34:06 - [1,925] ----D- C:\Program Files\iPod
O43 - CFD: 15/11/2011 - 18:35:42 - [142,730] ----D- C:\Program Files\iTunes
O43 - CFD: 01/04/2011 - 10:39:12 - [165,485] ----D- C:\Program Files\Java
O43 - CFD: 07/11/2011 - 22:35:50 - [19,813] ----D- C:\Program Files\Media Player Classic - Home Cinema
O43 - CFD: 15/11/2009 - 13:53:46 - [0,223] ----D- C:\Program Files\Microsoft
O43 - CFD: 02/11/2006 - 13:37:36 - [88,508] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 20/05/2009 - 15:04:10 - [594,821] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 20/05/2009 - 15:05:18 - [7,431] ----D- C:\Program Files\Microsoft Office Suite Activation Assistant
O43 - CFD: 03/12/2011 - 19:40:56 - [36,633] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 10/10/2009 - 22:13:14 - [20,616] ----D- C:\Program Files\Microsoft Small Business
O43 - CFD: 22/05/2009 - 05:48:20 - [95,130] ----D- C:\Program Files\Microsoft SQL Server
O43 - CFD: 15/11/2009 - 13:51:42 - [1,745] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 15/11/2009 - 13:52:56 - [0,213] ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 20/05/2009 - 14:57:32 - [0,014] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 23/05/2009 - 19:05:12 - [3,554] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 10/10/2009 - 22:13:18 - [8,293] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 21/01/2008 - 03:35:18 - [94,575] ----D- C:\Program Files\Movie Maker
O43 - CFD: 02/11/2006 - 13:37:36 - [0,025] ----D- C:\Program Files\MSBuild
O43 - CFD: 22/05/2009 - 05:44:16 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 21/04/2011 - 20:52:32 - [394,267] ----D- C:\Program Files\Nuance
O43 - CFD: 10/10/2009 - 22:13:20 - [6,560] ----D- C:\Program Files\PDFCreator
O43 - CFD: 15/11/2011 - 18:41:28 - [74,779] ----D- C:\Program Files\QuickTime
O43 - CFD: 11/05/2011 - 19:02:34 - [88,289] ----D- C:\Program Files\Readiris10
O43 - CFD: 03/07/2011 - 07:25:06 - [91,463] ----D- C:\Program Files\Real
O43 - CFD: 22/10/2008 - 10:41:00 - [87,096] ----D- C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 13:37:36 - [36,847] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 20/05/2009 - 15:10:34 - [5,183] ----D- C:\Program Files\Roxio
O43 - CFD: 11/05/2011 - 18:50:38 - [184,879] ----D- C:\Program Files\Samsung
O43 - CFD: 11/05/2011 - 18:55:48 - [10,009] ----D- C:\Program Files\SamsungPrinterLiveUpdate
O43 - CFD: 11/05/2011 - 18:58:38 - [14,971] ----D- C:\Program Files\Scan Assistant
O43 - CFD: 06/12/2011 - 09:51:42 - [0,085] ----D- C:\Program Files\Shareaza
O43 - CFD: 12/11/2011 - 11:09:00 - [18,169] R---D- C:\Program Files\Skype
O43 - CFD: 11/05/2011 - 19:04:00 - [9,816] ----D- C:\Program Files\SmarThru 4
O43 - CFD: 20/05/2009 - 15:23:26 - [1117,488] ----D- C:\Program Files\sony
O43 - CFD: 22/10/2008 - 10:43:46 - [12,907] ----D- C:\Program Files\Synaptics
O43 - CFD: 25/09/2011 - 17:07:54 - [77,217] ----D- C:\Program Files\Tablet
O43 - CFD: 25/09/2011 - 17:07:48 - [0,805] ----D- C:\Program Files\TabletPlugins
O43 - CFD: 02/11/2006 - 14:01:56 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 04/12/2011 - 15:48:42 - [23,182] ----D- C:\Program Files\VideoLAN
O43 - CFD: 21/01/2008 - 03:35:20 - [0,970] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 21/01/2008 - 03:35:16 - [2,633] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 21/01/2008 - 03:35:10 - [4,284] ----D- C:\Program Files\Windows Defender
O43 - CFD: 21/01/2008 - 03:35:16 - [6,756] ----D- C:\Program Files\Windows Journal
O43 - CFD: 15/11/2009 - 13:53:18 - [78,881] ----D- C:\Program Files\Windows Live
O43 - CFD: 13/11/2009 - 10:22:20 - [0,234] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 22/05/2009 - 06:04:20 - [8,695] ----D- C:\Program Files\Windows Mail
O43 - CFD: 22/05/2009 - 06:04:24 - [4,287] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 20/05/2009 - 19:43:30 - [7,575] ----D- C:\Program Files\Windows NT
O43 - CFD: 21/01/2008 - 03:35:16 - [12,841] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 21/01/2008 - 03:35:18 - [6,350] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 18/11/2010 - 20:44:08 - [4,949] ----D- C:\Program Files\Yahoo!
O43 - CFD: 18/04/2011 - 06:42:06 - [1142,889] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 26/09/2011 - 18:48:26 - [30,069] ----D- C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 30/11/2011 - 10:17:42 - [139,589] ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 20/05/2009 - 15:18:38 - [16,671] ----D- C:\Program Files\Common Files\ArcSoft
O43 - CFD: 01/01/2010 - 17:39:14 - [1,065] ----D- C:\Program Files\Common Files\CANON
O43 - CFD: 23/09/2010 - 14:47:16 - [0,258] ----D- C:\Program Files\Common Files\Control Panels
O43 - CFD: 20/05/2009 - 14:57:30 - [0,089] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 20/05/2009 - 14:47:14 - [3,045] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 20/05/2009 - 15:22:26 - [7,320] ----D- C:\Program Files\Common Files\Intel
O43 - CFD: 20/05/2009 - 15:21:50 - [0,171] ----D- C:\Program Files\Common Files\InterVideo
O43 - CFD: 21/04/2011 - 20:58:16 - [1,440] ----D- C:\Program Files\Common Files\IVA
O43 - CFD: 01/04/2011 - 10:39:42 - [37,301] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 23/09/2010 - 14:09:56 - [0,625] ----D- C:\Program Files\Common Files\Macrovision Shared
O43 - CFD: 10/10/2009 - 22:13:06 - [407,420] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 06/09/2011 - 10:08:52 - [0,397] ----D- C:\Program Files\Common Files\Nuance
O43 - CFD: 20/05/2009 - 15:10:38 - [4,336] ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 03/07/2011 - 07:24:16 - [1,078] ----D- C:\Program Files\Common Files\Real
O43 - CFD: 20/05/2009 - 15:10:38 - [40,520] ----D- C:\Program Files\Common Files\Roxio Shared
O43 - CFD: 02/11/2006 - 12:18:34 - [0,003] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 12/11/2011 - 11:09:00 - [2,150] ----D- C:\Program Files\Common Files\Skype
O43 - CFD: 20/05/2009 - 15:10:10 - [1,038] ----D- C:\Program Files\Common Files\Sonic Shared
O43 - CFD: 20/05/2009 - 15:14:44 - [54,703] ----D- C:\Program Files\Common Files\Sony Shared
O43 - CFD: 02/11/2006 - 12:18:34 - [39,198] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 11/05/2011 - 19:03:22 - [0,000] ----D- C:\Program Files\Common Files\SRC Shared
O43 - CFD: 15/11/2009 - 13:53:36 - [40,772] ----D- C:\Program Files\Common Files\System
