Probleme avec Gomeo et TopPrixNet
toapze
Messages postés
758
Statut
Membre
-
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
depuis une semaine (installation de Norton Internet Security)
j'ai un problème avec la recherche.
a chaque recherche je suis redirigé vers TopPrixNet ou gomeo.
Je ne sais pas c'est quoi ce truc es ce un virus.
si le cas comment faire?
merci a tous.
depuis une semaine (installation de Norton Internet Security)
j'ai un problème avec la recherche.
a chaque recherche je suis redirigé vers TopPrixNet ou gomeo.
Je ne sais pas c'est quoi ce truc es ce un virus.
si le cas comment faire?
merci a tous.
21 réponses
slt
Télécharge ZHPDiag ( de Nicolas coolman ).
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
(outil de diagnostic)
Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )
Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Executer en tant qu'admin ( vista )
Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.
Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.
Rend toi sur Cjoint : http://www.cijoint.fr/
Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "
Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau
Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message
Télécharge ZHPDiag ( de Nicolas coolman ).
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
(outil de diagnostic)
Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )
Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Executer en tant qu'admin ( vista )
Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.
Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.
Rend toi sur Cjoint : http://www.cijoint.fr/
Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "
Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau
Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message
BONJOUR.
Voici le lien.
que faire maintenant?
merci
http://www.cijoint.fr/cjlink.php?file=cj201101/cijJWjvcNW.txt
Voici le lien.
que faire maintenant?
merci
http://www.cijoint.fr/cjlink.php?file=cj201101/cijJWjvcNW.txt
télécharge ad remover et colle un rapport de nettoyage avec
http://www.teamxscript.org/adremover.html
a plus
http://www.teamxscript.org/adremover.html
a plus
Re, Bonjour..
======= RAPPORT D'AD-REMOVER 2.0.0.2,D | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 29/01/11 à 16:00
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [3]) -> Lancé à 12:19:07 le 31/01/2011, Mode normal
Microsoft Windows 7 Édition Familiale Premium (X64)
jean claude@JEANCLAUDE-PC (Gigabyte Technology Co., Ltd. G31M-ES2L)
============== ACTION(S) ==============
(!) -- Fichiers temporaires supprimés.
============== SCAN ADDITIONNEL ==============
** Mozilla Firefox Version [3.6.13 (fr)] **
-- C:\Users\jean claude\AppData\Roaming\Mozilla\FireFox\Profiles\m7tta386.default\Prefs.js --
browser.download.lastDir, C:\\Users\\jean claude\\Pictures
browser.search.defaultenginename, iMesh Web Search
browser.search.defaulturl, hxxp://www.google.fr/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
browser.search.selectedEngine, Google
browser.startup.homepage, igoogle
browser.startup.homepage_override.buildID, 20101104131838
browser.startup.homepage_override.mstone, rv:1.9.2.13
keyword.URL, hxxp://search.imesh.com/web?src=ffb&systemid=1&q=
========================================
** Internet Explorer Version [9.0.7930.16406] **
[HKCU\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\SysWOW64\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 438 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 16 Fichier(s)
C:\Ad-Report-CLEAN[3].txt - 31/01/2011 (2465 Octet(s))
Fin à: 12:20:09, 31/01/2011
======= RAPPORT D'AD-REMOVER 2.0.0.2,D | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 29/01/11 à 16:00
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [3]) -> Lancé à 12:19:07 le 31/01/2011, Mode normal
Microsoft Windows 7 Édition Familiale Premium (X64)
jean claude@JEANCLAUDE-PC (Gigabyte Technology Co., Ltd. G31M-ES2L)
============== ACTION(S) ==============
(!) -- Fichiers temporaires supprimés.
============== SCAN ADDITIONNEL ==============
** Mozilla Firefox Version [3.6.13 (fr)] **
-- C:\Users\jean claude\AppData\Roaming\Mozilla\FireFox\Profiles\m7tta386.default\Prefs.js --
browser.download.lastDir, C:\\Users\\jean claude\\Pictures
browser.search.defaultenginename, iMesh Web Search
browser.search.defaulturl, hxxp://www.google.fr/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
browser.search.selectedEngine, Google
browser.startup.homepage, igoogle
browser.startup.homepage_override.buildID, 20101104131838
browser.startup.homepage_override.mstone, rv:1.9.2.13
keyword.URL, hxxp://search.imesh.com/web?src=ffb&systemid=1&q=
========================================
** Internet Explorer Version [9.0.7930.16406] **
[HKCU\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\SysWOW64\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 438 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 16 Fichier(s)
C:\Ad-Report-CLEAN[3].txt - 31/01/2011 (2465 Octet(s))
Fin à: 12:20:09, 31/01/2011
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Rapport de ZHPDiag v1.27.1520 par Nicolas Coolman, Update du 29/01/2011
Run by jean claude at 31/01/2011 14:39:29
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr
---\\ Web Browser
MSIE: Internet Explorer v9.0.7930.16406
GCIE: Google Chrome
---\\ System Information
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Processor: Intel64 Family 6 Model 15 Stepping 13, GenuineIntel
Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3061 MB (58% free)
System Restore: Activé (Enable)
System drive C: has 894 GB (96%) free of 931 GB
---\\ Logged in mode
Computer Name: JEANCLAUDE-PC
User Name: jean claude
All Users Names: jean claude, HomeGroupUser$, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
%AppData%=%USERPROFILE%\AppData\Roaming
%LocalAppData%=%USERPROFILE%\AppData\Local
%StartMenu%=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 894 Go of 931 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ Hard drive, Flash drive, Thumb drive (Free 178 Go of 288 Go)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
L:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
---\\ Recherche particulière de fichiers génériques
[MD5.9AAAEC8DAC27AA17B053E6352AD233AE] - (.Microsoft Corporation - Explorateur Windows.) (.31/10/2009 07:34:59.) -- C:\Windows\Explorer.exe [2870272]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
---\\ Processus lancés
[MD5.EF1FDB2A4B30AA4761376183FD81CC18] - (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe [282624]
[MD5.18654D5E0DC33B7F0F895264A5DE80DA] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe [130000]
[MD5.7859B07BEEC41BD58EA2799F3ED08F04] - (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\Orange\IEWInternet\Launcher\Launcher.exe [725744]
[MD5.34DBD4AC87A674C58C08AEC4D3B12D58] - (.France Telecom SA - Pas de description.) -- C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe [94208]
[MD5.804366077E3D344F69B8CBE3E72FB1E1] - (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\Orange\IEWInternet\systray\systrayapp.exe [245760]
[MD5.900DD246E30FE0E14CB4769EFEC98421] - (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\Orange\IEWInternet\connectivity\connectivitymanager.exe [1007616]
[MD5.0FADCAF58981259C7662F370ADD65523] - (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\Orange\IEWInternet\PhoneTools\TextMessaging.exe [1110016]
[MD5.F2AC1BCE279ED2A8A39DE8A930849B23] - (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\Orange\IEWInternet\Deskboard\deskboard.exe [1368064]
[MD5.C18EB2CAE1E149F461D2869D5D43C207] - (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\Orange\IEWInternet\connectivity\CoreCom\CoreCom.exe [540672]
[MD5.C298DA177C2D463B19CE4E2A877C0C19] - (.France Telecom SA - Pas de description.) -- C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe [94208]
[MD5.0E20A3213ED010FC4997D1EF48082ABC] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [912344]
[MD5.57EBA0BF30D365ED683BE9E042A35821] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [623616]
---\\ Internet Explorer, Démarrage,Recherche,URSearchHook (R0,R1,R3)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.7930.16406 (WIN7_IE9_Beta.100831-2345)) -- C:\Windows\System32\ieframe.dll
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKLM\..\Wow6432Node\Run: [CardDetectorHUAWEI1752_1552] . (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe
O4 - HKLM\..\Wow6432Node\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] . (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\Orange\IEWInternet\SessionManager\SessionManager.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-3451399772-2271016148-2060826799-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-3451399772-2271016148-2060826799-1001\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\jean claude\Desktop\AD-R.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Ad-Remover\main.exe
O4 - Global Startup: C:\Documents And Settings\jean claude\Desktop\Revo Uninstaller.lnk . (.VS Revo Group.) -- C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
O4 - Global Startup: C:\Documents And Settings\jean claude\Desktop\Sudoku.lnk . (.Olivier RAVET olravet@yahoo.fr.) -- C:\Program Files (x86)\Sudoku\Sudoku.exe
O4 - Global Startup: C:\Documents And Settings\jean claude\Desktop\XnView.lnk . (.XnView, http://www.xnview.com.) -- C:\Program Files (x86)\XnView\xnview.exe
O4 - Global Startup: C:\Users\jean claude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\jean claude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\jean claude\Desktop\AD-R.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Ad-Remover\main.exe
O4 - Global Startup: C:\Users\jean claude\Desktop\Revo Uninstaller.lnk . (.VS Revo Group.) -- C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
O4 - Global Startup: C:\Users\jean claude\Desktop\Sudoku.lnk . (.Olivier RAVET olravet@yahoo.fr.) -- C:\Program Files (x86)\Sudoku\Sudoku.exe
O4 - Global Startup: C:\Users\jean claude\Desktop\XnView.lnk . (.XnView, http://www.xnview.com.) -- C:\Program Files (x86)\XnView\xnview.exe
O4 - Global Startup: C:\Users\jean claude\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FrostWire 4.21.3.lnk . (.FrostWire Group.) -- C:\Program Files (x86)\FrostWire\FrostWire.exe
O4 - Global Startup: C:\Users\jean claude\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\jean claude\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\jean claude\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline
O4 - Global Startup: C:\Users\jean claude\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline
O4 - Global Startup: C:\Users\jean claude\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\XnView.lnk . (.XnView, http://www.xnview.com.) -- C:\Program Files (x86)\XnView\xnview.exe
O4 - Global Startup: C:\Users\jean claude\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk . (.Yahoo! Inc..) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: &Envoyer à OneNote - (.not file.) - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~1\Office12\EXCEL.exe
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000009\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2785CF44-42DC-4B65-BCDA-91CC6D022452}: NameServer = 192.168.10.110
O17 - HKLM\System\CS1\Services\Tcpip\..\{2785CF44-42DC-4B65-BCDA-91CC6D022452}: NameServer = 192.168.10.110
O17 - HKLM\System\CS2\Services\Tcpip\..\{2785CF44-42DC-4B65-BCDA-91CC6D022452}: NameServer = 192.168.10.110
O17 - HKLM\System\CCS\Services\Tcpip\..\{AB2283B6-7F53-45FD-96A5-E07D8567F8C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{AB2283B6-7F53-45FD-96A5-E07D8567F8C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{AB2283B6-7F53-45FD-96A5-E07D8567F8C3}: DhcpNameServer = 192.168.1.1
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Pas de propriétaire - Pas de description.) -- igfxdev.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (AcrSch2Svc) . (.Acronis - Acronis Scheduler 2.) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: (afcdpsrv) . (.Acronis - File Level CDP Manager Service.) - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: (FTRTSVC) . (.France Telecom SA - Pas de description.) - C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: (NIS) - Clé orpheline
O23 - Service: (WMPNetworkSvc32) - Clé orpheline
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (.Pas de propriétaire.) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.)
