Sujet Précédent Sujet Suivant

Pubs intempestives

Fermé
drine29 - 13 nov. 2011 à 23:14
Chris 94 Messages postés 50978 Date d'inscription mardi 8 janvier 2008 Statut Modérateur Dernière intervention 17 février 2023 - 14 nov. 2011 à 19:05
Bonjour,

Depuis quelques jours, j'ai des pubs intempestives qui s'affichent sur l'écran que je sois connectée ou non sur internet.

J'ai téléchargé hijackthis pour connaitre le rapport et là je n'y connais rien.
Il faut que je laisse la main à quelqu'un d'expérimenté.

Merci beaucoup de me venir en aide.



6 réponses

Réponse 1 / 6
drine29
13 nov. 2011 à 23:15
voici le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:54:50, on 13/11/2011
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
C:\Users\user\AppData\Roaming\Agence-Exclusive\Agence-Exclusive\autoupdater.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Agence-Exclusive\pctuto.exe
C:\Program Files (x86)\Spamihilator\spamihilator.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&m=imedia_s3220&r=17361011g116pe485v105y46912437
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/?a=19emFSWT0Xf
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&m=imedia_s3220&r=17361011g116pe485v105y46912437
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&m=imedia_s3220&r=17361011g116pe485v105y46912437
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: IncrediMail MediaBar Francais 2 Toolbar - {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files (x86)\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IncrediMail MediaBar Francais 2 - {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files (x86)\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll
O2 - BHO: PCTBHO - {293A63F7-C3B6-423a-9845-901AC0A7EE6E} - C:\Program Files (x86)\Agence-Exclusive\pctutoBHO.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: IncrediMail MediaBar Francais 2 Toolbar - {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files (x86)\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Run: [pctuto] "C:\Program Files (x86)\Agence-Exclusive\pctuto.exe"
O4 - HKLM\..\RunOnce: [autoupdater] C:\Users\user\AppData\Roaming\Agence-Exclusive\Agence-Exclusive\autoupdater.exe -runonce
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - Startup: Spamihilator.lnk = C:\Program Files (x86)\Spamihilator\spamihilator.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O13 - Gopher Prefix:
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
0
Réponse 2 / 6
m-a-o-u-s-i Messages postés 188 Date d'inscription dimanche 29 mai 2011 Statut Membre Dernière intervention 28 janvier 2013 51
Modifié par m-a-o-u-s-i le 13/11/2011 à 23:20
Salut,

»»»» On va faire un diagnostique plus complet de ton PC : ««««

▣ Télécharge ZHPDiag (de Nicolas Coolman)
▣ Lance le (si tu es sous Windows Vista ou Windows 7, fais le par un clic-droit --> Exécuter en temps qu'administrateur)
▣ Laisse toi guider lors de l'installation (pense à cocher la case pour créer un raccourci sur le Bureau)
▣ Il se lancera automatiquement à la fin de l'installation
▣ Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
▣ Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
▣ Rends toi ici, ou ici puis héberge le rapport ZHPDiag sur un des deux site. Copie/colle le lien de l'hébergement dans ta prochaine réponse sur le forum.
ø¤º°'°º¤øO miaouss - souris à long terme Oø¤º°'°º¤ø
0
Réponse 3 / 6
drine29
13 nov. 2011 à 23:26
ok et merci !
voici le diagnostic :

Rapport de ZHPDiag v1.28.2235 par Nicolas Coolman, Update du 13/11/2011
Run by user at 13/11/2011 23:22:00
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
State : Version à jour.


---\\ Web Browser
MSIE: Internet Explorer v8.0.7601.17514
MFIE: Mozilla Firefox 8.0 v8.0 (Defaut)
GCIE: Google Chrome v15.0.874.120

---\\ Windows Product Information
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095 MB (73% free)
System Restore: Activé (Enable)
System drive C: has 689 GB (94%) free of 726 GB

---\\ Logged in mode
~ Computer Name: USER-PC
~ User Name: user
~ All Users Names: user, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\user\AppData\Roaming\
~ %Desktop% : C:\Users\user\Desktop\
~ %Favorites% : C:\Users\user\Favorites\
~ %LocalAppData% : C:\Users\user\AppData\Local\
~ %StartMenu% : C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 689 Go of 726 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 658 Go of 658 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.28/10/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.DD81D91FF3B0763C392422865C9AC12E] - (....) (.14/07/2009 - 02:39:31.) -- C:\Windows\system32\rundll32.exe [45568]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\system32\Wininit.exe [129024]
[MD5.DB33A1489C1DA1F37AC2D84CB9756DD1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.28/10/2011 - 06:37:58.) -- C:\Windows\system32\wininet.dll [1188864]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.30/10/2011 - 14:25:30.) -- C:\Windows\system32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.30/10/2011 - 14:27:26.) -- C:\Windows\system32\sppcomapi.dll [232448]
[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (....) (.30/10/2011 - 14:07:20.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]
[MD5.D5B031C308A409A0A576BFF4CF083D30] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/10/2011 - 03:34:03.) -- C:\Windows\system32\drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.30/10/2011 - 10:19:21.) -- C:\Windows\system32\drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.30/10/2011 - 10:26:32.) -- C:\Windows\system32\drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.30/10/2011 - 11:43:43.) -- C:\Windows\system32\drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.28/10/2011 - 03:40:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.30/10/2011 - 10:23:20.) -- C:\Windows\system32\drivers\netBT.sys [261632]
[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.30/10/2011 - 07:41:34.) -- C:\Windows\system32\drivers\ntfs.sys [1659776]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.30/10/2011 - 11:52:35.) -- C:\Windows\system32\drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.30/10/2011 - 10:21:56.) -- C:\Windows\system32\drivers\tdx.sys [119296]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 5/1771
~ Mes Favoris (My Favorites) : 3/30
~ Mes Documents (My Documents) : 1/6
~ Mon Bureau (My Desktop) : 1/3
~ Menu demarrer (Programs) : 6/22
~ Scan Hidden Files in 00mn 01s



---\\ Processus lancés
[MD5.B4187346F54E362DAFFE647B25A58D50] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe [126400] [PID.]
[MD5.8BB80C36099C364BD04DF2856757E7B7] - (.Agence-Exclusive - autoupdater.) -- C:\Users\user\AppData\Roaming\Agence-Exclusive\Agence-Exclusive\autoupdater.exe [671360] [PID.2856]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.]
[MD5.89F7C30A91E5581BDF14C62AB46A2B2D] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [255536] [PID.3112]
[MD5.DC5CFA8FCD9AE10BAA39C23B2D35324F] - (.Pas de propriétaire - Hotkey Utility.) -- C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe [563744] [PID.3148]
[MD5.5E0810A04D2C9AC2DC79D1E6885F5805] - (.PcTuto - PcTuto.) -- C:\Program Files (x86)\Agence-Exclusive\pctuto.exe [1040000] [PID.3192]
[MD5.010B151D3A3ED4D4447E6ADDA47C565A] - (.Michel Krämer - Spamihilator.) -- C:\Program Files (x86)\Spamihilator\spamihilator.exe [1512448] [PID.3348]
[MD5.820BF41BF2471E360DFE0577CAFD4040] - (.IncrediMail, Ltd. - IncrediMail Tray Application.) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe [263624] [PID.4120]
[MD5.F370905AB2C99FC3196F250619EE0766] - (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe [366024] [PID.6064]
[MD5.4CB4054659ABEEEF925B153E2290E634] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [924632] [PID.3492]
[MD5.FD67E2C52F62995C3CF1D6D720EEB66F] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [16856] [PID.5488]
[MD5.2EB900AAF0159A6973B0D360E23429C9] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [703488] [PID.1052]
[MD5.816FD5A6F3C2F3D600900096632FC60E] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496] [PID.]
[MD5.F9EC9ACD504D823D9B9CA98A4F8D3CA2] - (.Acer Group - Updater Service.) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232] [PID.]
~ Scan Processes Running in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nw2h3t0k.default\prefs.js
M3 - MFPP: Plugins - [user] -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nw2h3t0k.default\searchplugins\MyStart Search.xml
M0 - MFSP: prefs.js [user - nw2h3t0k.default] about:home
M2 - MFEP: prefs.js [user - nw2h3t0k.default\{249d74a3-bd19-4657-b6ce-e62f480a20de}] [] IncrediMail MediaBar Francais 2 Community Toolbar v3.8.0.8 (.Conduit Ltd..)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll
R3 - URLSearchHook: IncrediMail MediaBar Francais 2 Toolbar [64Bits] - {249d74a3-bd19-4657-b6ce-e62f480a20de} . (.Conduit Ltd. - Conduit Toolbar.) (6.4.0.0) -- C:\Program Files (x86)\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll
R3 - URLSearchHook: IncrediMail MediaBar Francais 2 Toolbar [64Bits] - {249d74a3-bd19-4657-b6ce-e62f480a20de} . (.Conduit Ltd. - Conduit Toolbar.) (6.4.0.0) -- C:\Program Files (x86)\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Partner BHO Class [64Bits] - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} . (.Google Inc. - Partner application.) -- C:\ProgramData\Partner\Partner64.dll
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IncrediMail MediaBar Francais 2 [64Bits] - {249d74a3-bd19-4657-b6ce-e62f480a20de} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll
O2 - BHO: PCTBHO [64Bits] - {293A63F7-C3B6-423a-9845-901AC0A7EE6E} . (.PcTuto - ....) -- C:\Program Files (x86)\Agence-Exclusive\pctutoBHO.dll
O2 - BHO: (no name) [64Bits] - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Symantec NCO BHO [64Bits] - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention [64Bits] - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL
O2 - BHO: Partner BHO Class [64Bits] - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} . (.Google Inc. - Partner application.) -- C:\ProgramData\Partner\Partner.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar [64Bits] - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
~ Scan Toolbar in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKLM\..\Wow6432Node\Run: [NortonOnlineBackupReminder] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Hotkey Utility] . (.Pas de propriétaire - Hotkey Utility.) -- C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Wow6432Node\Run: [pctuto] . (.PcTuto - PcTuto.) -- C:\Program Files (x86)\Agence-Exclusive\pctuto.exe
O4 - HKLM\..\Wow6432Node\RunOnce: [autoupdater] . (.Agence-Exclusive - autoupdater.) -- C:\Users\user\AppData\Roaming\Agence-Exclusive\Agence-Exclusive\autoupdater.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-3592750672-1629582901-98073017-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-3592750672-1629582901-98073017-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\user\Desktop\HijackThis.lnk . (.Trend Micro Inc..) -- C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
O4 - Global Startup: C:\Users\user\Desktop\monAlbumPhoto.lnk . (.monAlbumPhoto.) -- C:\Program Files (x86)\monAlbumPhoto\monAlbumPhoto.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk . (.IncrediMail, Ltd..) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\monAlbumPhoto.lnk . (.monAlbumPhoto.) -- C:\Program Files (x86)\monAlbumPhoto\monAlbumPhoto.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk . (.Google Inc..) -- C:\Program Files (x86)\Google\Picasa3\Picasa3.exe
~ Scan Global Startup in 00mn 00s