O43 - CFD: 16/06/2009 - 08:46:38 - [0] ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 21/05/2009 - 09:38:40 - [32,647] -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller
O43 - CFD: 03/07/2011 - 07:25:06 - [0,336] ----D- C:\Program Files\Common Files\xing shared
O43 - CFD: 25/09/2011 - 17:09:44 - [136,951] ----D- C:\ProgramData\Adobe
O43 - CFD: 23/09/2010 - 14:44:52 - [0] ----D- C:\ProgramData\ALM
O43 - CFD: 25/09/2011 - 17:07:56 - [0,000] ----D- C:\ProgramData\AppData
O43 - CFD: 27/11/2010 - 10:58:42 - [212,074] ----D- C:\ProgramData\Apple
O43 - CFD: 24/11/2010 - 22:33:00 - [67,568] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 12/11/2011 - 11:08:04 - [1,612] ----D- C:\ProgramData\ArcSoft
O43 - CFD: 20/05/2009 - 14:41:12 - [0,000] ----D- C:\ProgramData\ATI
O43 - CFD: 05/12/2011 - 19:15:12 - [23,332] ----D- C:\ProgramData\AVAST Software
O43 - CFD: 05/12/2011 - 18:30:40 - [0] ----D- C:\ProgramData\Babylon
O43 - CFD: 05/12/2011 - 18:43:18 - [0,000] ----D- C:\ProgramData\boost_interprocess
O43 - CFD: 20/05/2009 - 19:43:30 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 16/06/2009 - 15:55:10 - [19,012] --H-D- C:\ProgramData\CanonBJ
O43 - CFD: 27/10/2009 - 15:21:32 - [0,000] --H-D- C:\ProgramData\CanonIJEGV
O43 - CFD: 27/10/2009 - 15:18:16 - [0,000] --H-D- C:\ProgramData\CanonIJEPPEX
O43 - CFD: 14/11/2011 - 18:45:20 - [0,115] ----D- C:\ProgramData\CanonIJPLM
O43 - CFD: 11/05/2011 - 19:05:34 - [0] --H-D- C:\ProgramData\CanonIJScan
O43 - CFD: 27/10/2009 - 15:18:38 - [0,000] --H-D- C:\ProgramData\CanonIJSolutionMenu
O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 24/01/2010 - 21:47:56 - [0,000] ----D- C:\ProgramData\EPSON
O43 - CFD: 20/05/2009 - 19:43:30 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 03/12/2011 - 19:44:34 - [3,924] ----D- C:\ProgramData\FLEXnet
O43 - CFD: 10/10/2009 - 18:02:20 - [0,515] ----D- C:\ProgramData\Google
O43 - CFD: 20/05/2009 - 15:22:26 - [0,001] ----D- C:\ProgramData\Intel
O43 - CFD: 21/02/2010 - 15:57:30 - [0,007] ----D- C:\ProgramData\McAfee
O43 - CFD: 20/05/2009 - 19:43:30 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 25/01/2011 - 18:45:00 - [320,326] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 24/05/2009 - 08:20:38 - [0,061] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 20/05/2009 - 19:43:30 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 21/04/2011 - 20:52:32 - [-1837,618] ----D- C:\ProgramData\Nuance
O43 - CFD: 05/12/2011 - 19:00:24 - [1,454] ----D- C:\ProgramData\Real
O43 - CFD: 20/05/2009 - 15:23:04 - [0] ----D- C:\ProgramData\Roaming
O43 - CFD: 20/09/2011 - 12:28:58 - [0,023] ----D- C:\ProgramData\Samsung
O43 - CFD: 20/05/2009 - 14:51:54 - [0,000] ----D- C:\ProgramData\SiteAdvisor
O43 - CFD: 12/11/2011 - 11:08:52 - [59,504] ----D- C:\ProgramData\Skype
O43 - CFD: 12/11/2011 - 11:10:08 - [6,324] ----D- C:\ProgramData\Skype Extras
O43 - CFD: 20/05/2009 - 15:10:46 - [0,001] ----D- C:\ProgramData\Sonic
O43 - CFD: 25/10/2010 - 13:49:44 - [939,496] ----D- C:\ProgramData\Sony Corporation
O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 05/04/2010 - 13:53:40 - [0,000] ----D- C:\ProgramData\Sun
O43 - CFD: 19/11/2011 - 03:00:22 - [0] ---AD- C:\ProgramData\TEMP
O43 - CFD: 02/11/2006 - 14:02:06 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 20/05/2009 - 15:10:52 - [19,420] ----D- C:\ProgramData\Uninstall
O43 - CFD: 06/10/2011 - 12:45:10 - [5,112] ----D- C:\ProgramData\Wacom
O43 - CFD: 21/05/2009 - 09:10:40 - [0] ----D- C:\ProgramData\WindowsSearch
O43 - CFD: 21/05/2009 - 09:32:34 - [0,206] ----D- C:\ProgramData\WLInstaller
O43 - CFD: 18/11/2010 - 20:44:08 - [0,004] ----D- C:\ProgramData\Yahoo!
O43 - CFD: 18/11/2010 - 20:44:20 - [0,005] ----D- C:\ProgramData\Yahoo! Companion
O43 - CFD: 01/01/2010 - 17:40:42 - [0] ----D- C:\ProgramData\ZoomBrowser
O43 - CFD: 24/11/2010 - 22:34:22 - [0,516] ----D- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
O43 - CFD: 26/01/2010 - 11:28:44 - [0,003] ----D- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
O43 - CFD: 05/12/2011 - 18:29:44 - [0,553] --H-D- C:\ProgramData\~0
O43 - CFD: 25/09/2011 - 19:14:54 - [26,615] ----D- C:\Users\carole\AppData\Roaming\Adobe
O43 - CFD: 27/11/2010 - 11:02:26 - [-1077,401] ----D- C:\Users\carole\AppData\Roaming\Apple Computer
O43 - CFD: 05/04/2010 - 22:30:32 - [0,004] ----D- C:\Users\carole\AppData\Roaming\ArcSoft
O43 - CFD: 20/05/2009 - 20:03:26 - [0] ----D- C:\Users\carole\AppData\Roaming\ATI
O43 - CFD: 05/12/2011 - 18:30:40 - [0,002] ----D- C:\Users\carole\AppData\Roaming\Babylon
O43 - CFD: 25/09/2011 - 17:21:40 - [0,000] ----D- C:\Users\carole\AppData\Roaming\Bamboo Explore
O43 - CFD: 10/06/2011 - 19:12:04 - [0] ----D- C:\Users\carole\AppData\Roaming\Canon
O43 - CFD: 05/12/2011 - 19:00:28 - [0,000] ----D- C:\Users\carole\AppData\Roaming\dvdcss
O43 - CFD: 21/04/2011 - 21:29:46 - [0,001] ----D- C:\Users\carole\AppData\Roaming\FLEXnet
O43 - CFD: 31/05/2010 - 16:05:04 - [0,000] ----D- C:\Users\carole\AppData\Roaming\FreeAudioPack
O43 - CFD: 20/05/2009 - 23:02:52 - [0,100] ----D- C:\Users\carole\AppData\Roaming\Google
O43 - CFD: 21/01/2008 - 02:43:08 - [0] ----D- C:\Users\carole\AppData\Roaming\Identities
O43 - CFD: 11/05/2011 - 18:55:58 - [0] ----D- C:\Users\carole\AppData\Roaming\InstallShield
O43 - CFD: 01/10/2009 - 15:17:38 - [0] ----D- C:\Users\carole\AppData\Roaming\Intel
O43 - CFD: 19/08/2009 - 18:17:22 - [0] ----D- C:\Users\carole\AppData\Roaming\InterVideo
O43 - CFD: 20/05/2009 - 23:07:42 - [0,188] ----D- C:\Users\carole\AppData\Roaming\Macromedia
O43 - CFD: 02/11/2006 - 13:37:36 - [0] ----D- C:\Users\carole\AppData\Roaming\Media Center Programs
O43 - CFD: 07/11/2011 - 22:36:06 - [0,000] ----D- C:\Users\carole\AppData\Roaming\Media Player Classic
O43 - CFD: 20/09/2011 - 11:15:46 - [20,755] -S--D- C:\Users\carole\AppData\Roaming\Microsoft
O43 - CFD: 21/04/2011 - 21:30:12 - [0,222] ----D- C:\Users\carole\AppData\Roaming\Nuance
O43 - CFD: 03/07/2011 - 07:25:26 - [5,983] ----D- C:\Users\carole\AppData\Roaming\Real
O43 - CFD: 06/12/2011 - 09:51:42 - [0] ----D- C:\Users\carole\AppData\Roaming\Shareaza
O43 - CFD: 15/11/2011 - 11:09:04 - [1,784] ----D- C:\Users\carole\AppData\Roaming\Skype
O43 - CFD: 15/11/2011 - 09:54:20 - [0,066] ----D- C:\Users\carole\AppData\Roaming\skypePM