[MD5.BDEE1AEE61C63AB26A8A4F6B760B7388] [APT] [RealUpgradeLogonTaskS-1-5-21-3451399772-2271016148-2060826799-1001] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
[MD5.BDEE1AEE61C63AB26A8A4F6B760B7388] [APT] [RealUpgradeScheduledTaskS-1-5-21-3451399772-2271016148-2060826799-1001] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
[MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
[MD5.0B31398CFD63D4FF577EF0E112C27041] [APT] [Norton Error Analyzer 18.5.0.125] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\SymErr.exe
[MD5.0B31398CFD63D4FF577EF0E112C27041] [APT] [Norton Error Processor 18.5.0.125] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\SymErr.exe
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (BHDrvx64) . (.Symantec Corporation - BASH Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110114.001\BHDrvx64.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
O41 - Driver: (IDSVia64) . (.Symantec Corporation - IDS Core Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110128.003\IDSvia64.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\drivers\NISx64\1205000.07D\SRTSPX64.sys
O41 - Driver: (SymIRON) . (.Symantec Corporation - Iron Driver.) - C:\Windows\system32\drivers\NISx64\1205000.07D\Ironx64.sys
O41 - Driver: (SymNetS) . (.Symantec Corporation - Network Security Driver.) - C:\Windows\system32\Drivers\NISx64\1205000.07D\SYMNETS.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: 3D Belote 2.2 - (.Scatlaws Software.) [HKLM][64Bits] -- {14D9F432-4B8F-4F2C-8087-274F8156484D}_is1
O42 - Logiciel: Acronis True Image Home 2011 - (.Acronis.) [HKLM][64Bits] -- {04A3A6B0-8E19-49BB-82FF-65C5A55F917D}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA0000000001}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {EE6097DD-05F4-4178-9719-D3170BF098E8}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {963BFE7E-C350-4346-B43C-B02358306A45}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Card Detector for Huawei E1752 and E1552 - (.Pas de propriétaire.) [HKLM][64Bits] -- CardDetectorHUAWEI1752_1552
O42 - Logiciel: Cinergy T Stick MKII V9.06.3.01 - (.Pas de propriétaire.) [HKLM][64Bits] -- Cinergy T Stick MKII
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: FrostWire 4.21.3 - (.FrostWire Team.) [HKLM][64Bits] -- FrostWire
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: Internet Everywhere - (.Pas de propriétaire.) [HKLM][64Bits] -- {BEWINTERNET-FR-DMGP-V2}.UninstallSuite
O42 - Logiciel: Java(TM) 6 Update 23 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216023FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: K-Lite Codec Pack 6.6.6 (Basic) - (.Pas de propriétaire.) [HKLM][64Bits] -- KLiteCodecPack_is1
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{E64BA721-2310-4B55-BE5A-2925F9706192}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-040C-1000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0044-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Office 64-bit Components 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM][64Bits] -- {95140000-007A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- PROPLUS
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit - (.Microsoft Corporation.) [HKLM][64Bits] -- {95140000-007D-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {8220EEFE-38CD-377E-8595-13398D740ACE}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Mozilla Firefox (3.6.13) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox (3.6.13)
O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM][64Bits] -- NIS
O42 - Logiciel: PL-2303 USB-to-Serial - (.Pas de propriétaire.) [HKLM][64Bits] -- {ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}
O42 - Logiciel: Real Alternative 2.0.2 - (.Pas de propriétaire.) [HKLM][64Bits] -- RealAlt_is1
O42 - Logiciel: RealNetworks - Microsoft Visual C++ 2008 Runtime - (.RealNetworks, Inc.) [HKLM][64Bits] -- {7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM][64Bits] -- RealPlayer 12.0
O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM][64Bits] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
O42 - Logiciel: Revo Uninstaller 1.90 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller
O42 - Logiciel: SIM MAX - (.SIM MAX.) [HKLM][64Bits] -- {DAC0B889-5359-4FDC-893A-2B8EF6B71B6F}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2289158) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{210B16C0-CEBD-4DE9-B474-04A7E8735E16}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B23002DD-34EC-4988-B810-A5E2A0BF04F1}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer (KB2413381) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3DED0A62-44C8-4E00-A785-5212F297A9D9}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Sudoku V 3.0.2 - (.Olivier RAVET.) [HKLM][64Bits] -- Sudoku_is1
O42 - Logiciel: TerraTec Home Cinema - (.Pas de propriétaire.) [HKLM][64Bits] -- {63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2412171) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{752A0B7C-BD24-4362-AC86-AB63FEE6F46F}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2483110) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{592B47F5-D305-431A-9781-ED6CBB44FA8B}
O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}
O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM][64Bits] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {FE4BE0BD-1EDB-4D24-9614-847B3C472887}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {1B8ABA62-74F0-47ED-B18C-A43128E591B8}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM][64Bits] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM] -- {5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {DA54F80E-261C-41A2-A855-549A144F2F59}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM][64Bits] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM][64Bits] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}
O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM][64Bits] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {92EA4134-10D1-418A-91E1-5A0453131A38}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM][64Bits] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}
O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {DF6D988A-EEA0-4277-AAB8-158E086E439B}
O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}
O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {E02A6548-6FDE-40E2-8ED9-119D7D7E641F}
O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {5E2CD4FB-4538-4831-8176-05D653C3E6D4}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM][64Bits] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM][64Bits] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {09F56A49-A7B1-4AAB-95B9-D13094254AD1}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B9A92DA-6374-4872-B646-253F18624D5F}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM][64Bits] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
O42 - Logiciel: XnView 1.97.8 - (.Gougelet Pierre-e.) [HKLM][64Bits] -- XnView_is1
O42 - Logiciel: Yahoo! Messenger - (.Yahoo! Inc..) [HKLM][64Bits] -- Yahoo! Messenger
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {0C682623-8F66-46A8-B9B3-93FE1E66A001}
O42 - Logiciel: msvcrt_installer - (.SAH.) [HKLM][64Bits] -- {6068A42A-C1CF-45F2-9859-5DB16287FE5D}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\Acronis]
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\Eajygmgbvi]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lavalys]
[HKCU\Software\Lavasoft]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\SCATLAWS]
[HKCU\Software\SFR]
[HKCU\Software\Softonic]
[HKCU\Software\Symantec]
[HKCU\Software\TENCENT]
[HKCU\Software\TerraTec Electronic GmbH]
[HKCU\Software\TerraTec]
[HKCU\Software\Tific]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yahoo]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Acronis]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\GEAR Software]
[HKLM\Software\Intel]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\Wow6432Node]
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10/01/2011 - 20:58:58 ----D- C:\Program Files\Alwil Software
O43 - CFD: 13/12/2010 - 15:04:22 ----D- C:\Program Files\Bonjour
O43 - CFD: 05/12/2010 - 13:25:32 ----D- C:\Program Files\CCleaner
O43 - CFD: 20/01/2011 - 14:22:38 ----D- C:\Program Files\Common Files
O43 - CFD: 14/07/2009 - 16:35:28 ----D- C:\Program Files\DVD Maker
O43 - CFD: 16/11/2010 - 18:42:42 -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 09/12/2010 - 22:13:36 ----D- C:\Program Files\Internet Explorer
O43 - CFD: 04/01/2011 - 22:42:08 ----D- C:\Program Files\iPod
O43 - CFD: 04/01/2011 - 22:42:46 ----D- C:\Program Files\iTunes
O43 - CFD: 14/07/2009 - 16:35:26 ----D- C:\Program Files\Microsoft Games
O43 - CFD: 07/01/2011 - 21:20:32 ----D- C:\Program Files\Microsoft IntelliPoint
O43 - CFD: 07/01/2011 - 21:25:04 ----D- C:\Program Files\Microsoft IntelliType Pro
O43 - CFD: 13/12/2010 - 15:36:22 ----D- C:\Program Files\Microsoft Office
O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\MSBuild
O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 20/01/2011 - 14:22:40 ----D- C:\Program Files\Symantec
O43 - CFD: 17/11/2010 - 09:21:28 ----D- C:\Program Files\TerraTec
O43 - CFD: 14/07/2009 - 06:09:28 --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Defender
O43 - CFD: 14/07/2009 - 16:35:28 ----D- C:\Program Files\Windows Journal
O43 - CFD: 17/11/2010 - 11:47:10 ----D- C:\Program Files\Windows Live
O43 - CFD: 15/12/2010 - 01:32:30 ----D- C:\Program Files\Windows Mail
O43 - CFD: 17/11/2010 - 09:51:04 ----D- C:\Program Files\Windows Media Player
O43 - CFD: 16/11/2010 - 18:42:42 ----D- C:\Program Files\Windows NT
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 13/12/2010 - 15:04:34 ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 13/12/2010 - 15:36:22 ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 20/01/2011 - 14:22:38 ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Common Files\System
O43 - CFD: 16/11/2010 - 20:39:50 ----D- C:\ProgramData\#Short company name#
O43 - CFD: 16/12/2010 - 13:19:44 ----D- C:\ProgramData\2A337
O43 - CFD: 05/12/2010 - 22:14:38 ----D- C:\ProgramData\Acronis
O43 - CFD: 13/12/2010 - 07:25:58 ----D- C:\ProgramData\Adobe
O43 - CFD: 20/01/2011 - 20:15:20 ----D- C:\ProgramData\Alwil Software
O43 - CFD: 21/12/2010 - 18:41:06 ----D- C:\ProgramData\Apple
O43 - CFD: 13/12/2010 - 15:06:04 ----D- C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Application Data
O43 - CFD: 16/11/2010 - 18:42:42 -SH-D- C:\ProgramData\Bureau
O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Documents
O43 - CFD: 16/11/2010 - 18:42:42 -SH-D- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Favorites
O43 - CFD: 06/12/2010 - 19:40:04 ----D- C:\ProgramData\Google
O43 - CFD: 16/11/2010 - 18:31:40 ----D- C:\ProgramData\Hewlett-Packard
O43 - CFD: 10/01/2011 - 17:03:08 ----D- C:\ProgramData\Lavasoft
O43 - CFD: 12/12/2010 - 16:21:50 ----D- C:\ProgramData\McAfee
O43 - CFD: 16/11/2010 - 18:42:42 -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 22/12/2010 - 19:12:44 -S--D- C:\ProgramData\Microsoft
O43 - CFD: 20/01/2011 - 19:53:46 ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 16/11/2010 - 18:42:42 -SH-D- C:\ProgramData\Modèles
O43 - CFD: 20/01/2011 - 14:17:28 ----D- C:\ProgramData\Norton
O43 - CFD: 12/12/2010 - 09:45:52 ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 07/12/2010 - 13:49:10 ----D- C:\ProgramData\Real
O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 21/12/2010 - 17:57:30 ----D- C:\ProgramData\Sun
O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Templates
O43 - CFD: 05/12/2010 - 16:54:50 ----D- C:\ProgramData\TerraTec
O43 - CFD: 23/12/2010 - 06:08:42 ----D- C:\ProgramData\WindSolutions
O43 - CFD: 17/11/2010 - 12:23:20 ----D- C:\ProgramData\Yahoo!
