Virus impossible àsupprimerGen:Packed.FakeAV2

humoristik -
Lesplusbeauxdictons Messages postés 402 Statut Membre - 18 févr. 2012 à 19:00

Bonjour, , je sollicite votre aide car je suis face à un problème que je ne suis pas capable de résoudre seul malgré une recherche relativement longue sur le net. Après une analyse antivirus complète , mon logiciel ( Bitdefender) m'annonce que je suis infécté par une menace affectant un objet , je ne m'inquiète pas outre mesure et je lui demande de supprimer le logiciel malveillant ...nada , j'essaye de le mettre en quarantaine , impossible , et je me retrouve obligé d'ignorer la menace.. Le nom de la menace detécté c'est Gen:packed.FakeAV2 et ça infeste quelquechose appellé mon Master
Boot Record( Embedded EXE g) , et ça n'a pas l'air bon du tout , d'après ce que j'ai compris , c'est un trojan , auriez vous une solution pour le supprimer , cela m'inquiète beaucoup , je détèste l'idée qu'un logiciel espion puisse ralentir mon PC ou pire , envoyer des infos à mon inssu à je ne sais qui.... Si vous pouviez m'aider , ce serait franchement sympa merci ^^

Afficher la suite

A voir également:

Virus impossible àsupprimerGen:Packed.FakeAV2
Virus mcafee - Accueil - Piratage
Virus facebook demande d'amis - Accueil - Facebook
Undisclosed-recipients virus - Guide
Impossible de terminer l'opération car le fichier contient un virus - Forum Virus
Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares

26 réponses

Précédent

1
2

Réponse 21 / 26

humoristik Messages postés 9 Statut Membre

Voici le compte rendu d'AD remover , g eu un problème à un moment ac , lors du scan , alors qu'internet était coupé j'ai eu plein de fenêtres à s'ouvrir en même temps ( mais vraiment plein genre une centaine) , bref avoir tout éteint et ralumé voici ce que cela donne!
Dossier trouvé: C:\Users\guyot\AppData\LocalLow\PriceGong

Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit
Clé trouvée: HKCU\Software\AppDataLow\Software\PriceGong

============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [3.6.16 (fr)] ****

Extensions\toolbar@iadah.com (Toolbar Iadah)
Extensions\{1f3641dc-5372-aca9-3a4f-5261b01f4b28} (z)
Extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} (Skype extension )
HKLM_Extensions|FFToolbar@bitdefender.com - C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\

-- C:\Users\guyot\AppData\Roaming\Mozilla\FireFox\Profiles\47wehyg8.default --
Extensions\ChoiceGuard@Microsoft (Microsoft Choice Guard)
Extensions\toolbar@iadah.com (?)
Extensions\{364d4e0c-543f-4b85-abe3-19551139da4f} (Softonic_France Toolbar)
Extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} (?)
Searchplugins\iadah.xml (<SearchPlugin xmlns=hxxp://www.mozilla.org/2006/browser/search/<ShortNameiadah</ShortName <Descriptioniadah</Desc...)
Searchplugins\Search.xml (?)
Prefs.js - browser.download.lastDir, C:\\Users\\guyot\\Desktop\\Harmonica
Prefs.js - browser.search.defaultenginename, Bing
Prefs.js - browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q=
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, www.google.fr
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.16
Prefs.js - keyword.URL, hxxp://www.bing.com/search?FORM=IEFM1&q=

-- C:\Users\Utilisateur\AppData\Roaming\Mozilla\FireFox\Profiles\yg1on3rh.default --
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.8

========================================

**** Internet Explorer Version [8.0.7601.17514] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://www.menara.ma/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{4daac69c-cba7-45e2-9bc8-1044483d3352} - "Softonic_France Toolbar" (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKLM_URLSearchHooks|{4daac69c-cba7-45e2-9bc8-1044483d3352} - "Softonic_France Toolbar" (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKCU_SearchScopes\{46436164-1AAB-4929-891C-951479DDBEA6} - "Search" (hxxp://www.dymasearch.com/search.php?src=tops&q={SearchTerms})
HKCU_SearchScopes\{f3d17ef2-8118-4fa3-afea-bb2e18a69054} - "iadah" (hxxp://www.iadah.com/web?search&q={searchTerms})
HKCU_Toolbar\WebBrowser|{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKLM_Toolbar|{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39} (C:\Program Files (x86)\DevNet\Toolbar\DevNet.dll)
HKLM_Toolbar|{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files (x86)\MSN Toolbar\01.01.2607.0\fr\msntb.dll)
HKLM_Toolbar|{4daac69c-cba7-45e2-9bc8-1044483d3352} (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKLM_Toolbar|{381FFDE8-2394-4F90-B10D-FC6124A40F8C} (C:\Program Files\BitDefender\BitDefender 2011\Antispam32\IEToolbar.dll)
HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} ("C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll") (x)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{43023B0B-C598-4935-808C-990E0C700723} - C:\Program Files (x86)\DevNet\Toolbar\DevNetUpdater.exe (DevNet)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{80B84A0A-EDA4-47FD-8BE1-6B49F4197BE6} - C:\Program Files\BitDefender\BitDefender 2011\Antispam32\about.exe\about.ex (x)
HKLM_ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} - C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
BHO\{4daac69c-cba7-45e2-9bc8-1044483d3352} - "Softonic_France Toolbar" (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
BHO\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "Bing Bar Helper" ("C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll") (x)
BHO\{fe363091-3856-4de7-c473-15f3244128f8} (?)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 33 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 17 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 04/04/2011 15:48:44 (6185 Octet(s))
C:\Ad-Report-SCAN[1].txt - 04/04/2011 17:29:58 (5479 Octet(s))
C:\Ad-Report-SCAN[2].txt - 04/04/2011 19:04:39 (5717 Octet(s))
C:\Ad-Report-SCAN[3].txt - 04/04/2011 19:13:31 (5644 Octet(s))

Fin à: 19:14:14, 04/04/2011

humoristik Messages postés 9 Statut Membre

Je n'arrive toujours pas à envoyer le compte rendu via le site donné , cette fois on me dit

Parse error: syntax error, unexpected '{' in /home/www/pjjoint.malekal.com/uploader.php on line 86

Comment puis je faire ? il n'ya pas moyen de le mettre directement ici ? ( peut être que ça va prendre trop de place après ...)

moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274

utilises http://www.cijoint.fr/

Réponse 22 / 26

humoristik Messages postés 9 Statut Membre

Malheureusement ça me remet le message comme quoi les extensions ne sont pas comprises... , je le poste en tant que tel donc , vu que ça ne marche tjrs pas :

Rapport de ZHPDiag v1.27.1849 par Nicolas Coolman, Update du 31/03/2011
Run by guyot at 04/04/2011 19:18:52
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

---\\ Web Browser
MSIE: Internet Explorer v8.0.7601.17514 (Defaut)
MFIE: Mozilla Firefox v3.6.16 (fr)