O43 - CFD: 12/04/2011 - 11:18:28 - [0,073] ----D- C:\Users\carole\AppData\Roaming\Sony Corporation
O43 - CFD: 05/12/2011 - 13:57:48 - [0,686] ----D- C:\Users\carole\AppData\Roaming\vlc
O43 - CFD: 25/09/2011 - 17:13:58 - [0,000] ----D- C:\Users\carole\AppData\Roaming\Wacom
O43 - CFD: 25/09/2011 - 17:14:00 - [0,000] ----D- C:\Users\carole\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
O43 - CFD: 25/09/2011 - 17:08:04 - [0,063] ----D- C:\Users\carole\AppData\Roaming\WTablet
O43 - CFD: 18/11/2010 - 20:44:04 - [0] ----D- C:\Users\carole\AppData\Roaming\Yahoo!
O43 - CFD: 01/01/2010 - 19:54:16 - [0] ----D- C:\Users\carole\AppData\Roaming\ZoomBrowser EX
O43 - CFD: 26/09/2011 - 18:47:44 - [469,831] ----D- C:\Users\carole\AppData\Local\Adobe
O43 - CFD: 18/11/2010 - 20:50:44 - [14,858] ----D- C:\Users\carole\AppData\Local\adslTV
O43 - CFD: 26/01/2010 - 11:25:16 - [0] ----D- C:\Users\carole\AppData\Local\Apple
O43 - CFD: 27/09/2011 - 17:41:32 - [8,463] ----D- C:\Users\carole\AppData\Local\Apple Computer
O43 - CFD: 20/05/2009 - 20:02:18 - [0] -SH-D- C:\Users\carole\AppData\Local\Application Data
O43 - CFD: 15/11/2009 - 21:20:44 - [0,000] ----D- C:\Users\carole\AppData\Local\ArcSoft
O43 - CFD: 09/11/2011 - 10:57:24 - [0,047] ----D- C:\Users\carole\AppData\Local\Ares
O43 - CFD: 20/05/2009 - 20:03:26 - [0,037] ----D- C:\Users\carole\AppData\Local\ATI
O43 - CFD: 05/12/2011 - 18:30:40 - [1,365] ----D- C:\Users\carole\AppData\Local\Babylon
O43 - CFD: 05/12/2011 - 18:45:44 - [-1140,701] ----D- C:\Users\carole\AppData\Local\Google
O43 - CFD: 20/05/2009 - 20:02:18 - [0] -SH-D- C:\Users\carole\AppData\Local\Historique
O43 - CFD: 20/11/2011 - 09:10:42 - [0,014] ----D- C:\Users\carole\AppData\Local\Ilivid Player
O43 - CFD: 25/09/2011 - 17:07:58 - [2005,577] ----D- C:\Users\carole\AppData\Local\Microsoft
O43 - CFD: 24/12/2009 - 19:32:14 - [1,603] ----D- C:\Users\carole\AppData\Local\Microsoft Games
O43 - CFD: 24/09/2009 - 12:03:38 - [0,101] ----D- C:\Users\carole\AppData\Local\Microsoft Help
O43 - CFD: 20/11/2011 - 09:08:14 - [0] ----D- C:\Users\carole\AppData\Local\PackageAware
O43 - CFD: 24/05/2009 - 20:47:42 - [0] ----D- C:\Users\carole\AppData\Local\Real
O43 - CFD: 11/05/2011 - 18:57:28 - [0,002] ----D- C:\Users\carole\AppData\Local\S2PC
O43 - CFD: 12/07/2009 - 23:08:18 - [0,004] ----D- C:\Users\carole\AppData\Local\Shareaza
O43 - CFD: 20/05/2009 - 20:03:34 - [0,001] ----D- C:\Users\carole\AppData\Local\Sony_Corporation
O43 - CFD: 06/12/2011 - 09:55:44 - [1045,176] ----D- C:\Users\carole\AppData\Local\Temp
O43 - CFD: 20/05/2009 - 20:02:18 - [0] -SH-D- C:\Users\carole\AppData\Local\Temporary Internet Files
O43 - CFD: 08/01/2010 - 19:46:16 - [4,230] ----D- C:\Users\carole\AppData\Local\VirtualStore
~ Scan Program Folder in 01mn 40s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.94B5FEA2A3A66F1D30747D183FC3B1A6] - 06/12/2011 - 09:41:29 ---A- . (...) -- C:\AdwCleaner[R1].txt [1741]
O44 - LFC:[MD5.BF289A3EDA4326A47F04600C11D37D89] - 06/12/2011 - 09:40:47 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1539066]
O44 - LFC:[MD5.17A682D706BC24FFE422BC3372086BB6] - 06/12/2011 - 09:36:02 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.01C47C2ECED034EF6F8C1552A97CFF00] - 05/12/2011 - 19:15:31 ---A- . (...) -- C:\Windows\system32\config.nt [2577]
O44 - LFC:[MD5.67C515A0B74C01AB84D6B4265674742F] - 05/12/2011 - 18:42:09 ---A- . (...) -- C:\Windows\PFRO.log [418950]
O44 - LFC:[MD5.C93DB0C1EF75C9B99CA7A78B178D179B] - 29/11/2011 - 08:54:53 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [5300]
O44 - LFC:[MD5.1D414E4502A4ED56FD26F59EF20FD616] - 29/11/2011 - 08:54:53 ---A- . (...) -- C:\Windows\system32\perfc009.dat [564756]
O44 - LFC:[MD5.C292CD6D8C852638CD71C76E6F9149EE] - 29/11/2011 - 08:54:53 ---A- . (...) -- C:\Windows\system32\perfc00C.dat [650348]
O44 - LFC:[MD5.DDBA80A94685076D12CC2D4EFF94C34C] - 29/11/2011 - 08:54:53 ---A- . (...) -- C:\Windows\system32\perfh009.dat [1100362]
O44 - LFC:[MD5.47A8B73FB3448EE20AD34998DC072110] - 29/11/2011 - 08:54:53 ---A- . (...) -- C:\Windows\system32\perfh00C.dat [2189286]
O44 - LFC:[MD5.695B9ED5CC7F9CBEE89074C81C119FC4] - 28/11/2011 - 19:01:25 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [41184]
O44 - LFC:[MD5.3E6CCAFAD21D55A4DD6435448A24A9FC] - 28/11/2011 - 19:01:23 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\system32\aswBoot.exe [199816]
O44 - LFC:[MD5.8D34D2B24297E27D93E847319ABFDEC4] - 28/11/2011 - 18:53:53 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [435032]
O44 - LFC:[MD5.010012597333DA1F46C3243F33F8409E] - 28/11/2011 - 18:53:35 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [314456]
O44 - LFC:[MD5.352D5A48EBAB35A7693B048679304831] - 28/11/2011 - 18:52:19 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [34392]
O44 - LFC:[MD5.F9F84364416658E9786235904D448D37] - 28/11/2011 - 18:52:16 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [52952]
O44 - LFC:[MD5.258143605E77E4008F1758481D6A977D] - 28/11/2011 - 18:52:07 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\system32\drivers\aswMonFlt.sys [55128]
O44 - LFC:[MD5.054DF24C92B55427E0757CFFF160E4F2] - 28/11/2011 - 18:51:50 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [20568]
O44 - LFC:[MD5.349E16AB70E4F47F91D4E55C4F6FC95A] - 12/11/2011 - 14:01:55 ---A- . (...) -- C:\Windows\setupact.log [105587]
~ Scan Files in 00mn 06s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\system32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\system32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\system32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\system32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\system32\tspkg.dll
~ Scan Keys in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{9e970830-17ea-11df-8fd3-001dbab62ff3}\AutoRun\command. (...) -- H:\LaunchU3.exe (.not file.)
~ Scan Keys in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll
O52 - TDSD: \Drivers32\"VIDC.dvsd"="C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.pspgru"="pspgru.acm" . (.Philips Austria GmbH - Speech Processing - PSPGRU.) -- C:\Windows\system32\pspgru.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"pspgru.acm"="Philips StandardPlay Audio CODEC" . (.Philips Austria GmbH - Speech Processing - PSPGRU.) -- C:\Windows\system32\pspgru.acm
~ Scan Keys in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53) (None)