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - (.not file.) - C:\Windows\system32\GPhotos.scr
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll
~ Scan IE Menu Contextuel in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Scan Winsock in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2C401808-8BCA-4674-B591-419B6C833CC9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2C401808-8BCA-4674-B591-419B6C833CC9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2C401808-8BCA-4674-B591-419B6C833CC9}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
~ Scan Protocole Additionnel in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ForceWare Intelligent Application Manager (IAM) (ForceWare Intelligent Application Manager (IAM)) . (.Pas de propriétaire - app_filter Module.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: GRegService (Greg_Service) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Norton Internet Security (NIS) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
O23 - Service: ForceWare IP service (nSvcIp) . (.Pas de propriétaire - NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 191.0.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: Updater Service (Updater Service) . (.Acer Group - Updater Service.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
~ Scan Services in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.825A86E1E637424D7EED7AC341E0826F] [APT] [Symantec Error Analyzer 17.9.0.12] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\SymErr.exe
[MD5.825A86E1E637424D7EED7AC341E0826F] [APT] [Symantec Error Processor 17.9.0.12] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\SymErr.exe
~ Scan Scheduled Task in 00mn 03s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (BHDrvx64) . (.Symantec Corporation - BASH Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20111027.001\BHDrvx64.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (ccHP) . (.Symantec Corporation - Common Client Hash Provider Driver.) - C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys
O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
O41 - Driver: (IDSVia64) . (.Symantec Corporation - IDS Core Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20111111.030\IDSvia64.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys
O41 - Driver: (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.sys
O41 - Driver: (SymIRON) . (.Symantec Corporation - Iron Driver.) - C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.sys
O41 - Driver: (SYMTDIv) . (.Symantec Corporation - Network Dispatch Driver.) - C:\Windows\system32\Drivers\NISx64\1109000.00C\SYMTDIV.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin 64-bit - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop Elements 8.0 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Photoshop Elements 8.0
O42 - Logiciel: Adobe Reader 9.1 MUI - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-FFFF-7B44-A91000000001}
O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM] -- {B2EC4A38-B545-4A00-8214-13FE0E915E6D}
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM] -- WT078791
O42 - Logiciel: Blasterball 3 - (.WildTangent.) [HKLM] -- WT078960
O42 - Logiciel: Bob the Builder Can-Do-Zoo - (.WildTangent.) [HKLM] -- WT078964
O42 - Logiciel: Build-a-lot 2 - (.WildTangent.) [HKLM] -- WT079363
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Chicken Invaders 3 - Revenge of the Yolk - (.WildTangent.) [HKLM] -- WT079366
O42 - Logiciel: Escape Rosecliff Island - (.WildTangent.) [HKLM] -- WT079395
O42 - Logiciel: FATE - The Traitor Soul - (.WildTangent.) [HKLM] -- WT079024
O42 - Logiciel: Faerie Solitaire - (.WildTangent.) [HKLM] -- WT079020
O42 - Logiciel: FastStone Image Viewer 4.6 - (.FastStone Soft.) [HKLM] -- FastStone Image Viewer
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Hotkey Utility - (.Packard Bell.) [HKLM] -- Hotkey Utility
O42 - Logiciel: Identity Card - (.Packard Bell.) [HKLM] -- Identity Card
O42 - Logiciel: IncrediMail - (.IncrediMail.) [HKLM] -- {5E97F3BD-CDDC-4188-9D98-532E14FABB5D}
O42 - Logiciel: IncrediMail 2.0 - (.IncrediMail Ltd..) [HKLM] -- IncrediMail
O42 - Logiciel: IncrediMail MediaBar Francais 2 Toolbar - (.IncrediMail MediaBar Francais 2.) [HKLM] -- IncrediMail_MediaBar_Francais_2 Toolbar
O42 - Logiciel: Insaniquarium Deluxe - (.WildTangent.) [HKLM] -- WT078806
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: Jewel Quest - (.WildTangent.) [HKLM] -- WT079064
O42 - Logiciel: Jewel Quest Solitaire 3 - (.WildTangent.) [HKLM] -- WT079068
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Mahjongg Artifacts - (.WildTangent.) [HKLM] -- WT079397
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {CC1DB186-550F-3CFE-A2A9-EBA5E5A34BC1}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox 8.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 8.0 (x86 fr)
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA ForceWare Network Access Manager - (.NVIDIA Corporation.) [HKLM] -- {7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
O42 - Logiciel: NVIDIA ForceWare Network Access Manager - (.Pas de propriétaire.) [HKLM] -- InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
O42 - Logiciel: Nero 9 Essentials - (.Nero AG.) [HKLM] -- {a95d88e8-5e17-4bbc-9dd3-975dbb06d879}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM] -- {BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM] -- {F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}
O42 - Logiciel: Nero DiscSpeed - (.Nero AG.) [HKLM] -- {869200DB-287A-4DC0-B02B-2B6787FBCD4C}
O42 - Logiciel: Nero DiscSpeed Help - (.Nero AG.) [HKLM] -- {CC019E3F-59D2-4486-8D4B-878105B62A71}
O42 - Logiciel: Nero DriveSpeed - (.Nero AG.) [HKLM] -- {33CF58F5-48D8-4575-83D6-96F574E4D83A}
O42 - Logiciel: Nero DriveSpeed Help - (.Nero AG.) [HKLM] -- {E5C7D048-F9B4-4219-B323-8BDB01A2563D}
O42 - Logiciel: Nero Express Help - (.Nero AG.) [HKLM] -- {83202942-84B3-4C50-8622-B8C0AA2D2885}
O42 - Logiciel: Nero InfoTool - (.Nero AG.) [HKLM] -- {FBCDFD61-7DCF-4E71-9226-873BA0053139}
O42 - Logiciel: Nero InfoTool Help - (.Nero AG.) [HKLM] -- {20400DBD-E6DB-45B8-9B6B-1DD7033818EC}
O42 - Logiciel: Nero Installer - (.Nero AG.) [HKLM] -- {E8A80433-302B-4FF1-815D-FCC8EAC482FF}
O42 - Logiciel: Nero Online Upgrade - (.Nero AG.) [HKLM] -- {C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}
O42 - Logiciel: Nero StartSmart - (.Nero AG.) [HKLM] -- {7748AC8C-18E3-43BB-959B-088FAEA16FB2}
O42 - Logiciel: Nero StartSmart Help - (.Nero AG.) [HKLM] -- {2348B586-C9AE-46CE-936C-A68E9426E214}
O42 - Logiciel: Nero StartSmart OEM - (.Nero AG.) [HKLM] -- {4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}
O42 - Logiciel: NeroExpress - (.Nero AG.) [HKLM] -- {595A3116-40BB-4E0F-A2E8-D7951DA56270}
O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM] -- NIS
O42 - Logiciel: Norton Online Backup - (.Symantec.) [HKLM] -- {C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PCTuto 1.1 - (.Agence-Exclusive.) [HKLM] -- PCTuto_is1
O42 - Logiciel: Packard Bell Game Console - (.WildTangent.) [HKLM] -- Packard Bell Game Console
O42 - Logiciel: Packard Bell Games - (.WildTangent.) [HKLM] -- WildTangent packardbell Master Uninstall
O42 - Logiciel: Packard Bell InfoCentre - (.Packard Bell.) [HKLM] -- Packard Bell InfoCentre
O42 - Logiciel: Packard Bell Recovery Management - (.Packard Bell.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Packard Bell Registration - (.Packard Bell.) [HKLM] -- Packard Bell Registration
O42 - Logiciel: Packard Bell ScreenSaver - (.Packard Bell Incorporated.) [HKLM] -- Packard Bell Screensaver
O42 - Logiciel: Packard Bell Software Suite SE - (.Packard Bell.) [HKLM] -- Packard Bell Software Suite SE
O42 - Logiciel: Packard Bell Updater - (.Packard Bell.) [HKLM] -- {EE171732-BEB4-4576-887D-CB62727F01CA}
O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM] -- WT079108
O42 - Logiciel: Photo Notifier and Animation Creator - (.IncrediMail Ltd..) [HKLM] -- Photo Notifier and Animation Creator
O42 - Logiciel: Photo Notifier and Animation Creator - (.Nom de votre société.) [HKLM] -- {6B7F28D4-160E-40C6-B7C8-5EC6B9734DA7}
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM] -- WT079116
O42 - Logiciel: Polar Golfer - (.WildTangent.) [HKLM] -- WT079120
O42 - Logiciel: Polar Pool - (.WildTangent.) [HKLM] -- WT079124
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870
O42 - Logiciel: Spamihilator 0.9.9.53 (32 bit) - (.Michel Krämer.) [HKLM] -- {6D14916C-EC29-40FC-8FFB-08A66576BE78}
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523
O42 - Logiciel: Virtual Families - (.WildTangent.) [HKLM] -- WT079421
O42 - Logiciel: Virtual Villagers - A New Home - (.WildTangent.) [HKLM] -- WT079177
O42 - Logiciel: Welcome Center - (.Packard Bell.) [HKLM] -- Packard Bell Welcome Center
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {230B83A5-7D88-4B95-B71E-F44C0C78B002}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}
O42 - Logiciel: Yahtzee - (.WildTangent.) [HKLM] -- WT079184
O42 - Logiciel: Zuma Deluxe - (.WildTangent.) [HKLM] -- WT078833
O42 - Logiciel: eBay Worldwide - (.OEM.) [HKLM] -- {E0B19DF7-B1C7-4937-82C4-0E4B1E346965}
O42 - Logiciel: monAlbumPhoto - (.monAlbumPhoto.) [HKLM] -- monAlbumPhoto_is1
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\AcerUtil]
[HKCU\Software\Acer]
[HKCU\Software\Adobe]
[HKCU\Software\Agence-Exclusive]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\IncrediMail_MediaBar_Francais_2]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\AppDataLow]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\IM]
[HKCU\Software\ImInstaller]
[HKCU\Software\IncrediMail]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MAP-DN]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept (Adobe2)]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Norton]
[HKCU\Software\OEM]
[HKCU\Software\Packard Bell]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\Spamihilator]
[HKCU\Software\Wow6432Node]
[HKCU\Software\monAlbumPhoto]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AcerUtil]
[HKLM\Software\Acer]
[HKLM\Software\Adobe]
[HKLM\Software\Agence-Exclusive]
[HKLM\Software\Audible]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\Cyberlink]
[HKLM\Software\DivXNetworks]
[HKLM\Software\Google]
[HKLM\Software\ImInstaller]
[HKLM\Software\IncrediMail_MediaBar_Francais_2]
[HKLM\Software\Intel]
[HKLM\Software\MAP-DN]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\OOBEOffer]
[HKLM\Software\OemSetup]
[HKLM\Software\Packard Bell]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Sonic]
[HKLM\Software\Spamihilator]
[HKLM\Software\Symantec]
[HKLM\Software\TrendMicro]
[HKLM\Software\Volatile]
[HKLM\Software\Waves Audio]
[HKLM\Software\WebSupergoo]