---\\ System Information
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Processor: Intel64 Family 6 Model 30 Stepping 5, GenuineIntel
Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4087 MB (14% free)
System Restore: Activé (Enable)
System drive C: has 814 GB (87%) free of 931 GB

---\\ Logged in mode
Computer Name: GUYOT-PC
User Name: guyot
All Users Names: Utilisateur, guyot, ASPNET, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=C:\Users\guyot\AppData\Roaming
%LocalAppData%=C:\Users\guyot\AppData\Local
%StartMenu%=C:\Users\guyot\AppData\Roaming\Microsoft\Windows\Start Menu

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 814 Go of 931 Go)
D:\ CD-ROM drive (Free 0 Go of 6 Go)

---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

---\\ Recherche particulière de fichiers génériques
[MD5.AC4C51EB24AA95B77F705AB159189E24] - (.Microsoft Corporation - Explorateur Windows.) (.20/11/2010 14:24:45.) -- C:\Windows\Explorer.exe [2872320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.44214C94911C7CFB1D52CB64D5E8368D] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.20/11/2010 13:21:36.) -- C:\Windows\System32\wininet.dll [980992]

---\\ Processus lancés
[MD5.DC77A655C2ED2AC12C65C4317223EE88] - (...) -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe [11852288]
[MD5.390679F7A217A5E73D756276C40AE887] - (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480]
[MD5.DF5CF18A5D452A1634CED071C82834DE] - (.The Privoxy team - www.privoxy.org - Privoxy.) -- C:\Program Files (x86)\Vidalia Bundle\Privoxy\privoxy.exe [250368]
[MD5.37C4DAB6A5A44772EDE770C63B4BF602] - (...) -- C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe [4591810]
[MD5.C613E69C3B191BB02C7A191741A1D024] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [673040]
[MD5.88C44CA9A052AEAEC0C91A57CE5AB41A] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe [304304]
[MD5.0F3FA9FDB976C567EC0491685CF4FDF7] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [912344]
[MD5.3AFF6B10C34CB8EAA6D6D5AA55193571] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [16856]
[MD5.42A8D7674CC494E73930C69D4987C49F] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [642048]

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [guyot] -- C:\Users\guyot\AppData\Roaming\Mozilla\Firefox\Profiles\47wehyg8.default\searchplugins\bing.xml
M3 - MFPP: Plugins - [guyot] -- C:\Users\guyot\AppData\Roaming\Mozilla\Firefox\Profiles\47wehyg8.default\searchplugins\iadah.xml
M3 - MFPP: Plugins - [guyot] -- C:\Users\guyot\AppData\Roaming\Mozilla\Firefox\Profiles\47wehyg8.default\searchplugins\Search.xml
M0 - MFSP: prefs.js [guyot - 47wehyg8.default] www.google.fr
M2 - MFEP: prefs.js [guyot - 47wehyg8.default\ChoiceGuard@Microsoft] [] Microsoft Choice Guard v2.0 (.Microsoft.)
M2 - MFEP: prefs.js [guyot - 47wehyg8.default\{364d4e0c-543f-4b85-abe3-19551139da4f}] [] Softonic_France Toolbar v2.7.1.3 (.Conduit Ltd..)

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.menara.ma/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKUS\S-1-5-21-83055815-1293926308-999991864-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.menara.ma/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll
R3 - URLSearchHook: Softonic_France Toolbar [64Bits] - {4daac69c-cba7-45e2-9bc8-1044483d3352} . (.Conduit Ltd. - Conduit Toolbar.) (5, 7, 2, 2) -- C:\Program Files (x86)\Softonic_France\tbSoft.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: BitDefender Toolbar [64Bits] - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} . (.BitDefender S.R.L. - BitDefender Antiphishing Toolbar.) -- C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll
O3 - Toolbar: Google Toolbar [64Bits] - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] . (.BitDefender S.R.L. - IEShow Application.) -- C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe
O4 - HKLM\..\Run: [BDAgent] . (.BitDefender S.R.L. - BitDefender Agent.) -- C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
O4 - HKCU\..\Run: [ares] . (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe
O4 - HKCU\..\Run: [EA Core] . (.Electronic Arts - EA Download Manager.) -- C:\Program Files (x86)\Electronic Arts\EADM\Core.exe
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam.) -- c:\program files (x86)\steam\steam.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [Vidalia] . (...) -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKLM\..\Wow6432Node\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
O4 - HKLM\..\Wow6432Node\Run: [adiras] . (.Pas de propriétaire - ADI RAS setup Application.) -- C:\Windows\adirasx64.exe
O4 - HKLM\..\Wow6432Node\Run: [ATICustomerCare] . (.Advanced Micro Devices, Inc. - ATI Customer Care.) -- C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Wow6432Node\Run: [BitDefender Antiphishing Helper] . (.BitDefender S.R.L. - IEShow Application.) -- C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKUS\S-1-5-21-83055815-1293926308-999991864-1001\..\Run: [ares] . (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe
O4 - HKUS\S-1-5-21-83055815-1293926308-999991864-1001\..\Run: [EA Core] . (.Electronic Arts - EA Download Manager.) -- C:\Program Files (x86)\Electronic Arts\EADM\Core.exe
O4 - HKUS\S-1-5-21-83055815-1293926308-999991864-1001\..\Run: [Steam] . (.Valve Corporation - Steam.) -- c:\program files (x86)\steam\steam.exe
O4 - HKUS\S-1-5-21-83055815-1293926308-999991864-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-83055815-1293926308-999991864-1001\..\Run: [MsnMsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-83055815-1293926308-999991864-1001\..\Run: [Vidalia] . (...) -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe
O4 - HKUS\S-1-5-21-83055815-1293926308-999991864-1001\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Privoxy.lnk . (.The Privoxy team - www.privoxy.org.) -- C:\Program Files (x86)\Vidalia Bundle\Privoxy\privoxy.exe
O4 - Global Startup: C:\Users\guyot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk . (...) -- C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: C:\Users\guyot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk . (.Xfire Inc..) -- C:\Program Files (x86)\Xfire\Xfire.exe