---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
~ Scan Keys in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968]
O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600]
O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432]
O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560]
O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 21/01/2008 - 03:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17464]
O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416]
O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928]
O58 - SDL:[MD5.857B48965A0503B7AB795D4BFE7CBD8B] - 20/05/2009 - 13:06:40 ---A- . (.ArcSoft, Inc. - Pas de description.) -- C:\Windows\system32\drivers\ArcSoftKsUFilter.sys [17920]
O58 - SDL:[MD5.054DF24C92B55427E0757CFFF160E4F2] - 20/05/2009 - 18:51:50 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [20568]
O58 - SDL:[MD5.258143605E77E4008F1758481D6A977D] - 25/11/2009 - 18:52:07 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [55128]
O58 - SDL:[MD5.352D5A48EBAB35A7693B048679304831] - 20/05/2009 - 18:52:19 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [34392]
O58 - SDL:[MD5.8D34D2B24297E27D93E847319ABFDEC4] - 12/04/2011 - 18:53:53 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [435032]
O58 - SDL:[MD5.010012597333DA1F46C3243F33F8409E] - 20/05/2009 - 18:53:35 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [314456]
O58 - SDL:[MD5.F9F84364416658E9786235904D448D37] - 20/05/2009 - 18:52:16 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [52952]
O58 - SDL:[MD5.600EFE56F37ADBD65A0FB076B50D1B8D] - 22/10/2008 - 01:04:47 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athr.sys [909824]
O58 - SDL:[MD5.9F66D1BA97911731133E46212539A08D] - 22/10/2008 - 02:47:20 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [3847168]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]
O58 - SDL:[MD5.9714B7C918C6543D69074EC101F86AC4] - 20/05/2009 - 02:00:00 ---A- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdr4_xp.sys [9072]
O58 - SDL:[MD5.0D856D16C08440BFB566D6CDD9948D4E] - 20/05/2009 - 02:00:00 ---A- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdralw2k.sys [9200]
O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 21/01/2008 - 03:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19000]
O58 - SDL:[MD5.7F19DBA1A467B838CCB23124A2C55568] - 11/05/2011 - 09:13:52 ---A- . (.Samsung Electronics Co., Ltd. - Windows 2k,XP IEEE-1284 parallel class driver for ECP, Byte, an.) -- C:\Windows\system32\drivers\DgivEcp.sys [38400]
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]
O58 - SDL:[MD5.F206E28ED74C491FD5D7C0A1119CE37F] - 22/10/2008 - 15:22:42 ---A- . (.Sony Corporation - Windows 2000 DMI Call Kernel Driver.) -- C:\Windows\system32\drivers\DMICall.sys [10216]
O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel(R) PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784]
O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584]
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 26/01/2010 - 14:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [26600]
O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504]
O58 - SDL:[MD5.9EBF2D102CCBB6BCDFBF1B7922F8BA2E] - 22/10/2008 - 03:14:12 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\HSXHWAZL.sys [207360]
O58 - SDL:[MD5.5A77AC34A0FFB70CE8B35B524FEDE9BA] - 22/10/2008 - 03:14:12 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\HSX_CNXT.sys [659968]
O58 - SDL:[MD5.7BC42C65B5C6281777C1A7605B253BA8] - 22/10/2008 - 03:14:16 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\HSX_DPV.sys [985600]
O58 - SDL:[MD5.DB0CC620B27A928D968C1A1E9CD9CB87] - 22/10/2008 - 01:20:41 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStor.sys [312344]
O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064]
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]
O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312]
O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656]
O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312]
O58 - SDL:[MD5.0CEA2D0D3FA284B85ED5B68365114F76] - 22/10/2008 - 03:14:16 ---A- . (.Conexant - Diagnostic Interface x86 Driver.) -- C:\Windows\system32\drivers\mdmxsdk.sys [12672]
O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288]
O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616]
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]
O58 - SDL:[MD5.BA420E8EBFCAD35581FE8E4C64F71469] - 20/05/2009 - 22:48:46 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\system32\drivers\NETw5v32.sys [3664384]
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]
O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968]
O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112]
O58 - SDL:[MD5.153D02480A0A2F45785522E814C634B6] - 20/05/2009 - 02:00:00 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\system32\drivers\pxhelp20.sys [44944]
O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360]
O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]
O58 - SDL:[MD5.001B4278407F4303EFC902A2B16F2453] - 20/05/2009 - 19:09:28 ---A- . (.InterVideo - regi driver.) -- C:\Windows\system32\drivers\regi.sys [11032]
O58 - SDL:[MD5.D0C2A0CE1091E08EFB7CCBA6CEA4C3F9] - 22/10/2008 - 01:33:45 ---A- . (.REDC - RICOH MS Driver.) -- C:\Windows\system32\drivers\rimsptsk.sys [68608]
O58 - SDL:[MD5.53EA7C7D1D3C4B11AE0EA7C8D75C4E82] - 22/10/2008 - 01:00:56 ---A- . (.REDC - RICOH SD/MMC Driver.) -- C:\Windows\system32\drivers\risdptsk.sys [46592]
O58 - SDL:[MD5.4A0F260DF9A5333C07F4AB40CA9D4F4B] - 22/10/2008 - 11:50:31 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2149912]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.8B7C1768D2CDE2E02E09A66563DDFD16] - 22/10/2008 - 01:06:22 ---A- . (.Sony Corporation - Sony Firmware Extension Parser driver.) -- C:\Windows\system32\drivers\SFEP.sys [9344]
O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808]
O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]
O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]
O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]
O58 - SDL:[MD5.99DA94793332AADBB17BBB521AE56E21] - 22/10/2008 - 03:42:50 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [181560]
O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.83CAFCB53201BBAC04D822F32438E244] - 06/09/2011 - 07:06:08 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl.sys [42496]
O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 21/01/2008 - 03:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20024]
O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616]
O58 - SDL:[MD5.46D67209550973257601A533E2AC5785] - 21/01/2008 - 03:23:22 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\VSTAZL3.SYS [200704]
O58 - SDL:[MD5.5C7BDCF5864DB00323FE2D90FA26A8A2] - 21/01/2008 - 03:23:23 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\VSTCNXT3.SYS [654336]
O58 - SDL:[MD5.EC36F1D542ED4252390D446BF6D4DFD0] - 21/01/2008 - 03:23:22 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\VSTDPV3.SYS [987648]
O58 - SDL:[MD5.F24EE97511FB901189E11CBBD51605BA] - 25/09/2011 - 20:19:36 ---A- . (.Wacom Technology - Wacom HID Mouse Monitor Filter Driver.) -- C:\Windows\system32\drivers\wacmoumonitor.sys [16240]
O58 - SDL:[MD5.427A8BC96F16C40DF81C2D2F4EDD32DD] - 25/09/2011 - 20:19:28 ---A- . (.Wacom Technology - Wacom Mouse Filter Driver.) -- C:\Windows\system32\drivers\wacommousefilter.sys [11312]
O58 - SDL:[MD5.846B58EA44BF8C92E4B59F4E2252C4C0] - 25/09/2011 - 20:19:26 ---A- . (.Wacom Technology - Virtual Hid Device.) -- C:\Windows\system32\drivers\wacomvhid.sys [14120]
O58 - SDL:[MD5.88AF537264F2B818DA15479CEEAF5D7C] - 22/10/2008 - 03:14:25 ---A- . (.Conexant Systems, Inc. - Modem Audio Device Driver.) -- C:\Windows\system32\drivers\XAudio.sys [8192]
O58 - SDL:[MD5.7D4CCA3659FA0780603206E3D12A993F] - 22/10/2008 - 01:07:16 ---A- . (.Marvell - Miniport Driver for Marvell Yukon Ethernet Controller..) -- C:\Windows\system32\drivers\yk60x86.sys [310272]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]
~ Scan Drivers in 00mn 08s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswFsBlk.sys (aswFsBlk) .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK
O64 - Services: CurCS - 28/11/2011 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswRdr.sys (aswRdr) .(.AVAST Software - avast! TDI RDR Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswTdi.sys (aswTdi) .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI
O64 - Services: CurCS - 22/08/2008 - C:\Windows\system32\DRIVERS\DMICall.sys (DMICall) .(.Sony Corporation - Windows 2000 DMI Call Kernel Driver.) - LEGACY_DMICALL
O64 - Services: CurCS - 17/04/2007 - C:\Windows\system32\drivers\regi.sys (regi) .(.InterVideo - regi driver.) - LEGACY_REGI
O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 12/07/2009 - C:\Windows\system32\Drivers\SSPORT.sys (SSPORT) .(.Samsung Electronics - 32bit Port Contention Driver.) - LEGACY_SSPORT
O64 - Services: CurCS - 25/01/2008 - C:\Windows\system32\DRIVERS\xaudio.sys (XAudio) .(.Conexant Systems, Inc. - Modem Audio Device Driver.) - LEGACY_XAUDIO
~ Scan Services in 00mn 06s
Revenir en haut Aller en bas
acrylique
bibounet
bibounet