O43 - CFD: 16/11/2010 - 20:39:50 ----D- C:\Users\jean claude\AppData\Roaming\#Short company name#
O43 - CFD: 05/12/2010 - 22:13:58 ----D- C:\Users\jean claude\AppData\Roaming\Acronis
O43 - CFD: 12/12/2010 - 16:26:52 ----D- C:\Users\jean claude\AppData\Roaming\Adobe
O43 - CFD: 21/12/2010 - 18:41:50 ----D- C:\Users\jean claude\AppData\Roaming\Apple Computer
O43 - CFD: 11/01/2011 - 11:29:52 ----D- C:\Users\jean claude\AppData\Roaming\FrostWire
O43 - CFD: 16/11/2010 - 18:43:08 ----D- C:\Users\jean claude\AppData\Roaming\Identities
O43 - CFD: 16/11/2010 - 19:54:28 ----D- C:\Users\jean claude\AppData\Roaming\Macromedia
O43 - CFD: 14/07/2009 - 16:35:06 ----D- C:\Users\jean claude\AppData\Roaming\Media Center Programs
O43 - CFD: 07/12/2010 - 12:02:50 ----D- C:\Users\jean claude\AppData\Roaming\Media Player Classic
O43 - CFD: 24/01/2011 - 20:31:50 -S--D- C:\Users\jean claude\AppData\Roaming\Microsoft
O43 - CFD: 15/12/2010 - 20:39:04 ----D- C:\Users\jean claude\AppData\Roaming\moovida-1
O43 - CFD: 15/12/2010 - 18:44:24 ----D- C:\Users\jean claude\AppData\Roaming\Mozilla
O43 - CFD: 07/12/2010 - 14:25:38 ----D- C:\Users\jean claude\AppData\Roaming\Real
O43 - CFD: 18/12/2010 - 19:59:18 ----D- C:\Users\jean claude\AppData\Roaming\SFR
O43 - CFD: 19/01/2011 - 11:33:16 -SH-D- C:\Users\jean claude\AppData\Roaming\SysWin
O43 - CFD: 06/12/2010 - 11:41:36 ----D- C:\Users\jean claude\AppData\Roaming\Tencent
O43 - CFD: 05/12/2010 - 16:40:44 ----D- C:\Users\jean claude\AppData\Roaming\TerraTec
O43 - CFD: 05/12/2010 - 12:34:24 ----D- C:\Users\jean claude\AppData\Roaming\Tific
O43 - CFD: 23/01/2011 - 11:43:48 ----D- C:\Users\jean claude\AppData\Roaming\vlc
O43 - CFD: 04/12/2010 - 17:08:40 ----D- C:\Users\jean claude\AppData\Roaming\Windows Live Writer
O43 - CFD: 23/12/2010 - 06:08:56 ----D- C:\Users\jean claude\AppData\Roaming\WindSolutions
O43 - CFD: 05/01/2011 - 12:18:08 ----D- C:\Users\jean claude\AppData\Roaming\WinRAR
O43 - CFD: 23/12/2010 - 14:41:50 ----D- C:\Users\jean claude\AppData\Roaming\XnView
O43 - CFD: 17/11/2010 - 02:59:50 ----D- C:\Users\jean claude\AppData\Roaming\Yahoo!
O43 - CFD: 05/12/2010 - 22:07:08 ----D- C:\Program Files (x86)\Acronis
O43 - CFD: 31/01/2011 - 12:05:48 ----D- C:\Program Files (x86)\Ad-Remover
O43 - CFD: 12/12/2010 - 16:24:26 ----D- C:\Program Files (x86)\Adobe
O43 - CFD: 13/12/2010 - 15:04:46 ----D- C:\Program Files (x86)\Apple Software Update
O43 - CFD: 16/11/2010 - 21:20:56 ----D- C:\Program Files (x86)\Bing Bar Installer
O43 - CFD: 13/12/2010 - 15:04:22 ----D- C:\Program Files (x86)\Bonjour
O43 - CFD: 20/01/2011 - 17:56:12 ----D- C:\Program Files (x86)\CardDetector
O43 - CFD: 20/01/2011 - 17:56:42 ----D- C:\Program Files (x86)\Common Files
O43 - CFD: 10/12/2010 - 10:00:38 ----D- C:\Program Files (x86)\Feedback Tool
O43 - CFD: 16/12/2010 - 10:59:38 ----D- C:\Program Files (x86)\Fluendo
O43 - CFD: 11/01/2011 - 10:47:02 ----D- C:\Program Files (x86)\FrostWire
O43 - CFD: 06/12/2010 - 19:40:04 ----D- C:\Program Files (x86)\Google
O43 - CFD: 19/12/2010 - 09:02:44 --H-D- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 09/12/2010 - 22:13:36 ----D- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 04/01/2011 - 22:42:44 ----D- C:\Program Files (x86)\iTunes
O43 - CFD: 21/12/2010 - 17:56:46 ----D- C:\Program Files (x86)\Java
O43 - CFD: 23/12/2010 - 06:18:36 ----D- C:\Program Files (x86)\K-Lite Codec Pack
O43 - CFD: 16/11/2010 - 21:11:42 ----D- C:\Program Files (x86)\Microsoft
O43 - CFD: 13/12/2010 - 15:38:22 ----D- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 13/12/2010 - 15:38:40 ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 12/12/2010 - 14:11:30 ----D- C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 16/11/2010 - 19:18:26 ----D- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 13/12/2010 - 10:02:52 ----D- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 16/11/2010 - 19:20:12 ----D- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 08/01/2011 - 12:52:30 ----D- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 10/12/2010 - 11:48:42 ----D- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7
O43 - CFD: 12/12/2010 - 14:11:46 ----D- C:\Program Files (x86)\MSBuild
O43 - CFD: 06/12/2010 - 12:30:56 ----D- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 20/01/2011 - 14:17:36 ----D- C:\Program Files (x86)\Norton Internet Security
O43 - CFD: 20/01/2011 - 14:16:22 ----D- C:\Program Files (x86)\NortonInstaller
O43 - CFD: 20/01/2011 - 17:58:08 ----D- C:\Program Files (x86)\Orange
O43 - CFD: 11/01/2011 - 10:42:54 ----D- C:\Program Files (x86)\QuickTime
O43 - CFD: 07/12/2010 - 14:25:20 ----D- C:\Program Files (x86)\Real
O43 - CFD: 07/12/2010 - 12:02:10 ----D- C:\Program Files (x86)\Real Alternative
O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 19/12/2010 - 09:01:30 ----D- C:\Program Files (x86)\SIM MAX
O43 - CFD: 16/11/2010 - 22:18:32 ----D- C:\Program Files (x86)\Sudoku
O43 - CFD: 05/12/2010 - 16:53:42 ----D- C:\Program Files (x86)\TerraTec
O43 - CFD: 14/07/2009 - 05:57:08 --H-D- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 17/11/2010 - 04:10:12 ----D- C:\Program Files (x86)\VideoLAN
O43 - CFD: 17/11/2010 - 12:20:22 ----D- C:\Program Files (x86)\VS Revo Group
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Defender
O43 - CFD: 17/11/2010 - 11:51:06 ----D- C:\Program Files (x86)\Windows Live
O43 - CFD: 15/12/2010 - 01:32:30 ----D- C:\Program Files (x86)\Windows Mail
O43 - CFD: 17/11/2010 - 09:51:04 ----D- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files (x86)\Windows NT
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 06:32:42 ----D- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 06/01/2011 - 06:42:30 ----D- C:\Program Files (x86)\WinRAR
O43 - CFD: 08/12/2010 - 16:23:06 ----D- C:\Program Files (x86)\XnView
O43 - CFD: 17/11/2010 - 15:09:34 ----D- C:\Program Files (x86)\Yahoo!
O43 - CFD: 31/01/2011 - 14:39:36 ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD: 13/12/2010 - 15:04:34 ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 13/12/2010 - 15:36:22 ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 20/01/2011 - 14:22:38 ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Common Files\System
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.0000000000000000000000005CEE1800] - 31/01/2011 - 14:37:52 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [2022992]
O44 - LFC:[MD5.65D51732E36A8E06F6049C2B181E0708] - 31/01/2011 - 12:30:12 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [14784]
O44 - LFC:[MD5.65D51732E36A8E06F6049C2B181E0708] - 31/01/2011 - 12:30:12 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [14784]
O44 - LFC:[MD5.9982DE5B241F4776F71698EB4D4FC7E9] - 31/01/2011 - 12:22:49 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [168]
O44 - LFC:[MD5.B8503D618FA43CDABE83751F64B8A7D7] - 31/01/2011 - 12:22:48 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.9991D7BFB1C8D772A9927C5729CE8D35] - 31/01/2011 - 12:20:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-CLEAN[3].txt [2595]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 31/01/2011 - 09:36:34 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.949C5929432D72D57E7899E12D7A0B5D] - 30/01/2011 - 20:19:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\PerfStringBackup.INI [1530874]
O44 - LFC:[MD5.75070E6F10FF56905E14C35885B93567] - 30/01/2011 - 20:19:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc009.dat [104370]
O44 - LFC:[MD5.14B46F70173CA69915E6568051566A43] - 30/01/2011 - 20:19:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc00C.dat [128478]
O44 - LFC:[MD5.1BB6F9D90C0900538190A65884920B2D] - 30/01/2011 - 20:19:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh009.dat [609092]
O44 - LFC:[MD5.8243AE763F78ECF59EE7F7C1E168916C] - 30/01/2011 - 20:19:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh00C.dat [696866]
O44 - LFC:[MD5.33C450681B282F1FBAC68B4D5790BBF8] - 10/01/2011 - 20:59:31 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\SysNative\aswBoot.exe [237168]
O44 - LFC:[MD5.E185BDA84E5F03F4E1D8DCA30E209277] - 10/01/2011 - 17:02:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\epplauncher.mif [1912]
O44 - LFC:[MD5.5EADE8F79F83EA1277F3C8C7192D46DB] - 10/01/2011 - 16:20:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\aaw7boot.log [14626]
O44 - LFC:[MD5.14AC67C7BA40FD54E18B3D5DA90C866C] - 08/01/2011 - 02:42:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\FNTCACHE.DAT [417952]
O44 - LFC:[MD5.AC0612BEB517CACF463E1F5EE76E52FD] - 07/01/2011 - 10:48:05 R--A- . (.GEAR Software Inc. - GEARAspi (x64).) -- C:\Windows\SysNative\GEARAspi64.dll [126312]
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Orange\IEWInternet\Connectivity\ConnectivityManager.exe" [Enabled] .(.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\Orange\IEWInternet\Connectivity\ConnectivityManager.exe
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{0e41bce7-0acf-11e0-b908-6cf049a82892}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- L:\SFR.exe (.not file.)