---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\guyot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\guyot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\guyot\Desktop\AD-R.lnk . (...) -- C:\Program Files (x86)\Ad-Remover\main.exe
O4 - Global Startup: C:\Users\guyot\Desktop\Ares.lnk . (.Ares Development Group.) -- C:\Program Files (x86)\Ares\Ares.exe
O4 - Global Startup: C:\Users\guyot\Desktop\BioShock.lnk - Clé orpheline
O4 - Global Startup: C:\Users\guyot\Desktop\Blender.lnk . (...) -- C:\Program Files (x86)\Blender Foundation\Blender\blender.exe
O4 - Global Startup: C:\Users\guyot\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files (x86)\CCleaner\CCleaner.exe
O4 - Global Startup: C:\Users\guyot\Desktop\Desktop.lnk . (...) -- C:\Users\guyot\Desktop
O4 - Global Startup: C:\Users\guyot\Desktop\Désinstaller Star Wars Battlefront II.lnk . (...) -- C:\Program Files (x86)\LucasArts\Star Wars Battlefront II\Install\uninst.exe
O4 - Global Startup: C:\Users\guyot\Desktop\Flyff.lnk . (...) -- C:\Program Files (x86)\gPotato.eu\FLYFF\Flyff.exe
O4 - Global Startup: C:\Users\guyot\Desktop\GameSpy Arcade.lnk . (.IGN Entertainment, Inc..) -- C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
O4 - Global Startup: C:\Users\guyot\Desktop\Images - Raccourci.lnk . (...) -- C:\Users\guyot\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms
O4 - Global Startup: C:\Users\guyot\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\guyot\Desktop\IZArc.lnk . (...) -- C:\Program Files (x86)\IZArc\IZArc.exe
O4 - Global Startup: C:\Users\guyot\Desktop\Jouer à Dark Messiah Of Might and Magic en multijoueur.lnk . (.Valve Corporation.) -- C:\Program Files (x86)\Steam\Steam.exe
O4 - Global Startup: C:\Users\guyot\Desktop\Jouez à Dark Messiah of Might and Magic en solo.lnk . (...) -- C:\Users\guyot\AppData\Roaming\Ubisoft\Dark Messiah of Might and Magic\mm.exe
O4 - Global Startup: C:\Users\guyot\Desktop\OpenOffice.org Writer.lnk . (.OpenOffice.org.) -- C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe
O4 - Global Startup: C:\Users\guyot\Desktop\Ordinateur - Raccourci.lnk - Clé orpheline
O4 - Global Startup: C:\Users\guyot\Desktop\Project64 1.6.lnk . (...) -- C:\Program Files (x86)\Project64 1.6\Project64.exe
O4 - Global Startup: C:\Users\guyot\Desktop\Skype.lnk . (...) -- C:\Windows\Installer\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}\SkypeIcon.exe
O4 - Global Startup: C:\Users\guyot\Desktop\sources texture_fichiers - Raccourci.lnk . (...) -- C:\Users\guyot\Documents\sources texture_fichiers
O4 - Global Startup: C:\Users\guyot\Desktop\SPORE(TM) - Raccourci.lnk - Clé orpheline
O4 - Global Startup: C:\Users\guyot\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
O4 - Global Startup: C:\Users\guyot\Desktop\The Elder Scrolls Construction Set.lnk . (.Bethesda Softworks.) -- C:\Program Files (x86)\Bethesda Softworks\Morrowind\TES Construction Set.exe
O4 - Global Startup: C:\Users\guyot\Desktop\tuxguitar.lnk . (...) -- C:\Program Files (x86)\TuxGuitar-Jet\tuxguitar.exe
O4 - Global Startup: C:\Users\guyot\Desktop\Windows Explorer.lnk . (.Microsoft Corporation.) -- C:\Windows\explorer.exe
O4 - Global Startup: C:\Users\guyot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk . (.IGN Entertainment, Inc..) -- C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
O4 - Global Startup: C:\Users\guyot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GetYourSoft.lnk - Clé orpheline
O4 - Global Startup: C:\Users\guyot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IZArc.lnk . (...) -- C:\Program Files (x86)\IZArc\IZArc.exe
O4 - Global Startup: C:\Users\guyot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\guyot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\guyot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
O4 - Global Startup: C:\Users\guyot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Xfire.lnk . (.Xfire Inc..) -- C:\Program Files (x86)\Xfire\Xfire.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{65470EC2-0621-458E-BD09-2C920D9C8DCD}: NameServer = 81.253.149.9 80.10.246.132
O17 - HKLM\System\CS1\Services\Tcpip\..\{65470EC2-0621-458E-BD09-2C920D9C8DCD}: NameServer = 81.253.149.9 80.10.246.132

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\system32\webcheck.dll

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: C:\Windows\system32\Alg.exe (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe
O23 - Service: Service d'état ASP.NET (aspnet_state) . (...) - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
O23 - Service: (Creative Audio Engine Licensing Service) . (.Creative Labs - System Level Service Utility.) - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: (maconfservice) . (.CybelSoft - Service de détection matériel.) - C:\Program Files (x86)\ma-config.com\maconfservice.exe
O23 - Service: (npggsvc) . (.INCA Internet Co., Ltd. - nProtect Game Monitor Rev 1561.) - C:\Windows\system32\GameMon.des
O23 - Service: (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
O23 - Service: (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: (Steam Client Service) . (.Valve Corporation - Steam Client Service (buildbot_buildbot_ste.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: (Update Server) . (.BitDefender - Bitdefender Web Server.) - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: (Updatesrv) . (.BitDefender S.R.L. - BitDefender Update Service.) - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
O23 - Service: (VSSERV) . (.BitDefender S.R.L. - BitDefender Security Service.) - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
O23 - Service: (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe

---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.38088C425259983CA8AA4CF4585A6C1B] [APT] [{02E7D06A-5834-4342-9C30-1F2314C8CD67}] (.Sony DADC Austria AG.) -- C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe
[MD5.6209AAF0C2E09E026AEF59D94E00D2C9] [APT] [{03C7F74A-1A94-4C15-B714-E722A6A40D94}] (.Bethesda Softworks.) -- C:\Program Files (x86)\Bethesda Softworks\Morrowind\Morrowind Launcher.exe
[MD5.6209AAF0C2E09E026AEF59D94E00D2C9] [APT] [{04147538-6D7E-4E2A-8A10-D26286A66DA7}] (.Bethesda Softworks.) -- C:\Program Files (x86)\Bethesda Softworks\Morrowind\Morrowind Launcher.exe
[MD5.1330C90FCADEA583A0166B6752F05AD8] [APT] [{0B60AF51-573A-463D-B891-43E8B5D40348}] (.Pas de propriétaire.) -- C:\Program Files (x86)\LucasArts\Star Wars Battlefront II\LaunchBFII.exe
[MD5.1AA23094CE90784854FB1F25BE645AFA] [APT] [{0D29B7C1-5063-42DE-91FC-667299C98776}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
[MD5.6209AAF0C2E09E026AEF59D94E00D2C9] [APT] [{0F1238EE-2A7E-4863-80B8-529F7B1F2A8B}] (.Bethesda Softworks.) -- C:\Program Files (x86)\Bethesda Softworks\Morrowind\Morrowind Launcher.exe
[MD5.6209AAF0C2E09E026AEF59D94E00D2C9] [APT] [{11656030-6CAE-4544-B117-F555424ED44C}] (.Bethesda Softworks.) -- C:\Program Files (x86)\Bethesda Softworks\Morrowind\Morrowind Launcher.exe
[MD5.6209AAF0C2E09E026AEF59D94E00D2C9] [APT] [{170B0962-5E3F-4B4A-B0A9-E70EF7B81382}] (.Bethesda Softworks.) -- C:\Program Files (x86)\Bethesda Softworks\Morrowind\Morrowind Launcher.exe
[MD5.5AFB69549DEC47D0B2DCA865B9B7131F] [APT] [{204EB306-6025-4079-AE6F-B033202F9835}] (.Maxis, a division of Electronic Arts Inc..) -- C:\Program Files (x86)\EA GAMES\Les Sims 2\TSBin\Sims2.exe
[MD5.00000000000000000000000000000000] [APT] [{2808F495-707C-44E5-9F5B-D05293C5C60A}] (.Pas de propriétaire.) -- C:\Users\guyot\Desktop\Crack Proper.SKIDROW.JC2_up_by_stiu\JustCause2.exe (.not file.)
[MD5.6209AAF0C2E09E026AEF59D94E00D2C9] [APT] [{2ECF2D17-DEC4-4C48-9F6C-E547DE1E6DAA}] (.Bethesda Softworks.) -- C:\Program Files (x86)\Bethesda Softworks\Morrowind\Morrowind Launcher.exe
[MD5.6209AAF0C2E09E026AEF59D94E00D2C9] [APT] [{347C3B35-BB25-46DF-ABCA-6321BD872962}] (.Bethesda Softworks.) -- C:\Program Files (x86)\Bethesda Softworks\Morrowind\Morrowind Launcher.exe
[MD5.6209AAF0C2E09E026AEF59D94E00D2C9] [APT] [{3B697B9A-AAA2-4BE5-ADDA-2FFD83DE1634}] (.Bethesda Softworks.) -- C:\Program Files (x86)\Bethesda Softworks\Morrowind\Morrowind Launcher.exe
[MD5.00000000000000000000000000000000] [APT] [{4AE989DF-F111-47F9-9AE8-C95A82095583}] (.Pas de propriétaire.) -- C:\Users\guyot\Desktop\Crack Proper.SKIDROW.JC2_up_by_stiu\JustCause2.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{50FFD387-D571-4E96-A151-A64B6CF52036}] (.Pas de propriétaire.) -- C:\Users\guyot\Desktop\Morrowind.exe (.not file.)
[MD5.6209AAF0C2E09E026AEF59D94E00D2C9] [APT] [{51B89439-0BAB-4351-B49D-879D8CAF19BF}] (.Bethesda Softworks.) -- C:\Program Files (x86)\Bethesda Softworks\Morrowind\Morrowind Launcher.exe
[MD5.1330C90FCADEA583A0166B6752F05AD8] [APT] [{540B37F4-0697-4C8C-8124-11253C698427}] (.Pas de propriétaire.) -- C:\Program Files (x86)\LucasArts\Star Wars Battlefront II\LaunchBFII.exe
[MD5.6209AAF0C2E09E026AEF59D94E00D2C9] [APT] [{597B73DA-F826-426E-B560-58FACDF353A4}] (.Bethesda Softworks.) -- C:\Program Files (x86)\Bethesda Softworks\Morrowind\Morrowind Launcher.exe
[MD5.00000000000000000000000000000000] [APT] [{5DD2A508-5003-4A3D-8F60-9C97A562D749}] (.Pas de propriétaire.) -- C:\Users\guyot\Desktop\Crack Proper.SKIDROW.JC2_up_by_stiu\JustCause2.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{61131674-7C0F-442E-9787-C56F6B4881E5}] (.Pas de propriétaire.) -- C:\Users\guyot\Desktop\Crack Proper.SKIDROW.JC2_up_by_stiu\JustCause2.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{70918FC7-2043-4093-AA15-AF4E45214230}] (.Pas de propriétaire.) -- C:\Users\guyot\Desktop\Crack Proper.SKIDROW.JC2_up_by_stiu\JustCause2.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{75E83284-5778-4B62-BB82-8386F1D89EA0}] (.Pas de propriétaire.) -- C:\Users\guyot\Desktop\FalloutLauncher.exe (.not file.)
[MD5.5AFB69549DEC47D0B2DCA865B9B7131F] [APT] [{7DF52D46-C5E3-4C0E-91A0-D0CAFB35109F}] (.Maxis, a division of Electronic Arts Inc..) -- C:\Program Files (x86)\EA GAMES\Les Sims 2\TSBin\Sims2.exe
[MD5.00000000000000000000000000000000] [APT] [{813220F4-4C6D-4D22-88DE-C77AEB08CF56}] (.Pas de propriétaire.) -- C:\Users\guyot\Desktop\streaming-audio-recorder_214927_trial.exe (.not file.)
[MD5.6209AAF0C2E09E026AEF59D94E00D2C9] [APT] [{8373D66C-3230-482D-A9F7-35D0473BFC94}] (.Bethesda Softworks.) -- C:\Program Files (x86)\Bethesda Softworks\Morrowind\Morrowind Launcher.exe
[MD5.00000000000000000000000000000000] [APT] [{99DDD802-FE71-4713-B4BE-EE7A6D198439}] (.Pas de propriétaire.) -- C:\Users\guyot\Desktop\FalloutLauncher.exe (.not file.)
[MD5.6209AAF0C2E09E026AEF59D94E00D2C9] [APT] [{A63937DC-57E5-43A9-99A4-16668B9FBFCC}] (.Bethesda Softworks.) -- C:\Program Files (x86)\Bethesda Softworks\Morrowind\Morrowind Launcher.exe
[MD5.1330C90FCADEA583A0166B6752F05AD8] [APT] [{A8324F8E-8ADE-4EBF-BFD0-87C35F2A5F6E}] (.Pas de propriétaire.) -- C:\Program Files (x86)\LucasArts\Star Wars Battlefront II\LaunchBFII.exe
[MD5.1330C90FCADEA583A0166B6752F05AD8] [APT] [{A9A6D35A-8F0E-4BA3-8A66-A865907A1389}] (.Pas de propriétaire.) -- C:\Program Files (x86)\LucasArts\Star Wars Battlefront II\LaunchBFII.exe
[MD5.00000000000000000000000000000000] [APT] [{B65FDEE3-CB0F-4655-8C04-25DC02E1EDD6}] (.Pas de propriétaire.) -- C:\Users\guyot\Desktop\Crack Proper.SKIDROW.JC2_up_by_stiu\JustCause2.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{BC55CAC2-130F-48A4-8ADD-40DAFBB801C1}] (.Pas de propriétaire.) -- C:\Program Files (x86)\MSN Messenger\msnmsgr.exe (.not file.)
[MD5.1330C90FCADEA583A0166B6752F05AD8] [APT] [{BF3F6199-664F-48A1-82A9-845902811A9D}] (.Pas de propriétaire.) -- C:\Program Files (x86)\LucasArts\Star Wars Battlefront II\LaunchBFII.exe
[MD5.6209AAF0C2E09E026AEF59D94E00D2C9] [APT] [{C712B201-A775-41A4-89A5-6B45D9449CD6}] (.Bethesda Softworks.) -- C:\Program Files (x86)\Bethesda Softworks\Morrowind\Morrowind Launcher.exe
[MD5.00000000000000000000000000000000] [APT] [{CD345340-EDC2-475D-A300-3953D77890C7}] (.Pas de propriétaire.) -- C:\Users\guyot\AppData\Local\Temp\Temp1_v8700a_20100923.zip\v8700a_20100923\SETUP.exe (.not file.)
[MD5.6209AAF0C2E09E026AEF59D94E00D2C9] [APT] [{D97ABD73-8B32-4CEB-A3BE-E18326133C17}] (.Bethesda Softworks.) -- C:\Program Files (x86)\Bethesda Softworks\Morrowind\Morrowind Launcher.exe
[MD5.00000000000000000000000000000000] [APT] [{DF8F84F0-0782-49AA-9B7B-A576966808F0}] (.Pas de propriétaire.) -- C:\Users\guyot\Desktop\Crack Proper.SKIDROW.JC2_up_by_stiu\JustCause2.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{E45A286F-1479-4522-B38A-E8A0C5F5E9C1}] (.Pas de propriétaire.) -- C:\Users\guyot\Desktop\streaming-audio-recorder_214927_trial.exe (.not file.)
[MD5.6209AAF0C2E09E026AEF59D94E00D2C9] [APT] [{EA586070-5700-4B7D-94FC-906A908839CA}] (.Bethesda Softworks.) -- C:\Program Files (x86)\Bethesda Softworks\Morrowind\Morrowind Launcher.exe
[MD5.1330C90FCADEA583A0166B6752F05AD8] [APT] [{EC33FABB-C743-429A-9950-B6A038A069D0}] (.Pas de propriétaire.) -- C:\Program Files (x86)\LucasArts\Star Wars Battlefront II\LaunchBFII.exe
[MD5.00000000000000000000000000000000] [APT] [{F1ECB53D-86AD-456E-BFE2-D6CD974E114E}] (.Pas de propriétaire.) -- C:\Users\guyot\Desktop\Guitar Pro 5.0 Espa¤ol + Crack + KeyGen\Guitar Pro 5 Demo.exe (.not file.)
[MD5.6209AAF0C2E09E026AEF59D94E00D2C9] [APT] [{FC3652C6-AAD6-49DC-B528-B00C1454DFDD}] (.Bethesda Softworks.) -- C:\Program Files (x86)\Bethesda Softworks\Morrowind\Morrowind Launcher.exe
[MD5.6209AAF0C2E09E026AEF59D94E00D2C9] [APT] [{FF3FFEBB-78C3-4D24-BDD4-D549B293842F}] (.Bethesda Softworks.) -- C:\Program Files (x86)\Bethesda Softworks\Morrowind\Morrowind Launcher.exe

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (bdfwfpf) . (.BitDefender - BitDefender Firewall WFP Filter Driver.) - C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (Serial) . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 4.65 - (.Pas de propriétaire.) [HKLM][64Bits] -- 7-Zip
O42 - Logiciel: AMD Drag and Drop Transcoding - (.ATI Technologies Inc..) [HKLM] -- {B95653AB-0E7F-204A-3226-17E9F38E6951}
O42 - Logiciel: ATI AVIVO64 Codecs - (.ATI Technologies Inc..) [HKLM] -- {E7DA67AE-5A56-75D1-C76E-821217C4FEB9}
O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc..) [HKLM] -- {54A0FF28-05C4-81E3-3CC1-13D0C2519EFF}
O42 - Logiciel: ATI Catalyst Registration - (.ATI Technologies Inc..) [HKLM][64Bits] -- {11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}
O42 - Logiciel: ATI Problem Report Wizard - (.ATI Technologies.) [HKLM] -- {2FF804EA-34D7-B18B-CF46-2DF3B7117AF0}
O42 - Logiciel: ATI Stream SDK v2 Developer - (.ATI Technologies Inc..) [HKLM] -- {22441735-5983-AD2A-5CC5-FA2CCD7EF732}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.0.1) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA0000000001}
O42 - Logiciel: Ares 2.1.3 - (.Ares Development Group.) [HKLM][64Bits] -- Ares
O42 - Logiciel: Barre d'outils MSN - (.Pas de propriétaire.) [HKLM][64Bits] -- MSN Toolbar
O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM][64Bits] -- {77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}
O42 - Logiciel: BioShock - (.2K Games.) [HKLM][64Bits] -- {E280923D-C5D9-4728-8C79-AC9A0DC75875}
O42 - Logiciel: BitDefender Antivirus Pro 2011 - (.BitDefender.) [HKLM] -- BitDefender
O42 - Logiciel: BitDefender Antivirus Pro 2011 - (.BitDefender.) [HKLM] -- {5A2935F1-137E-454C-B4F8-C379709449E9}
O42 - Logiciel: Blender (remove only) - (.Pas de propriétaire.) [HKLM][64Bits] -- Blender
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM][64Bits] -- {6AB57823-3580-4CE0-9CF0-072E2A39460C}
O42 - Logiciel: Crysis(R) - (.Electronic Arts.) [HKLM][64Bits] -- {000E79B7-E725-4F01-870A-C12942B7F8E4}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Dark Messiah - (.Ubisoft.) [HKCU] -- {A8E2EF8F-73EF-4DD8-BB38-31FCCAF50103}
O42 - Logiciel: EA Download Manager - (.Electronic Arts.) [HKLM][64Bits] -- InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}
O42 - Logiciel: Fallout 3 - (.Bethesda Softworks.) [HKLM][64Bits] -- {974C4B12-4D02-4879-85E0-61C95CC63E9E}
O42 - Logiciel: GIMP 2.6.8 - (.Pas de propriétaire.) [HKLM][64Bits] -- WinGimp-2.0_is1
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: GameSpy Arcade - (.Pas de propriétaire.) [HKLM][64Bits] -- GameSpy Arcade
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Host OpenAL - (.Creative Technology Limited.) [HKLM][64Bits] -- Host OpenAL
O42 - Logiciel: HydraVision - (.ATI Technologies Inc..) [HKLM][64Bits] -- {2E5AC744-87A6-CAC6-F992-515806007F1E}
O42 - Logiciel: IZArc 4.1.6 - (.Ivan Zahariev.) [HKLM][64Bits] -- {97C82B44-D408-4F14-9252-47FC1636D23E}_is1
O42 - Logiciel: Iadah Toolbar - (.DevNet.) [HKCU] -- IadahToolbar
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Les Sims 2 - (.Pas de propriétaire.) [HKLM][64Bits] -- {6E7DD182-9FC6-4651-0095-2E666CC6AF35}
O42 - Logiciel: Les Sims 2 : La bonne affaire - (.Pas de propriétaire.) [HKLM][64Bits] -- {7B3577F5-1D82-4C9B-008B-69D026FD8BCA}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM][64Bits] -- {93665FB0-2A3D-47E1-AB9A-1925130924BB}
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM][64Bits] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
O42 - Logiciel: Microsoft Games for Windows - LIVE - (.Microsoft Corporation.) [HKLM][64Bits] -- {86A4C6D9-29EE-4719-AFA1-BA3341862B83}
O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {1FDA5A37-B22D-43FF-B582-B8964050DC13}
O42 - Logiciel: Microsoft Office Word Viewer 2003 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9085040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {B6E3757B-5E77-3915-866A-CCFC4B8D194C}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM][64Bits] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {071c9b48-7c32-4621-a0ac-3f809523288f}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {350AA351-21FA-3270-8B7A-835434E766AD}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {8220EEFE-38CD-377E-8595-13398D740ACE}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] -- {DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
O42 - Logiciel: Morrowind - (.Pas de propriétaire.) [HKLM][64Bits] -- {7CCA1688-6F09-49AE-887B-E29A552A187A}
O42 - Logiciel: Mozilla Firefox (3.6.16) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox (3.6.16)
O42 - Logiciel: Need for Speed Underground 2 - (.Pas de propriétaire.) [HKLM][64Bits] -- {909F8EBC-EC7F-48FF-0085-475D818F0F31}
O42 - Logiciel: Oblivion - (.Bethesda Softworks.) [HKLM][64Bits] -- {35CB6715-41F8-4F99-8881-6FC75BF054B0}
O42 - Logiciel: OpenOffice.org 3.2 - (.OpenOffice.org.) [HKLM][64Bits] -- {97B3824E-B2D2-4C49-A860-BCA56F10B040}
O42 - Logiciel: Privoxy 3.0.6 - (.Pas de propriétaire.) [HKLM][64Bits] -- Privoxy
O42 - Logiciel: Project64 1.6 - (.Project64.) [HKLM][64Bits] -- {9559F7CA-5E34-4237-A2D9-D856464AD727}
O42 - Logiciel: Revo Uninstaller 1.90 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller
O42 - Logiciel: SAGEM F@st 800-840 - (.SAGEM.) [HKLM][64Bits] -- {4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}
O42 - Logiciel: SPORE(TM) - (.Electronic Arts.) [HKLM][64Bits] -- {9DF0196F-B6B8-4C3A-8790-DE42AA530101}
O42 - Logiciel: SPORE(TM) Aventures Galactiques - (.Electronic Arts.) [HKLM][64Bits] -- {63CEA2E4-4FE7-4F2C-B388-C1313D24157C}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841
O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM][64Bits] -- {CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
O42 - Logiciel: Skype(TM) 5.0 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
O42 - Logiciel: Softonic_France Toolbar - (.Softonic_France.) [HKLM][64Bits] -- Softonic_France Toolbar
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: Star Wars Battlefront II - (.LucasArts.) [HKLM][64Bits] -- {3D374523-CFDE-461A-827E-2A102E2AB365}
O42 - Logiciel: Steam - (.Valve.) [HKLM][64Bits] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3}
O42 - Logiciel: TES Construction Set - (.Pas de propriétaire.) [HKLM][64Bits] -- {8245C111-D83F-4C66-BBC6-2424F6116944}
O42 - Logiciel: Team Fortress 2 - (.Valve.) [HKLM][64Bits] -- Steam App 440
O42 - Logiciel: The Lord of the Rings FREE Trial - (.ATI Technologies Inc..) [HKLM][64Bits] -- {8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}
O42 - Logiciel: Tor 0.1.2.18a - (.Pas de propriétaire.) [HKLM][64Bits] -- Tor
O42 - Logiciel: TuxGuitar 1.2 - (.Pas de propriétaire.) [HKLM][64Bits] -- TuxGuitar_0
O42 - Logiciel: VIA Gestionnaire de périphériques de plate-forme - (.VIA Technologies, Inc..) [HKLM][64Bits] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}
O42 - Logiciel: Vidalia 0.0.14 - (.Pas de propriétaire.) [HKLM][64Bits] -- Vidalia
O42 - Logiciel: WMV9/VC-1 Video Playback - (.ATI Technologies Inc..) [HKLM] -- {B3012F41-D8C7-5ABD-05D1-3EF39D9ACC22}
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM][64Bits] -- {76810709-A7D3-468D-9167-A1780C1E766C}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {1B8ABA62-74F0-47ED-B18C-A43128E591B8}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM][64Bits] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM] -- {5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {DA54F80E-261C-41A2-A855-549A144F2F59}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {92EA4134-10D1-418A-91E1-5A0453131A38}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM][64Bits] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM][64Bits] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM][64Bits] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {09F56A49-A7B1-4AAB-95B9-D13094254AD1}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B9A92DA-6374-4872-B646-253F18624D5F}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM][64Bits] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
O42 - Logiciel: Xfire (remove only) - (.Pas de propriétaire.) [HKLM][64Bits] -- Xfire
O42 - Logiciel: [HKLM\Software\Privoxy] - (.Pas de propriétaire.) [HKLM][64Bits] -- PunkBusterSvc
O42 - Logiciel: aMSN 0.98.3 - (.Pas de propriétaire.) [HKLM][64Bits] -- aMSN
O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM][64Bits] -- eMule

---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\AMD]
[HKCU\Software\ATI]
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\PriceGong]
[HKCU\Software\AppDataLow\Software\Softonic_France]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Ares]
[HKCU\Software\Battle.net]
[HKCU\Software\BitDefender]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Creative Tech]
[HKCU\Software\DevNet]
[HKCU\Software\GameSpy]
[HKCU\Software\Google]
[HKCU\Software\Herac]
[HKCU\Software\IM Providers]
[HKCU\Software\INCAInternet]
[HKCU\Software\IZSoftware]
[HKCU\Software\JaboSoft]
[HKCU\Software\JustCause2]
[HKCU\Software\LowRegistry]
[HKCU\Software\LucasArts]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mozilla]
[HKCU\Software\N64 Emulation]
[HKCU\Software\Netscape]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Privoxy]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\SecuROM]
[HKCU\Software\SkypeApps]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\Sysinternals]
[HKCU\Software\Ubisoft]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\Valve]
[HKCU\Software\Wget]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\Windows Live Writer]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Xfire]
[HKCU\Software\aMSN]
[HKCU\Software\cybelsoft]
[HKCU\Software\eMule]
[HKLM\Software\2K Games]
[HKLM\Software\AMD]
[HKLM\Software\ASUS]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AVC3]
[HKLM\Software\Adobe]
[HKLM\Software\Analog Devices]
[HKLM\Software\Battle.net]
[HKLM\Software\Bethesda Softworks]
[HKLM\Software\BlenderFoundation]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Creative Labs]
[HKLM\Software\Creative Tech]
[HKLM\Software\Crytek]
[HKLM\Software\DevNet]
[HKLM\Software\EA Games]
[HKLM\Software\Electronic Arts]
[HKLM\Software\Even Balance]
[HKLM\Software\FRANCE TELECOM]
[HKLM\Software\GalaNetEu]
[HKLM\Software\Google]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\LucasArts]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MidasHeurScanner]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\OpenAL]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Policies]
[HKLM\Software\QSound Labs, Inc.]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SAGEM]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Skype]
[HKLM\Software\Softonic_France]
[HKLM\Software\Sonic]
[HKLM\Software\Sun Microsystems]
[HKLM\Software\Swearware]
[HKLM\Software\Ubisoft]
[HKLM\Software\Uniblue]
[HKLM\Software\VIA Technologies, Inc]
[HKLM\Software\Valve]
[HKLM\Software\Volatile]
[HKLM\Software\Wow6432Node]
[HKLM\Software\cybelsoft]
[HKLM\Software\mozilla.org]
[HKLM\Software\swearware]

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 13/01/2010 - 09:58:34 - [23462411] ----D- C:\Program Files\ATI
O43 - CFD: 28/12/2010 - 22:18:20 - [28] ----D- C:\Program Files\ATI Technologies
O43 - CFD: 29/12/2010 - 18:33:04 - [149986318] ----D- C:\Program Files\BitDefender
O43 - CFD: 03/04/2011 - 13:11:58 - [1083643218] ----D- C:\Program Files\Common Files
O43 - CFD: 19/01/2011 - 17:39:30 - [6643344] ----D- C:\Program Files\Creative
O43 - CFD: 21/08/2010 - 13:16:50 - [2950] ----D- C:\Program Files\Diablo II Shareware
O43 - CFD: 02/04/2011 - 20:46:52 - [90256916] ----D- C:\Program Files\DVD Maker
O43 - CFD: 13/01/2010 - 09:31:32 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 24/01/2010 - 00:06:54 - [1931968] ----D- C:\Program Files\Google
O43 - CFD: 02/04/2011 - 20:46:52 - [5182765] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 14/07/2009 - 17:35:26 - [149237810] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 14/07/2009 - 07:32:40 - [36813993] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 14/07/2009 - 07:09:28 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 02/04/2011 - 20:46:42 - [4039680] ----D- C:\Program Files\Windows Defender
O43 - CFD: 02/04/2011 - 20:46:50 - [9224824] ----D- C:\Program Files\Windows Journal
O43 - CFD: 23/10/2010 - 14:04:34 - [43896] ----D- C:\Program Files\Windows Live
O43 - CFD: 02/04/2011 - 20:46:52 - [6667776] ----D- C:\Program Files\Windows Mail
O43 - CFD: 02/04/2011 - 20:46:50 - [7687085] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 13/01/2010 - 09:31:32 - [12627636] ----D- C:\Program Files\Windows NT
O43 - CFD: 02/04/2011 - 20:46:50 - [5516056] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 02/04/2011 - 20:46:50 - [244736] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 02/04/2011 - 20:46:52 - [7044767] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 28/12/2010 - 19:37:00 - [5392136] ----D- C:\Program Files\Common Files\ATI Technologies
O43 - CFD: 29/12/2010 - 18:33:04 - [979652045] ----D- C:\Program Files\Common Files\BitDefender
O43 - CFD: 19/08/2010 - 18:07:52 - [24619886] ----D- C:\Program Files\Common Files\INCA Shared
O43 - CFD: 23/10/2010 - 14:04:24 - [61071846] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 14/07/2009 - 17:24:10 - [12194291] ----D- C:\Program Files\Common Files\System
O43 - CFD: 29/12/2010 - 16:19:28 - [3413] ----D- C:\ProgramData\3e460000-82e7-4b13-7fe1-2948b090cb6
O43 - CFD: 29/12/2010 - 16:15:18 - [4506] ----D- C:\ProgramData\5a810000-11fe-40a8-e2d6-aff8e28e4b90
O43 - CFD: 09/01/2011 - 10:36:00 - [124467961] ----D- C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 28/12/2010 - 22:18:34 - [188] ----D- C:\ProgramData\ATI
O43 - CFD: 29/12/2010 - 21:05:06 - [72] ----D- C:\ProgramData\bdch
O43 - CFD: 29/12/2010 - 18:33:54 - [9046468] ----D- C:\ProgramData\BitDefender
O43 - CFD: 13/01/2010 - 09:31:32 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 06/03/2010 - 21:42:26 - [87670] ----D- C:\ProgramData\Electronic Arts
O43 - CFD: 15/05/2010 - 14:37:50 - [0] ----D- C:\ProgramData\eMule
O43 - CFD: 13/01/2010 - 09:31:32 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 24/01/2010 - 00:06:58 - [536138] ----D- C:\ProgramData\Google
O43 - CFD: 16/01/2011 - 00:33:20 - [1230964] ----D- C:\ProgramData\ma-config.com
O43 - CFD: 25/12/2010 - 13:18:28 - [199] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 21/08/2010 - 19:08:58 - [3702] ----D- C:\ProgramData\McAfee
O43 - CFD: 06/02/2010 - 20:09:38 - [1387] ----D- C:\ProgramData\Media Center Programs
O43 - CFD: 13/01/2010 - 09:31:32 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 23/03/2011 - 17:06:50 - [174227333] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 13/01/2010 - 09:31:32 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 12/12/2010 - 17:46:26 - [21442894] ----D- C:\ProgramData\Skype
O43 - CFD: 04/04/2011 - 17:32:10 - [78698] ----D- C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 09/01/2011 - 10:34:22 - [2998313] ----D- C:\Users\guyot\AppData\Roaming\Adobe
O43 - CFD: 30/03/2010 - 19:54:08 - [0] ----D- C:\Users\guyot\AppData\Roaming\AdobeUM
O43 - CFD: 21/01/2010 - 21:22:58 - [0] ----D- C:\Users\guyot\AppData\Roaming\ATI
O43 - CFD: 11/11/2010 - 11:47:34 - [0] ----D- C:\Users\guyot\AppData\Roaming\Audacity
O43 - CFD: 03/04/2011 - 19:03:04 - [986585] ----D- C:\Users\guyot\AppData\Roaming\Bioshock
O43 - CFD: 29/12/2010 - 18:33:10 - [78144] ----D- C:\Users\guyot\AppData\Roaming\BitDefender
O43 - CFD: 18/11/2010 - 18:52:40 - [7347668] ----D- C:\Users\guyot\AppData\Roaming\Blender Foundation
O43 - CFD: 24/01/2010 - 10:24:26 - [0] ----D- C:\Users\guyot\AppData\Roaming\Google
O43 - CFD: 09/06/2010 - 18:39:32 - [169] ----D- C:\Users\guyot\AppData\Roaming\gtk-2.0
O43 - CFD: 02/06/2010 - 18:10:54 - [3638] ----D- C:\Users\guyot\AppData\Roaming\Icones
O43 - CFD: 21/01/2010 - 21:21:34 - [0] ----D- C:\Users\guyot\AppData\Roaming\Identities
O43 - CFD: 24/01/2010 - 22:32:56 - [0] ----D- C:\Users\guyot\AppData\Roaming\InstallShield
O43 - CFD: 13/02/2010 - 12:51:28 - [3998374] ----D- C:\Users\guyot\AppData\Roaming\InstallShield Installation Information
O43 - CFD: 24/01/2010 - 00:07:14 - [3554] ----D- C:\Users\guyot\AppData\Roaming\Macromedia
O43 - CFD: 26/12/2010 - 11:19:08 - [1763] ----D- C:\Users\guyot\AppData\Roaming\Malwarebytes
O43 - CFD: 14/07/2009 - 17:35:06 - [0] ----D- C:\Users\guyot\AppData\Roaming\Media Center Programs
O43 - CFD: 19/02/2011 - 15:25:14 - [5744668] -S--D- C:\Users\guyot\AppData\Roaming\Microsoft
O43 - CFD: 06/02/2010 - 11:46:48 - [9243995] ----D- C:\Users\guyot\AppData\Roaming\Mozilla
O43 - CFD: 18/02/2010 - 22:12:06 - [3052042] ----D- C:\Users\guyot\AppData\Roaming\OpenOffice.org
O43 - CFD: 29/12/2010 - 16:08:34 - [0] ----D- C:\Users\guyot\AppData\Roaming\QuickScan
O43 - CFD: 06/02/2010 - 20:10:56 - [23912] R-H-D- C:\Users\guyot\AppData\Roaming\SecuROM
O43 - CFD: 09/02/2011 - 11:31:40 - [3997466] ----D- C:\Users\guyot\AppData\Roaming\Skype
O43 - CFD: 09/02/2011 - 11:16:28 - [13632] ----D- C:\Users\guyot\AppData\Roaming\skypePM
O43 - CFD: 20/03/2010 - 20:34:44 - [1307629074] ----D- C:\Users\guyot\AppData\Roaming\SPORE
O43 - CFD: 04/04/2011 - 17:29:32 - [1107365] ----D- C:\Users\guyot\AppData\Roaming\tor
O43 - CFD: 13/02/2010 - 12:51:28 - [7989389105] ----D- C:\Users\guyot\AppData\Roaming\Ubisoft
O43 - CFD: 14/03/2011 - 18:10:18 - [0] ----D- C:\Users\guyot\AppData\Roaming\Uniblue
O43 - CFD: 04/04/2011 - 15:21:50 - [70094] ----D- C:\Users\guyot\AppData\Roaming\Vidalia
O43 - CFD: 06/02/2010 - 20:00:10 - [0] ----D- C:\Users\guyot\AppData\Roaming\Windows Live Writer
O43 - CFD: 03/12/2010 - 18:09:02 - [101] ----D- C:\Users\guyot\AppData\Roaming\Xfire
O43 - CFD: 06/02/2010 - 19:54:42 - [6442409467] ----D- C:\Program Files (x86)\2K Games
O43 - CFD: 27/01/2010 - 17:06:58 - [3094515] ----D- C:\Program Files (x86)\7-Zip
O43 - CFD: 04/04/2011 - 15:48:36 - [97805026] ----D- C:\Program Files (x86)\Ad-Remover
O43 - CFD: 30/12/2010 - 15:18:28 - [114227921] ----D- C:\Program Files (x86)\Adobe
O43 - CFD: 11/09/2010 - 21:51:34 - [56816955] ----D- C:\Program Files (x86)\aMSN
O43 - CFD: 11/02/2010 - 19:01:36 - [4555035] ----D- C:\Program Files (x86)\Ares
O43 - CFD: 28/12/2010 - 19:37:02 - [556326] ----D- C:\Program Files (x86)\ATI
O43 - CFD: 28/12/2010 - 19:36:56 - [54221243] ----D- C:\Program Files (x86)\ATI Stream
O43 - CFD: 28/12/2010 - 22:18:32 - [119641049] ----D- C:\Program Files (x86)\ATI Technologies
O43 - CFD: 14/03/2011 - 18:16:08 - [11536316410] ----D- C:\Program Files (x86)\Bethesda Softworks
O43 - CFD: 18/11/2010 - 18:52:38 - [32837364] ----D- C:\Program Files (x86)\Blender Foundation
O43 - CFD: 06/02/2010 - 12:00:40 - [2847944] ----D- C:\Program Files (x86)\CCleaner
O43 - CFD: 03/04/2011 - 13:11:58 - [348832003] ----D- C:\Program Files (x86)\Common Files
O43 - CFD: 19/01/2011 - 17:47:26 - [1388549] ----D- C:\Program Files (x86)\Creative
O43 - CFD: 02/06/2010 - 18:11:36 - [1538032] ----D- C:\Program Files (x86)\DevNet
O43 - CFD: 01/01/2011 - 15:11:04 - [5405095071] ----D- C:\Program Files (x86)\EA GAMES
O43 - CFD: 09/09/2010 - 18:13:02 - [13336619288] ----D- C:\Program Files (x86)\Electronic Arts
O43 - CFD: 15/05/2010 - 14:37:44 - [10906334] ----D- C:\Program Files (x86)\eMule
O43 - CFD: 03/12/2010 - 18:20:44

Réponse 23 / 26

moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274

* Télécharge Defogger
http://www.jpshortstuff.247fixes.com/Defogger.exe

=> lance le
* Une fenêtre apparait clique sur Disable
* Redémarre le PC si demandé

ensuite

/!\ Il faut impérativement désactiver tous tes logiciels de protection pour utiliser ce programme/!\

? Télécharge : Gmer (by Przemyslaw Gmerek)

http://www.gmer.net/

? Dezippe gmer ,cliques sur l'onglet rootkit,lances le scan,des lignes rouges vont apparaitre.

? Les lignes rouges indiquent la presence d'un rootkit.Postes moi le rapport gmer (cliques sur copy,puis vas dans demarrer ,puis ouvres le bloc note,vas dans edition et cliques sur coller,le rapport gmer va apparaitre,postes moi le)

Réponse 24 / 26

humoristik Messages postés 9 Statut Membre

Rebonjour!! Alors j'ai fait ce que tu m'a dit mais Gmer n'a rien trouvé , cela veut il dire que mon PC est clean? En tout cas merci de prendre le temps de m'aider , c'est très gentil de votre part!

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 25 / 26

humoristik Messages postés 9 Statut Membre

je up le sujet , je demande juste confirmation pour savoir si je peux effectivement considérer mon pc comme clean après toutes ces différentes manipulations , merci pour tout ce que vous avez déjà fait en tout cas ^^

Réponse 26 / 26

Lesplusbeauxdictons Messages postés 402 Statut Membre 43

Bonjour :) désolé de vous déranger, mais je me suis servi de ce ce sujet pour aller déposer un fichier. Le lien est le suivant : https://pjjoint.malekal.com/files.php?id=ZHPDiag_20120218_t9c14j14w6b6

Discussions similaires

Softonic,est-ce un virus ?

Désinstaller Softonic

Erreur 0x800700E1

Message Apple virus !!

Forum Virus

Trouvez des solutions pour détecter et éliminer les menaces, des astuces pour prévenir les infections, et discutez des dernières menaces en ligne

Newsletters

Newsletters

Actu du jour

Voir un exemple