Féminin
Nombre de messages : 11
Age : 30
Localisation : Nord
Date d'inscription : 06/12/2011

MessageSujet: Re: [fermé]Infection avec searchqu.com/406   Mar 6 Déc 2011 - 11:28


---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
~ Scan Keys in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6C69A95A-9599-4C11-8505-EF1679B8E3E7} - (Google) - http://www.google.fr
O69 - SBI: SearchScopes [HKCU] {70D46D94-BF1E-45ED-B567-48701376298E} - (Google Desktop) - http://127.0.0.1:4664/search&s=RjI9PmT6BRa9G1uJH2PpGzI4mH8?q={searchTerms}
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - (Search Results) - http://dts.search-results.com
~ Scan Keys in 00mn 00s



---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [24576]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [62976]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\system32\shsvcs.dll [247296]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [122880]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [574464]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [438272]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [314368]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [260608]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [68608]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [47104]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [288256]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242688]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [448512]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [1809944]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [758272]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247296]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [188416]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [19968]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [33280]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [111616]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [45056]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [153600]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [57344]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [161792]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [596992]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\system32\sessenv.dll [84992]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [81920]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [68096]
~ Scan Services in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.CE0970DBB489B4B05E30E5A8DD48AD11] [SPRF][23/05/2011] (...) -- C:\Users\carole\AppData\Local\d3d9caps.dat [2032]
[MD5.CB9C49FD03F8B7AACD9725217DA9F2A7] [SPRF][17/09/2009] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\Users\carole\AppData\Local\Temp\FlashPlayerUpdate.exe [1961312]
[MD5.AEA117FA4352B0B2A9CB8F3B10FA51FD] [SPRF][16/12/2009] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\Users\carole\AppData\Local\Temp\FlashPlayerUpdate01.exe [1956736]
[MD5.801278CD83F3ABA16CFC78141568762D] [SPRF][17/02/2010] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\Users\carole\AppData\Local\Temp\FlashPlayerUpdate02.exe [1955784]
[MD5.E5F1E5CAE32811A1AD884BEA43F1247C] [SPRF][21/06/2010] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.1 r53.) -- C:\Users\carole\AppData\Local\Temp\FlashPlayerUpdate03.exe [2605008]
[MD5.3374320A56B8A1809122432582782D93] [SPRF][18/09/2008] (. InterVideo Inc. - IVIVIDEO LOGID.64662.) -- C:\Users\carole\AppData\Local\Temp\F{0246CA20-776D-11D2-8010-00104B9B8592}0.xxx [6968080]
[MD5.3374320A56B8A1809122432582782D93] [SPRF][18/09/2008] (. InterVideo Inc. - IVIVIDEO LOGID.64662.) -- C:\Users\carole\AppData\Local\Temp\F{0246CA20-776D-11D2-8010-00104B9B8592}1.xxx [6968080]
[MD5.3374320A56B8A1809122432582782D93] [SPRF][18/09/2008] (. InterVideo Inc. - IVIVIDEO LOGID.64662.) -- C:\Users\carole\AppData\Local\Temp\F{0246CA20-776D-11D2-8010-00104B9B8592}2.xxx [6968080]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][12/12/2010] (...) -- C:\Users\carole\AppData\Local\Temp\hqltbdgu.dll [0]
[MD5.F4048FD8A19A366A0BE35C6E6D6CAFD1] [SPRF][30/05/2011] (...) -- C:\Users\carole\AppData\Local\Temp\installhelper.dll [1399808]
[MD5.9A96B8C7DE20B434964017EAD26C0348] [SPRF][15/03/2010] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\carole\AppData\Local\Temp\jre-6u19-windows-i586-iftw-rv.exe [921888]
[MD5.8567D383961D240F3566347AC4C83240] [SPRF][21/09/2010] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\carole\AppData\Local\Temp\jre-6u20-windows-i586-iftw-rv.exe [921376]
[MD5.A8D666FCE8EFD0788FA0DF14FB3491B4] [SPRF][10/02/2011] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\carole\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe [885536]
[MD5.97C30D842143B773620B1A4F39589760] [SPRF][13/11/2009] (.Microsoft Corporation - Windows Live Installer.) -- C:\Users\carole\AppData\Local\Temp\k77C257.exe [36270432]
[MD5.97C30D842143B773620B1A4F39589760] [SPRF][06/11/2009] (.Microsoft Corporation - Windows Live Installer.) -- C:\Users\carole\AppData\Local\Temp\muwFE30.exe [36270432]
[MD5.D3E007FBC92173642415D33A0CD83D18] [SPRF][06/10/2010] (.Google Inc. - GoogleToolbarNotifier.) -- C:\Users\carole\AppData\Local\Temp\SearchWithGoogleUpdate.exe [426552]
[MD5.5A5BFCEE355D475577B8E9ABDBB744DF] [SPRF][20/11/2011] (...) -- C:\Users\carole\AppData\Local\Temp\SetupDataMngr_Searchqu.exe [3521240]
[MD5.63BA89AC68DD8BCE74AF56EC1E96B819] [SPRF][09/05/2011] (.Skype Technologies S.A. - Skype.) -- C:\Users\carole\AppData\Local\Temp\SkypeSetup.exe [21256584]
[MD5.72412B526BCC716382E62B7939DCFD8F] [SPRF][25/08/2011] (...) -- C:\Users\carole\AppData\Local\Temp\SRAssetsHelper.dll [1085952]
[MD5.96A3450FB4DFDC4539185D68C7826616] [SPRF][20/11/2011] (...) -- C:\Users\carole\AppData\Local\Temp\thanks.bat [84]
[MD5.2D6B8E44F476AB8ECD458D724BC68E9A] [SPRF][06/12/2011] (...) -- C:\Users\carole\AppData\Local\Temp\Uninst.bat [545]
[MD5.A30EF117F088BCA2FF7F5AD18CEE65EC] [SPRF][12/08/2009] (.Microsoft Corporation - Windows Live Installer.) -- C:\Users\carole\AppData\Local\Temp\wlsetup-cvr.exe [36278112]
[MD5.DBE33AF9B716CDC6F2CDDB88FAECB70D] [SPRF][29/10/2009] (.Macrovision Corporation - Setup.exe.) -- C:\Users\carole\AppData\Local\Temp\_is7E06.exe [459432]
[MD5.A205551E7BA8580D2C0FF896A4D79FA9] [SPRF][31/10/2009] (.Macrovision Corporation - Setup.exe.) -- C:\Users\carole\AppData\Local\Temp\_isE82.exe [460248]
[MD5.77D31FB654A53DBFB151C7A8E11E3A02] [SPRF][17/07/2009] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1962160]
[MD5.6F315BDFE7148459DE3B4B59E6DFA1D4] [SPRF][19/08/2009] (.Microsoft® Corporation - Windows Live Photo Upload Tool.) -- C:\Windows\Downloaded Program Files\MsnPUpld.dll [641368]
[MD5.732CACA8E848F6E721B093E51FC50B1D] [SPRF][09/01/2007] (.Microsoft® Corporation - Outil MSN Téléchargement de photos.) -- C:\Windows\Downloaded Program Files\PURfr-fr.dll [110592]
~ Scan Files in 00mn 06s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{A6DD9593-1E8A-46C6-B805-FF8FA12BC008}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O87 - FAEL: "TCP Query User{C272968B-BF00-4689-80CE-4C4CBD33331E}C:\program files\real\realplayer\realplay.exe" | In - Public - P6 - TRUE | .(.RealNetworks, Inc. - RealPlayer.) -- C:\Program Files\Real\RealPlayer\realplay.exe
O87 - FAEL: "UDP Query User{E267742C-990F-45E9-A6B1-9D1144A9BC31}C:\program files\real\realplayer\realplay.exe" | In - Public - P17 - TRUE | .(.RealNetworks, Inc. - RealPlayer.) -- C:\Program Files\Real\RealPlayer\realplay.exe
O87 - FAEL: "TCP Query User{8FDD9D18-1804-414F-A994-09902B8C5A56}C:\program files\shareaza\shareaza.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\shareaza\shareaza.exe (.not file.)
O87 - FAEL: "UDP Query User{4E1E8B92-3666-4604-BDC9-83567C6854ED}C:\program files\shareaza\shareaza.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\shareaza\shareaza.exe (.not file.)
O87 - FAEL: "TCP Query User{7909ECE7-71E0-4A92-BA65-DB112266266B}C:\program files\real\realplayer\realplay.exe" | In - Private - P6 - TRUE | .(.RealNetworks, Inc. - RealPlayer.) -- C:\Program Files\Real\RealPlayer\realplay.exe
O87 - FAEL: "UDP Query User{D8273F66-37AD-4C3C-8E9E-9A59A43530A5}C:\program files\real\realplayer\realplay.exe" | In - Private - P17 - TRUE | .(.RealNetworks, Inc. - RealPlayer.) -- C:\Program Files\Real\RealPlayer\realplay.exe
O87 - FAEL: "TCP Query User{DC9B4A5E-12AE-4FF5-910C-4F505A162B7F}C:\program files\real\realplayer\recordingmanager.exe" | In - Private - P6 - TRUE | .(.RealNetworks, Inc..) -- C:\Program Files\Real\RealPlayer\recordingmanager.exe
O87 - FAEL: "UDP Query User{40ECB869-A2E2-4AA4-95E6-427CA493BC88}C:\program files\real\realplayer\recordingmanager.exe" | In - Private - P17 - TRUE | .(.RealNetworks, Inc..) -- C:\Program Files\Real\RealPlayer\recordingmanager.exe
O87 - FAEL: "{39FEFA41-C6C3-44F2-93DE-CE1118552D2E}" | In - Public - P6 - TRUE | .(.Adobe Systems Incorporated - Adobe Version Cue CS3.) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O87 - FAEL: "{BF118727-BDB8-4FDE-8E94-891BC7A9A361}" | In - Public - P17 - TRUE | .(.Adobe Systems Incorporated - Adobe Version Cue CS3.) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O87 - FAEL: "{3E5D0AB5-B9F1-429B-86E4-016107833AF7}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\adslTV\adsltv.exe (.not file.)
O87 - FAEL: "{0ECE6611-B99C-46DA-A250-BF5C313BA0E0}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\adslTV\adsltv.exe (.not file.)
O87 - FAEL: "{73D26B50-43A5-482B-B115-FC8A06CF4152}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\adslTV\VLC\vlc.exe (.not file.)
O87 - FAEL: "{996BBD01-592A-4E5A-8EE5-AFA8CB3CAD7C}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\adslTV\VLC\vlc.exe (.not file.)
O87 - FAEL: "{4F467D90-805A-4135-9E33-00D7C34D8467}" | In - Private - P6 - TRUE | .(.Samsung Electronics - Samsung Scan and Fax Manager.) -- C:\Windows\twain_32\Samsung\ScanMgr.exe
O87 - FAEL: "{50AB2D3F-B9CA-4BDE-8BFA-9FE43EC9DCC5}" | In - Private - P17 - TRUE | .(.Samsung Electronics - Samsung Scan and Fax Manager.) -- C:\Windows\twain_32\Samsung\ScanMgr.exe
O87 - FAEL: "{AC97CCB7-8BFC-4218-A6A4-39D2891510A7}" | In - Private - P6 - TRUE | .(.Pas de propriétaire - ScanToPc MFC Application.) -- C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
O87 - FAEL: "{355A3748-8893-42D5-BF41-1EFA11206490}" | In - Private - P17 - TRUE | .(.Pas de propriétaire - ScanToPc MFC Application.) -- C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
O87 - FAEL: "{2A84F6E1-8AD2-4F05-A5F7-B0ADA6EC9823}" | In - Private - P6 - TRUE | .(.Pas de propriétaire - Net_ScanToPC MFC Application.) -- C:\Windows\twain_32\Samsung\CLX3180\Sscan2io.exe
O87 - FAEL: "{FCA011AD-DA6B-414B-8CF5-6E748CB47B35}" | In - Private - P17 - TRUE | .(.Pas de propriétaire - Net_ScanToPC MFC Application.) -- C:\Windows\twain_32\Samsung\CLX3180\Sscan2io.exe
O87 - FAEL: "{A81E224C-6252-43EC-A56A-ACD113F60AB5}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
O87 - FAEL: "TCP Query User{214EFE19-25AB-49B2-B1D3-E166BEE6DAAD}C:\program files\ares\ares.exe" | In - Private - P6 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\Program Files\Ares\Ares.exe
O87 - FAEL: "UDP Query User{8B6C240A-968F-4756-9361-AA7A20133AFF}C:\program files\ares\ares.exe" | In - Private - P17 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\Program Files\Ares\Ares.exe
O87 - FAEL: "{57424E79-C091-456D-9EDE-D4662403584A}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{DAE832DB-DD13-41EE-B9EE-F3F96D79BB16}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{38B41753-C27B-41DE-816E-8A164087B234}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O87 - FAEL: "{CF816D65-BDD6-4506-8DA2-F0D9DCA84B68}" | In - Private - P6 - TRUE | .(.SweetIM Technologies, Ltd..) -- C:\Users\carole\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1ANYKGWO\SweetImSetup[1].exe
O87 - FAEL: "{56E2E3BA-6E34-45C6-B2DA-A97B9384D307}" | In - Private - P17 - TRUE | .(.SweetIM Technologies, Ltd..) -- C:\Users\carole\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1ANYKGWO\SweetImSetup[1].exe
~ Scan Firewall in 00mn 03s