[HKLM\Software\WildTangent]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/10/2011 - 10:12:26 - [8732888] ----D- C:\Program Files\CCleaner
O43 - CFD: 28/10/2011 - 19:18:34 - [67003134] ----D- C:\Program Files\Common Files
O43 - CFD: 12/11/2011 - 18:25:00 - [90256916] ----D- C:\Program Files\DVD Maker
O43 - CFD: 21/10/2011 - 14:49:36 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 12/05/2010 - 08:13:54 - [979992] ----D- C:\Program Files\Google
O43 - CFD: 12/11/2011 - 18:24:58 - [5181469] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 14/07/2009 - 08:45:56 - [148931122] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 14/07/2009 - 06:32:40 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 12/05/2010 - 07:54:50 - [11160702] ----D- C:\Program Files\NVIDIA Corporation
O43 - CFD: 12/05/2010 - 08:24:14 - [17577906] ----D- C:\Program Files\Packard Bell
O43 - CFD: 21/10/2011 - 14:50:14 - [252321] ----D- C:\Program Files\PB Accessory Store
O43 - CFD: 12/05/2010 - 08:10:16 - [1825075] ----D- C:\Program Files\Preload
O43 - CFD: 12/05/2010 - 08:00:50 - [12164256] ----D- C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 06:32:40 - [36813993] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 28/10/2011 - 19:18:40 - [0] ----D- C:\Program Files\Symantec
O43 - CFD: 14/07/2009 - 06:09:28 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 12/11/2011 - 18:24:46 - [4039680] ----D- C:\Program Files\Windows Defender
O43 - CFD: 12/11/2011 - 18:24:56 - [9224824] ----D- C:\Program Files\Windows Journal
O43 - CFD: 12/11/2011 - 18:25:00 - [6667776] ----D- C:\Program Files\Windows Mail
O43 - CFD: 12/11/2011 - 18:24:58 - [7687085] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 21/10/2011 - 14:49:36 - [12627636] ----D- C:\Program Files\Windows NT
O43 - CFD: 12/11/2011 - 18:24:56 - [5516056] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 12/11/2011 - 18:24:58 - [244736] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 12/11/2011 - 18:25:00 - [7270453] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 29/10/2011 - 21:27:24 - [53171957] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 14/07/2009 - 04:20:10 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 04:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 28/10/2011 - 19:18:38 - [1025416] ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 13/11/2011 - 08:01:46 - [12194291] ----D- C:\Program Files\Common Files\System
O43 - CFD: 12/05/2010 - 08:10:16 - [160] ----D- C:\ProgramData\Acer
O43 - CFD: 21/10/2011 - 14:57:08 - [556405133] ----D- C:\ProgramData\Adobe
O43 - CFD: 04/11/2011 - 08:45:48 - [248462758] ----D- C:\ProgramData\albumphoto
O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 21/10/2011 - 14:49:36 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 21/10/2011 - 14:49:36 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 12/05/2010 - 08:13:58 - [1049283] ----D- C:\ProgramData\Google
O43 - CFD: 28/10/2011 - 20:39:56 - [141] ----D- C:\ProgramData\IM
O43 - CFD: 28/10/2011 - 20:38:54 - [6358102] ----D- C:\ProgramData\IncrediMail
O43 - CFD: 29/10/2011 - 10:04:50 - [16208] ----D- C:\ProgramData\McAfee
O43 - CFD: 29/10/2011 - 10:04:50 - [849] ----D- C:\ProgramData\McAfee Security Scan
O43 - CFD: 21/10/2011 - 14:49:36 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 28/10/2011 - 22:43:52 - [144703001] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 21/10/2011 - 14:49:36 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 12/05/2010 - 08:16:00 - [11083261] ----D- C:\ProgramData\Nero
O43 - CFD: 28/10/2011 - 19:18:56 - [406054135] ----D- C:\ProgramData\Norton
O43 - CFD: 12/05/2010 - 08:20:38 - [711485] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 21/10/2011 - 14:52:50 - [253500] ----D- C:\ProgramData\NVIDIA
O43 - CFD: 21/10/2011 - 14:52:56 - [144] ----D- C:\ProgramData\OEM
O43 - CFD: 12/05/2010 - 08:12:26 - [27633] ----D- C:\ProgramData\Packard Bell
O43 - CFD: 12/05/2010 - 08:14:00 - [1516988] ----D- C:\ProgramData\Partner
O43 - CFD: 29/10/2011 - 13:36:16 - [1059793] ----D- C:\ProgramData\Photo Notifier and Animation Creator
O43 - CFD: 28/10/2011 - 21:33:52 - [94] ----D- C:\ProgramData\Spamihilator
O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 12/05/2010 - 08:19:16 - [865] ----D- C:\ProgramData\Symantec
O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 12/05/2010 - 08:10:00 - [2116427722] ----D- C:\ProgramData\WildTangent
O43 - CFD: 28/10/2011 - 21:59:28 - [853861] ----D- C:\Users\user\AppData\Roaming\Adobe
O43 - CFD: 29/10/2011 - 09:57:44 - [1450308] ----D- C:\Users\user\AppData\Roaming\Agence-Exclusive
O43 - CFD: 29/10/2011 - 10:09:40 - [8870791] ----D- C:\Users\user\AppData\Roaming\FastStone
O43 - CFD: 13/11/2011 - 22:46:04 - [0] ----D- C:\Users\user\AppData\Roaming\GetRightToGo
O43 - CFD: 28/10/2011 - 19:23:02 - [0] ----D- C:\Users\user\AppData\Roaming\Google
O43 - CFD: 21/10/2011 - 14:52:26 - [0] ----D- C:\Users\user\AppData\Roaming\Identities
O43 - CFD: 21/10/2011 - 15:02:00 - [2860] ----D- C:\Users\user\AppData\Roaming\Macromedia
O43 - CFD: 14/07/2009 - 08:44:40 - [0] ----D- C:\Users\user\AppData\Roaming\Media Center Programs
O43 - CFD: 28/10/2011 - 20:50:46 - [782776] -S--D- C:\Users\user\AppData\Roaming\Microsoft
O43 - CFD: 28/10/2011 - 20:36:24 - [27881523] ----D- C:\Users\user\AppData\Roaming\Mozilla
O43 - CFD: 21/10/2011 - 14:52:50 - [0] ----D- C:\Users\user\AppData\Roaming\OEM
O43 - CFD: 13/11/2011 - 23:22:24 - [25240190] ----D- C:\Users\user\AppData\Roaming\Spamihilator
O43 - CFD: 29/10/2011 - 10:48:42 - [23570219] ----D- C:\Users\user\AppData\Local\Adobe
O43 - CFD: 29/10/2011 - 09:57:44 - [561796] ----D- C:\Users\user\AppData\Local\Agence-Exclusive
O43 - CFD: 21/10/2011 - 14:49:46 - [0] -SH-D- C:\Users\user\AppData\Local\Application Data
O43 - CFD: 29/10/2011 - 13:36:00 - [65832] ----D- C:\Users\user\AppData\Local\Conduit
O43 - CFD: 29/10/2011 - 10:12:48 - [134222029] ----D- C:\Users\user\AppData\Local\Google
O43 - CFD: 21/10/2011 - 14:49:46 - [0] -SH-D- C:\Users\user\AppData\Local\Historique
O43 - CFD: 28/10/2011 - 20:45:24 - [97420498] ----D- C:\Users\user\AppData\Local\IM
O43 - CFD: 28/10/2011 - 20:52:02 - [200365006] ----D- C:\Users\user\AppData\Local\Microsoft
O43 - CFD: 28/10/2011 - 20:36:06 - [173903546] ----D- C:\Users\user\AppData\Local\Mozilla
O43 - CFD: 21/10/2011 - 14:52:54 - [15975] ----D- C:\Users\user\AppData\Local\Packard Bell
O43 - CFD: 13/11/2011 - 23:21:06 - [78377714] ----D- C:\Users\user\AppData\Local\Temp
O43 - CFD: 21/10/2011 - 14:49:46 - [0] -SH-D- C:\Users\user\AppData\Local\Temporary Internet Files
O43 - CFD: 13/11/2011 - 22:57:28 - [11559] ----D- C:\Users\user\AppData\Local\VirtualStore
O43 - CFD: 21/10/2011 - 14:55:48 - [1460151510] ----D- C:\Program Files (x86)\Adobe
O43 - CFD: 21/10/2011 - 14:35:20 - [123382454] ----D- C:\Program Files (x86)\AGEIA Technologies
O43 - CFD: 29/10/2011 - 09:57:44 - [2462467] ----D- C:\Program Files (x86)\Agence-Exclusive
O43 - CFD: 28/10/2011 - 19:45:44 - [718577994] ----D- C:\Program Files (x86)\Common Files
O43 - CFD: 29/10/2011 - 13:36:02 - [638560] ----D- C:\Program Files (x86)\Conduit
O43 - CFD: 29/10/2011 - 10:09:22 - [9568993] ----D- C:\Program Files (x86)\FastStone Image Viewer
O43 - CFD: 29/10/2011 - 10:12:18 - [365704277] ----D- C:\Program Files (x86)\Google
O43 - CFD: 29/10/2011 - 13:35:22 - [27527654] ----D- C:\Program Files (x86)\IncrediMail
O43 - CFD: 29/10/2011 - 13:36:02 - [4932414] ----D- C:\Program Files (x86)\IncrediMail_MediaBar_Francais_2
O43 - CFD: 12/05/2010 - 08:14:06 - [18667137] --H-D- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 12/11/2011 - 18:25:10 - [4593948] ----D- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 31/10/2011 - 10:45:12 - [9710258] ----D- C:\Program Files (x86)\McAfee Security Scan
O43 - CFD: 21/10/2011 - 14:59:32 - [226432] ----D- C:\Program Files (x86)\Microsoft
O43 - CFD: 29/10/2011 - 08:33:40 - [38412395] ----D- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 21/10/2011 - 15:00:16 - [1829877] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 29/10/2011 - 08:44:42 - [15715] ----D- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 04/11/2011 - 08:41:58 - [97229784] ----D- C:\Program Files (x86)\monAlbumPhoto
O43 - CFD: 12/11/2011 - 18:18:52 - [38155362] ----D- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/07/2009 - 06:32:40 - [25757] ----D- C:\Program Files (x86)\MSBuild
O43 - CFD: 29/10/2011 - 21:26:52 - [0] ----D- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 12/05/2010 - 08:16:42 - [377644923] ----D- C:\Program Files (x86)\Nero
O43 - CFD: 12/05/2010 - 08:21:22 - [165516840] ----D- C:\Program Files (x86)\Norton Internet Security
O43 - CFD: 12/05/2010 - 08:20:38 - [25197201] ----D- C:\Program Files (x86)\NortonInstaller
O43 - CFD: 21/10/2011 - 14:50:26 - [106432] ----D- C:\Program Files (x86)\OEM
O43 - CFD: 21/10/2011 - 15:02:00 - [82612291] ----D- C:\Program Files (x86)\Packard Bell
O43 - CFD: 12/05/2010 - 08:10:00 - [218885562] ----D- C:\Program Files (x86)\Packard Bell Games
O43 - CFD: 29/10/2011 - 13:36:16 - [2757956] ----D- C:\Program Files (x86)\Photo Notifier and Animation Creator
O43 - CFD: 12/05/2010 - 08:00:44 - [3357289] ----D- C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 06:32:40 - [39159041] ----D- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 28/10/2011 - 21:31:52 - [5615498] ----D- C:\Program Files (x86)\Spamihilator
O43 - CFD: 12/05/2010 - 08:19:16 - [2202256] ----D- C:\Program Files (x86)\Symantec
O43 - CFD: 12/05/2010 - 08:00:54 - [0] --H-D- C:\Program Files (x86)\Temp
O43 - CFD: 13/11/2011 - 22:52:04 - [407872] ----D- C:\Program Files (x86)\Trend Micro
O43 - CFD: 14/07/2009 - 05:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 22/10/2011 - 00:24:28 - [524800] ----D- C:\Program Files (x86)\Windows Defender
O43 - CFD: 28/10/2011 - 20:56:56 - [147804972] ----D- C:\Program Files (x86)\Windows Live
O43 - CFD: 21/10/2011 - 14:59:10 - [245112] ----D- C:\Program Files (x86)\Windows Live SkyDrive
O43 - CFD: 12/11/2011 - 18:25:12 - [6181376] ----D- C:\Program Files (x86)\Windows Mail
O43 - CFD: 12/11/2011 - 18:25:10 - [5024017] ----D- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 06:32:40 - [12197556] ----D- C:\Program Files (x86)\Windows NT
O43 - CFD: 12/11/2011 - 18:25:10 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 12/11/2011 - 18:25:10 - [189952] ----D- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 12/11/2011 - 18:25:12 - [5994626] ----D- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 13/11/2011 - 23:22:22 - [7892099] ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD: 21/10/2011 - 14:57:08
0
Réponse 4 / 6
m-a-o-u-s-i Messages postés 188 Date d'inscription dimanche 29 mai 2011 Statut Membre Dernière intervention 28 janvier 2013 51
Modifié par m-a-o-u-s-i le 14/11/2011 à 13:00
Salut,