O51 - MPSK:{6a28203d-248a-11e0-a441-6cf049a82892}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\AutoRunCardDetector.exe (.not file.)
O51 - MPSK:{b27c3147-0ad8-11e0-beed-6cf049a82892}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- L:\SFR.exe (.not file.)
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
O53 - SMSR:HKLM\...\startupreg\AppleSyncNotifier [Key] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O53 - SMSR:HKLM\...\startupreg\BCSSync [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O53 - SMSR:HKLM\...\startupreg\IntelliPoint [Key] . (.Microsoft Corporation - IPoint.exe.) -- c:\Program Files\Microsoft IntelliPoint\ipoint.exe
O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O53 - SMSR:HKLM\
Run by jean claude at 31/01/2011 14:39:29
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr
---\\ Web Browser
MSIE: Internet Explorer v9.0.7930.16406
GCIE: Google Chrome
---\\ System Information
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Processor: Intel64 Family 6 Model 15 Stepping 13, GenuineIntel
Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3061 MB (58% free)
System Restore: Activé (Enable)
System drive C: has 894 GB (96%) free of 931 GB
---\\ Logged in mode
Computer Name: JEANCLAUDE-PC
User Name: jean claude
All Users Names: jean claude, HomeGroupUser$, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
%AppData%=%USERPROFILE%\AppData\Roaming
%LocalAppData%=%USERPROFILE%\AppData\Local
%StartMenu%=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 894 Go of 931 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ Hard drive, Flash drive, Thumb drive (Free 178 Go of 288 Go)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
L:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
---\\ Recherche particulière de fichiers génériques
[MD5.9AAAEC8DAC27AA17B053E6352AD233AE] - (.Microsoft Corporation - Explorateur Windows.) (.31/10/2009 07:34:59.) -- C:\Windows\Explorer.exe [2870272]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
---\\ Processus lancés
[MD5.EF1FDB2A4B30AA4761376183FD81CC18] - (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe [282624]
[MD5.18654D5E0DC33B7F0F895264A5DE80DA] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe [130000]
[MD5.7859B07BEEC41BD58EA2799F3ED08F04] - (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\Orange\IEWInternet\Launcher\Launcher.exe [725744]
[MD5.34DBD4AC87A674C58C08AEC4D3B12D58] - (.France Telecom SA - Pas de description.) -- C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe [94208]
[MD5.804366077E3D344F69B8CBE3E72FB1E1] - (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\Orange\IEWInternet\systray\systrayapp.exe [245760]
[MD5.900DD246E30FE0E14CB4769EFEC98421] - (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\Orange\IEWInternet\connectivity\connectivitymanager.exe [1007616]
[MD5.0FADCAF58981259C7662F370ADD65523] - (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\Orange\IEWInternet\PhoneTools\TextMessaging.exe [1110016]
[MD5.F2AC1BCE279ED2A8A39DE8A930849B23] - (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\Orange\IEWInternet\Deskboard\deskboard.exe [1368064]
[MD5.C18EB2CAE1E149F461D2869D5D43C207] - (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\Orange\IEWInternet\connectivity\CoreCom\CoreCom.exe [540672]
[MD5.C298DA177C2D463B19CE4E2A877C0C19] - (.France Telecom SA - Pas de description.) -- C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe [94208]
[MD5.0E20A3213ED010FC4997D1EF48082ABC] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [912344]
[MD5.57EBA0BF30D365ED683BE9E042A35821] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [623616]
---\\ Internet Explorer, Démarrage,Recherche,URSearchHook (R0,R1,R3)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.7930.16406 (WIN7_IE9_Beta.100831-2345)) -- C:\Windows\System32\ieframe.dll
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKLM\..\Wow6432Node\Run: [CardDetectorHUAWEI1752_1552] . (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe
O4 - HKLM\..\Wow6432Node\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] . (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\Orange\IEWInternet\SessionManager\SessionManager.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-3451399772-2271016148-2060826799-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-3451399772-2271016148-2060826799-1001\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\jean claude\Desktop\AD-R.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Ad-Remover\main.exe
O4 - Global Startup: C:\Documents And Settings\jean claude\Desktop\Revo Uninstaller.lnk . (.VS Revo Group.) -- C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
O4 - Global Startup: C:\Documents And Settings\jean claude\Desktop\Sudoku.lnk . (.Olivier RAVET olravet@yahoo.fr.) -- C:\Program Files (x86)\Sudoku\Sudoku.exe
O4 - Global Startup: C:\Documents And Settings\jean claude\Desktop\XnView.lnk . (.XnView, http://www.xnview.com.) -- C:\Program Files (x86)\XnView\xnview.exe
O4 - Global Startup: C:\Users\jean claude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\jean claude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\jean claude\Desktop\AD-R.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Ad-Remover\main.exe
O4 - Global Startup: C:\Users\jean claude\Desktop\Revo Uninstaller.lnk . (.VS Revo Group.) -- C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
O4 - Global Startup: C:\Users\jean claude\Desktop\Sudoku.lnk . (.Olivier RAVET olravet@yahoo.fr.) -- C:\Program Files (x86)\Sudoku\Sudoku.exe
O4 - Global Startup: C:\Users\jean claude\Desktop\XnView.lnk . (.XnView, http://www.xnview.com.) -- C:\Program Files (x86)\XnView\xnview.exe
O4 - Global Startup: C:\Users\jean claude\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FrostWire 4.21.3.lnk . (.FrostWire Group.) -- C:\Program Files (x86)\FrostWire\FrostWire.exe
O4 - Global Startup: C:\Users\jean claude\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\jean claude\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\jean claude\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline
O4 - Global Startup: C:\Users\jean claude\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline
O4 - Global Startup: C:\Users\jean claude\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\XnView.lnk . (.XnView, http://www.xnview.com.) -- C:\Program Files (x86)\XnView\xnview.exe
O4 - Global Startup: C:\Users\jean claude\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk . (.Yahoo! Inc..) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: &Envoyer à OneNote - (.not file.) - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~1\Office12\EXCEL.exe
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000009\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2785CF44-42DC-4B65-BCDA-91CC6D022452}: NameServer = 192.168.10.110
O17 - HKLM\System\CS1\Services\Tcpip\..\{2785CF44-42DC-4B65-BCDA-91CC6D022452}: NameServer = 192.168.10.110
O17 - HKLM\System\CS2\Services\Tcpip\..\{2785CF44-42DC-4B65-BCDA-91CC6D022452}: NameServer = 192.168.10.110
O17 - HKLM\System\CCS\Services\Tcpip\..\{AB2283B6-7F53-45FD-96A5-E07D8567F8C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{AB2283B6-7F53-45FD-96A5-E07D8567F8C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{AB2283B6-7F53-45FD-96A5-E07D8567F8C3}: DhcpNameServer = 192.168.1.1
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Pas de propriétaire - Pas de description.) -- igfxdev.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (AcrSch2Svc) . (.Acronis - Acronis Scheduler 2.) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: (afcdpsrv) . (.Acronis - File Level CDP Manager Service.) - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: (FTRTSVC) . (.France Telecom SA - Pas de description.) - C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: (NIS) - Clé orpheline
O23 - Service: (WMPNetworkSvc32) - Clé orpheline
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (.Pas de propriétaire.) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.)
[MD5.BDEE1AEE61C63AB26A8A4F6B760B7388] [APT] [RealUpgradeLogonTaskS-1-5-21-3451399772-2271016148-2060826799-1001] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
[MD5.BDEE1AEE61C63AB26A8A4F6B760B7388] [APT] [RealUpgradeScheduledTaskS-1-5-21-3451399772-2271016148-2060826799-1001] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
[MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
[MD5.0B31398CFD63D4FF577EF0E112C27041] [APT] [Norton Error Analyzer 18.5.0.125] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\SymErr.exe
[MD5.0B31398CFD63D4FF577EF0E112C27041] [APT] [Norton Error Processor 18.5.0.125] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\SymErr.exe
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (BHDrvx64) . (.Symantec Corporation - BASH Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110114.001\BHDrvx64.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
O41 - Driver: (IDSVia64) . (.Symantec Corporation - IDS Core Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110128.003\IDSvia64.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\drivers\NISx64\1205000.07D\SRTSPX64.sys
O41 - Driver: (SymIRON) . (.Symantec Corporation - Iron Driver.) - C:\Windows\system32\drivers\NISx64\1205000.07D\Ironx64.sys
O41 - Driver: (SymNetS) . (.Symantec Corporation - Network Security Driver.) - C:\Windows\system32\Drivers\NISx64\1205000.07D\SYMNETS.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: 3D Belote 2.2 - (.Scatlaws Software.) [HKLM][64Bits] -- {14D9F432-4B8F-4F2C-8087-274F8156484D}_is1
O42 - Logiciel: Acronis True Image Home 2011 - (.Acronis.) [HKLM][64Bits] -- {04A3A6B0-8E19-49BB-82FF-65C5A55F917D}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA0000000001}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {EE6097DD-05F4-4178-9719-D3170BF098E8}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {963BFE7E-C350-4346-B43C-B02358306A45}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Card Detector for Huawei E1752 and E1552 - (.Pas de propriétaire.) [HKLM][64Bits] -- CardDetectorHUAWEI1752_1552
O42 - Logiciel: Cinergy T Stick MKII V9.06.3.01 - (.Pas de propriétaire.) [HKLM][64Bits] -- Cinergy T Stick MKII
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: FrostWire 4.21.3 - (.FrostWire Team.) [HKLM][64Bits] -- FrostWire
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: Internet Everywhere - (.Pas de propriétaire.) [HKLM][64Bits] -- {BEWINTERNET-FR-DMGP-V2}.UninstallSuite
O42 - Logiciel: Java(TM) 6 Update 23 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216023FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: K-Lite Codec Pack 6.6.6 (Basic) - (.Pas de propriétaire.) [HKLM][64Bits] -- KLiteCodecPack_is1
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{E64BA721-2310-4B55-BE5A-2925F9706192}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-040C-1000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0044-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Office 64-bit Components 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM][64Bits] -- {95140000-007A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- PROPLUS
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit - (.Microsoft Corporation.) [HKLM][64Bits] -- {95140000-007D-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {8220EEFE-38CD-377E-8595-13398D740ACE}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Mozilla Firefox (3.6.13) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox (3.6.13)
O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM][64Bits] -- NIS
O42 - Logiciel: PL-2303 USB-to-Serial - (.Pas de propriétaire.) [HKLM][64Bits] -- {ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}
O42 - Logiciel: Real Alternative 2.0.2 - (.Pas de propriétaire.) [HKLM][64Bits] -- RealAlt_is1
O42 - Logiciel: RealNetworks - Microsoft Visual C++ 2008 Runtime - (.RealNetworks, Inc.) [HKLM][64Bits] -- {7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM][64Bits] -- RealPlayer 12.0
O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM][64Bits] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
O42 - Logiciel: Revo Uninstaller 1.90 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller
O42 - Logiciel: SIM MAX - (.SIM MAX.) [HKLM][64Bits] -- {DAC0B889-5359-4FDC-893A-2B8EF6B71B6F}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2289158) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{210B16C0-CEBD-4DE9-B474-04A7E8735E16}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B23002DD-34EC-4988-B810-A5E2A0BF04F1}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer (KB2413381) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3DED0A62-44C8-4E00-A785-5212F297A9D9}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Sudoku V 3.0.2 - (.Olivier RAVET.) [HKLM][64Bits] -- Sudoku_is1
O42 - Logiciel: TerraTec Home Cinema - (.Pas de propriétaire.) [HKLM][64Bits] -- {63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2412171) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{752A0B7C-BD24-4362-AC86-AB63FEE6F46F}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2483110) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{592B47F5-D305-431A-9781-ED6CBB44FA8B}
O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}
O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM][64Bits] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {FE4BE0BD-1EDB-4D24-9614-847B3C472887}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {1B8ABA62-74F0-47ED-B18C-A43128E591B8}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM][64Bits] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM] -- {5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {DA54F80E-261C-41A2-A855-549A144F2F59}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM][64Bits] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM][64Bits] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}
O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM][64Bits] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {92EA4134-10D1-418A-91E1-5A0453131A38}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM][64Bits] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}
O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {DF6D988A-EEA0-4277-AAB8-158E086E439B}
O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}
O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {E02A6548-6FDE-40E2-8ED9-119D7D7E641F}
O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {5E2CD4FB-4538-4831-8176-05D653C3E6D4}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM][64Bits] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM][64Bits] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {09F56A49-A7B1-4AAB-95B9-D13094254AD1}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B9A92DA-6374-4872-B646-253F18624D5F}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM][64Bits] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
O42 - Logiciel: XnView 1.97.8 - (.Gougelet Pierre-e.) [HKLM][64Bits] -- XnView_is1
O42 - Logiciel: Yahoo! Messenger - (.Yahoo! Inc..) [HKLM][64Bits] -- Yahoo! Messenger
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {0C682623-8F66-46A8-B9B3-93FE1E66A001}
O42 - Logiciel: msvcrt_installer - (.SAH.) [HKLM][64Bits] -- {6068A42A-C1CF-45F2-9859-5DB16287FE5D}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\Acronis]
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\Eajygmgbvi]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lavalys]
[HKCU\Software\Lavasoft]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\SCATLAWS]
[HKCU\Software\SFR]
[HKCU\Software\Softonic]
[HKCU\Software\Symantec]
[HKCU\Software\TENCENT]
[HKCU\Software\TerraTec Electronic GmbH]
[HKCU\Software\TerraTec]
[HKCU\Software\Tific]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yahoo]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Acronis]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\GEAR Software]
[HKLM\Software\Intel]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\Wow6432Node]
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10/01/2011 - 20:58:58 ----D- C:\Program Files\Alwil Software
O43 - CFD: 13/12/2010 - 15:04:22 ----D- C:\Program Files\Bonjour
O43 - CFD: 05/12/2010 - 13:25:32 ----D- C:\Program Files\CCleaner
O43 - CFD: 20/01/2011 - 14:22:38 ----D- C:\Program Files\Common Files
O43 - CFD: 14/07/2009 - 16:35:28 ----D- C:\Program Files\DVD Maker
O43 - CFD: 16/11/2010 - 18:42:42 -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 09/12/2010 - 22:13:36 ----D- C:\Program Files\Internet Explorer
O43 - CFD: 04/01/2011 - 22:42:08 ----D- C:\Program Files\iPod
O43 - CFD: 04/01/2011 - 22:42:46 ----D- C:\Program Files\iTunes
O43 - CFD: 14/07/2009 - 16:35:26 ----D- C:\Program Files\Microsoft Games
O43 - CFD: 07/01/2011 - 21:20:32 ----D- C:\Program Files\Microsoft IntelliPoint
O43 - CFD: 07/01/2011 - 21:25:04 ----D- C:\Program Files\Microsoft IntelliType Pro
O43 - CFD: 13/12/2010 - 15:36:22 ----D- C:\Program Files\Microsoft Office
O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\MSBuild
O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 20/01/2011 - 14:22:40 ----D- C:\Program Files\Symantec
O43 - CFD: 17/11/2010 - 09:21:28 ----D- C:\Program Files\TerraTec
O43 - CFD: 14/07/2009 - 06:09:28 --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Defender
O43 - CFD: 14/07/2009 - 16:35:28 ----D- C:\Program Files\Windows Journal
O43 - CFD: 17/11/2010 - 11:47:10 ----D- C:\Program Files\Windows Live
O43 - CFD: 15/12/2010 - 01:32:30 ----D- C:\Program Files\Windows Mail
O43 - CFD: 17/11/2010 - 09:51:04 ----D- C:\Program Files\Windows Media Player
O43 - CFD: 16/11/2010 - 18:42:42 ----D- C:\Program Files\Windows NT
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 13/12/2010 - 15:04:34 ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 13/12/2010 - 15:36:22 ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 20/01/2011 - 14:22:38 ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Common Files\System
O43 - CFD: 16/11/2010 - 20:39:50 ----D- C:\ProgramData\#Short company name#
O43 - CFD: 16/12/2010 - 13:19:44 ----D- C:\ProgramData\2A337
O43 - CFD: 05/12/2010 - 22:14:38 ----D- C:\ProgramData\Acronis
O43 - CFD: 13/12/2010 - 07:25:58 ----D- C:\ProgramData\Adobe
O43 - CFD: 20/01/2011 - 20:15:20 ----D- C:\ProgramData\Alwil Software
O43 - CFD: 21/12/2010 - 18:41:06 ----D- C:\ProgramData\Apple
O43 - CFD: 13/12/2010 - 15:06:04 ----D- C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Application Data
O43 - CFD: 16/11/2010 - 18:42:42 -SH-D- C:\ProgramData\Bureau
O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Documents
O43 - CFD: 16/11/2010 - 18:42:42 -SH-D- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Favorites
O43 - CFD: 06/12/2010 - 19:40:04 ----D- C:\ProgramData\Google
O43 - CFD: 16/11/2010 - 18:31:40 ----D- C:\ProgramData\Hewlett-Packard
O43 - CFD: 10/01/2011 - 17:03:08 ----D- C:\ProgramData\Lavasoft
O43 - CFD: 12/12/2010 - 16:21:50 ----D- C:\ProgramData\McAfee
O43 - CFD: 16/11/2010 - 18:42:42 -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 22/12/2010 - 19:12:44 -S--D- C:\ProgramData\Microsoft
O43 - CFD: 20/01/2011 - 19:53:46 ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 16/11/2010 - 18:42:42 -SH-D- C:\ProgramData\Modèles
O43 - CFD: 20/01/2011 - 14:17:28 ----D- C:\ProgramData\Norton
O43 - CFD: 12/12/2010 - 09:45:52 ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 07/12/2010 - 13:49:10 ----D- C:\ProgramData\Real
O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 21/12/2010 - 17:57:30 ----D- C:\ProgramData\Sun
O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Templates
O43 - CFD: 05/12/2010 - 16:54:50 ----D- C:\ProgramData\TerraTec
O43 - CFD: 23/12/2010 - 06:08:42 ----D- C:\ProgramData\WindSolutions
O43 - CFD: 17/11/2010 - 12:23:20 ----D- C:\ProgramData\Yahoo!
O43 - CFD: 16/11/2010 - 20:39:50 ----D- C:\Users\jean claude\AppData\Roaming\#Short company name#
O43 - CFD: 05/12/2010 - 22:13:58 ----D- C:\Users\jean claude\AppData\Roaming\Acronis
O43 - CFD: 12/12/2010 - 16:26:52 ----D- C:\Users\jean claude\AppData\Roaming\Adobe
O43 - CFD: 21/12/2010 - 18:41:50 ----D- C:\Users\jean claude\AppData\Roaming\Apple Computer
O43 - CFD: 11/01/2011 - 11:29:52 ----D- C:\Users\jean claude\AppData\Roaming\FrostWire
O43 - CFD: 16/11/2010 - 18:43:08 ----D- C:\Users\jean claude\AppData\Roaming\Identities
O43 - CFD: 16/11/2010 - 19:54:28 ----D- C:\Users\jean claude\AppData\Roaming\Macromedia
O43 - CFD: 14/07/2009 - 16:35:06 ----D- C:\Users\jean claude\AppData\Roaming\Media Center Programs
O43 - CFD: 07/12/2010 - 12:02:50 ----D- C:\Users\jean claude\AppData\Roaming\Media Player Classic
O43 - CFD: 24/01/2011 - 20:31:50 -S--D- C:\Users\jean claude\AppData\Roaming\Microsoft
O43 - CFD: 15/12/2010 - 20:39:04 ----D- C:\Users\jean claude\AppData\Roaming\moovida-1
O43 - CFD: 15/12/2010 - 18:44:24 ----D- C:\Users\jean claude\AppData\Roaming\Mozilla
O43 - CFD: 07/12/2010 - 14:25:38 ----D- C:\Users\jean claude\AppData\Roaming\Real
O43 - CFD: 18/12/2010 - 19:59:18 ----D- C:\Users\jean claude\AppData\Roaming\SFR
O43 - CFD: 19/01/2011 - 11:33:16 -SH-D- C:\Users\jean claude\AppData\Roaming\SysWin
O43 - CFD: 06/12/2010 - 11:41:36 ----D- C:\Users\jean claude\AppData\Roaming\Tencent
O43 - CFD: 05/12/2010 - 16:40:44 ----D- C:\Users\jean claude\AppData\Roaming\TerraTec
O43 - CFD: 05/12/2010 - 12:34:24 ----D- C:\Users\jean claude\AppData\Roaming\Tific
O43 - CFD: 23/01/2011 - 11:43:48 ----D- C:\Users\jean claude\AppData\Roaming\vlc
O43 - CFD: 04/12/2010 - 17:08:40 ----D- C:\Users\jean claude\AppData\Roaming\Windows Live Writer
O43 - CFD: 23/12/2010 - 06:08:56 ----D- C:\Users\jean claude\AppData\Roaming\WindSolutions
O43 - CFD: 05/01/2011 - 12:18:08 ----D- C:\Users\jean claude\AppData\Roaming\WinRAR
O43 - CFD: 23/12/2010 - 14:41:50 ----D- C:\Users\jean claude\AppData\Roaming\XnView
O43 - CFD: 17/11/2010 - 02:59:50 ----D- C:\Users\jean claude\AppData\Roaming\Yahoo!
O43 - CFD: 05/12/2010 - 22:07:08 ----D- C:\Program Files (x86)\Acronis
O43 - CFD: 31/01/2011 - 12:05:48 ----D- C:\Program Files (x86)\Ad-Remover
O43 - CFD: 12/12/2010 - 16:24:26 ----D- C:\Program Files (x86)\Adobe
O43 - CFD: 13/12/2010 - 15:04:46 ----D- C:\Program Files (x86)\Apple Software Update
O43 - CFD: 16/11/2010 - 21:20:56 ----D- C:\Program Files (x86)\Bing Bar Installer
O43 - CFD: 13/12/2010 - 15:04:22 ----D- C:\Program Files (x86)\Bonjour
O43 - CFD: 20/01/2011 - 17:56:12 ----D- C:\Program Files (x86)\CardDetector
O43 - CFD: 20/01/2011 - 17:56:42 ----D- C:\Program Files (x86)\Common Files
O43 - CFD: 10/12/2010 - 10:00:38 ----D- C:\Program Files (x86)\Feedback Tool
O43 - CFD: 16/12/2010 - 10:59:38 ----D- C:\Program Files (x86)\Fluendo
O43 - CFD: 11/01/2011 - 10:47:02 ----D- C:\Program Files (x86)\FrostWire
O43 - CFD: 06/12/2010 - 19:40:04 ----D- C:\Program Files (x86)\Google
O43 - CFD: 19/12/2010 - 09:02:44 --H-D- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 09/12/2010 - 22:13:36 ----D- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 04/01/2011 - 22:42:44 ----D- C:\Program Files (x86)\iTunes
O43 - CFD: 21/12/2010 - 17:56:46 ----D- C:\Program Files (x86)\Java
O43 - CFD: 23/12/2010 - 06:18:36 ----D- C:\Program Files (x86)\K-Lite Codec Pack
O43 - CFD: 16/11/2010 - 21:11:42 ----D- C:\Program Files (x86)\Microsoft
O43 - CFD: 13/12/2010 - 15:38:22 ----D- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 13/12/2010 - 15:38:40 ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 12/12/2010 - 14:11:30 ----D- C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 16/11/2010 - 19:18:26 ----D- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 13/12/2010 - 10:02:52 ----D- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 16/11/2010 - 19:20:12 ----D- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 08/01/2011 - 12:52:30 ----D- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 10/12/2010 - 11:48:42 ----D- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7
O43 - CFD: 12/12/2010 - 14:11:46 ----D- C:\Program Files (x86)\MSBuild
O43 - CFD: 06/12/2010 - 12:30:56 ----D- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 20/01/2011 - 14:17:36 ----D- C:\Program Files (x86)\Norton Internet Security
O43 - CFD: 20/01/2011 - 14:16:22 ----D- C:\Program Files (x86)\NortonInstaller
O43 - CFD: 20/01/2011 - 17:58:08 ----D- C:\Program Files (x86)\Orange
O43 - CFD: 11/01/2011 - 10:42:54 ----D- C:\Program Files (x86)\QuickTime
O43 - CFD: 07/12/2010 - 14:25:20 ----D- C:\Program Files (x86)\Real
O43 - CFD: 07/12/2010 - 12:02:10 ----D- C:\Program Files (x86)\Real Alternative
O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 19/12/2010 - 09:01:30 ----D- C:\Program Files (x86)\SIM MAX
O43 - CFD: 16/11/2010 - 22:18:32 ----D- C:\Program Files (x86)\Sudoku
O43 - CFD: 05/12/2010 - 16:53:42 ----D- C:\Program Files (x86)\TerraTec
O43 - CFD: 14/07/2009 - 05:57:08 --H-D- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 17/11/2010 - 04:10:12 ----D- C:\Program Files (x86)\VideoLAN
O43 - CFD: 17/11/2010 - 12:20:22 ----D- C:\Program Files (x86)\VS Revo Group
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Defender
O43 - CFD: 17/11/2010 - 11:51:06 ----D- C:\Program Files (x86)\Windows Live
O43 - CFD: 15/12/2010 - 01:32:30 ----D- C:\Program Files (x86)\Windows Mail
O43 - CFD: 17/11/2010 - 09:51:04 ----D- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files (x86)\Windows NT
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 06:32:42 ----D- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 06/01/2011 - 06:42:30 ----D- C:\Program Files (x86)\WinRAR
O43 - CFD: 08/12/2010 - 16:23:06 ----D- C:\Program Files (x86)\XnView
O43 - CFD: 17/11/2010 - 15:09:34 ----D- C:\Program Files (x86)\Yahoo!
O43 - CFD: 31/01/2011 - 14:39:36 ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD: 13/12/2010 - 15:04:34 ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 13/12/2010 - 15:36:22 ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 20/01/2011 - 14:22:38 ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Common Files\System
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.0000000000000000000000005CEE1800] - 31/01/2011 - 14:37:52 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [2022992]
O44 - LFC:[MD5.65D51732E36A8E06F6049C2B181E0708] - 31/01/2011 - 12:30:12 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [14784]
O44 - LFC:[MD5.65D51732E36A8E06F6049C2B181E0708] - 31/01/2011 - 12:30:12 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [14784]
O44 - LFC:[MD5.9982DE5B241F4776F71698EB4D4FC7E9] - 31/01/2011 - 12:22:49 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [168]
O44 - LFC:[MD5.B8503D618FA43CDABE83751F64B8A7D7] - 31/01/2011 - 12:22:48 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.9991D7BFB1C8D772A9927C5729CE8D35] - 31/01/2011 - 12:20:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-CLEAN[3].txt [2595]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 31/01/2011 - 09:36:34 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.949C5929432D72D57E7899E12D7A0B5D] - 30/01/2011 - 20:19:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\PerfStringBackup.INI [1530874]
O44 - LFC:[MD5.75070E6F10FF56905E14C35885B93567] - 30/01/2011 - 20:19:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc009.dat [104370]
O44 - LFC:[MD5.14B46F70173CA69915E6568051566A43] - 30/01/2011 - 20:19:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc00C.dat [128478]
O44 - LFC:[MD5.1BB6F9D90C0900538190A65884920B2D] - 30/01/2011 - 20:19:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh009.dat [609092]
O44 - LFC:[MD5.8243AE763F78ECF59EE7F7C1E168916C] - 30/01/2011 - 20:19:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh00C.dat [696866]
O44 - LFC:[MD5.33C450681B282F1FBAC68B4D5790BBF8] - 10/01/2011 - 20:59:31 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\SysNative\aswBoot.exe [237168]
O44 - LFC:[MD5.E185BDA84E5F03F4E1D8DCA30E209277] - 10/01/2011 - 17:02:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\epplauncher.mif [1912]
O44 - LFC:[MD5.5EADE8F79F83EA1277F3C8C7192D46DB] - 10/01/2011 - 16:20:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\aaw7boot.log [14626]
O44 - LFC:[MD5.14AC67C7BA40FD54E18B3D5DA90C866C] - 08/01/2011 - 02:42:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\FNTCACHE.DAT [417952]
O44 - LFC:[MD5.AC0612BEB517CACF463E1F5EE76E52FD] - 07/01/2011 - 10:48:05 R--A- . (.GEAR Software Inc. - GEARAspi (x64).) -- C:\Windows\SysNative\GEARAspi64.dll [126312]
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Orange\IEWInternet\Connectivity\ConnectivityManager.exe" [Enabled] .(.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\Orange\IEWInternet\Connectivity\ConnectivityManager.exe
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{0e41bce7-0acf-11e0-b908-6cf049a82892}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- L:\SFR.exe (.not file.)
O51 - MPSK:{6a28203d-248a-11e0-a441-6cf049a82892}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\AutoRunCardDetector.exe (.not file.)
O51 - MPSK:{b27c3147-0ad8-11e0-beed-6cf049a82892}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- L:\SFR.exe (.not file.)
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
O53 - SMSR:HKLM\...\startupreg\AppleSyncNotifier [Key] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O53 - SMSR:HKLM\...\startupreg\BCSSync [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O53 - SMSR:HKLM\...\startupreg\IntelliPoint [Key] . (.Microsoft Corporation - IPoint.exe.) -- c:\Program Files\Microsoft IntelliPoint\ipoint.exe
O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O53 - SMSR:HKLM\
Re
parfois ca m'ouvre meme de pages x
alors que je ne l'ai pas demandé??
es ce que tu sais c'est quoi ce truc de TopPrix.Net
je n'ai jamais eu ca au par avant..
a plus
parfois ca m'ouvre meme de pages x
alors que je ne l'ai pas demandé??
es ce que tu sais c'est quoi ce truc de TopPrix.Net
je n'ai jamais eu ca au par avant..
a plus
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org
Version de la base de données: 5648
Windows 6.1.7600
Internet Explorer 9.0.7930.16406
31/01/2011 16:58:10
mbam-log-2011-01-31 (16-58-01).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 156138
Temps écoulé: 1 minute(s), 52 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> No action taken.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
c:\Users\jean claude\AppData\Roaming\SysWin (Trojan.Agent) -> No action taken.
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
www.malwarebytes.org
Version de la base de données: 5648
Windows 6.1.7600
Internet Explorer 9.0.7930.16406
31/01/2011 16:58:10
mbam-log-2011-01-31 (16-58-01).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 156138
Temps écoulé: 1 minute(s), 52 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> No action taken.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
c:\Users\jean claude\AppData\Roaming\SysWin (Trojan.Agent) -> No action taken.
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
supprime ce qui est trouvé et et remets ensuite un rapport Zhpdiag via cijoint et dis nous si tes soucis persistent
je viens d'essayer tout de suite
j'ai écrit c" c'est quoi gomeo "
et ca ma ouvert au moins 4 pages de porno..
impossible de les fermer il fallait que je quitte mozzilla
j'ai écrit c" c'est quoi gomeo "
et ca ma ouvert au moins 4 pages de porno..
impossible de les fermer il fallait que je quitte mozzilla
Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.
télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.
télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
Re::::
ComboFix 11-01-31.01 - jean claude 31/01/2011 19:25:05.1.2 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.3061.1926 [GMT 1:00]
Lancé depuis: c:\users\jean claude\Desktop\ComboFix.exe
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\jean claude\AppData\Roaming\Microsoft\Windows\Recent\Jailbreaker,Activer et Désimlocker le 4.2 et 4.2.1 du ....URL
c:\users\jean claude\AppData\Roaming\Mozilla\Firefox\Profiles\m7tta386.default\extensions\{56874561-ae47-4e13-ac1d-87a0bf8b06f1}
c:\users\jean claude\AppData\Roaming\Mozilla\Firefox\Profiles\m7tta386.default\extensions\{56874561-ae47-4e13-ac1d-87a0bf8b06f1}\chrome.manifest
c:\users\jean claude\AppData\Roaming\Mozilla\Firefox\Profiles\m7tta386.default\extensions\{56874561-ae47-4e13-ac1d-87a0bf8b06f1}\chrome\xulcache.jar
c:\users\jean claude\AppData\Roaming\Mozilla\Firefox\Profiles\m7tta386.default\extensions\{56874561-ae47-4e13-ac1d-87a0bf8b06f1}\defaults\preferences\xulcache.js
c:\users\jean claude\AppData\Roaming\Mozilla\Firefox\Profiles\m7tta386.default\extensions\{56874561-ae47-4e13-ac1d-87a0bf8b06f1}\install.rdf
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-12-28 au 2011-01-31 ))))))))))))))))))))))))))))))))))))
.
2011-01-31 18:30 . 2011-01-31 18:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-31 17:11 . 2011-01-31 17:11 90232 ----a-w- c:\windows\system32\drivers\SMR161.SYS
2011-01-31 17:11 . 2011-01-31 17:29 -------- d-----w- c:\users\jean claude\AppData\Local\NPE
2011-01-31 15:54 . 2011-01-31 15:54 -------- d-----w- c:\users\jean claude\AppData\Roaming\Malwarebytes
2011-01-31 15:54 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-01-31 15:54 . 2011-01-31 15:54 -------- d-----w- c:\programdata\Malwarebytes
2011-01-31 15:54 . 2011-01-31 17:09 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-01-31 15:54 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-31 11:05 . 2011-01-31 11:05 -------- d-----w- c:\program files (x86)\Ad-Remover
2011-01-31 10:10 . 2011-01-31 16:47 -------- d-----w- c:\program files (x86)\ZHPDiag
2011-01-23 12:08 . 2011-01-23 12:08 -------- d-----w- C:\Temp
2011-01-20 17:21 . 2010-10-16 05:17 720896 ----a-w- c:\windows\system32\odbc32.dll
2011-01-20 17:21 . 2010-10-16 05:16 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-01-20 17:21 . 2010-10-16 05:16 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-01-20 17:21 . 2010-10-16 05:16 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-01-20 17:21 . 2010-10-16 05:16 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-01-20 17:21 . 2010-10-16 04:34 573440 ----a-w- c:\windows\SysWow64\odbc32.dll
2011-01-20 17:21 . 2010-10-16 04:33 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll
2011-01-20 17:21 . 2010-10-16 04:33 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll
2011-01-20 17:21 . 2010-10-16 04:33 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2011-01-20 17:21 . 2010-10-16 04:33 208896 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll
2011-01-20 16:58 . 2011-01-20 16:58 -------- d-----w- c:\program files (x86)\Orange
2011-01-20 16:56 . 2011-01-31 16:23 -------- d-----w- c:\program files (x86)\Common Files\France Telecom
2011-01-20 16:56 . 2008-05-16 20:01 89088 ----a-w- c:\windows\SysWow64\atl71.dll
2011-01-20 16:56 . 2009-06-15 11:45 116864 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2011-01-20 16:56 . 2009-06-15 11:45 116224 ----a-w- c:\windows\system32\drivers\ewusbfake.sys
2011-01-20 13:22 . 2011-01-20 13:22 -------- d-----w- c:\program files\Symantec
2011-01-20 13:22 . 2011-01-20 13:22 174640 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2011-01-20 13:22 . 2011-01-20 13:22 -------- d-----w- c:\program files\Common Files\Symantec Shared
2011-01-20 13:17 . 2011-01-20 17:16 -------- d-----w- c:\windows\system32\drivers\NISx64
2011-01-20 13:17 . 2011-01-20 13:17 -------- d-----w- c:\program files (x86)\Norton Internet Security
2011-01-20 13:16 . 2011-01-20 13:16 -------- d-----w- c:\program files (x86)\NortonInstaller
2011-01-18 20:57 . 2010-11-16 11:01 8199504 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{67A7760C-8104-4396-82C3-96A16B3B370F}\mpengine.dll
2011-01-10 19:59 . 2010-12-31 20:06 237168 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-10 19:58 . 2011-01-20 19:15 -------- d-----w- c:\programdata\Alwil Software
2011-01-10 19:58 . 2011-01-10 19:58 -------- d-----w- c:\program files\Alwil Software
2011-01-08 11:54 . 2011-01-11 10:29 -------- d-----w- c:\users\jean claude\AppData\Roaming\FrostWire
2011-01-08 11:52 . 2011-01-11 09:47 -------- d-----w- c:\program files (x86)\FrostWire
2011-01-07 20:24 . 2011-01-07 20:25 -------- d-----w- c:\program files\Microsoft IntelliType Pro
2011-01-07 20:20 . 2011-01-07 20:20 -------- d-----w- c:\program files\Microsoft IntelliPoint
2011-01-07 09:48 . 2009-05-18 21:17 34152 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-01-07 09:48 . 2008-04-17 20:12 126312 ----a-r- c:\windows\system32\GEARAspi64.dll
2011-01-07 09:48 . 2008-04-17 20:12 107368 ----a-r- c:\windows\SysWow64\GEARAspi.dll
2011-01-04 21:42 . 2011-01-04 21:42 -------- d-----w- c:\program files\iPod
2011-01-04 21:42 . 2011-01-04 21:42 -------- d-----w- c:\program files\iTunes
2011-01-04 21:42 . 2011-01-04 21:42 -------- d-----w- c:\program files (x86)\iTunes
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-21 16:56 . 2010-12-21 16:57 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-12-20 20:24 . 2010-12-20 20:24 2724120 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2010-12-20 20:24 . 2010-12-20 20:24 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2010-12-20 20:23 . 2010-12-20 20:23 639296 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-12-19 08:01 . 2010-12-19 08:01 45056 ----a-r- c:\users\jean claude\AppData\Roaming\Microsoft\Installer\{DAC0B889-5359-4FDC-893A-2B8EF6B71B6F}\SIMEditor.exe_DAC0B88953594FDC893A2B8EF6B71B6F.exe
2010-12-07 13:24 . 2010-11-17 02:39 499712 ------w- c:\windows\SysWow64\msvcp71.dll
2010-12-07 13:24 . 2010-11-17 02:39 348160 ------w- c:\windows\SysWow64\msvcr71.dll
2010-12-06 10:40 . 2010-12-06 10:40 18760 ----a-w- c:\windows\SysWow64\QQVistaHelper.dll
2010-12-05 21:07 . 2010-12-05 21:07 279136 ----a-w- c:\windows\system32\drivers\afcdp.sys
2010-12-05 21:07 . 2010-12-05 21:07 1263200 ----a-w- c:\windows\system32\drivers\tdrpm273.sys
2010-12-05 21:07 . 2010-12-05 21:07 970336 ----a-w- c:\windows\system32\drivers\timntr.sys
2010-12-05 21:07 . 2010-12-05 21:07 277088 ----a-w- c:\windows\system32\drivers\snapman.sys
2010-12-05 20:34 . 2010-12-05 20:34 49752 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2010-11-17 12:35 . 2010-11-17 12:35 2724120 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2010-11-17 12:34 . 2010-11-17 12:34 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2010-11-17 12:34 . 2010-11-17 12:34 639296 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-11-09 03:55 . 2010-12-10 09:00 1502208 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-09 03:52 . 2010-12-10 09:00 2381824 ----a-w- c:\windows\system32\mshtml.tlb
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 4240760]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
R2 WMPNetworkSvc32;Service Partage réseau du Lecteur Windows Media ;c:\windows\system32\infocardapi32.exe [x]
R3 AF9035BDA;Cinergy T-Stick service;c:\windows\system32\DRIVERS\AF15BDA.sys [2009-10-02 514144]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [2009-06-15 116224]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-09-28 51712]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-17 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 SMR161;Symantec SMR Utility Service 1.6.1;c:\windows\System32\drivers\SMR161.SYS [2011-01-31 90232]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1205000.07D\SYMDS64.SYS [2010-10-21 450608]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1205000.07D\SYMEFA64.SYS [2010-11-18 802864]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [2010-12-05 1263200]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110114.001\BHDrvx64.sys [2010-11-23 953904]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110128.003\IDSvia64.sys [2010-11-09 476792]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1205000.07D\Ironx64.SYS [2010-11-16 171128]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1205000.07D\SYMNETS.SYS [2010-12-01 382072]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2010-12-05 3975088]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe [2010-11-24 130000]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2010-12-05 279136]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2010-07-07 51600]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-01-20 132656]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2010-07-21 45456]
.
--------- x86-64 -----------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Envoyer à OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\jean claude\AppData\Roaming\Mozilla\Firefox\Profiles\m7tta386.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.fr/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - igoogle
FF - prefs.js: keyword.URL - hxxp://search.imesh.com/web?src=ffb&systemid=1&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: Norton IPS: {BBDA0591-3099-440a-AA10-41764D9DB4DB} - c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn
FF - Ext: Norton Toolbar: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHELINS SUPPRIMES - - - -
Wow6432Node-HKLM-Run-BEWINTERNET-FR-DMGP-V2SessionManager - c:\program files (x86)\Orange\IEWInternet\SessionManager\SessionManager.exe
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.5.0.125\diMaster.dll\" /prefetch:1"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2011-01-31 19:32:32
ComboFix-quarantined-files.txt 2011-01-31 18:32
Avant-CF: 961 749 344 256 octets libres
Après-CF: 961 396 060 160 octets libres
- - End Of File - - 9809AD326751082C51C258F3D8651EB3
ComboFix 11-01-31.01 - jean claude 31/01/2011 19:25:05.1.2 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.3061.1926 [GMT 1:00]
Lancé depuis: c:\users\jean claude\Desktop\ComboFix.exe
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\jean claude\AppData\Roaming\Microsoft\Windows\Recent\Jailbreaker,Activer et Désimlocker le 4.2 et 4.2.1 du ....URL
c:\users\jean claude\AppData\Roaming\Mozilla\Firefox\Profiles\m7tta386.default\extensions\{56874561-ae47-4e13-ac1d-87a0bf8b06f1}
c:\users\jean claude\AppData\Roaming\Mozilla\Firefox\Profiles\m7tta386.default\extensions\{56874561-ae47-4e13-ac1d-87a0bf8b06f1}\chrome.manifest
c:\users\jean claude\AppData\Roaming\Mozilla\Firefox\Profiles\m7tta386.default\extensions\{56874561-ae47-4e13-ac1d-87a0bf8b06f1}\chrome\xulcache.jar
c:\users\jean claude\AppData\Roaming\Mozilla\Firefox\Profiles\m7tta386.default\extensions\{56874561-ae47-4e13-ac1d-87a0bf8b06f1}\defaults\preferences\xulcache.js
c:\users\jean claude\AppData\Roaming\Mozilla\Firefox\Profiles\m7tta386.default\extensions\{56874561-ae47-4e13-ac1d-87a0bf8b06f1}\install.rdf
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-12-28 au 2011-01-31 ))))))))))))))))))))))))))))))))))))
.
2011-01-31 18:30 . 2011-01-31 18:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-31 17:11 . 2011-01-31 17:11 90232 ----a-w- c:\windows\system32\drivers\SMR161.SYS
2011-01-31 17:11 . 2011-01-31 17:29 -------- d-----w- c:\users\jean claude\AppData\Local\NPE
2011-01-31 15:54 . 2011-01-31 15:54 -------- d-----w- c:\users\jean claude\AppData\Roaming\Malwarebytes
2011-01-31 15:54 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-01-31 15:54 . 2011-01-31 15:54 -------- d-----w- c:\programdata\Malwarebytes
2011-01-31 15:54 . 2011-01-31 17:09 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-01-31 15:54 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-31 11:05 . 2011-01-31 11:05 -------- d-----w- c:\program files (x86)\Ad-Remover
2011-01-31 10:10 . 2011-01-31 16:47 -------- d-----w- c:\program files (x86)\ZHPDiag
2011-01-23 12:08 . 2011-01-23 12:08 -------- d-----w- C:\Temp
2011-01-20 17:21 . 2010-10-16 05:17 720896 ----a-w- c:\windows\system32\odbc32.dll
2011-01-20 17:21 . 2010-10-16 05:16 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-01-20 17:21 . 2010-10-16 05:16 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-01-20 17:21 . 2010-10-16 05:16 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-01-20 17:21 . 2010-10-16 05:16 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-01-20 17:21 . 2010-10-16 04:34 573440 ----a-w- c:\windows\SysWow64\odbc32.dll
2011-01-20 17:21 . 2010-10-16 04:33 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll
2011-01-20 17:21 . 2010-10-16 04:33 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll
2011-01-20 17:21 . 2010-10-16 04:33 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2011-01-20 17:21 . 2010-10-16 04:33 208896 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll
2011-01-20 16:58 . 2011-01-20 16:58 -------- d-----w- c:\program files (x86)\Orange
2011-01-20 16:56 . 2011-01-31 16:23 -------- d-----w- c:\program files (x86)\Common Files\France Telecom
2011-01-20 16:56 . 2008-05-16 20:01 89088 ----a-w- c:\windows\SysWow64\atl71.dll
2011-01-20 16:56 . 2009-06-15 11:45 116864 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2011-01-20 16:56 . 2009-06-15 11:45 116224 ----a-w- c:\windows\system32\drivers\ewusbfake.sys
2011-01-20 13:22 . 2011-01-20 13:22 -------- d-----w- c:\program files\Symantec
2011-01-20 13:22 . 2011-01-20 13:22 174640 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2011-01-20 13:22 . 2011-01-20 13:22 -------- d-----w- c:\program files\Common Files\Symantec Shared
2011-01-20 13:17 . 2011-01-20 17:16 -------- d-----w- c:\windows\system32\drivers\NISx64
2011-01-20 13:17 . 2011-01-20 13:17 -------- d-----w- c:\program files (x86)\Norton Internet Security
2011-01-20 13:16 . 2011-01-20 13:16 -------- d-----w- c:\program files (x86)\NortonInstaller
2011-01-18 20:57 . 2010-11-16 11:01 8199504 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{67A7760C-8104-4396-82C3-96A16B3B370F}\mpengine.dll
2011-01-10 19:59 . 2010-12-31 20:06 237168 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-10 19:58 . 2011-01-20 19:15 -------- d-----w- c:\programdata\Alwil Software
2011-01-10 19:58 . 2011-01-10 19:58 -------- d-----w- c:\program files\Alwil Software
2011-01-08 11:54 . 2011-01-11 10:29 -------- d-----w- c:\users\jean claude\AppData\Roaming\FrostWire
2011-01-08 11:52 . 2011-01-11 09:47 -------- d-----w- c:\program files (x86)\FrostWire
2011-01-07 20:24 . 2011-01-07 20:25 -------- d-----w- c:\program files\Microsoft IntelliType Pro
2011-01-07 20:20 . 2011-01-07 20:20 -------- d-----w- c:\program files\Microsoft IntelliPoint
2011-01-07 09:48 . 2009-05-18 21:17 34152 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-01-07 09:48 . 2008-04-17 20:12 126312 ----a-r- c:\windows\system32\GEARAspi64.dll
2011-01-07 09:48 . 2008-04-17 20:12 107368 ----a-r- c:\windows\SysWow64\GEARAspi.dll
2011-01-04 21:42 . 2011-01-04 21:42 -------- d-----w- c:\program files\iPod
2011-01-04 21:42 . 2011-01-04 21:42 -------- d-----w- c:\program files\iTunes
2011-01-04 21:42 . 2011-01-04 21:42 -------- d-----w- c:\program files (x86)\iTunes
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-21 16:56 . 2010-12-21 16:57 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-12-20 20:24 . 2010-12-20 20:24 2724120 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2010-12-20 20:24 . 2010-12-20 20:24 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2010-12-20 20:23 . 2010-12-20 20:23 639296 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-12-19 08:01 . 2010-12-19 08:01 45056 ----a-r- c:\users\jean claude\AppData\Roaming\Microsoft\Installer\{DAC0B889-5359-4FDC-893A-2B8EF6B71B6F}\SIMEditor.exe_DAC0B88953594FDC893A2B8EF6B71B6F.exe
2010-12-07 13:24 . 2010-11-17 02:39 499712 ------w- c:\windows\SysWow64\msvcp71.dll
2010-12-07 13:24 . 2010-11-17 02:39 348160 ------w- c:\windows\SysWow64\msvcr71.dll
2010-12-06 10:40 . 2010-12-06 10:40 18760 ----a-w- c:\windows\SysWow64\QQVistaHelper.dll
2010-12-05 21:07 . 2010-12-05 21:07 279136 ----a-w- c:\windows\system32\drivers\afcdp.sys
2010-12-05 21:07 . 2010-12-05 21:07 1263200 ----a-w- c:\windows\system32\drivers\tdrpm273.sys
2010-12-05 21:07 . 2010-12-05 21:07 970336 ----a-w- c:\windows\system32\drivers\timntr.sys
2010-12-05 21:07 . 2010-12-05 21:07 277088 ----a-w- c:\windows\system32\drivers\snapman.sys
2010-12-05 20:34 . 2010-12-05 20:34 49752 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2010-11-17 12:35 . 2010-11-17 12:35 2724120 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2010-11-17 12:34 . 2010-11-17 12:34 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2010-11-17 12:34 . 2010-11-17 12:34 639296 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-11-09 03:55 . 2010-12-10 09:00 1502208 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-09 03:52 . 2010-12-10 09:00 2381824 ----a-w- c:\windows\system32\mshtml.tlb
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 4240760]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
R2 WMPNetworkSvc32;Service Partage réseau du Lecteur Windows Media ;c:\windows\system32\infocardapi32.exe [x]
R3 AF9035BDA;Cinergy T-Stick service;c:\windows\system32\DRIVERS\AF15BDA.sys [2009-10-02 514144]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [2009-06-15 116224]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-09-28 51712]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-17 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 SMR161;Symantec SMR Utility Service 1.6.1;c:\windows\System32\drivers\SMR161.SYS [2011-01-31 90232]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1205000.07D\SYMDS64.SYS [2010-10-21 450608]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1205000.07D\SYMEFA64.SYS [2010-11-18 802864]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [2010-12-05 1263200]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110114.001\BHDrvx64.sys [2010-11-23 953904]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110128.003\IDSvia64.sys [2010-11-09 476792]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1205000.07D\Ironx64.SYS [2010-11-16 171128]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1205000.07D\SYMNETS.SYS [2010-12-01 382072]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2010-12-05 3975088]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe [2010-11-24 130000]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2010-12-05 279136]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2010-07-07 51600]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-01-20 132656]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2010-07-21 45456]
.
--------- x86-64 -----------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Envoyer à OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\jean claude\AppData\Roaming\Mozilla\Firefox\Profiles\m7tta386.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.fr/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - igoogle
FF - prefs.js: keyword.URL - hxxp://search.imesh.com/web?src=ffb&systemid=1&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: Norton IPS: {BBDA0591-3099-440a-AA10-41764D9DB4DB} - c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn
FF - Ext: Norton Toolbar: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHELINS SUPPRIMES - - - -
Wow6432Node-HKLM-Run-BEWINTERNET-FR-DMGP-V2SessionManager - c:\program files (x86)\Orange\IEWInternet\SessionManager\SessionManager.exe
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.5.0.125\diMaster.dll\" /prefetch:1"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2011-01-31 19:32:32
ComboFix-quarantined-files.txt 2011-01-31 18:32
Avant-CF: 961 749 344 256 octets libres
Après-CF: 961 396 060 160 octets libres
- - End Of File - - 9809AD326751082C51C258F3D8651EB3