---\\ Scan Additionnel (O88)
Database Version : 8855 - (03/12/2011)
Clés trouvées (Keys found) : 5
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 4
Fichiers trouvés (Files found) : 0

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKCU\Software\DataMngr] =>Adware.Bandoo
C:\ProgramData\Babylon =>Toolbar.Babylon
C:\Users\carole\AppData\Roaming\Babylon =>Toolbar.Babylon
C:\Users\carole\AppData\Local\Babylon =>Toolbar.Babylon
~ Scan Additionnel in 00mn 11s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Disabled 10/02/2011 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SS - | Disabled 23/09/2010 153792 | (Adobe Version Cue CS3) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
SS - | Disabled 15/11/2011 55144 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 22/10/2008 692224 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\System32\Ati2evxx.exe
SR - | Auto 28/11/2011 44768 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SS - | Disabled 15/11/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Disabled 21/04/2011 296808 | (DragonSvc) . (.Nuance Communications, Inc..) - C:\Program Files\Common Files\Nuance\dgnsvc.exe
SR - | Auto 20/05/2009 860160 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SS - | Disabled 23/09/2010 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Demand 13/08/2010 30192 | Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
SS - | Auto 29/01/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 29/01/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 29/06/2011 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 103808 | (IJPLMSVC) . (...) - C:\Program Files\Canon\IJPLM\ijplmsvc.exe
SR - | Demand 15/11/2011 821608 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Disabled 20/05/2009 112152 | (IviRegMgr) . (.InterVideo.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
SS - | Demand 20/05/2009 53248 | (MSCSPTISRV) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
SR - | Auto 20/05/2009 303104 | (NSUService) . (.Sony Corporation.) - C:\Program Files\sony\Network Utility\NSUService.exe
SS - | Demand 20/05/2009 53248 | (PACSPTISVR) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
SR - | Auto 20/05/2009 466944 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Auto 22/10/2008 104992 | (RtkAudioService) . (.Realtek Semiconductor.) - C:\Windows\RTKAUDIOSERVICE.exe
SS - | Demand 20/05/2009 103712 | (SOHCImp) . (.Sony Corporation.) - C:\Program Files\sony\VAIO Media plus\SOHCImp.exe
SS - | Demand 20/05/2009 353568 | (SOHDms) . (.Sony Corporation.) - C:\Program Files\sony\VAIO Media plus\SOHDms.exe
SS - | Demand 20/05/2009 62752 | (SOHDs) . (.Sony Corporation.) - C:\Program Files\sony\VAIO Media plus\SOHDs.exe
SS - | Demand 20/05/2009 77824 | (SPTISRV) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
SR - | Auto 25/09/2011 4869488 | (TabletServicePen) . (.Wacom Technology, Corp..) - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
SR - | Auto 25/09/2011 416112 | (TouchServicePen) . (.Wacom Technology, Corp..) - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
SS - | Disabled 20/05/2009 104960 | (uCamMonitor) . (.ArcSoft, Inc..) - C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
SS - | Demand 20/05/2009 73728 | (VAIO Entertainment TV Device Arbitration Service) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceMana
SR - | Auto 20/05/2009 203624 | (VAIO Event Service) . (.Sony Corporation.) - C:\Program Files\sony\VAIO Event Service\VESMgr.exe
SR - | Auto 22/10/2008 411488 | (VAIO Power Management) . (.Sony Corporation.) - C:\Program Files\sony\VAIO Power Management\SPMService.exe
SR - | Auto 20/05/2009 446464 | (VCFw) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
SS - | Demand 20/05/2009 337184 | (VcmIAlzMgr) . (.Sony Corporation.) - C:\Program Files\sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
SS - | Demand 20/05/2009 83232 | (VcmXmlIfHelper) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
SR - | Demand 20/05/2009 279848 | (Vcsw) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
SR - | Auto 20/05/2009 192512 | (VzCdbSvc) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Disabled 22/10/2008 386560 | (XAudioService) . (.Conexant Systems, Inc..) - C:\Windows\System32\drivers\XAudio.exe
SR - | Auto 18/11/2010 602392 | (YahooAUService) . (.Yahoo! Inc..) - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
~ Scan Services in 00mn 13s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by carole at 06/12/2011 09:59:19

device: opened successfully
user: error reading MBR

Disk trace:
error: Read Descripteur non valide
kernel: error reading MBR
~ Scan MBR in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) (None)

End of the scan (1588 lines in 03mn 26s)(0)
Voilà, désolée du coup, je ne sais pas si ça fonctionnera ?!?
Merci de votre aide en tout cas !!!!
Génial !
Revenir en haut Aller en bas
Laddy
Admin
Admin
avatar

Féminin
Nombre de messages : 7927
Age : 39
Localisation : suisse
Date d'inscription : 14/03/2008

MessageSujet: Re: [fermé]Infection avec searchqu.com/406   Mar 6 Déc 2011 - 13:27

Bonjour
merci d'utiliser un site comme cjoint.com pour l'uploader des fichiers.

__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
acrylique
bibounet
bibounet


Féminin
Nombre de messages : 11
Age : 30
Localisation : Nord
Date d'inscription : 06/12/2011

MessageSujet: Re: [fermé]Infection avec searchqu.com/406   Mer 7 Déc 2011 - 11:55

Merci Laddy,

Le site cjoint.com ne fonctionnait pas lundi soir, il marche ce matin, voici donc le lien (j'ai copié les deux rapports de scan dans un même fichier Word), j'espère que ça ira, sinon dites-moi)
Bonne journée,
Acrylique


http://cjoint.com/?ALhk1Nn8mT5
Revenir en haut Aller en bas
Laddy
Admin
Admin
avatar

Féminin
Nombre de messages : 7927
Age : 39
Localisation : suisse
Date d'inscription : 14/03/2008

MessageSujet: Re: [fermé]Infection avec searchqu.com/406   Mer 7 Déc 2011 - 13:05

Bonjour
le rapport est disponible sur le bureau au format txt, beaucoup plus pratique, je ne possède pas word.

Relance adwcleaner en choisissant le bouton suppression et poste ton rapport.

__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
acrylique
bibounet
bibounet


Féminin
Nombre de messages : 11
Age : 30
Localisation : Nord
Date d'inscription : 06/12/2011

MessageSujet: Re: [fermé]Infection avec searchqu.com/406   Mer 7 Déc 2011 - 14:17

Bonjour Lady,
Merci de ton aide, voici le rapport après Suppression de AdwCleaner:

http://cjoint.com/?ALhnp4IstQg

Et celui de ZHP Diag , tous deux en format txt.
http://cjoint.com/?ALhnpt2tCTa

Encore merci !
Revenir en haut Aller en bas
Laddy
Admin
Admin
avatar

Féminin
Nombre de messages : 7927
Age : 39
Localisation : suisse
Date d'inscription : 14/03/2008

MessageSujet: Re: [fermé]Infection avec searchqu.com/406   Jeu 8 Déc 2011 - 13:41

bonjour

Ad-Remover : Scan
Télécharge de AD-Remover sur ton Bureau. (Merci à C_XX)

http://www.teamxscript.org/adremoverTelechargement.html ( Lien officiel )
http://forum-aide-contre-virus.be/download/AD-Remover.html ( Miroir )

/!\ Ferme toutes applications en cours /!\

/!\ Désactive provisoirement et seulement le temps de l'utilisation de AD-Remover, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.

- Double-clique sur l'icône Ad-remover située sur ton Bureau.
- Sur la page, clique sur le bouton « Scanner »
- Confirme lancement du scan
- Laisse travailler l’outil.
- Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-reportScan.Txt)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)


AD-Remover : Nettoyage

Relance Ad-remover.exe, par un double-clique sur l'icône Ad-remover située sur ton Bureau.
Sur la page, clique sur le bouton Nettoyer
Laisse travailler l'outil
Poste le rapport qui apparait à la fin
(Le rapport est sauvegardé aussi sous C:\Ad-reportClean.Txt)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
Aide en image : clique ici

Télécharge MalwareByte's Anti-Malware et installe le.
http://mbam.malwarebytes.org/program/mbam-setup.exe
- Assure toi qu'il se soit bien mis à jour avant de passer à la suite.

* Lance MBAM et sélectionne "Exécuter un examen rapide". Patiente le temps du scan.

* Une fois le scan terminé,clique sur "Supprimer la sélection".

Si MBAM a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok. Enregistre le rapport sur ton Bureau lorsqu'il s'affichera.


Reposte un nouveau Zhpdiag
as tu toujours des soucis avec searchq ?






__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
Laddy
Admin
Admin
avatar

Féminin
Nombre de messages : 7927
Age : 39
Localisation : suisse
Date d'inscription : 14/03/2008

MessageSujet: Re: [fermé]Infection avec searchqu.com/406   Sam 10 Déc 2011 - 14:19

Toujours avec nous ?