Tu peux déjà faire ceci :
▣ Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
▣ Lance le, clique sur Recherche puis patiente le temps du scan.
▣ Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[R1].txt

→→→ refais un ZHPDiag, mais héberge ton rapport ici stp, et donne moi le lien de l'hébergement.
ø¤º°'°º¤øO miaouss - souris à long terme Oø¤º°'°º¤ø
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 6
drine29
14 nov. 2011 à 15:54
Salut,

je poste mon rapport ici aussi, parce que je ne suis pas trop sûr de bien faire sur l'autre lien....
Voici le rapport de Adw cleaner :

# AdwCleaner v1.318 - Rapport créé le 14/11/2011 à 14:51:49
# Mis à jour le 13/11/11 à 21h par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : user - USER-PC (Administrateur)
# Exécuté depuis : C:\Users\user\Downloads\adwcleaner0.exe
# Option [Recherche]


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Présent : C:\Users\user\AppData\Roaming\Agence-Exclusive
Dossier Présent : C:\Users\user\AppData\Local\Agence-Exclusive
Dossier Présent : C:\Users\user\AppData\Local\Conduit
Dossier Présent : C:\Users\user\AppData\LocalLow\Conduit
Dossier Présent : C:\Program Files (x86)\Agence-Exclusive
Dossier Présent : C:\Program Files (x86)\Conduit
Dossier Présent : C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nw2h3t0k.default\ConduitCommon

***** [Registre] *****

Clé Présente : HKCU\Software\Agence-Exclusive
Clé Présente : HKCU\Software\AppDataLow\Toolbar
Clé Présente : HKCU\Software\AppDataLow\Software\Conduit
Clé Présente : HKLM\SOFTWARE\Agence-Exclusive
Clé Présente : HKLM\SOFTWARE\Conduit
Clé Présente : HKLM\SOFTWARE\Classes\PCTutoBHO.PCTBHO
Clé Présente : HKLM\SOFTWARE\Classes\PCTutoBHO.PCTBHO.1
Clé Présente : HKLM\SOFTWARE\Classes\AppID\PCTutoBHO.DLL
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{759F1421-4D31-4c1f-8C51-E4956A037676}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{0BF73E27-2734-4F7B-925A-4BBB1457F5FA}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{293A63F7-C3B6-423A-9845-901AC0A7EE6E}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PcTuto_is1
Valeur Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [PcTuto]

***** [Registre (x64)] *****

Clé Présente : HKCU\Software\Agence-Exclusive
Clé Présente : HKCU\Software\AppDataLow\Toolbar
Clé Présente : HKCU\Software\AppDataLow\Software\Conduit
Clé Présente : HKLM\SOFTWARE\Classes\PCTutoBHO.PCTBHO
Clé Présente : HKLM\SOFTWARE\Classes\PCTutoBHO.PCTBHO.1
Clé Présente : HKLM\SOFTWARE\Classes\AppID\PCTutoBHO.DLL
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{759F1421-4D31-4c1f-8C51-E4956A037676}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{0BF73E27-2734-4F7B-925A-4BBB1457F5FA}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{293A63F7-C3B6-423A-9845-901AC0A7EE6E}

***** [Navigateurs] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v8.0 (fr)

Profil : nw2h3t0k.default
Fichier : C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nw2h3t0k.default\prefs.js

Présente : user_pref("CT2724431..clientLogIsEnabled", true);
Présente : user_pref("CT2724431..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Présente : user_pref("CT2724431..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Présente : user_pref("CT2724431.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Présente : user_pref("CT2724431.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Présente : user_pref("CT2724431.CTID", "CT2724431");
Présente : user_pref("CT2724431.CurrentServerDate", "14-11-2011");
Présente : user_pref("CT2724431.DSInstall", true);
Présente : user_pref("CT2724431.DialogsAlignMode", "LTR");
Présente : user_pref("CT2724431.DialogsGetterLastCheckTime", "Sat Nov 12 2011 17:34:49 GMT+0100");
Présente : user_pref("CT2724431.DownloadReferralCookieData", "");
Présente : user_pref("CT2724431.FeedLastCount129251218914197895", 100);
Présente : user_pref("CT2724431.FeedPollDate129251218859354142", "Mon Nov 14 2011 14:49:25 GMT+0100");
Présente : user_pref("CT2724431.FeedPollDate129251218914197895", "Mon Nov 14 2011 14:49:25 GMT+0100");
Présente : user_pref("CT2724431.FirstServerDate", "29-10-2011");
Présente : user_pref("CT2724431.FirstTime", true);
Présente : user_pref("CT2724431.FirstTimeFF3", true);
Présente : user_pref("CT2724431.FixPageNotFoundErrors", false);
Présente : user_pref("CT2724431.GroupingServerCheckInterval", 1440);
Présente : user_pref("CT2724431.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Présente : user_pref("CT2724431.HPInstall", false);
Présente : user_pref("CT2724431.HasUserGlobalKeys", true);
Présente : user_pref("CT2724431.HomePageProtectorEnabled", false);
Présente : user_pref("CT2724431.HomepageBeforeUnload", "hxxp://mystart.incredimail.com/?a=19emFSWT0Xf");
Présente : user_pref("CT2724431.Initialize", true);
Présente : user_pref("CT2724431.InitializeCommonPrefs", true);
Présente : user_pref("CT2724431.InstallationAndCookieDataSentCount", 3);
Présente : user_pref("CT2724431.InstallationId", "ConduitStubGeneric");
Présente : user_pref("CT2724431.InstallationType", "ConduitStubIntegration");
Présente : user_pref("CT2724431.InstalledDate", "Sat Oct 29 2011 14:44:05 GMT+0200");
Présente : user_pref("CT2724431.InvalidateCache", false);
Présente : user_pref("CT2724431.IsAlertDBUpdated", true);
Présente : user_pref("CT2724431.IsGrouping", false);
Présente : user_pref("CT2724431.IsInitSetupIni", true);
Présente : user_pref("CT2724431.IsMulticommunity", false);
Présente : user_pref("CT2724431.IsOpenThankYouPage", false);
Présente : user_pref("CT2724431.IsOpenUninstallPage", true);
Présente : user_pref("CT2724431.LanguagePackLastCheckTime", "Sun Nov 13 2011 20:27:35 GMT+0100");
Présente : user_pref("CT2724431.LanguagePackReloadIntervalMM", 1440);
Présente : user_pref("CT2724431.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Présente : user_pref("CT2724431.LastLogin_3.7.0.6", "Sat Nov 12 2011 17:34:49 GMT+0100");
Présente : user_pref("CT2724431.LastLogin_3.8.0.8", "Mon Nov 14 2011 14:50:58 GMT+0100");
Présente : user_pref("CT2724431.LatestVersion", "3.8.0.8");
Présente : user_pref("CT2724431.Locale", "fr");
Présente : user_pref("CT2724431.MCDetectTooltipHeight", "83");
Présente : user_pref("CT2724431.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Présente : user_pref("CT2724431.MCDetectTooltipWidth", "295");
Présente : user_pref("CT2724431.MyStuffEnabledAtInstallation", true);
Présente : user_pref("CT2724431.OriginalFirstVersion", "3.7.0.6");
Présente : user_pref("CT2724431.RadioIsPodcast", false);
Présente : user_pref("CT2724431.RadioLastCheckTime", "Sun Nov 13 2011 18:04:38 GMT+0100");
Présente : user_pref("CT2724431.RadioLastUpdateIPServer", "3");
Présente : user_pref("CT2724431.RadioLastUpdateServer", "129251287354370000");
Présente : user_pref("CT2724431.RadioMediaID", "21095466");
Présente : user_pref("CT2724431.RadioMediaType", "Media Player");
Présente : user_pref("CT2724431.RadioMenuSelectedID", "EBRadioMenu_CT272443121095466");
Présente : user_pref("CT2724431.RadioShrinkedFromSetup", false);
Présente : user_pref("CT2724431.RadioStationName", "ckln.fm");
Présente : user_pref("CT2724431.RadioStationURL", "hxxp://141.117.225.9:8000");
Présente : user_pref("CT2724431.SearchCaption", "IncrediMail MediaBar Francais 2 Customized Web Search");
Présente : user_pref("CT2724431.SearchEngineBeforeUnload", "MyStart Search");
Présente : user_pref("CT2724431.SearchFromAddressBarIsInit", true);
Présente : user_pref("CT2724431.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT272[...]
Présente : user_pref("CT2724431.SearchInNewTabEnabled", true);
Présente : user_pref("CT2724431.SearchInNewTabIntervalMM", 1440);
Présente : user_pref("CT2724431.SearchInNewTabLastCheckTime", "Sun Nov 13 2011 20:27:34 GMT+0100");
Présente : user_pref("CT2724431.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Présente : user_pref("CT2724431.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Présente : user_pref("CT2724431.SearchProtectorEnabled", false);
Présente : user_pref("CT2724431.SearchProtectorToolbarDisabled", false);
Présente : user_pref("CT2724431.SendProtectorDataViaLogin", true);
Présente : user_pref("CT2724431.ServiceMapLastCheckTime", "Sun Nov 13 2011 18:04:50 GMT+0100");
Présente : user_pref("CT2724431.SettingsLastCheckTime", "Mon Nov 14 2011 14:50:57 GMT+0100");
Présente : user_pref("CT2724431.SettingsLastUpdate", "1318867442");
Présente : user_pref("CT2724431.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2724431&SearchSource=13");
Présente : user_pref("CT2724431.ThirdPartyComponentsInterval", 504);
Présente : user_pref("CT2724431.ThirdPartyComponentsLastCheck", "Sat Oct 29 2011 14:44:04 GMT+0200");
Présente : user_pref("CT2724431.ThirdPartyComponentsLastUpdate", "1255344667");
Présente : user_pref("CT2724431.ToolbarShrinkedFromSetup", false);
Présente : user_pref("CT2724431.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2724431");
Présente : user_pref("CT2724431.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Présente : user_pref("CT2724431.UserID", "UN96861839475807827");
Présente : user_pref("CT2724431.WeatherNetwork", "");
Présente : user_pref("CT2724431.WeatherPollDate", "Mon Nov 14 2011 14:49:25 GMT+0100");
Présente : user_pref("CT2724431.WeatherUnit", "C");
Présente : user_pref("CT2724431.alertChannelId", "1116697");
Présente : user_pref("CT2724431.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Présente : user_pref("CT2724431.globalFirstTimeInfoLastCheckTime", "Mon Nov 14 2011 14:50:58 GMT+0100");
Présente : user_pref("CT2724431.homepageProtectorEnableByLogin", true);
Présente : user_pref("CT2724431.initDone", true);
Présente : user_pref("CT2724431.isAppTrackingManagerOn", true);
Présente : user_pref("CT2724431.isFirstRadioInstallation", false);
Présente : user_pref("CT2724431.myStuffEnabled", true);
Présente : user_pref("CT2724431.myStuffPublihserMinWidth", 400);
Présente : user_pref("CT2724431.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Présente : user_pref("CT2724431.myStuffServiceIntervalMM", 1440);
Présente : user_pref("CT2724431.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Présente : user_pref("CT2724431.oldAppsList", "129248981533442178,129248981533598429,111,129248986100446699,129[...]
Présente : user_pref("CT2724431.revertSettingsEnabled", false);
Présente : user_pref("CT2724431.searchProtectorDialogDelayInSec", 10);
Présente : user_pref("CT2724431.searchProtectorEnableByLogin", true);
Présente : user_pref("CT2724431.testingCtid", "");
Présente : user_pref("CT2724431.toolbarAppMetaDataLastCheckTime", "Sun Nov 13 2011 18:04:50 GMT+0100");
Présente : user_pref("CT2724431.toolbarContextMenuLastCheckTime", "Sat Nov 12 2011 17:34:49 GMT+0100");
Présente : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1116697/1112401/FR", "\"0\"[...]
Présente : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2724431", [...]
Présente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Présente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Présente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Présente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Présente : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Présente : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Présente : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2724431",[...]
Présente : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2724431&octid=[...]
Présente : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=fr", "\"864[...]
Présente : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\user\\AppData\\Roaming\\Mozilla\\Fi[...]
Présente : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.0.8");
Présente : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://mystart.incredimail.com/?loc=ff_a[...]
Présente : user_pref("CommunityToolbar.ToolbarsList", "CT2724431");
Présente : user_pref("CommunityToolbar.ToolbarsList2", "CT2724431");
Présente : user_pref("CommunityToolbar.ToolbarsList4", "CT2724431");
Présente : user_pref("CommunityToolbar.globalUserId", "b35bcf98-d35c-4f13-af2e-2c6aba078404");
Présente : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Présente : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Présente : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Nov 12 2011 17:34:5[...]
Présente : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Présente : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Nov 13 2011 18:04:49 GMT+010[...]
Présente : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Présente : user_pref("CommunityToolbar.notifications.locale", "en");
Présente : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Présente : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Nov 13 2011 22:34:16 GMT+0100");
Présente : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Présente : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Présente : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Présente : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Présente : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Présente : user_pref("CommunityToolbar.notifications.userId", "2ec56321-2c75-441e-ad1b-1ae8f0fe7a16");
Présente : user_pref("CommunityToolbar.originalHomepage", "hxxp://mystart.incredimail.com/?a=19emFSWT0Xf");
Présente : user_pref("CommunityToolbar.originalSearchEngine", "MyStart Search");

-\\ Google Chrome v [Impossible d'obtenir la version]

Fichier : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[R1].txt - [15175 octets] - [14/11/2011 14:51:49]

########## EOF - C:\AdwCleaner[R1].txt - [15304 octets] ##########
0
m-a-o-u-s-i Messages postés 188 Date d'inscription dimanche 29 mai 2011 Statut Membre Dernière intervention 28 janvier 2013 51
14 nov. 2011 à 18:59
Salut,

Il faut absolument que tu héberges le rapport ZHPDiag sur le site, sinon il sera incomplet !

fais ceci stp :
▣ Relance Adwcleaner et appuies cette fois ci sur Suppression, puis poste le rapport

Relance un ZHPDiag
▣ Lorsque l'analyse est terminée, rends toi ici
▣ Clique sur le bouton parcourir et choisis le fichier "ZHPDiag.txt" qui est sur ton bureau
▣ Clique sur "Envoyer le fichier"
▣ Copies/colle le lien de l'hébergement dans ta prochaine réponse
0
Réponse 6 / 6
drine29
14 nov. 2011 à 16:11
J'ai refait un ZHPdiag, voici le rapport,

Rapport de ZHPDiag v1.28.2235 par Nicolas Coolman, Update du 13/11/2011
Run by user at 14/11/2011 15:56:01
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
State : Version à jour.


---\\ Web Browser
MSIE: Internet Explorer v8.0.7601.17514
MFIE: Mozilla Firefox 8.0 v8.0 (Defaut)
GCIE: Google Chrome v15.0.874.120

---\\ Windows Product Information
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095 MB (62% free)
System Restore: Activé (Enable)
System drive C: has 684 GB (94%) free of 726 GB

---\\ Logged in mode
~ Computer Name: USER-PC
~ User Name: user
~ All Users Names: user, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\user\AppData\Roaming\
~ %Desktop% : C:\Users\user\Desktop\
~ %Favorites% : C:\Users\user\Favorites\
~ %LocalAppData% : C:\Users\user\AppData\Local\
~ %StartMenu% : C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 684 Go of 726 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 658 Go of 658 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Free 0 Go of 4 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.28/10/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.DD81D91FF3B0763C392422865C9AC12E] - (....) (.14/07/2009 - 02:39:31.) -- C:\Windows\system32\rundll32.exe [45568]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\system32\Wininit.exe [129024]
[MD5.DB33A1489C1DA1F37AC2D84CB9756DD1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.28/10/2011 - 06:37:58.) -- C:\Windows\system32\wininet.dll [1188864]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.30/10/2011 - 14:25:30.) -- C:\Windows\system32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.30/10/2011 - 14:27:26.) -- C:\Windows\system32\sppcomapi.dll [232448]
[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (....) (.30/10/2011 - 14:07:20.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]
[MD5.D5B031C308A409A0A576BFF4CF083D30] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/10/2011 - 03:34:03.) -- C:\Windows\system32\drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.30/10/2011 - 10:19:21.) -- C:\Windows\system32\drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.30/10/2011 - 10:26:32.) -- C:\Windows\system32\drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.30/10/2011 - 11:43:43.) -- C:\Windows\system32\drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.28/10/2011 - 03:40:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.30/10/2011 - 10:23:20.) -- C:\Windows\system32\drivers\netBT.sys [261632]
[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.30/10/2011 - 07:41:34.) -- C:\Windows\system32\drivers\ntfs.sys [1659776]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.30/10/2011 - 11:52:35.) -- C:\Windows\system32\drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.30/10/2011 - 10:21:56.) -- C:\Windows\system32\drivers\tdx.sys [119296]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 21/2456
~ Mes Favoris (My Favorites) : 3/30
~ Mes Documents (My Documents) : 1/7
~ Mon Bureau (My Desktop) : 1/3
~ Menu demarrer (Programs) : 6/22
~ Scan Hidden Files in 00mn 01s



---\\ Processus lancés
[MD5.B4187346F54E362DAFFE647B25A58D50] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe [126400] [PID.]
[MD5.8BB80C36099C364BD04DF2856757E7B7] - (.Agence-Exclusive - autoupdater.) -- C:\Users\user\AppData\Roaming\Agence-Exclusive\Agence-Exclusive\autoupdater.exe [671360] [PID.3192]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.]
[MD5.89F7C30A91E5581BDF14C62AB46A2B2D] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [255536] [PID.3416]
[MD5.DC5CFA8FCD9AE10BAA39C23B2D35324F] - (.Pas de propriétaire - Hotkey Utility.) -- C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe [563744] [PID.3596]
[MD5.010B151D3A3ED4D4447E6ADDA47C565A] - (.Michel Krämer - Spamihilator.) -- C:\Program Files (x86)\Spamihilator\spamihilator.exe [1512448] [PID.3672]
[MD5.5E0810A04D2C9AC2DC79D1E6885F5805] - (.PcTuto - PcTuto.) -- C:\Program Files (x86)\Agence-Exclusive\pctuto.exe [1040000] [PID.3716]
[MD5.F370905AB2C99FC3196F250619EE0766] - (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe [366024] [PID.4876]
[MD5.820BF41BF2471E360DFE0577CAFD4040] - (.IncrediMail, Ltd. - IncrediMail Tray Application.) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe [263624] [PID.4916]
[MD5.90A3525C7399B7784D28F99EA1A51C4C] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616] [PID.4064]
[MD5.15BB6D4F6FE6E13E718904BAB63F2711] - (...) -- C:\Users\user\Downloads\adwcleaner0.exe [536695] [PID.5820]
[MD5.D1D89B046E466B7B00AC3ACEC68CE830] - (.Google Inc. - Picasa.) -- C:\Program Files (x86)\Google\Picasa3\Picasa3.exe [8861176] [PID.2172]
[MD5.4CB4054659ABEEEF925B153E2290E634] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [924632] [PID.156]
[MD5.2EB900AAF0159A6973B0D360E23429C9] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [703488] [PID.4660]
[MD5.816FD5A6F3C2F3D600900096632FC60E] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496] [PID.]
[MD5.F9EC9ACD504D823D9B9CA98A4F8D3CA2] - (.Acer Group - Updater Service.) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232] [PID.]
~ Scan Processes Running in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nw2h3t0k.default\prefs.js
M3 - MFPP: Plugins - [user] -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nw2h3t0k.default\searchplugins\MyStart Search.xml
M0 - MFSP: prefs.js [user - nw2h3t0k.default] about:home
M2 - MFEP: prefs.js [user - nw2h3t0k.default\{249d74a3-bd19-4657-b6ce-e62f480a20de}] [] IncrediMail MediaBar Francais 2 Community Toolbar v3.8.0.8 (.Conduit Ltd..)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll
R3 - URLSearchHook: IncrediMail MediaBar Francais 2 Toolbar [64Bits] - {249d74a3-bd19-4657-b6ce-e62f480a20de} . (.Conduit Ltd. - Conduit Toolbar.) (6.4.0.0) -- C:\Program Files (x86)\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll
R3 - URLSearchHook: IncrediMail MediaBar Francais 2 Toolbar [64Bits] - {249d74a3-bd19-4657-b6ce-e62f480a20de} . (.Conduit Ltd. - Conduit Toolbar.) (6.4.0.0) -- C:\Program Files (x86)\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Partner BHO Class [64Bits] - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} . (.Google Inc. - Partner application.) -- C:\ProgramData\Partner\Partner64.dll
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IncrediMail MediaBar Francais 2 [64Bits] - {249d74a3-bd19-4657-b6ce-e62f480a20de} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll
O2 - BHO: PCTBHO [64Bits] - {293A63F7-C3B6-423a-9845-901AC0A7EE6E} . (.PcTuto - ....) -- C:\Program Files (x86)\Agence-Exclusive\pctutoBHO.dll
O2 - BHO: (no name) [64Bits] - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Symantec NCO BHO [64Bits] - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention [64Bits] - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL
O2 - BHO: Partner BHO Class [64Bits] - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} . (.Google Inc. - Partner application.) -- C:\ProgramData\Partner\Partner.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar [64Bits] - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
~ Scan Toolbar in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [EPSON SX210 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFDE.exe
O4 - HKLM\..\Wow6432Node\Run: [NortonOnlineBackupReminder] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Hotkey Utility] . (.Pas de propriétaire - Hotkey Utility.) -- C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Wow6432Node\Run: [pctuto] . (.PcTuto - PcTuto.) -- C:\Program Files (x86)\Agence-Exclusive\pctuto.exe
O4 - HKLM\..\Wow6432Node\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Wow6432Node\RunOnce: [autoupdater] . (.Agence-Exclusive - autoupdater.) -- C:\Users\user\AppData\Roaming\Agence-Exclusive\Agence-Exclusive\autoupdater.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-3592750672-1629582901-98073017-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-3592750672-1629582901-98073017-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-3592750672-1629582901-98073017-1000\..\Run: [EPSON SX210 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFDE.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\user\Desktop\HijackThis.lnk . (.Trend Micro Inc..) -- C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
O4 - Global Startup: C:\Users\user\Desktop\monAlbumPhoto.lnk . (.monAlbumPhoto.) -- C:\Program Files (x86)\monAlbumPhoto\monAlbumPhoto.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk . (.IncrediMail, Ltd..) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\monAlbumPhoto.lnk . (.monAlbumPhoto.) -- C:\Program Files (x86)\monAlbumPhoto\monAlbumPhoto.exe
O4 - Global Startup: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk . (.Google Inc..) -- C:\Program Files (x86)\Google\Picasa3\Picasa3.exe
~ Scan Global Startup in 00mn 00s



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - (.not file.) - C:\Windows\system32\GPhotos.scr
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll
~ Scan IE Menu Contextuel in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Scan Winsock in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2C401808-8BCA-4674-B591-419B6C833CC9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2C401808-8BCA-4674-B591-419B6C833CC9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2C401808-8BCA-4674-B591-419B6C833CC9}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
~ Scan Protocole Additionnel in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) (ForceWare Intelligent Application Manager (IAM)) . (.Pas de propriétaire - app_filter Module.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: GRegService (Greg_Service) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Norton Internet Security (NIS) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
O23 - Service: ForceWare IP service (nSvcIp) . (.Pas de propriétaire - NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 191.0.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: Updater Service (Updater Service) . (.Acer Group - Updater Service.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
~ Scan Services in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Epson Printer Software Downloader.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.E7FAF17B920ACCE36C191B9151B10AB4] [APT] [Epson Printer Software Downloader] (.SEIKO EPSON CORPORATION.) -- C:\Program Files (x86)\EPSON\EPAPDL\E_SAPDL2.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.825A86E1E637424D7EED7AC341E0826F] [APT] [Symantec Error Analyzer 17.9.0.12] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\SymErr.exe
[MD5.825A86E1E637424D7EED7AC341E0826F] [APT] [Symantec Error Processor 17.9.0.12] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\SymErr.exe
~ Scan Scheduled Task in 00mn 02s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (BHDrvx64) . (.Symantec Corporation - BASH Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20111027.001\BHDrvx64.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (ccHP) . (.Symantec Corporation - Common Client Hash Provider Driver.) - C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys
O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
O41 - Driver: (IDSVia64) . (.Symantec Corporation - IDS Core Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20111111.030\IDSvia64.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys
O41 - Driver: (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.sys
O41 - Driver: (SymIRON) . (.Symantec Corporation - Iron Driver.) - C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.sys
O41 - Driver: (SYMTDIv) . (.Symantec Corporation - Network Dispatch Driver.) - C:\Windows\system32\Drivers\NISx64\1109000.00C\SYMTDIV.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin 64-bit - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop Elements 8.0 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Photoshop Elements 8.0
O42 - Logiciel: Adobe Reader 9.1 MUI - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-FFFF-7B44-A91000000001}
O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM] -- {B2EC4A38-B545-4A00-8214-13FE0E915E6D}
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM] -- WT078791
O42 - Logiciel: Blasterball 3 - (.WildTangent.) [HKLM] -- WT078960
O42 - Logiciel: Bob the Builder Can-Do-Zoo - (.WildTangent.) [HKLM] -- WT078964
O42 - Logiciel: Build-a-lot 2 - (.WildTangent.) [HKLM] -- WT079363
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Chicken Invaders 3 - Revenge of the Yolk - (.WildTangent.) [HKLM] -- WT079366
O42 - Logiciel: Désinstaller l'imprimante EPSON SX210 Series - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON SX210 Series
O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner
O42 - Logiciel: Epson Easy Photo Print 2 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {87C2248A-C7DD-49ED-9BCD-B312A9D0819E}
O42 - Logiciel: Epson Event Manager - (.SEIKO EPSON Corporation.) [HKLM] -- {48F22622-1CC2-4A83-9C1E-644DD96F832D}
O42 - Logiciel: Epson Printer Software Downloader - (.Pas de propriétaire.) [HKLM] -- Epson Printer Software Downloader
O42 - Logiciel: Epson Printer Software Downloader - (.SEIKO EPSON CORPORATION.) [HKLM] -- {B6A98E5F-D6A7-46FB-9E9D-1F7BF4434001}
O42 - Logiciel: Epson Stylus SX210_SX410_TX210_TX410 Manuel - (.Pas de propriétaire.) [HKLM] -- Epson Stylus SX210_SX410_TX210_TX410 Guide d'utilisation
O42 - Logiciel: Escape Rosecliff Island - (.WildTangent.) [HKLM] -- WT079395
O42 - Logiciel: FATE - The Traitor Soul - (.WildTangent.) [HKLM] -- WT079024
O42 - Logiciel: Faerie Solitaire - (.WildTangent.) [HKLM] -- WT079020
O42 - Logiciel: FastStone Image Viewer 4.6 - (.FastStone Soft.) [HKLM] -- FastStone Image Viewer
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Hotkey Utility - (.Packard Bell.) [HKLM] -- Hotkey Utility
O42 - Logiciel: Identity Card - (.Packard Bell.) [HKLM] -- Identity Card
O42 - Logiciel: IncrediMail - (.IncrediMail.) [HKLM] -- {5E97F3BD-CDDC-4188-9D98-532E14FABB5D}
O42 - Logiciel: IncrediMail 2.0 - (.IncrediMail Ltd..) [HKLM] -- IncrediMail
O42 - Logiciel: IncrediMail MediaBar Francais 2 Toolbar - (.IncrediMail MediaBar Francais 2.) [HKLM] -- IncrediMail_MediaBar_Francais_2 Toolbar
O42 - Logiciel: Insaniquarium Deluxe - (.WildTangent.) [HKLM] -- WT078806
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: Jewel Quest - (.WildTangent.) [HKLM] -- WT079064
O42 - Logiciel: Jewel Quest Solitaire 3 - (.WildTangent.) [HKLM] -- WT079068
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Mahjongg Artifacts - (.WildTangent.) [HKLM] -- WT079397
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {CC1DB186-550F-3CFE-A2A9-EBA5E5A34BC1}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox 8.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 8.0 (x86 fr)
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA ForceWare Network Access Manager - (.NVIDIA Corporation.) [HKLM] -- {7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
O42 - Logiciel: NVIDIA ForceWare Network Access Manager - (.Pas de propriétaire.) [HKLM] -- InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
O42 - Logiciel: Nero 9 Essentials - (.Nero AG.) [HKLM] -- {a95d88e8-5e17-4bbc-9dd3-975dbb06d879}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM] -- {BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM] -- {F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}
O42 - Logiciel: Nero DiscSpeed - (.Nero AG.) [HKLM] -- {869200DB-287A-4DC0-B02B-2B6787FBCD4C}
O42 - Logiciel: Nero DiscSpeed Help - (.Nero AG.) [HKLM] -- {CC019E3F-59D2-4486-8D4B-878105B62A71}
O42 - Logiciel: Nero DriveSpeed - (.Nero AG.) [HKLM] -- {33CF58F5-48D8-4575-83D6-96F574E4D83A}
O42 - Logiciel: Nero DriveSpeed Help - (.Nero AG.) [HKLM] -- {E5C7D048-F9B4-4219-B323-8BDB01A2563D}
O42 - Logiciel: Nero Express Help - (.Nero AG.) [HKLM] -- {83202942-84B3-4C50-8622-B8C0AA2D2885}
O42 - Logiciel: Nero InfoTool - (.Nero AG.) [HKLM] -- {FBCDFD61-7DCF-4E71-9226-873BA0053139}
O42 - Logiciel: Nero InfoTool Help - (.Nero AG.) [HKLM] -- {20400DBD-E6DB-45B8-9B6B-1DD7033818EC}
O42 - Logiciel: Nero Installer - (.Nero AG.) [HKLM] -- {E8A80433-302B-4FF1-815D-FCC8EAC482FF}
O42 - Logiciel: Nero Online Upgrade - (.Nero AG.) [HKLM] -- {C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}
O42 - Logiciel: Nero StartSmart - (.Nero AG.) [HKLM] -- {7748AC8C-18E3-43BB-959B-088FAEA16FB2}
O42 - Logiciel: Nero StartSmart Help - (.Nero AG.) [HKLM] -- {2348B586-C9AE-46CE-936C-A68E9426E214}
O42 - Logiciel: Nero StartSmart OEM - (.Nero AG.) [HKLM] -- {4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}
O42 - Logiciel: NeroExpress - (.Nero AG.) [HKLM] -- {595A3116-40BB-4E0F-A2E8-D7951DA56270}
O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM] -- NIS
O42 - Logiciel: Norton Online Backup - (.Symantec.) [HKLM] -- {C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PCTuto 1.1 - (.Agence-Exclusive.) [HKLM] -- PCTuto_is1
O42 - Logiciel: Packard Bell Game Console - (.WildTangent.) [HKLM] -- Packard Bell Game Console
O42 - Logiciel: Packard Bell Games - (.WildTangent.) [HKLM] -- WildTangent packardbell Master Uninstall
O42 - Logiciel: Packard Bell InfoCentre - (.Packard Bell.) [HKLM] -- Packard Bell InfoCentre
O42 - Logiciel: Packard Bell Recovery Management - (.Packard Bell.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Packard Bell Registration - (.Packard Bell.) [HKLM] -- Packard Bell Registration
O42 - Logiciel: Packard Bell ScreenSaver - (.Packard Bell Incorporated.) [HKLM] -- Packard Bell Screensaver
O42 - Logiciel: Packard Bell Software Suite SE - (.Packard Bell.) [HKLM] -- Packard Bell Software Suite SE
O42 - Logiciel: Packard Bell Updater - (.Packard Bell.) [HKLM] -- {EE171732-BEB4-4576-887D-CB62727F01CA}
O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM] -- WT079108
O42 - Logiciel: Photo Notifier and Animation Creator - (.IncrediMail Ltd..) [HKLM] -- Photo Notifier and Animation Creator
O42 - Logiciel: Photo Notifier and Animation Creator - (.Nom de votre société.) [HKLM] -- {6B7F28D4-160E-40C6-B7C8-5EC6B9734DA7}
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM] -- WT079116
O42 - Logiciel: Polar Golfer - (.WildTangent.) [HKLM] -- WT079120
O42 - Logiciel: Polar Pool - (.WildTangent.) [HKLM] -- WT079124
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870
O42 - Logiciel: Spamihilator 0.9.9.53 (32 bit) - (.Michel Krämer.) [HKLM] -- {6D14916C-EC29-40FC-8FFB-08A66576BE78}
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523
O42 - Logiciel: Virtual Families - (.WildTangent.) [HKLM] -- WT079421
O42 - Logiciel: Virtual Villagers - A New Home - (.WildTangent.) [HKLM] -- WT079177
O42 - Logiciel: Visionneuse Microsoft PowerPoint - (.Microsoft Corporation.) [HKLM] -- {95140000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Welcome Center - (.Packard Bell.) [HKLM] -- Packard Bell Welcome Center
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {230B83A5-7D88-4B95-B71E-F44C0C78B002}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}
O42 - Logiciel: Yahtzee - (.WildTangent.) [HKLM] -- WT079184
O42 - Logiciel: Zuma Deluxe - (.WildTangent.) [HKLM] -- WT078833
O42 - Logiciel: eBay Worldwide - (.OEM.) [HKLM] -- {E0B19DF7-B1C7-4937-82C4-0E4B1E346965}
O42 - Logiciel: monAlbumPhoto - (.monAlbumPhoto.) [HKLM] -- monAlbumPhoto_is1
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ABBYY]
[HKCU\Software\AcerUtil]
[HKCU\Software\Acer]
[HKCU\Software\Adobe]
[HKCU\Software\Agence-Exclusive]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\IncrediMail_MediaBar_Francais_2]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\AppDataLow]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\EPSON]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\IM]
[HKCU\Software\ImInstaller]
[HKCU\Software\IncrediMail]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MAP-DN]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept (Adobe2)]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Norton]
[HKCU\Software\OEM]
[HKCU\Software\Packard Bell]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\Spamihilator]
[HKCU\Software\Wow6432Node]
[HKCU\Software\monAlbumPhoto]
[HKLM\Software\ABBYY]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AcerUtil]
[HKLM\Software\Acer]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Agence-Exclusive]
[HKLM\Software\Audible]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\Cyberlink]
[HKLM\Software\DivXNetworks]
[HKLM\Software\EPSON]
[HKLM\Software\Google]
[HKLM\Software\ImInstaller]
[HKLM\Software\IncrediMail_MediaBar_Francais_2]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\MAP-DN]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\OOBEOffer]
[HKLM\Software\OemSetup]
[HKLM\Software\Packard Bell]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Sonic]
[HKLM\Software\Spamihilator]
[HKLM\Software\Symantec]
[HKLM\Software\TrendMicro]
[HKLM\Software\Volatile]
[HKLM\Software\Waves Audio]
[HKLM\Software\WebSupergoo]
[HKLM\Software\WildTangent]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/10/2011 - 10:12:26 - [8732888] ----D- C:\Program Files\CCleaner
O43 - CFD: 28/10/2011 - 19:18:34 - [67003134] ----D- C:\Program Files\Common Files
O43 - CFD: 12/11/2011 - 18:25:00 - [90256916] ----D- C:\Program Files\DVD Maker
O43 - CFD: 21/10/2011 - 14:49:36 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 12/05/2010 - 08:13:54 - [979992] ----D- C:\Program Files\Google
O43 - CFD: 12/11/2011 - 18:24:58 - [5181469] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 14/07/2009 - 08:45:56 - [148931122] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 14/07/2009 - 06:32:40 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 12/05/2010 - 07:54:50 - [11160702] ----D- C:\Program Files\NVIDIA Corporation
O43 - CFD: 12/05/2010 - 08:24:14 - [17577906] ----D- C:\Program Files\Packard Bell
O43 - CFD: 21/10/2011 - 14:50:14 - [252321] ----D- C:\Program Files\PB Accessory Store
O43 - CFD: 12/05/2010 - 08:10:16 - [1825075] ----D- C:\Program Files\Preload
O43 - CFD: 12/05/2010 - 08:00:50 - [12164256] ----D- C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 06:32:40 - [36813993] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 28/10/2011 - 19:18:40 - [0] ----D- C:\Program Files\Symantec
O43 - CFD: 14/07/2009 - 06:09:28 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 12/11/2011 - 18:24:46 - [4039680] ----D- C:\Program Files\Windows Defender
O43 - CFD: 12/11/2011 - 18:24:56 - [9224824] ----D- C:\Program Files\Windows Journal
O43 - CFD: 12/11/2011 - 18:25:00 - [6667776] ----D- C:\Program Files\Windows Mail
O43 - CFD: 12/11/2011 - 18:24:58 - [7687085] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 21/10/2011 - 14:49:36 - [12627636] ----D- C:\Program Files\Windows NT
O43 - CFD: 12/11/2011 - 18:24:56 - [5516056] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 12/11/2011 - 18:24:58 - [244736] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 12/11/2011 - 18:25:00 - [7270453] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 29/10/2011 - 21:27:24 - [53171957] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 14/07/2009 - 04:20:10 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 04:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 28/10/2011 - 19:18:38 - [1025416] ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 13/11/2011 - 08:01:46 - [12194291] ----D- C:\Program Files\Common Files\System
O43 - CFD: 12/05/2010 - 08:10:16 - [160] ----D- C:\ProgramData\Acer
O43 - CFD: 21/10/2011 - 14:57:08 - [556405133] ----D- C:\ProgramData\Adobe
O43 - CFD: 04/11/2011 - 08:45:48 - [248462758] ----D- C:\ProgramData\albumphoto
O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 21/10/2011 - 14:49:36 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 14/11/2011 - 08:19:36 - [8335064] ----D- C:\ProgramData\EPSON
O43 - CFD: 21/10/2011 - 14:49:36 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 12/05/2010 - 08:13:58 - [1049283] ----D- C:\ProgramData\Google
O43 - CFD: 28/10/2011 - 20:39:56 - [141] ----D- C:\ProgramData\IM
O43 - CFD: 28/10/2011 - 20:38:54 - [6358102] ----D- C:\ProgramData\IncrediMail
O43 - CFD: 29/10/2011 - 10:04:50 - [16208] ----D- C:\ProgramData\McAfee
O43 - CFD: 29/10/2011 - 10:04:50 - [850] ----D- C:\ProgramData\McAfee Security Scan
O43 - CFD: 21/10/2011 - 14:49:36 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 28/10/2011 - 22:43:52 - [113316267] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 21/10/2011 - 14:49:36 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 12/05/2010 - 08:16:00 - [11083261] ----D- C:\ProgramData\Nero
O43 - CFD: 28/10/2011 - 19:18:56 - [408077362] ----D- C:\ProgramData\Norton
O43 - CFD: 12/05/2010 - 08:20:38 - [711485] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 21/10/2011 - 14:52:50 - [253500] ----D- C:\ProgramData\NVIDIA
O43 - CFD: 21/10/2011 - 14:52:56 - [144] ----D- C:\ProgramData\OEM
O43 - CFD: 12/05/2010 - 08:12:26 - [29567] ----D- C:\ProgramData\Packard Bell
O43 - CFD: 12/05/2010 - 08:14:00 - [1516988] ----D- C:\ProgramData\Partner
O43 - CFD: 29/10/2011 - 13:36:16 - [1059793] ----D- C:\ProgramData\Photo Notifier and Animation Creator
O43 - CFD: 28/10/2011 - 21:33:52 - [94] ----D- C:\ProgramData\Spamihilator
O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 12/05/2010 - 08:19:16 - [865] ----D- C:\ProgramData\Symantec
O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 14/11/2011 - 08:32:38 - [3498] ----D- C:\ProgramData\UDL
O43 - CFD: 12/05/2010 - 08:10:00 - [2116427722] ----D- C:\ProgramData\WildTangent
O43 - CFD: 28/10/2011 - 21:59:28 - [853861] ----D- C:\Users\user\AppData\Roaming\Adobe
O43 - CFD: 29/10/2011 - 09:57:44 - [1450308] ----D- C:\Users\user\AppData\Roaming\Agence-Exclusive
O43 - CFD: 14/11/2011 - 09:05:36 - [2535] ----D- C:\Users\user\AppData\Roaming\Epson
O43 - CFD: 29/10/2011 - 10:09:40 - [8870791] ----D- C:\Users\user\AppData\Roaming\FastStone
O43 - CFD: 13/11/2011 - 22:46:04 - [0] ----D- C:\Users\user\AppData\Roaming\GetRightToGo
O43 - CFD: 28/10/2011 - 19:23:02 - [0] ----D- C:\Users\user\AppData\Roaming\Google
O43 - CFD: 21/10/2011 - 14:52:26 - [0] ----D- C:\Users\user\AppData\Roaming\Identities
O43 - CFD: 14/11/2011 - 08:22:32 - [0] ----D- C:\Users\user\AppData\Roaming\InstallShield
O43 - CFD: 21/10/2011 - 15:02:00 - [3284] ----D- C:\Users\user\AppData\Roaming\Macromedia
O43 - CFD: 14/07/2009 - 08:44:40 - [0] ----D- C:\Users\user\AppData\Roaming\Media Center Programs
O43 - CFD: 28/10/2011 - 20:50:46 - [812862] -S--D- C:\Users\user\AppData\Roaming\Microsoft
O43 - CFD: 28/10/2011 - 20:36:24 - [23114984] ----D- C:\Users\user\AppData\Roaming\Mozilla
O43 - CFD: 21/10/2011 - 14:52:50 - [0] ----D- C:\Users\user\AppData\Roaming\OEM
O43 - CFD: 14/11/2011 - 15:54:46 - [25655352] ----D- C:\Users\user\AppData\Roaming\Spamihilator
O43 - CFD: 29/10/2011 - 10:48:42 - [23570219] ----D- C:\Users\user\AppData\Local\Adobe
O43 - CFD: 29/10/2011 - 09:57:44 - [561028] ----D- C:\Users\user\AppData\Local\Agence-Exclusive
O43 - CFD: 21/10/2011 - 14:49:46 - [0] -SH-D- C:\Users\user\AppData\Local\Application Data
O43 - CFD: 29/10/2011 - 13:36:00 - [65832] ----D- C:\Users\user\AppData\Local\Conduit
O43 - CFD: 14/11/2011 - 08:13:12 - [404744] ----D- C:\Users\user\AppData\Local\ElevatedDiagnostics
O43 - CFD: 29/10/2011 - 10:12:48 - [148534006] ----D- C:\Users\user\AppData\Local\Google
O43 - CFD: 21/10/2011 - 14:49:46 - [0] -SH-D- C:\Users\user\AppData\Local\Historique
O43 - CFD: 28/10/2011 - 20:45:24 - [102340153] ----D- C:\Users\user\AppData\Local\IM
O43 - CFD: 14/11/2011 - 10:31:54 - [225436867] ----D- C:\Users\user\AppData\Local\Microsoft
O43 - CFD: 28/10/2011 - 20:36:06 - [221884419] ----D- C:\Users\user\AppData\Local\Mozilla
O43 - CFD: 21/10/2011 - 14:52:54 - [15975] ----D- C:\Users\user\AppData\Local\Packard Bell
O43 - CFD: 14/11/2011 - 15:50:24 - [84182697] ----D- C:\Users\user\AppData\Local\Temp
O43 - CFD: 21/10/2011 - 14:49:46 - [0] -SH-D- C:\Users\user\AppData\Local\Temporary Internet Files
O43 - CFD: 13/11/2011 - 22:57:28 - [11559] ----D- C:\Users\user\AppData\Local\VirtualStore
O43 - CFD: 14/11/2011 - 08:29:18 - [124428625] ----D- C:\Program Files (x86)\ABBYY FineReader 6.0 Sprint
O43 - CFD: 21/10/2011 - 14:55:48 - [1460151510] ----D- C:\Program Files (x86)\Adobe
O43 - CFD: 21/10/2011 - 14:35:20 - [123382454] ----D- C:\Program Files (x86)\AGEIA Technologies
O43 - CFD: 29/10/2011 - 09:57:44 - [2462467] ----D- C:\Program Files (x86)\Agence-Exclusive
O43 - CFD: 28/10/2011 - 19:45:44 - [829034689] ----D- C:\Program Files (x86)\Common Files
O43 - CFD: 29/10/2011 - 13:36:02 - [638560] ----D- C:\Program Files (x86)\Conduit
O43 - CFD: 14/11/2011 - 08:33:16 - [15080106] ----D- C:\Program Files (x86)\epson
O43 - CFD: 14/11/2011 - 08:32:12 - [119857606] ----D- C:\Program Files (x86)\Epson Software
O43 - CFD: 29/10/2011 - 10:09:22 - [9568993] ----D- C:\Program Files (x86)\FastStone Image Viewer
O43 - CFD: 29/10/2011 - 10:12:18 - [364899357] ----D- C:\Program Files (x86)\Google
O43 - CFD: 29/10/2011 - 13:35:22 - [27527654] ----D- C:\Program Files (x86)\IncrediMail
0
Chris 94 Messages postés 50978 Date d'inscription mardi 8 janvier 2008 Statut Modérateur Dernière intervention 17 février 2023 7 327
14 nov. 2011 à 19:05
Bonsoir,

Rapport tronqué.

Merci d'utiliser pijoint selon l'indication de m-a-o-u-s-i.
0

Discussions similaires

apparation intempestives de pub type site de rencontre et photo dans le même ton
Crokino -
Crokino -

6 réponses
Pub intempestive sur smartphone Android.
Camitte -
Yoyo -

31 réponses
Candy crush
eric2850 -
MPMP10 -

6 réponses
Publicité s'ouvre toute seule ! ?
RRD91 -
crisgoss -

51 réponses
Pub incessantes sur mon téléphone
safiya.l -
Mia -

6 réponses