__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
acrylique
bibounet
bibounet


Féminin
Nombre de messages : 11
Age : 30
Localisation : Nord
Date d'inscription : 06/12/2011

MessageSujet: Re: [fermé]Infection avec searchqu.com/406   Jeu 15 Déc 2011 - 11:33

Bonjour !!!
Voici le premier rapport de scan d'AD Remover:
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 17:24:03 le 14/12/2011, Mode normal

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 (X86)
carole@PC-DE-CAROLE (Sony Corporation VGN-NS21S_W)

============== RECHERCHE ==============





============== SCAN ADDITIONNEL ==============

**** Internet Explorer Version [8.0.6001.18702] ****

HKCU_Main|Default_Page_URL - hxxp://www.club-vaio.com
HKCU_Main|Search bar - hxxp://www.google.com/ie
HKCU_Main|Search Page - hxxp://www.google.com
HKCU_Main|Start Page - hxxp://www.google.fr/
HKLM_Main|Default_Page_URL - hxxp://www.club-vaio.com
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKCU_SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} - "Google Desktop" (hxxp://127.0.0.1:4664/search&s=RjI9PmT6BRa9G1uJH2PpGzI4mH8?q={searchTerms})
HKCU_Toolbar\WebBrowser|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll)
HKLM_Toolbar|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll)
HKLM_Toolbar|{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} (C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll)
HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll)
HKCU_ElevationPolicy\{5EC6DD21-478A-4CAE-9A70-40671F8F0CA6} - C:\Windows\System32\Macromed\Flash\FlashUtil9f.exe (x)
HKLM_ElevationPolicy\{285A5B86-D284-4729-9D49-E218D714CD38} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\dtUser.exe (x)
HKLM_ElevationPolicy\{50A6102E-D757-409e-97B7-6EA4EEEA5BC3} - C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
HKLM_ElevationPolicy\{A492E928-85D7-4ea3-B601-9BFFA4C2EE25} - C:\PROGRA~1\Nuance\NATURA~1\Program\natspeak.exe (Nuance Communications, Inc.)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 14/12/2011 17:24:24 (2787 Octet(s))

Fin à: 17:25:28, 14/12/2011

============== E.O.F ==============


Et voici le second rapport, après nettoyage:
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 21:02:42 le 14/12/2011, Mode normal

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 (X86)
carole@PC-DE-CAROLE (Sony Corporation VGN-NS21S_W)

============== ACTION(S) ==============



(!) -- Fichiers temporaires supprimés.




============== SCAN ADDITIONNEL ==============

**** Internet Explorer Version [8.0.6001.18702] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} - "Google Desktop" (hxxp://127.0.0.1:4664/search&s=RjI9PmT6BRa9G1uJH2PpGzI4mH8?q={searchTerms})
HKCU_Toolbar\WebBrowser|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll)
HKLM_Toolbar|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll)
HKLM_Toolbar|{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} (C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll)
HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll)
HKCU_ElevationPolicy\{5EC6DD21-478A-4CAE-9A70-40671F8F0CA6} - C:\Windows\System32\Macromed\Flash\FlashUtil9f.exe (x)
HKLM_ElevationPolicy\{285A5B86-D284-4729-9D49-E218D714CD38} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\dtUser.exe (x)
HKLM_ElevationPolicy\{50A6102E-D757-409e-97B7-6EA4EEEA5BC3} - C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
HKLM_ElevationPolicy\{A492E928-85D7-4ea3-B601-9BFFA4C2EE25} - C:\PROGRA~1\Nuance\NATURA~1\Program\natspeak.exe (Nuance Communications, Inc.)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 17 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 14/12/2011 17:27:18 (3222 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 14/12/2011 21:02:45 (3084 Octet(s))
C:\Ad-Report-SCAN[1].txt - 14/12/2011 17:24:24 (2925 Octet(s))

Fin à: 21:03:59, 14/12/2011

============== E.O.F ==============


Rapport anti malware

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Version de la base de données: 8373

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18702

15/12/2011 10:20:42
mbam-log-2011-12-15 (10-20-42).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 204583
Temps écoulé: 6 minute(s), 38 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)





Rapport de ZHP Diag


Rapport de ZHPDiag v1.28.2510 par Nicolas Coolman, Update du 03/12/2011
Run by carole at 15/12/2011 10:22:53
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
State : Nouvelle version disponible


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
GCIE: Google Chrome v16.0.912.63 (Defaut)
OBIE: Wacom WebTabletPlugin for Netscape v1.1.0.5

---\\ Windows Product Information
~ Langage: Français
Windows Vista Home Premium Edition, 32-bit Service Pack 1 (Build 6001)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : G6MF9
Windows License : OK
Windows Automatic Updates : OK

---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3038 MB (38% free)
System Restore: Activé (Enable)
System drive C: has 73 GB (32%) free of 223 GB

---\\ Logged in mode
~ Computer Name: PC-DE-CAROLE
~ User Name: carole
~ All Users Names: Invité_, carole, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\carole\AppData\Roaming\
~ %Desktop% : C:\Users\carole\Desktop\
~ %Favorites% : C:\Users\carole\Favorites\
~ %LocalAppData% : C:\Users\carole\AppData\Local\
~ %StartMenu% : C:\Users\carole\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 73 Go of 223 Go)
D:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
E:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
F:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.4F554999D7D5F05DAAEBBA7B5BA1089D] - (.Microsoft Corporation - Explorateur Windows.) (.21/05/2009 - 07:29:41.) -- C:\Windows\Explorer.exe [2927104]
[MD5.4B555106290BD117334E9A08761C035A] - (....) (.02/11/2006 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.6CE32F7778061CCC5814D5E0F282D369] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.23/05/2009 - 12:34:57.) -- C:\Windows\system32\wininet.dll [914944]
[MD5.C2610B6BDBEFC053BBDAB4F1B965CB24] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/01/2008 - 03:24:49.) -- C:\Windows\system32\Winlogon.exe [314880]
[MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.21/01/2008 - 09:33:40.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]
[MD5.763E172A55177E478CB419F88FD0BA03] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/01/2008 - 03:24:17.) -- C:\Windows\system32\drivers\AFD.sys [273920]
[MD5.2D9C903DC76A66813D350A562DE40ED9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.21/01/2008 - 03:23:00.) -- C:\Windows\system32\drivers\atapi.sys [21560]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\drivers\Cdfs.sys [70144]
[MD5.1EC25CEA0DE6AC4718BF89F9E1778B57] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/01/2008 - 03:23:02.) -- C:\Windows\system32\drivers\Cdrom.sys [67072]
[MD5.9E635AE5E8AD93E2B5989E2E23679F97] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\drivers\DfsC.sys [75264]
[MD5.C87B1EE051C0464491C1A7B03FA0BC99] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/01/2008 - 03:23:22.) -- C:\Windows\system32\drivers\HDAudBus.sys [53760]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\drivers\IpNat.sys [100864]
[MD5.C4AD205530888404E2B5FC8D9319B119] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.21/01/2008 - 03:24:11.) -- C:\Windows\system32\drivers\MRxSmb.sys [105472]
[MD5.7C5FEE5B1C5728507CD96FB4A13E7A02] - (.Microsoft Corporation - MBT Transport driver.) (.21/01/2008 - 03:24:59.) -- C:\Windows\system32\drivers\netBT.sys [184320]
[MD5.B4EFFE29EB4F15538FD8A9681108492D] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\drivers\ntfs.sys [1081912]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\drivers\rdpdr.sys [248832]
[MD5.031E6BCD53C9B2B9ACE111EAFEC347B6] - (.Microsoft Corporation - SMB Transport driver.) (.21/01/2008 - 03:25:00.) -- C:\Windows\system32\drivers\smb.sys [66560]
[MD5.D09276B1FAB033CE1D40DCBDF303D10F] - (.Microsoft Corporation - TDI Translation Driver.) (.21/01/2008 - 03:24:53.) -- C:\Windows\system32\drivers\tdx.sys [71680]
[MD5.D8B4A53DD2769F226B3EB374374987C9] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/01/2008 - 03:23:21.) -- C:\Windows\system32\drivers\volsnap.sys [227896]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 12/4337
~ Mes musiques (My Musics) : 753/2931
~ Mes Videos (My Videos) : 2/874
~ Mes Favoris (My Favorites) : 3/7
~ Mes Documents (My Documents) : 19/6197
~ Mon Bureau (My Desktop) : 42/1918
~ Menu demarrer (Programs) : 7/29
~ Scan Hidden Files in 00mn 16s



---\\ Processus lancés
[MD5.4022AB54BFA98618163285DCD2A0E0DD] - (.Microsoft Corporation - Microsoft Tablet PC Input Component.) -- C:\Windows\SYSTEM32\WISPTIS.EXE [244224] [PID.]
[MD5.831F4486A43CCDA36470F58C7FBC6C7F] - (.Microsoft Corporation - Tablet PC Input Panel Accessory.) -- C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [300032] [PID.]
[MD5.2AE7DC03B58F39AA6D1E0E76E86E92D9] - (.Wacom Technology, Corp. - Tablet user module for consumer driver.) -- C:\Program Files\Tablet\Pen\Pen_TabletUser.exe [1153392] [PID.4260]
[MD5.F9EF088D57DDFC6AE735F4D73FC902EF] - (.Wacom Technology, Corp. - Touch User Mode Driver.) -- C:\Program Files\Tablet\Pen\Pen_TouchUser.exe [2953584] [PID.4272]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.4440]
[MD5.D38BAD62C1BA493B4B06430AD17C8648] - (.Sony Corporation - SPMgr.exe.) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [1771360] [PID.4556]
[MD5.5CE6D96C5210D5B0145EE39C0B8E7C8A] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [835584] [PID.4732]
[MD5.9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F] - (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192] [PID.4752]
[MD5.C61DFED19704FA252702727EFCFF97C3] - (.Sony Corporation - Pas de description.) -- C:\Program Files\sony\ISB Utility\ISBMgr.exe [317280] [PID.4928]
[MD5.C0BEC075ED4E6FBB78AD97A580276EA1] - (.Sony Corporation - VAIO Update.) -- C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe [870240] [PID.4964]
[MD5.1B6B965E5F89CDFD2987E609F7DFAF3D] - (.Sony Corporation - Marketing Tools.) -- C:\Program Files\sony\Marketing Tools\MarketingTools.exe [24576] [PID.5336]
[MD5.4D042B1F1375CF371AFBE0E0276BA627] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe [624248] [PID.5460]
[MD5.2E5212A0BFB98FE0167C92C76C87AFE3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [249064] [PID.5508]
[MD5.47C1DE0A890613FFCFF1D67648EEDF90] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920] [PID.5524]
[MD5.BE98A7F7C1C0CA899983209830E79520] - (...) -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe [618496] [PID.5608]
[MD5.E681281D9BFC9D45D3B72532717E5880] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [49152] [PID.5624]
[MD5.B114DB354D13A21C1AC2B1807EE2F500] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe [273544] [PID.5640]
[MD5.02A1459E1958232C19C2F6EB82B5AAA7] - (.Pas de propriétaire - BambooDock back-end application.) -- C:\Program Files\Bamboo Dock\BambooCore.exe [646232] [PID.5716]
[MD5.F7226AA410954185160067D5FA82F3F2] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3744552] [PID.5784]
[MD5.444EB38A256BE60F2013488C49D2AB3F] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421736] [PID.5792]
[MD5.5CF90C68A0A4F16F42F33DA729E67D85] - (.Sony Corporation - VAIO Smart Network.) -- C:\Program Files\sony\Network Utility\LANUtil.exe [270336] [PID.5816]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.5832]
[MD5.E654B78D2F1D791B30D0ED9A8195EC22] - (.Microsoft Corporation - Windows Update Automatic Updates.) -- C:\Windows\system32\wuauclt.exe [51224] [PID.6000]
[MD5.6BF7676296D5359AFC135A5397000053] - (.Acresso Corporation - Acresso Software Manager.) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496] [PID.6100]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.6124]
[MD5.A6D772AA861E673636D48B6EB452ADE3] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [98696] [PID.6136]
[MD5.25CA1677AAA3CDC99CD4FCF940886F3C] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [49152] [PID.4596]
[MD5.FBB552ED7AB402813A23DE9A07B314F7] - (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe [168960] [PID.4032]
[MD5.B19B204CABFA9F225618EDA4A90C1A2C] - (.Microsoft Corporation - Serveur de personnalisation d’entrée.) -- C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [198656] [PID.7184]
[MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816] [PID.2944]
[MD5.B0636722344F5D0A65331ED12CE5E2E3] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe [307376] [PID.6828]
[MD5.461A87D7A4304BDA228CF1DBB86D3CE9] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10v_ActiveX.exe [243360] [PID.6448]
[MD5.026423673B8563E9975BDA97ED6273C7] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [449608] [PID.6712]
[MD5.ED806295C59902D2F71850758D4530BC] - (.Microsoft Corporation - Microsoft Office Word.) -- C:\Program Files\Microsoft Office\Office12\WINWORD.EXE [408424] [PID.6780]
[MD5.354DAC3C68AAA2BCCE94EE77F30095FC] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [707072] [PID.7972]
[MD5.F96EBC5A624349D81DCC7600A3C5DC43] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.7100]
[MD5.6455100A6CDB1DEDC551E12FD41BC519] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe [692224] [PID.]
[MD5.0BA91E1358AD25236863039BB2609A2E] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [2623488] [PID.]
[MD5.65330E78C17DB8A99A7FF1BA3C8824B6] - (.Realtek Semiconductor - Realtek Audio Service.) -- C:\Windows\RtkAudioService.exe [104992] [PID.]
[MD5.8D83C60DE67C2DB212452D8EBE7CA196] - (.Wacom Technology, Corp. - Touch Service.) -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe [416112] [PID.]
[MD5.996E6D052438E8D8DFD501F31560B2E0] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [44768] [PID.]
[MD5.23C3A0680042C0D1DE1F360F8B62BC57] - (.Microsoft Corporation - Infrastructure d'extensibilité pour les ser.) -- C:\Windows\system32\WLANExt.exe [74240] [PID.]
[MD5.6163664C7E9CD110AF70180C126C3FDC] - (.Microsoft Corporation - BCM SQL Startup Service.) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [30312] [PID.]
[MD5.BA6063E3375F9BC11A9C8450A7F61E70] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe [860160] [PID.]
[MD5.C9BE08664611DDAF98E2331E9288B00B] - (.Microsoft Corporation - PresentationFontCache.exe.) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [46104] [PID.]
[MD5.755519F49906B73C1FE9CBBF75E347EA] - (.Pas de propriétaire - Inkjet Printer/Scanner Extended Servey Prog.) -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [103808] [PID.]
[MD5.D7443616495851EC5B94574822773E80] - (.Sony Corporation - VAIO Smart Network.) -- C:\Program Files\sony\Network Utility\NSUService.exe [303104] [PID.]
[MD5.7EEEEC28A34516E66137F355DCC15BDB] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944] [PID.]
[MD5.B2EC3E1DEAC5F0A764BD3486D213A0AF] - (.Microsoft Corporation - SQL Browser Service EXE.) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [239968] [PID.]
[MD5.D2F4F32B59440011174B4F8137AF4E0C] - (.Microsoft Corporation - SQL Server VSS Writer.) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [87904] [PID.]
[MD5.C9D5FA17200768EF92538F1F95735A2E] - (.Wacom Technology, Corp. - Tablet Service for consumer driver.) -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe [4869488] [PID.]
[MD5.2C3DBB9B671AB95245DED1EFC5276CE9] - (.Sony Corporation - VAIO Event Service (Service Module).) -- C:\Program Files\sony\VAIO Event Service\VESMgr.exe [203624] [PID.]
[MD5.DDD94D264CDA81B90580E2D41F295575] - (.Sony Corporation - SPMService.exe.) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe [411488] [PID.]
[MD5.7773EB681E99217FD92E5E8A5A199AE5] - (.Sony Corporation - VAIO Content Folder Watcher.) -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [446464] [PID.]
[MD5.071634532066C2E29350D450C3412837] - (.Sony Corporation - VAIO Entertainment Database Service.) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512] [PID.]
[MD5.BE01E566D1F569AAB32D0335613E1EEA] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [PID.]
[MD5.DD0042F0C3B606A6A8B92D49AFB18AD6] - (.Yahoo! Inc. - AutoUpater Service Module.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [602392] [PID.]
[MD5.4AB8A0790E6337D3A37DC2E2C48B00DB] - (.Sony Corporation - VAIO Entertainment UPnP Client Adapter.) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [279848] [PID.]
[MD5.B0C84CEA4FE07231BA87A054AF95984D] - (.Sony Corporation - VAIO Event Service(Service Sub Module).) -- C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe [100472] [PID.]
[MD5.178FE38B7740F598391EB2F51AE4CCAC] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [821608] [PID.]
[MD5.94E920BE59B9AB65D95E582DBAA136AC] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [366152] [PID.]
~ Scan Processes Running in 00mn 03s


Je n'ai plus de problème de virus je crois, c'est aussi ce que disent les rapports il me semble. Désolée, je n'ai pas envoyé via cijoint les rapports car le site ne s'ouvre pas aujourd'hui chez moi.
Merci infiniment pour votre aide, j'ai vu qu'on pouvait remercier par une participation financière, je vais le faire, merci encore!

Revenir en haut Aller en bas
ouzopower
Moderateurs (trices)
Moderateurs (trices)
avatar

Masculin
Nombre de messages : 4422
Age : 54
Localisation : au fond du verre
Humeur : de soif !
Date d'inscription : 30/03/2008

MessageSujet: Re: [fermé]Infection avec searchqu.com/406   Ven 13 Jan 2012 - 18:12

Sujet fermé en raison de l'inactivité. Si vous souhaitez réouvrir ce sujet, faites en la demande par Messagerie Privée en précisant la raison et le lien vers ce sujet.
Ceci ne s'applique qu'à acrylique
Pour les autres, créez votre propre sujet svp.

__________________________________________________________________________________________________________________
Revenir en haut Aller en bas
Contenu sponsorisé




MessageSujet: Re: [fermé]Infection avec searchqu.com/406   

Revenir en haut Aller en bas
 
[fermé]Infection avec searchqu.com/406
Voir le sujet précédent Voir le sujet suivant Revenir en haut 
Page 1 sur 1
 Sujets similaires
-
» [fermé]Infection avec searchqu.com/406
» [Fermé] infecté avec searchqu.com/410
» [Fermé] Infection par searchqu.com/406
» [Fermé] http://www.searchqu.com/406
» [Fermé] http://www.searchqu.com/406

Permission de ce forum:Vous ne pouvez pas répondre aux sujets dans ce forum
Bibou le forum :: 
La sécurité
 :: Aide à la désinfection :: Sujets résolus ou anciens
-
Sauter vers: