Problème "trojan", aide svp

Résolu
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   -  
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour,

Je possède l'anti virus Avast (mise à jour très régulière) et j'ai des alertes depuis tout à l'heure concernant un virus "trojan". Plus d'une dizaine de fenêtres AVAST s'ouvraient avec l'alerte en disant que le truc était bloqué. . J'ai vu où était placé le fichier infecté dans le lecteur C. Seulement on me dit que je n'ai pas l'autorisation quand je veux le supprimer. Je ne suis pas administrateur de l'ordinateur, est-ce pour ça?

Le fichier s'appelle Pfysaa et appartiendrait à la société de "Statham" le fameux programmeur.
Et sur la barre d'état windows, quand je clique sur "programmes de démarrage bloqués", le nom du prograame bloqué est le suivant : KfSystemR setup g1.

Je suis en train de faire un scan minutieux (il en est à 6%).
Je n'ai plus de fenêtres d'alertes Avast à s'ouvrir.

Dans mon logiciel Avast, lorsque je clique sur l'onglet "protection résidente", il n'y a que dans "agent réseau" que des connexions sont bloquées (136 sur 7700 pour l'instant).

Pourriez-vous m'aider svp? Je n'y connais rien. Merci d'avance.
A voir également:

60 réponses

Précédent
Réponse 21 / 60
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
Nan c'est le premier lancement. Je parlais du rapport d'usbfix qui n'était pas arrivé.
0
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
Aaaah ok :p
t inquiète pas ^^

s'il ne s'ouvre pas tout seul il est à C:\ComboFix.txt
0
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
le rapport est prêt maisil me dit d'attendre que la fenetre se ferme... donc j'attends bêtement :-)
0
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
mdr c est qu'il n'a pas encore tout écrit, il est lent :o)
0
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
Je l'ai eu mais je redémarre l'ordi concerné parce qu'il a bugué quand j'ai voulu aller sur internet
0
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
ah oui ça peut arriver ^^ "clé de registre marquée pour suppression" ^^
0
Réponse 22 / 60
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
Pffff kilénul, il a laissé les 3/4 de ce qu'il fallait supprimer ^^

▶ ▶ DÉSACTIVE TES PROTECTIONS DURANT LA PROCÉDURE

▶ ▶ SCRIPT PERSONNALISE A CET ORDINATEUR, NE PAS REPRODUIRE : DANGEREUX !!!!

▶ Créé un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes : 

KillAll:: 

File:: 
c:\windows\Pfysaa.exe       
c:\users\Lucile\GoogleSketchUpProWFR.exe       
c:\windows\Tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job       

Folder:: 
c:\program files (x86)\Application Updater     
c:\program files (x86)\pdfforge Toolbar     
c:\program files (x86)\Radio_Bar_2 
c:\program files (x86)\Softonic_France 
c:\program files (x86)\ConduitEngine 
c:\program files (x86)\Ask.com 
c:\program files (x86)\Fluendo 
c:\program files (x86)\Common Files\Spigot 

Registry:: 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]       
"ApnUpdater"=- 
"SearchSettings"=- 
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]     
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]    
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]    
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]   
[-HKEY_CLASSES_ROOT\clsid\{9bb815eb-3f9f-4e11-9150-cb70e29b40fc}]    
[-HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]       
[-HKEY_CLASSES_ROOT\clsid\{4daac69c-cba7-45e2-9bc8-1044483d3352}]   
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]      
"{9bb815eb-3f9f-4e11-9150-cb70e29b40fc}"=-
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= -
"{4daac69c-cba7-45e2-9bc8-1044483d3352}"= -
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= - 
[-HKEY_CLASSES_ROOT\clsid\{9bb815eb-3f9f-4e11-9150-cb70e29b40fc}]   
[-HKEY_CLASSES_ROOT\clsid\{4daac69c-cba7-45e2-9bc8-1044483d3352}]   
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]    
"{9bb815eb-3f9f-4e11-9150-cb70e29b40fc}"=- 
"{4daac69c-cba7-45e2-9bc8-1044483d3352}"=- 

Driver:: 
Application Updater 

Rootkit:: 
c:\program files (x86)\Application Updater\ApplicationUpdater.exe 

Firefox:: 
FF - Ext: Interest Recognizer for Moovida: moovida@spointer.com - c:\program files (x86)\Fluendo\Moovida\spointer\extensions\moovida@spointer.com  
FF - Ext: Softonic_France Community Toolbar: {4daac69c-cba7-45e2-9bc8-1044483d3352} - %profile%\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}  
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com       
FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com     
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com       

RegLockDel:: 
[HKEY_LOCAL_MACHINE\software\McAfee]       

SecCenter:: 
{3D54B793-665E-3129-9103-206115370C8A}       

Reboot::


▶ Enregistre ce fichier sous le nom CFScript

▶ Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :http://i261.photobucket.com/albums/ii49/Malekal_morte/CFScript-2.gif

▶ Combofix se lance, laisse toi guider..

▶ Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c''est normal!
Ne touche à rien tant que le scan n''est pas terminé.
▶ Une fois le scan achevé, un rapport va s''afficher: poste son contenu, en précisant où en sont tes soucis

▶ Si le fichier ne s''ouvre pas, il se trouve ici > C:\ComboFix.txt
.::. Contributeur Sécurité .::.
0
Réponse 23 / 60
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
Merci encore mille fois! Je fais ça dans un quart d'heure.
0
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
de rien :)
j'vais peut être m'absenter, no stress :)
0
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
OK.
J'ai un souci. Je ne retrouve plus "combofix"! IL était dans C / Lucile / téléchargement et il n'y est plus :-(
0
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
Ah c'est bon je l'ai retrouvé, il était dans "bureau", j'avais oublié
0
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
Je n'ai pas réussi à retirer le pare feu, il ne voulait pas (peut être parce que je ne suis pas administrateur de cet ordi) . J espere que ça n'a pas trop d'incidence.
0
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
Voici le rapport :
ComboFix 11-06-11.01 - Lucile 12/06/2011 20:55:40.2.4 - x64
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.8190.6298 [GMT 2:00]
Lancé depuis: c:\users\Lucile\Desktop\lulu_com.exe
Commutateurs utilisés :: c:\users\Lucile\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: McAfee VirusScan *Disabled/Outdated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Personal Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: McAfee VirusScan *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Lucile\GoogleSketchUpProWFR.exe"
"c:\windows\Pfysaa.exe"
"c:\windows\Tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job"
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Application Updater
c:\program files (x86)\Application Updater\ApplicationUpdater.exe
c:\program files (x86)\Application Updater\config.ini
c:\program files (x86)\Ask.com
c:\program files (x86)\Ask.com\assets\oobe\b.png
c:\program files (x86)\Ask.com\assets\oobe\bl.png
c:\program files (x86)\Ask.com\assets\oobe\br.png
c:\program files (x86)\Ask.com\assets\oobe\l.png
c:\program files (x86)\Ask.com\assets\oobe\pointer.png
c:\program files (x86)\Ask.com\assets\oobe\r.png
c:\program files (x86)\Ask.com\assets\oobe\t.png
c:\program files (x86)\Ask.com\assets\oobe\tl.png
c:\program files (x86)\Ask.com\assets\oobe\tr.png
c:\program files (x86)\Ask.com\cobrand.ico
c:\program files (x86)\Ask.com\config.xml
c:\program files (x86)\Ask.com\favicon.ico
c:\program files (x86)\Ask.com\fv_580f.ico
c:\program files (x86)\Ask.com\GenericAskToolbar.dll
c:\program files (x86)\Ask.com\mupcfg.xml
c:\program files (x86)\Ask.com\precache.exe
c:\program files (x86)\Ask.com\SaUpdate.exe
c:\program files (x86)\Ask.com\Updater\config.xml
c:\program files (x86)\Ask.com\Updater\Updater.exe
c:\program files (x86)\Ask.com\UpdateTask.exe
c:\program files (x86)\Common Files\Spigot
c:\program files (x86)\Common Files\Spigot\Search Settings\config.ini
c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
c:\program files (x86)\Common Files\Spigot\Search Settings\yahoo_ff.xml
c:\program files (x86)\Common Files\Spigot\Search Settings\yahoo_ie.xml
c:\program files (x86)\Common Files\Spigot\wtxpcom\chrome.manifest
c:\program files (x86)\Common Files\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt
c:\program files (x86)\Common Files\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt
c:\program files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll
c:\program files (x86)\Common Files\Spigot\wtxpcom\install.rdf
c:\program files (x86)\ConduitEngine
c:\program files (x86)\ConduitEngine\appContextMenu.xml
c:\program files (x86)\ConduitEngine\ConduitEngine.dll
c:\program files (x86)\ConduitEngine\ConduitEngineHelper.exe
c:\program files (x86)\ConduitEngine\ConduitEngineUninstall.exe
c:\program files (x86)\ConduitEngine\engineContextMenu.xml
c:\program files (x86)\ConduitEngine\EngineSettings.json
c:\program files (x86)\ConduitEngine\INSTALL.LOG
c:\program files (x86)\ConduitEngine\toolbar.cfg
c:\program files (x86)\Fluendo
c:\program files (x86)\Fluendo\Moovida\atk-sharp.dll
c:\program files (x86)\Fluendo\Moovida\atksharpglue-2.dll
c:\program files (x86)\Fluendo\Moovida\avcodec-lgpl-52.dll
c:\program files (x86)\Fluendo\Moovida\avformat-lgpl-52.dll
c:\program files (x86)\Fluendo\Moovida\avutil-lgpl-50.dll
c:\program files (x86)\Fluendo\Moovida\AxSpointerControlLib.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.AirPortExpress.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.Audiobook.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.AudioCd.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.Bookmarks.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.Bpm.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.CollectionIndexer.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.Core.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.CoverArt.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.Daap.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.Dap.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.Dap.Ipod.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.Dap.MassStorage.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.Dap.Mtp.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.DVD.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.Emusic.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.FileSystemQueue.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.GStreamer.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.InternetArchive.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.InternetRadio.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.LibraryWatcher.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.Moovida.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.MovieControls.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.NowPlaying.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.PlayerMigration.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.PlayQueue.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.Podcasting.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.Services.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.ThickClient.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.UpdateSystem.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.VideoIdentifier.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.Widgets.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.Windows.dll
c:\program files (x86)\Fluendo\Moovida\Banshee.YouTube.dll
c:\program files (x86)\Fluendo\Moovida\CabLib.dll
c:\program files (x86)\Fluendo\Moovida\CIFSClient.dll
c:\program files (x86)\Fluendo\Moovida\CookComputing.XmlRpcV2.dll
c:\program files (x86)\Fluendo\Moovida\engines\libmurrine.dll
c:\program files (x86)\Fluendo\Moovida\engines\libpixmap.dll
c:\program files (x86)\Fluendo\Moovida\engines\libwimp.dll
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\10-autohint.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\10-no-sub-pixel.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\10-sub-pixel-bgr.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\10-sub-pixel-rgb.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\10-sub-pixel-vbgr.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\10-sub-pixel-vrgb.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\10-unhinted.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\20-fix-globaladvance.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\20-lohit-gujarati.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\20-unhint-small-vera.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\30-amt-aliases.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\30-urw-aliases.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\40-generic.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\49-sansserif.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\50-user.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\51-local.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\60-latin.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\65-fonts-persian.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\65-nonlatin.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\69-unifont.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\70-no-bitmaps.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\70-yes-bitmaps.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\80-delicious.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\90-synthetic.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.avail\README
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.d\20-fix-globaladvance.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.d\20-lohit-gujarati.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.d\20-unhint-small-vera.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.d\30-amt-aliases.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.d\30-urw-aliases.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.d\40-generic.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.d\49-sansserif.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.d\50-user.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.d\51-local.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.d\60-latin.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.d\65-fonts-persian.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.d\65-nonlatin.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.d\69-unifont.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.d\80-delicious.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\conf.d\90-synthetic.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\fonts.conf
c:\program files (x86)\Fluendo\Moovida\etc\fonts\fonts.dtd
c:\program files (x86)\Fluendo\Moovida\etc\fonts\local.conf
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Arrows\arrow-down.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Arrows\arrow-left.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Arrows\arrow-right-norm.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Arrows\arrow-right-prelight.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Arrows\arrow-right.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Arrows\arrow-up.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\background.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Buttons\button-default.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Buttons\button-insensitive.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Buttons\button-normal.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Buttons\button-prelight.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Buttons\button-pressed.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Check-Radio\check1.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Check-Radio\check2.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Check-Radio\check3.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Check-Radio\check4.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Check-Radio\checklight.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Check-Radio\highlight.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Check-Radio\option1.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Check-Radio\option2.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Check-Radio\option3.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Check-Radio\option4.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Combo\combo-active.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Combo\combo-arrow-insens.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Combo\combo-arrow-prelight.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Combo\combo-arrow.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Combo\combo-inactive.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Combo\combo-normal.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Combo\combo-prelight.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Frame-Gap\frame-gap-end.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Frame-Gap\frame-gap-start.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Frame-Gap\frame1.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Frame-Gap\frame2.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\gdk-pixbuf.loaders
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\gtkrc
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Handles\handle-h.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Handles\handle-v.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Lines\line-h.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Lines\line-v.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\ListHeaders\list_header-insens.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\ListHeaders\list_header-prelight.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\ListHeaders\list_header-pressed.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\ListHeaders\list_header.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Menu-Menubar\menu.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Menu-Menubar\menubar-item.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Menu-Menubar\menubar.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Menu-Menubar\menuitem.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Menu-Menubar\menuline.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\menubar.rc
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Others\focus.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Others\null.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Others\ruler.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Panel\panel-bg-black-24.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Panel\panel-bg.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Panel\panel-notification-bg.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Panel\panelbutton1.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Panel\panelbutton2.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Panel\panelbutton3.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Panel\panelbutton4.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\ProgressBar\progressbar-horiz.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\ProgressBar\trough-progressbar-horiz.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\ProgressBar\trough-progressbar-vert.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Range\null.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Range\slider-horiz-prelight.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Range\slider-horiz.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Range\slider-vert-prelight.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Range\slider-vert.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Range\trough-horizontal-lower.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Range\trough-horizontal.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Range\trough-vertical-lower.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Range\trough-vertical.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Scrollbars\scroll-thumb-horiz.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Scrollbars\scroll-thumb-vert.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Scrollbars\slider-horiz-insens.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Scrollbars\slider-horiz-prelight.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Scrollbars\slider-horiz.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Scrollbars\slider-vert-insens.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Scrollbars\slider-vert-prelight.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Scrollbars\slider-vert.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Scrollbars\stepper-down-insens.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Scrollbars\stepper-down-prelight.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Scrollbars\stepper-down.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Scrollbars\stepper-left-insens.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Scrollbars\stepper-left-prelight.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Scrollbars\stepper-left.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Scrollbars\stepper-right-insens.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Scrollbars\stepper-right-prelight.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Scrollbars\stepper-right.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Scrollbars\stepper-up-insens.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Scrollbars\stepper-up-prelight.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Scrollbars\stepper-up.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Scrollbars\trough-scrollbar-horiz.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Scrollbars\trough-scrollbar-vert.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Shadows\entry-shadow-in.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Shadows\shadow-etched-out.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Shadows\shadow-in.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Shadows\shadow-none.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Shadows\shadow-out.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Shadows\text-entry.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Shadows\text.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Spin\spin-down-disable.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Spin\spin-down-prelight.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Spin\spin-down.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Spin\spin-up-disable.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Spin\spin-up-prelight.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Spin\spin-up.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Spin\spin.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-about.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-add.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-clear.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-edit.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-find.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-fullscreen.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-help.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-info.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-media-next-ltr.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-media-next-small-ltr.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-media-pause-small.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-media-pause.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-media-play-ltr.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-media-play-small-ltr.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-media-previous-ltr.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-media-previous-small-ltr.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-media-stop-ltr.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-new.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-open.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-preferences.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-properties.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-quit.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-refresh.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Stock\gtk-remove.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Tabs\notebook.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Tabs\null.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Tabs\tab-bottom-active.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Tabs\tab-bottom.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Tabs\tab-left-active.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Tabs\tab-left.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Tabs\tab-right-active.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Tabs\tab-right.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Tabs\tab-top-active.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Tabs\tab-top.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Toolbar\toolbar.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Toolbar\toolbutton-normal.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Toolbar\toolbutton-prelight.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Toolbar\toolbutton-pressed.png
c:\program files (x86)\Fluendo\Moovida\etc\gtk-2.0\Toolbar\toolbutton-toggled.png
c:\program files (x86)\Fluendo\Moovida\etc\pango\pango.aliases
c:\program files (x86)\Fluendo\Moovida\etc\pango\pango.modules
c:\program files (x86)\Fluendo\Moovida\Eula.rtf
c:\program files (x86)\Fluendo\Moovida\gdk-sharp.dll
c:\program files (x86)\Fluendo\Moovida\gdksharpglue-2.dll
c:\program files (x86)\Fluendo\Moovida\glib-sharp.dll
c:\program files (x86)\Fluendo\Moovida\glibsharpglue-2.dll
c:\program files (x86)\Fluendo\Moovida\Google.GData.Client.dll
c:\program files (x86)\Fluendo\Moovida\Google.GData.Extensions.dll
c:\program files (x86)\Fluendo\Moovida\Google.GData.YouTube.dll
c:\program files (x86)\Fluendo\Moovida\GPL.txt
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstaiff.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstautoconvert.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstcdxaparse.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstdirectdraw.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstdshowdecwrapper.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstdshowsrcwrapper.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstdshowvideosink.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstdvdspu.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstfaad.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgsth264parse.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstid3tag.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstmpeg2dec.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstmpeg4videoparse.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstmpegdemux.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstmpegvideoparse.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstmve.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstmxf.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstneonhttpsrc.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstnuvdemux.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstrawparse.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstreal.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstresindvd.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstschro.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstsdpelem.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstselector.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstsiren.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgsttta.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\bad\libgstvp8.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\base\libgstaudioconvert.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\base\libgstaudiorate.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\base\libgstaudioresample.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\base\libgstcoreelements.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\base\libgstcoreindexers.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\base\libgstdecodebin2.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\base\libgstffmpegcolorspace.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\base\libgstgio.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\base\libgstogg.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\base\libgstpango.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\base\libgstplaybin.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\base\libgsttheora.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\base\libgsttypefindfunctions.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\base\libgstvideorate.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\base\libgstvideoscale.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\base\libgstvolume.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\base\libgstvorbis.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\ffmpeg\libgstffmpeg-lgpl.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\fluendo\libgstfluasfdemux.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\fluendo\libgstflulpcmdec.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\fluendo\libgstflummssrc.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\fluendo\libgstflumpegdemux.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\fluendo\libgstflurtp.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstalaw.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstalpha.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstapetag.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstaudiofx.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstauparse.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstautodetect.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstavi.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstcairo.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstdeinterlace.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstdirectsound.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstequalizer.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstflac.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstflv.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstflxdec.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgsticydemux.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstid3demux.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstjpeg.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstlevel.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstmatroska.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstmulaw.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstmultipart.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstpng.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstqtdemux.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstreplaygain.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstrtpjitterbuffer.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstrtpmanager.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstrtppayloads.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstrtsp.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstspectrum.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstudp.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstvideobox.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstvideocrop.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstvideomixer.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstwavpack.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\good\libgstwavparse.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\ugly\libgsta52dec.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\ugly\libgstcdio.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\ugly\libgstdvdlpcmdec.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\ugly\libgstdvdread.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\ugly\libgstdvdsub.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\ugly\libgstiec958.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\ugly\libgstlame.dll
c:\program files (x86)\Fluendo\Moovida\gst-plugins\ugly\libgstmpegaudioparse.dll
c:\program files (x86)\Fluendo\Moovida\gtk-sharp.dll
c:\program files (x86)\Fluendo\Moovida\gtksharpglue-2.dll
c:\program files (x86)\Fluendo\Moovida\HtmlAgilityPack.dll
c:\program files (x86)\Fluendo\Moovida\HtmlAgilityPack.XML
c:\program files (x86)\Fluendo\Moovida\Hyena.dll
c:\program files (x86)\Fluendo\Moovida\Hyena.Gui.dll
c:\program files (x86)\Fluendo\Moovida\iconv.dll
c:\program files (x86)\Fluendo\Moovida\ICSharpCode.SharpZipLib.dll
c:\program files (x86)\Fluendo\Moovida\install.log
c:\program files (x86)\Fluendo\Moovida\intl.dll
c:\program files (x86)\Fluendo\Moovida\ipod-sharp-ui.dll
c:\program files (x86)\Fluendo\Moovida\ipod-sharp.dll
c:\program files (x86)\Fluendo\Moovida\jpeg62.dll
c:\program files (x86)\Fluendo\Moovida\Lastfm.dll
c:\program files (x86)\Fluendo\Moovida\Lastfm.Gui.dll
c:\program files (x86)\Fluendo\Moovida\liba52-0.dll
c:\program files (x86)\Fluendo\Moovida\libatk-1.0-0.dll
c:\program files (x86)\Fluendo\Moovida\libbanshee.dll
c:\program files (x86)\Fluendo\Moovida\libbanshee.exp
c:\program files (x86)\Fluendo\Moovida\libbz2.dll
c:\program files (x86)\Fluendo\Moovida\libcairo-2.dll
c:\program files (x86)\Fluendo\Moovida\libcdio-12.dll
c:\program files (x86)\Fluendo\Moovida\libdvdcss.dll
c:\program files (x86)\Fluendo\Moovida\libdvdnav-4.dll
c:\program files (x86)\Fluendo\Moovida\libdvdread-4.dll
c:\program files (x86)\Fluendo\Moovida\libexpat-1.dll
c:\program files (x86)\Fluendo\Moovida\libfaad-2.dll
c:\program files (x86)\Fluendo\Moovida\libFLAC-8.dll
c:\program files (x86)\Fluendo\Moovida\libfontconfig-1.dll
c:\program files (x86)\Fluendo\Moovida\libfreetype-6.dll
c:\program files (x86)\Fluendo\Moovida\libgcrypt-11.dll
c:\program files (x86)\Fluendo\Moovida\libgdk-win32-2.0-0.dll
c:\program files (x86)\Fluendo\Moovida\libgdk_pixbuf-2.0-0.dll
c:\program files (x86)\Fluendo\Moovida\libgio-2.0-0.dll
c:\program files (x86)\Fluendo\Moovida\libglib-2.0-0.dll
c:\program files (x86)\Fluendo\Moovida\libgmodule-2.0-0.dll
c:\program files (x86)\Fluendo\Moovida\libgnutls-26.dll
c:\program files (x86)\Fluendo\Moovida\libgobject-2.0-0.dll
c:\program files (x86)\Fluendo\Moovida\libgpg-error-0.dll
c:\program files (x86)\Fluendo\Moovida\libgstapp-0.10.dll
c:\program files (x86)\Fluendo\Moovida\libgstaudio-0.10.dll
c:\program files (x86)\Fluendo\Moovida\libgstbase-0.10.dll
c:\program files (x86)\Fluendo\Moovida\libgstbasevideo-0.10.dll
c:\program files (x86)\Fluendo\Moovida\libgstcdda-0.10.dll
c:\program files (x86)\Fluendo\Moovida\libgstcontroller-0.10.dll
c:\program files (x86)\Fluendo\Moovida\libgstdataprotocol-0.10.dll
c:\program files (x86)\Fluendo\Moovida\libgstdshow-0.10.dll
c:\program files (x86)\Fluendo\Moovida\libgstfft-0.10.dll
c:\program files (x86)\Fluendo\Moovida\libgstinterfaces-0.10.dll
c:\program files (x86)\Fluendo\Moovida\libgstnet-0.10.dll
c:\program files (x86)\Fluendo\Moovida\libgstnetbuffer-0.10.dll
c:\program files (x86)\Fluendo\Moovida\libgstpbutils-0.10.dll
c:\program files (x86)\Fluendo\Moovida\libgstreamer-0.10.dll
c:\program files (x86)\Fluendo\Moovida\libgstriff-0.10.dll
c:\program files (x86)\Fluendo\Moovida\libgstrtp-0.10.dll
c:\program files (x86)\Fluendo\Moovida\libgstrtsp-0.10.dll
c:\program files (x86)\Fluendo\Moovida\libgstsdp-0.10.dll
c:\program files (x86)\Fluendo\Moovida\libgsttag-0.10.dll
c:\program files (x86)\Fluendo\Moovida\libgstvideo-0.10.dll
c:\program files (x86)\Fluendo\Moovida\libgthread-2.0-0.dll
c:\program files (x86)\Fluendo\Moovida\libgtk-win32-2.0-0.dll
c:\program files (x86)\Fluendo\Moovida\libjpeg-8.dll
c:\program files (x86)\Fluendo\Moovida\libmp3lame-0.dll
c:\program files (x86)\Fluendo\Moovida\libmpeg2-0.dll
c:\program files (x86)\Fluendo\Moovida\libneon-27.dll
c:\program files (x86)\Fluendo\Moovida\libogg-0.dll
c:\program files (x86)\Fluendo\Moovida\liboil-0.3-0.dll
c:\program files (x86)\Fluendo\Moovida\libpango-1.0-0.dll
c:\program files (x86)\Fluendo\Moovida\libpangocairo-1.0-0.dll
c:\program files (x86)\Fluendo\Moovida\libpangowin32-1.0-0.dll
c:\program files (x86)\Fluendo\Moovida\libpixbufloader-jpeg.dll
c:\program files (x86)\Fluendo\Moovida\libpixman-1-0.dll
c:\program files (x86)\Fluendo\Moovida\libpng14-14.dll
c:\program files (x86)\Fluendo\Moovida\libschroedinger-1.0-0.dll
c:\program files (x86)\Fluendo\Moovida\libspeex-1.dll
c:\program files (x86)\Fluendo\Moovida\libtasn1-3.dll
c:\program files (x86)\Fluendo\Moovida\libtheoradec-1.dll
c:\program files (x86)\Fluendo\Moovida\libtheoraenc-1.dll
c:\program files (x86)\Fluendo\Moovida\libvorbis-0.dll
c:\program files (x86)\Fluendo\Moovida\libvorbisenc-2.dll
c:\program files (x86)\Fluendo\Moovida\libwavpack-1.dll
c:\program files (x86)\Fluendo\Moovida\libxml2-2.dll
c:\program files (x86)\Fluendo\Moovida\LinqBridge.dll
c:\program files (x86)\Fluendo\Moovida\Migo.dll
c:\program files (x86)\Fluendo\Moovida\Mono.Addins.CecilReflector.dll
c:\program files (x86)\Fluendo\Moovida\Mono.Addins.dll
c:\program files (x86)\Fluendo\Moovida\Mono.Addins.Gui.dll
c:\program files (x86)\Fluendo\Moovida\Mono.Addins.Setup.dll
c:\program files (x86)\Fluendo\Moovida\Mono.Cairo.dll
c:\program files (x86)\Fluendo\Moovida\Mono.Data.Sqlite.dll
c:\program files (x86)\Fluendo\Moovida\Mono.Media.dll
c:\program files (x86)\Fluendo\Moovida\Mono.Posix.dll
c:\program files (x86)\Fluendo\Moovida\Mono.Security.dll
c:\program files (x86)\Fluendo\Moovida\Mono.Zeroconf.dll
c:\program files (x86)\Fluendo\Moovida\Mono.Zeroconf.Providers.Bonjour.dll
c:\program files (x86)\Fluendo\Moovida\MonoPosixHelper.dll
c:\program files (x86)\Fluendo\Moovida\Moovida.exe
c:\program files (x86)\Fluendo\Moovida\Moovida.vshost.exe.manifest
c:\program files (x86)\Fluendo\Moovida\MoovidaUtilities.dll
c:\program files (x86)\Fluendo\Moovida\Mtp.dll
c:\program files (x86)\Fluendo\Moovida\MusicBrainz.dll
c:\program files (x86)\Fluendo\Moovida\NDesk.DBus.dll
c:\program files (x86)\Fluendo\Moovida\NDesk.DBus.GLib.dll
c:\program files (x86)\Fluendo\Moovida\pango-sharp.dll
c:\program files (x86)\Fluendo\Moovida\pangosharpglue-2.dll
c:\program files (x86)\Fluendo\Moovida\pthreadGC2.dll
c:\program files (x86)\Fluendo\Moovida\Resources\idle-logo.png
c:\program files (x86)\Fluendo\Moovida\Resources\installer.jpg
c:\program files (x86)\Fluendo\Moovida\Resources\media-player-moovida-16.png
c:\program files (x86)\Fluendo\Moovida\Resources\media-player-moovida-192.png
c:\program files (x86)\Fluendo\Moovida\Resources\media-player-moovida-22.png
c:\program files (x86)\Fluendo\Moovida\Resources\media-player-moovida-24.png
c:\program files (x86)\Fluendo\Moovida\Resources\media-player-moovida-32.png
c:\program files (x86)\Fluendo\Moovida\Resources\media-player-moovida-48.png
c:\program files (x86)\Fluendo\Moovida\Resources\moovida_icon.ico
c:\program files (x86)\Fluendo\Moovida\Resources\splash_screen.jpg
c:\program files (x86)\Fluendo\Moovida\share\immersed.version
c:\program files (x86)\Fluendo\Moovida\share\immersed_patch.version
c:\program files (x86)\Fluendo\Moovida\share\locale\ar\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\be@latin\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\bg\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\br\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\ca\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\cs\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\da\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\de\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\dz\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\en\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\en_CA\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\en_GB\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\es\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\eu\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\fi\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\fr\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\gl\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\gu\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\he\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\hu\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\it\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\ja\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\ko\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\ky\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\lt\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\lv\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\mk\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\nb\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\nl\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\oc\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\pa\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\pl\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\pt\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\pt_BR\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\ru\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\sl\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\sr@latin\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\sr\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\sv\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\th\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\uk\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\vi\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\zh_CN\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\zh_HK\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\locale\zh_TW\LC_MESSAGES\moovida-1.mo
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\audio-profiles\aac.xml
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\audio-profiles\base.xml
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\audio-profiles\flac.xml
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\audio-profiles\flump3.xml
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\audio-profiles\mp3-lame.xml
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\audio-profiles\vorbis.xml
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\audio-profiles\wav.xml
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\audio-profiles\wavpack.xml
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\audio-profiles\wma.xml
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\128x128\devices\airport-express.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\actions\document-save.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\actions\dvd-root-menu.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\actions\dvd-title-menu.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\actions\edit-find.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\actions\media-eject.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\actions\media-import-audio-cd.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\actions\media-playback-pause.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\actions\media-playback-start.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\actions\media-repeat-all.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\actions\media-repeat-none.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\actions\media-repeat-single.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\apps\system-file-manager.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\categories\podcast-new.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\emblems\creative-commons-by.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\emblems\creative-commons-nc.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\emblems\creative-commons-nd.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\emblems\creative-commons-pd.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\emblems\creative-commons-sa.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\emblems\emblem-readonly.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\emblems\emblem-unreadable.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\status\audio-volume-high.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\status\audio-volume-low.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\status\audio-volume-medium.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\16x16\status\audio-volume-muted.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\actions\edit-clear.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\actions\gtk-refresh.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\actions\gtk-undo-ltr.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\actions\media-import-audio-cd.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\actions\search.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\actions\system-search.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\animations\process-working.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\apps\system-users.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\categories\applications-multimedia.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\categories\face-kiss.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\categories\internet-archive.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\categories\lastfm-audioscrobbler.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\categories\lastfm-personal.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\categories\lastfm-recommended.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\categories\lastfm-tag.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\categories\media-dvd.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\categories\media-player-moovida.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\categories\podcast.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\categories\radio.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\categories\remote-speakers.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\categories\source-playlist.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\categories\source-smart-playlist.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\devices\airport-express.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\devices\appletv.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\emblems\emblem-favorite.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\mimetypes\audio-x-generic.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\mimetypes\video-x-generic.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\mimetypes\x-office-document.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\mimetypes\x-office-presentation.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\status\dialog-error.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\22x22\status\media-playlist-shuffle.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\24x24\actions\full-mode-switch.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\24x24\actions\gtk-strikethrough.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\24x24\actions\gtk-underline.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\24x24\actions\mini-mode-switch.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\24x24\categories\gtk-print-warning.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\24x24\devices\gnome-dev-cdrom-audio.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\24x24\devices\media-optical.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\24x24\emotes\face-sad.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\24x24\mimetypes\audio-x-generic.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\24x24\places\drive-harddisk.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\24x24\places\itunes.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\24x24\places\user-home.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\7x7\actions\context-pane-close.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\7x7\actions\context-pane-maximize.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\icons\Tango\index.theme
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\images\120x120\covers\all_music.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\images\120x120\covers\all_videos.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\images\120x120\covers\no_cover_music.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\images\120x120\covers\no_cover_videos.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\images\200x200\covers\all_videos.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\images\200x200\covers\no_cover_videos.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\images\256x256\covers\all_videos.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\images\256x256\covers\no_cover_videos.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\images\90x90\covers\all_music.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\images\90x90\covers\all_videos.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\images\90x90\covers\no_cover_music.png
c:\program files (x86)\Fluendo\Moovida\share\moovida-1\images\90x90\covers\no_cover_videos.png
c:\program files (x86)\Fluendo\Moovida\share\moovidacore.version
c:\program files (x86)\Fluendo\Moovida\share\moovidacore_patch.version
c:\program files (x86)\Fluendo\Moovida\spointer\extensions\chrome\moovida_air_chrome.crx
c:\program files (x86)\Fluendo\Moovida\spointer\extensions\moovida@spointer.com\chrome.manifest
c:\program files (x86)\Fluendo\Moovida\spointer\extensions\moovida@spointer.com\chrome\content\events.js
c:\program files (x86)\Fluendo\Moovida\spointer\extensions\moovida@spointer.com\chrome\content\logo.ico
c:\program files (x86)\Fluendo\Moovida\spointer\extensions\moovida@spointer.com\chrome\content\overlay.xul
c:\program files (x86)\Fluendo\Moovida\spointer\extensions\moovida@spointer.com\components\moovida_air_ff.dll
c:\program files (x86)\Fluendo\Moovida\spointer\extensions\moovida@spointer.com\components\moovida_air_ff.xpt
c:\program files (x86)\Fluendo\Moovida\spointer\extensions\moovida@spointer.com\install.rdf
c:\program files (x86)\Fluendo\Moovida\spointer\extensions\moovida_air_ie.dll
c:\program files (x86)\Fluendo\Moovida\spointer\install.config.sxe
c:\program files (x86)\Fluendo\Moovida\spointer\install.country.sxe
c:\program files (x86)\Fluendo\Moovida\spointer\install.xml
c:\program files (x86)\Fluendo\Moovida\spointer\moovida_air.exe
c:\program files (x86)\Fluendo\Moovida\spointer\moovida_air_ctrl.dll
c:\program files (x86)\Fluendo\Moovida\spointer\moovida_air_webdisp.dll
c:\program files (x86)\Fluendo\Moovida\spointer_setup.exe
c:\program files (x86)\Fluendo\Moovida\spointer_uninstall.exe
c:\program files (x86)\Fluendo\Moovida\SpointerControlLib.dll
c:\program files (x86)\Fluendo\Moovida\sqlite3.dll
c:\program files (x86)\Fluendo\Moovida\taglib-sharp.dll
c:\program files (x86)\Fluendo\Moovida\uninstall.exe
c:\program files (x86)\Fluendo\Moovida\Updater.exe
c:\program files (x86)\Fluendo\Moovida\z.dll
c:\program files (x86)\pdfforge Toolbar
c:\program files (x86)\pdfforge Toolbar\FF\chrome.manifest
c:\program files (x86)\pdfforge Toolbar\FF\chrome\content\chevron.js
c:\program files (x86)\pdfforge Toolbar\FF\chrome\content\chevron.xul
c:\program files (x86)\pdfforge Toolbar\FF\chrome\content\login.js
c:\program files (x86)\pdfforge Toolbar\FF\chrome\content\login.xul
c:\program files (x86)\pdfforge Toolbar\FF\chrome\content\parser.js
c:\program files (x86)\pdfforge Toolbar\FF\chrome\content\RssTickerWidget.js
c:\program files (x86)\pdfforge Toolbar\FF\chrome\content\searchbox.js
c:\program files (x86)\pdfforge Toolbar\FF\chrome\content\searchbox.xul
c:\program files (x86)\pdfforge Toolbar\FF\chrome\content\utils.js
c:\program files (x86)\pdfforge Toolbar\FF\chrome\content\widgichevron.js
c:\program files (x86)\pdfforge Toolbar\FF\chrome\content\widgicomm.js
c:\program files (x86)\pdfforge Toolbar\FF\chrome\content\widgihandling.js
c:\program files (x86)\pdfforge Toolbar\FF\chrome\content\widgilisteners.js
c:\program files (x86)\pdfforge Toolbar\FF\chrome\content\widgitoolbarplugin.js
c:\program files (x86)\pdfforge Toolbar\FF\chrome\content\widgitoolbarplugin.xul
c:\program files (x86)\pdfforge Toolbar\FF\chrome\content\widgiui.js
c:\program files (x86)\pdfforge Toolbar\FF\chrome\locale\EN-US\searchbox.dtd
c:\program files (x86)\pdfforge Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.dtd
c:\program files (x86)\pdfforge Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.properties
c:\program files (x86)\pdfforge Toolbar\FF\chrome\locale\EN-US\yahoo-search.gif
c:\program files (x86)\pdfforge Toolbar\FF\chrome\skin\amazon.gif
c:\program files (x86)\pdfforge Toolbar\FF\chrome\skin\chevron.gif
c:\program files (x86)\pdfforge Toolbar\FF\chrome\skin\ebay.gif
c:\program files (x86)\pdfforge Toolbar\FF\chrome\skin\icon_settings.gif
c:\program files (x86)\pdfforge Toolbar\FF\chrome\skin\pdfc_branding.gif
c:\program files (x86)\pdfforge Toolbar\FF\chrome\skin\pdfc_branding_hover.gif
c:\program files (x86)\pdfforge Toolbar\FF\chrome\skin\pdfc_icon.gif
c:\program files (x86)\pdfforge Toolbar\FF\chrome\skin\pdfc_portal_logo.gif
c:\program files (x86)\pdfforge Toolbar\FF\chrome\skin\search-button-hover.gif
c:\program files (x86)\pdfforge Toolbar\FF\chrome\skin\search-button.gif
c:\program files (x86)\pdfforge Toolbar\FF\chrome\skin\search-chevron-hover.gif
c:\program files (x86)\pdfforge Toolbar\FF\chrome\skin\search-chevron.gif
c:\program files (x86)\pdfforge Toolbar\FF\chrome\skin\search_amazon.gif
c:\program files (x86)\pdfforge Toolbar\FF\chrome\skin\search_ebay.gif
c:\program files (x86)\pdfforge Toolbar\FF\chrome\skin\search_yahoo.gif
c:\program files (x86)\pdfforge Toolbar\FF\chrome\skin\searchbox.css
c:\program files (x86)\pdfforge Toolbar\FF\chrome\skin\splitter.gif
c:\program files (x86)\pdfforge Toolbar\FF\chrome\skin\widgitoolbarplugin.css
c:\program files (x86)\pdfforge Toolbar\FF\install.rdf
c:\program files (x86)\pdfforge Toolbar\IE\4.4\config.ini
c:\program files (x86)\pdfforge Toolbar\IE\4.4\pdfforgeToolbarIE.dll
c:\program files (x86)\pdfforge Toolbar\Res\amazon.gif
c:\program files (x86)\pdfforge Toolbar\Res\ebay.gif
c:\program files (x86)\pdfforge Toolbar\Res\icon_settings.gif
c:\program files (x86)\pdfforge Toolbar\Res\pdfc_branding.gif
c:\program files (x86)\pdfforge Toolbar\Res\pdfc_branding_hover.gif
c:\program files (x86)\pdfforge Toolbar\Res\pdfc_icon.gif
c:\program files (x86)\pdfforge Toolbar\Res\pdfc_portal_logo.gif
c:\program files (x86)\pdfforge Toolbar\Res\search-button-hover.gif
c:\program files (x86)\pdfforge Toolbar\Res\search-button.gif
c:\program files (x86)\pdfforge Toolbar\Res\search-chevron-hover.gif
c:\program files (x86)\pdfforge Toolbar\Res\search-chevron.gif
c:\program files (x86)\pdfforge Toolbar\Res\search_amazon.gif
c:\program files (x86)\pdfforge Toolbar\Res\search_ebay.gif
c:\program files (x86)\pdfforge Toolbar\Res\search_yahoo.gif
c:\program files (x86)\pdfforge Toolbar\Res\widgets.xml
c:\program files (x86)\pdfforge Toolbar\WidgiHelper.exe
c:\program files (x86)\Radio_Bar_2
c:\program files (x86)\Radio_Bar_2\GottenAppsContextMenu.xml
c:\program files (x86)\Radio_Bar_2\INSTALL.LOG
c:\program files (x86)\Radio_Bar_2\OtherAppsContextMenu.xml
c:\program files (x86)\Radio_Bar_2\Radio_Bar_2ToolbarHelper.exe
c:\program files (x86)\Radio_Bar_2\SharedAppsContextMenu.xml
c:\program files (x86)\Radio_Bar_2\tbRadi.dll
c:\program files (x86)\Radio_Bar_2\toolbar.cfg
c:\program files (x86)\Radio_Bar_2\ToolbarContextMenu.xml
c:\program files (x86)\Radio_Bar_2\UNWISE.EXE
c:\program files (x86)\Softonic_France
c:\program files (x86)\Softonic_France\GottenAppsContextMenu.xml
c:\program files (x86)\Softonic_France\INSTALL.LOG
c:\program files (x86)\Softonic_France\OtherAppsContextMenu.xml
c:\program files (x86)\Softonic_France\SharedAppsContextMenu.xml
c:\program files (x86)\Softonic_France\Softonic_FranceToolbarHelper.exe
c:\program files (x86)\Softonic_France\tbSof1.dll
c:\program files (x86)\Softonic_France\tbSoft.dll
c:\program files (x86)\Softonic_France\toolbar.cfg
c:\program files (x86)\Softonic_France\ToolbarContextMenu.xml
c:\program files (x86)\Softonic_France\UNWISE.EXE
c:\program files (x86)\Softonic_France\UNWISE.INI
c:\users\Lucile\GoogleSketchUpProWFR.exe
c:\windows\Pfysaa.exe
c:\windows\Tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Application Updater
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-05-12 au 2011-06-12 ))))))))))))))))))))))))))))))))))))
.
.
2011-06-12 19:04 . 2011-06-12 19:06 -------- d-----w- c:\users\Lucile\AppData\Local\temp
2011-06-12 19:04 . 2011-06-12 19:04 -------- d-----w- c:\users\Mat\AppData\Local\temp
2011-06-12 19:04 . 2011-06-12 19:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-12 16:09 . 2011-06-12 16:53 -------- d-----w- C:\UsbFix
2011-06-12 15:38 . 2011-06-12 15:38 -------- d-----w- c:\program files (x86)\ZHPDiag
2011-06-10 14:34 . 2011-06-10 14:34 -------- d-----w- c:\users\Lucile\AppData\Roaming\Décorateur de plinthes frises et corniches
2011-06-10 07:11 . 2011-05-09 22:00 8718160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{08CD18AF-67A4-490D-A91C-0E46ABE1292F}\mpengine.dll
2011-05-30 21:12 . 2011-05-30 21:12 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-25 15:44 . 2011-05-25 15:44 -------- d-----w- c:\users\Lucile\AppData\Roaming\Décorateur de surfaces
2011-05-25 15:31 . 2011-05-25 15:31 -------- d-----w- c:\users\Lucile\AppData\Roaming\EASYTools
2011-05-24 18:46 . 1995-09-20 14:16 456976 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\DAO\dao3032.dll
2011-05-24 18:41 . 2011-05-25 15:22 282756 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2011-05-24 18:41 . 2011-05-24 18:41 163972 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2011-05-24 18:41 . 2005-03-24 03:18 692224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2011-05-24 18:41 . 2002-12-05 12:10 155648 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2011-05-24 18:41 . 2002-12-02 13:22 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2011-05-24 18:41 . 2002-12-02 11:33 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2011-05-24 18:41 . 2002-12-02 11:33 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2011-05-24 13:39 . 2011-06-12 14:16 -------- d-----w- c:\program files (x86)\GRETECH
2011-05-22 09:14 . 2011-05-22 09:14 995328 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll
2011-05-18 15:29 . 2011-05-18 15:29 -------- d-----w- c:\users\Lucile\AppData\Local\Acer Arcade Deluxe
2011-05-18 15:29 . 2011-05-18 15:29 -------- d-----w- c:\users\Lucile\AppData\Roaming\CyberLink
2011-05-18 15:29 . 2011-05-18 15:29 -------- d-----w- c:\users\Lucile\AppData\Local\PlayMovie
2011-05-17 10:03 . 2011-05-17 10:03 -------- d-----w- c:\users\Lucile\AppData\Local\{51944C5A-A475-402D-B2BF-0291E5E2A104}
2011-05-16 09:57 . 2011-05-16 09:57 -------- d-----w- c:\users\Lucile\AppData\Local\{68D09AF5-E28C-4C42-B2D4-DB3AF2DE78EA}
2011-05-15 18:18 . 2011-05-15 18:18 -------- d-----w- c:\users\Lucile\AppData\Local\{7CE7A8B0-C142-4968-ADE3-08128276FF26}
2011-05-14 07:36 . 2011-05-14 07:36 -------- d-----w- c:\users\Lucile\AppData\Local\{0639F198-8089-42BF-9489-8A5685BAC680}
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-12 19:09 . 2011-06-12 19:09 0 ---ha-w- c:\users\Lucile\AppData\Local\BIT21F5.tmp
2011-05-10 12:10 . 2010-10-24 18:36 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:10 . 2009-08-25 12:13 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-05-10 12:10 . 2011-01-19 13:46 253888 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-10 12:04 . 2011-02-24 19:27 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 12:04 . 2009-08-25 12:13 287576 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:02 . 2009-08-25 12:13 53592 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-10 11:59 . 2009-08-25 12:13 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2009-08-25 12:13 64344 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-10 11:59 . 2009-08-25 12:13 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
.
.
((((((((((((((((((((((((((((( SnapShot@ )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 03:20 . 2011-06-12 17:37 32768 c:\windows\SysWOW6
0
Réponse 24 / 60
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
tout en bas, voir "réparer la connexion internet"

0
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
J'ai déjà fait ça hier soir en utilisant ma barre de tâche windows et ça ne fontionnait toujours pas :-(
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 60
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
hello essaye ceci :

.panneau de configuration
.connexion réseau "ouvrir"
.réseau local ou wifi si wifi " clique droit"
.propriétés
.faire remonter avec l'ascenseur.
.protocole internet (tcp/ip) le mettre en surbrillant "en cliquant dessus"
.propriétés
.coches "obtenir une adresse IP automatiquement"
.coches "obtenir l'adresse de serveur DNS automatiquement"
.valides avec OK
redémarres le pc et contrôles si internet passe
0
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
Bonsoir. Alors je suis sous vista et je n'ai pas du tout les mêmes "boutons" que toi. Je n'ai pas réussi à suivre ton dernier protocole.
J'ai essayé par d'autres moyens et je n'y parviens pas. Ce qui est étrange c'est que l'icône Internet dans la barre windows est actif. Internet semble connecté. Sinon il y aurait eu la croix rouge.
J'ai fait "diagnostic et réparation" avec clic droit mais on me dit que le probleme subsiste toujours. MOn PC est branché directement à la box via le câble. Avant j'avais une clé USB Wifi mais elle ne fonctionne plus.
0
jacques.gache Messages postés 33461 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 617
 
bonjour, juste de passage si juju666 est ok perso pour ip automatique sous vista c'est cela

1 Cliquez sur le bouton "Démarrer" en bas à gauche de votre écran, puis sélectionnez "Panneau de configuration".

2 La fenêtre "Panneau de configuration" s'affiche. Double-cliquez sur l'icone "Centre Réseau et partage".

3 Dans le volet de gauche, cliquez sur le lien "Gérer les connexions réseau".

4 La fenêtre "Connexion réseau" s'affiche. Effectuez un clic droit sur "Connexion au réseau local", puis sélectionnez dans le menu contextuel "Propriétés".

5 La fenêtre "Propriétés de Connexion au réseau local" s'affiche. Sélectionnez le protocole "Protocole Internet Version 4 (TCP/Ipv4)", puis cliquez sur le bouton "Propriétés".

6 La fenêtre Propriétés de "Protocole Internet Version 4 (TCP/Ipv4)" s'affiche...

7 Cocher la case " Obtenir une adresse ip automatiquement ! " et pariel pour dns

8 Cliquer sur OK
0
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
merci jacques :)

on peut essayer de relancer la box aussi ^^
0
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
Merci Jacques.gache mais il ne veut toujours pas :-( Après avoir suivi votre protocole, j'essaie d'aller sur le net. Une fenêtre "connexio d'accès à distance" s'ouvre. Il y a "connexion haut débit" donc je clique sur "connexion" jsute en dessous. Et là une autre fenêtre s'ouvre "connexion à connexion à haut débit en cours - connexion en cours via mniiport Wan (pppoe)". Et il me met erreur par la suite.
0
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
J'ai oublié de vous dire que sous "connexion au réseau local" il y a mis "réseau non identifié".

J'ai pensé à relancer la box également. Mais le wifi fonctionne très bien avec mon autre ordi.
0
Réponse 26 / 60
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
Hello :)

Oui patiente nous n'avons pas encore fini ^^

Renos, il a été supprimé par usbfix au début normalement !
pourrais tu coller le rapport complet de ton antivirus stp ?
0
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
Coucou, j'essaie de te faire ça tout à l'heure ou demain. Renos n'a pas été supprimé et le virus (d'apres avast) se trouvait entre autres dans UsbFix.
0
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
donc il a été supprimé ^^
0
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
ah ok! lol mais il se trouvait aussi dans USERS entre autres.

Je ne peux pas faire de copier coller par contre du rapport. Le nouveau rapport (celui du scan de démarrage) est le suivant (8 menaces au lieu de 9)
Tous les menaces sont dans C:\Users\Lucile\Appdata\LocalLow\Sun\Java\Deployment etc....

La 1ere menace : other : malware-gen
la seconde : java:agent-BQ Trj
la 3eme : java:jade-B heur
de la 4eme à la 8 eme : other : malware-gen

Je ne les retrouve plus sur mon disque dur, je suppose que c'est parce que je les ai mis en quarantaine.
0
Réponse 27 / 60
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
ok ça va alors :p

lance zhpdiag clique sur la fleche verte et installe la mise à jour
relance zhpdiag clique sur la loupe, aux 100% tu le ferme et tu héberge zhpdiag.txt
poste le lien
0
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
D'accord merci mais comme j'ai fait une restauration je n'ai plus zhpdiag. Je le re-télécharge
0
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
voilà le rapport :


Rapport de ZHPDiag v1.27.2302 par Nicolas Coolman, Update du 14/06/2011
Run by Lucile at 14/06/2011 21:04:44
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox v3.6.17 (fr) (Defaut)

---\\ System Information
Windows Vista Home Premium Edition, 64-bit Service Pack 2 (Build 6002)
Processor: Intel64 Family 6 Model 23 Stepping 7, GenuineIntel
Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8190 MB (76% free)
System Restore: Activé (Enable)
System drive C: has 229 GB (67%) free of 339 GB

---\\ Logged in mode
Computer Name: PC-DE-MAT
User Name: Lucile
All Users Names: Mat, Lucile, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=C:\Users\Lucile\AppData\Roaming
%LocalAppData%=C:\Users\Lucile\AppData\Local
%StartMenu%=C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 229 Go of 339 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 339 Go of 339 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK



---\\ Recherche particulière de fichiers génériques
[MD5.6B08E54A451B3F95E4109DBA7E594270] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 08:10:17.) -- C:\Windows\Explorer.exe [3079168]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 03:48:04.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.A1236375B74EA63C75657D564890C436] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/05/2011 10:15:05.) -- C:\Windows\system32\wininet.dll [1126912]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]



---\\ Processus lancés
[MD5.5AB0C4B2BF41A973A48A56E28A2DE3CF] - (.McAfee, Inc. - McAfee Integrated Security Platform.) -- c:\PROGRA~2\mcafee.com\agent\mcagent.exe [641208]
[MD5.2A2551A08CF94DBE93B5A50C68648246] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [182808]
[MD5.25173C73A8E66BDCE0991643B3810BC8] - (.EgisTec Inc. - mwlDaemon Application.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [346672]
[MD5.E616A6A6E91B0A86F2F6217CDE835FFE] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856]
[MD5.D06276D4CAD46CDCEABEFDEB1A0D3C0D] - (...) -- C:\Program Files (x86)\Microsoft Office\Office\OSA.EXE [51984]
[MD5.7D58A86122808AAB00B4F955BBE388CF] - (.Microsoft Corporation - Gestionnaire Microsoft Office.) -- C:\Program Files (x86)\Microsoft Office\Office\MSOFFICE.EXE [340480]
[MD5.4A9E4F98604CC817845E54B6B31C142B] - (.Microsoft Corporation - Microsoft Recherche accélérée.) -- C:\Program Files (x86)\Microsoft Office\Office\FINDFAST.EXE [111376]
[MD5.DC35217E5F49C2FE2D5EBC7CB52FEC65] - (.Pas de propriétaire - WlanCU MFC Application.) -- C:\Program Files (x86)\TRENDnet\TEW-424UB\WlanCU.exe [434176]
[MD5.2B2D8EF4BE4648FC0BB91DE59D395574] - (.EgisTec Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464]
[MD5.B62D8C47FFF285F910A4896836BCD744] - (.CyberLink Corp. - Acer Arcade Deluxe Resident Program.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [156968]
[MD5.D3D3B1CFA81DD68D38362D533F443FD1] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [202024]
[MD5.8DCED3E27B271E76743C268DBD51EEEC] - (.Acer Corp. - Acer Arcade Deluxe PlayMovie Resident Progr.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [173288]
[MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248040]
[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [54576]
[MD5.4C6898F15701AE7C41775C14E423FE25] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3459712]
[MD5.8CD9E7BC107216D6BB81B0799603CD93] - (.Spigot, Inc. - Search Settings.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [532320]
[MD5.711FD53E441255983C0AB014E2F107F4] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe [233936]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\SysWOW64\conime.exe [69120]
[MD5.D938FB6915EA338BDFC0DCF8773634C5] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [912344]
[MD5.E68C1EFDA668BFF3E2023C72E9EF7A93] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [16856]
[MD5.1D9C196D71449C3D6A116BEA6642269F] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag2\ZHPDiag.exe [659968]



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Lucile\AppData\Roaming\Mozilla\Firefox\Profiles\qler3qru.default\prefs.js
M2 - MFEP: prefs.js [Lucile - qler3qru.default\engine@conduit.com] [] Conduit Engine v3.2.5.2 (.Conduit Ltd..)
M2 - MFEP: prefs.js [Lucile - qler3qru.default\ffxtlbr@babylon.com] [] Babylon v1.1.3 (.Babylon.)
M2 - MFEP: prefs.js [Lucile - qler3qru.default\toolbar@ask.com] [] Ask Toolbar v3.12.2.16749 (.Ask.com.)
M2 - MFEP: prefs.js [Lucile - qler3qru.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.1 (.Microsoft.)
M2 - MFEP: prefs.js [Lucile - qler3qru.default\{4daac69c-cba7-45e2-9bc8-1044483d3352}] [] Softonic_France Community Toolbar v3.2.5.2 (.Conduit Ltd..)
M2 - MFEP: prefs.js [Lucile - qler3qru.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar v1.6.6.20090220 (.Yahoo!.)



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com
R0 - HKUS\S-1-5-21-216722422-4163288635-495304682-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-216722422-4163288635-495304682-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\system32\ieframe.dll
R3 - URLSearchHook: (no name) [64Bits] - {B922D405-6D13-4A2B-AE89-08A030DA4402} . (...) (No version) -- (.not file.)
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar [64Bits] - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) (3,3,1,137) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll
R3 - URLSearchHook: (no name) [64Bits] - {9bb815eb-3f9f-4e11-9150-cb70e29b40fc} . (...) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {4daac69c-cba7-45e2-9bc8-1044483d3352} . (...) (No version) -- (.not file.)



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll



---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: McAfee Phishing Filter [64Bits] - {27B4851A-3207-45A2-B947-BE8AFE6163AB} . (...) -- c:\PROGRA~2\mcafee\msk\MSKAPB~1.DLL
O2 - BHO: scriptproxy [64Bits] - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll
O2 - BHO: McAfee SiteAdvisor BHO [64Bits] - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter [64Bits] - {27B4851A-3207-45A2-B947-BE8AFE6163AB} . (...) -- c:\PROGRA~2\mcafee\msk\mskapbho.dll
O2 - BHO: Conduit Engine [64Bits] - {30F9B915-B755-4826-820B-08FBA6BD249D} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: Softonic_France [64Bits] - {4daac69c-cba7-45e2-9bc8-1044483d3352} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\Softonic_France\tbSoft.dll
O2 - BHO: scriptproxy [64Bits] - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\
O2 - BHO: Radio Bar 2 Toolbar [64Bits] - {9bb815eb-3f9f-4e11-9150-cb70e29b40fc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\Radio_Bar_2\tbRadi.dll
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO [64Bits] - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: pdfforge Toolbar [64Bits] - {B922D405-6D13-4A2B-AE89-08A030DA4402} . (.Spigot, Inc. - Widgi Toolbar for Internet Explorer.) -- C:\Program Files (x86)\pdfforge Toolbar\IE\4.4\pdfforgeToolbarIE.dll
O2 - BHO: Ask Toolbar BHO [64Bits] - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Interest recogniser for Moovida (powered by Spointer) [64Bits] - {E2A7BD67-0EAF-497f-B05B-748D7BF3C421} . (.Moovida - Interest Recognizer for Moovida.) -- C:\Program Files (x86)\Fluendo\Moovida\spointer\extensions\moovida_air_ie.dll



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: McAfee SiteAdvisor Toolbar [64Bits] - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll
O3 - Toolbar: Google Toolbar [64Bits] - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll



---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [mwlDaemon] . (.EgisTec Inc. - mwlDaemon Application.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKCU\..\Run: [ProductReg] . (.Acer - ProductR Application.) -- C:\Program Files\Acer\WR_PopUp\ProductReg.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [EgisTecLiveUpdate] . (.EgisTec Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [MDS_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePDRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exer\7.0 (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Wow6432Node\Run: [ArcadeDeluxeAgent] . (.CyberLink Corp. - Acer Arcade Deluxe Resident Program.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [CLMLServer] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
O4 - HKLM\..\Wow6432Node\Run: [PlayMovie] . (.Acer Corp. - Acer Arcade Deluxe PlayMovie Resident Progr.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
O4 - HKLM\..\Wow6432Node\Run: [mcagent_exe] . (.McAfee, Inc. - McAfee Integrated Security Platform.) -- C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [ApnUpdater] . (.Ask - Ask Updater.) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
O4 - HKLM\..\Wow6432Node\Run: [SearchSettings] . (.Spigot, Inc. - Search Settings.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-216722422-4163288635-495304682-1001\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-216722422-4163288635-495304682-1001\..\Run: [ProductReg] . (.Acer - ProductR Application.) -- C:\Program Files\Acer\WR_PopUp\ProductReg.exe
O4 - HKUS\S-1-5-21-216722422-4163288635-495304682-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-216722422-4163288635-495304682-1001\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe (.not file.)
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Démarrage d'Office.lnk . (...) -- C:\Program Files (x86)\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Gestionnaire Microsoft Office.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft Office\Office\MSOFFICE.EXE
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Recherche accélérée.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Configuration Utility.lnk . (...) -- C:\Program Files (x86)\TRENDnet\TEW-424UB\WlanCU.exe



---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moovida.lnk . (.Fluendo Embedded.) -- C:\Program Files (x86)\Fluendo\Moovida\Moovida.exe
O4 - Global Startup: C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Lucile\Desktop\Architecture 3D 3.1 - Premium (demo).lnk . (.Anuman-Interactive.com.) -- C:\Program Files (x86)\Anuman Interactive\Architecture 3D 3.1 - Premium (demo)\Bin\Launch.exe
O4 - Global Startup: C:\Users\Lucile\Desktop\CyberLink PowerDirector.lnk . (.CyberLink Corp..) -- C:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe
O4 - Global Startup: C:\Users\Lucile\Desktop\Installation du Contrôle Parental.lnk . (.InstallShield Software Corporation.) -- C:\Program Files (x86)\Securitoo\Contrôle Parental\securitoo_controle_parental.exe
O4 - Global Startup: C:\Users\Lucile\Desktop\MediaShow.lnk . (.CyberLink Corp..) -- C:\Program Files (x86)\CyberLink\MediaShow4\MediaShow.exe
O4 - Global Startup: C:\Users\Lucile\Desktop\Moovida.lnk . (.Fluendo Embedded.) -- C:\Program Files (x86)\Fluendo\Moovida\Moovida.exe
O4 - Global Startup: C:\Users\Lucile\Desktop\Page d'accueil de Architecture 3D 3.1 - Premium (demo).lnk . (...) -- C:\Program Files (x86)\Anuman Interactive\Architecture 3D 3.1 - Premium (demo)\Bin\WebLaunch.exe
O4 - Global Startup: C:\Users\Lucile\Desktop\Pas à pas vidéo.lnk . (...) -- C:\Program Files (x86)\Anuman Interactive\Aménagement intérieur\Videos\MenuVideos_v2_1.exe
O4 - Global Startup: C:\Users\Lucile\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files (x86)\PhotoFiltre\photofiltre.exe
O4 - Global Startup: C:\Users\Lucile\Desktop\Shortcut to securitoo_controle_parental.exe.lnk . (.InstallShield Software Corporation.) -- C:\Program Files (x86)\Securitoo\Contrôle Parental\securitoo_controle_parental.exe
O4 - Global Startup: C:\Users\Lucile\Desktop\Site internet.lnk . (...) -- C:\Program Files (x86)\Anuman Interactive\Aménagement intérieur\Site.url
O4 - Global Startup: C:\Users\Lucile\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\Lucile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DraftSight.lnk . (.Acresso Software Inc..) -- C:\Windows\Installer\{6EF329B9-C15C-4329-A6B3-E03071AAAECA}\NewShortcut31_F8E29BF1EB70468CB0249B43C7758D35.exe
O4 - Global Startup: C:\Users\Lucile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk . (.Gretech Corp..) -- C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe
O4 - Global Startup: C:\Users\Lucile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Lucile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\Lucile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~1\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{96EA266D-011F-401F-ADA5-CAADC0B9FCBB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{96EA266D-011F-401F-ADA5-CAADC0B9FCBB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{96EA266D-011F-401F-ADA5-CAADC0B9FCBB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{E9B67D63-0FE5-4D92-BC4D-CC010806B3DD}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{96EA266D-011F-401F-ADA5-CAADC0B9FCBB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{E9B67D63-0FE5-4D92-BC4D-CC010806B3DD}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1



---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: dssrequest [64Bits] - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll
O18 - Handler: sacore [64Bits] - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) [64Bits] - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (Application Updater) . (.Spigot, Inc. - Application Updater.) - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: (Autodesk Licensing Service) . (.Autodesk - System Level Service Utility.) - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: (CLHNService) . (.Pas de propriétaire - CLHNService Module.) - C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: (CyberLink Media Server Monitor Service) . (...) - C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSMonitorService.exe
O23 - Service: (CyberLink Media Server Service) . (.CyberLink - CLMSServer.) - C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: (gupdatem) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: (McAfee SiteAdvisor Service) . (.McAfee, Inc. - SiteAdvisor.) - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: (mcmscsvc) . (.McAfee, Inc. - McAfee Services.) - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
O23 - Service: (McNASvc) . (.McAfee, Inc. - McAfee Network Agent.) - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: (McODS) . (.McAfee, Inc. - McAfee VirusScan - On Demand Scan.) - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: (McProxy) . (.McAfee, Inc. - McAfee Proxy Service Module.) - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: (McShield) . (.McAfee, Inc. - On-Access Scanner service.) - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: (McSysmon) . (.McAfee, Inc. - McAfee SystemGuards Service.) - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: (MpfService) . (.McAfee, Inc. - McAfee Personal Firewall Service.) - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
O23 - Service: (MSK80Service) . (.McAfee, Inc. - McAfee Anti-Spam Server.) - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
O23 - Service: (MWLService) . (.EgisTec Inc. - MyWinLocker Service.) - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
O23 - Service: (NTIBackupSvc) . (.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: (NTISchedulerSvc) . (.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\McDefragTask.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\McQcTask.job
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.9198C6139A560FE25F69A80CE38E2E1B] [APT] [HPCustParticipation HP Deskjet 2050 J510 series] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe
[MD5.13844F66D4FF9929D87177398E157C95] [APT] [McQcTask] (.McAfee, Inc..) -- c:\PROGRA~2\mcafee\mqc\QcConsol.exe
[MD5.4B5F5E8F51BE2541CD3E066CE175042A] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Tcpip) . (.Microsoft Corporation - TCP/IP Driver.) - C:\Windows\System32\drivers\tcpip.sys
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: McAfee Inc. mfehidk (mfehidk) . (.McAfee, Inc. - Host Intrusion Detection Link Driver.) - C:\Windows\System32\drivers\mfehidk.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (MPFP) . (.McAfee, Inc. - McAfee Personal Firewall Plus Driver.) - C:\Windows\System32\Drivers\Mpfp.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys



---\\ Logiciels installés (O42)
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: AV Input Selection - (.YUAN.) [HKLM][64Bits] -- {F429ED71-4A8B-457A-85E4-F6398CE73E58}
O42 - Logiciel: Acer Arcade Deluxe - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}
O42 - Logiciel: Acer Arcade Deluxe - (.CyberLink Corp..) [HKLM][64Bits] -- {2637C347-9DAD-11D6-9EA2-00055D0CA761}
O42 - Logiciel: Acer Product Registration - (.Acer Incorporated.) [HKLM][64Bits] -- {DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}
O42 - Logiciel: Acer ScreenSaver - (.Acer Incorporated.) [HKLM][64Bits] -- {79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}
O42 - Logiciel: Acer eRecovery Management - (.Acer Incorporated.) [HKLM][64Bits] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9 - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-A90000000001}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player
O42 - Logiciel: Akamai NetSession Interface - (.Pas de propriétaire.) [HKLM][64Bits] -- Akamai
O42 - Logiciel: Alice Greenfingers - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}
O42 - Logiciel: Alien Shooter - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110082360}
O42 - Logiciel: Aménagement intérieur - (.Anuman Interactive.) [HKLM][64Bits] -- Aménagement intérieur_is1
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
O42 - Logiciel: Architecture 3D 3.1 - Premium (demo) - (.Anuman Interactive.) [HKLM][64Bits] -- Architecture_3D_3-Premium_Demo_is1
O42 - Logiciel: Artlantis Studio 3.0.5 - (.Abvent R&D.) [HKLM][64Bits] -- Artlantis Studio 3
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM][64Bits] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE}
O42 - Logiciel: AutoCAD LT 2008 - Français - (.Autodesk.) [HKLM][64Bits] -- AutoCAD LT 2008 - Français
O42 - Logiciel: Autodesk DWF Viewer 7 - (.Autodesk, Inc..) [HKLM][64Bits] -- {9A346205-EA92-4406-B1AB-50379DA3F057}
O42 - Logiciel: Avery Wizard 3.1 - (.Avery.) [HKLM][64Bits] -- {77077FFF-8831-470F-9627-E86F06A50CCD}
O42 - Logiciel: Beetle Junior - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110052107}
O42 - Logiciel: C:\Program Files (x86)\Acer GameZone\GameConsole - (.Oberon Media, Inc..) [HKLM][64Bits] -- {71C2828F-2678-4675-BDEC-895424861262}_is1
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM][64Bits] -- {3594EE90-B157-4519-9E82-8B6F4711A0A1}
O42 - Logiciel: Chicken Invaders 2 - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}
O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM][64Bits] -- conduitEngine
O42 - Logiciel: CyberLink MediaShow - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}
O42 - Logiciel: CyberLink MediaShow - (.CyberLink Corp..) [HKLM][64Bits] -- {80E158EA-7181-40FE-A701-301CE6BE64AB}
O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DraftSight - (.Dassault Systèmes.) [HKLM][64Bits] -- {6EF329B9-C15C-4329-A6B3-E03071AAAECA}
O42 - Logiciel: Dream Day First Home - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}
O42 - Logiciel: GIMP 2.6.8 - (.Pas de propriétaire.) [HKLM][64Bits] -- WinGimp-2.0_is1
O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM][64Bits] -- GOM Player
O42 - Logiciel: Galapago - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: Go-Go Gourmet - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}
O42 - Logiciel: Google SketchUp Pro 8 - (.Google, Inc..) [HKLM][64Bits] -- {F067EE71-369C-4D72-BDB7-DE7CF346660F}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Deskjet 2050 J510 series - Enquête sur l'amélioration du produit - (.Hewlett-Packard Co..) [HKLM] -- {88FD4472-F950-4083-A6FA-A829AC785B04}
O42 - Logiciel: HP Deskjet 2050 J510 series Aide - (.Hewlett Packard.) [HKLM][64Bits] -- {7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {DE77FE3F-A33D-499A-87AD-5FC406617B40}
O42 - Logiciel: Heroes of Hellas - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM][64Bits] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM][64Bits] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Intel(R) Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java(TM) 6 Update 20 - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216018FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Logiciel de base du périphérique HP Deskjet 2050 J510 series - (.Hewlett-Packard Co..) [HKLM] -- {D7716C7E-75F1-4C51-A2D5-C6A1E8311D53}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Magic Farm - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114717227}
O42 - Logiciel: Magic Match Adventures - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11408540}
O42 - Logiciel: McAfee SecurityCenter - (.McAfee, Inc..) [HKLM][64Bits] -- MSC
O42 - Logiciel: Micro Application - 3D Architecte Ultimate - (.Pas de propriétaire.) [HKLM][64Bits] -- {5C971370-7A50-4EB7-8A52-5C0C4D0951AC}
O42 - Logiciel: Micro Application - Architecte 3DHD Expert Cad - (.Pas de propriétaire.) [HKLM][64Bits] -- {4C739491-3A77-4A3E-A478-9A0136F44743}
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-040C-1000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office 97 Professional - (.Pas de propriétaire.) [HKLM][64Bits] -- Office8.0
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Office 64-bit Components 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM][64Bits] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {B6E3757B-5E77-3915-866A-CCFC4B8D194C}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM][64Bits] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 - (.Microsoft Corporation.) [HKLM] -- {aac9fcc4-dd9e-4add-901c-b5496a07ab2e}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM][64Bits] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM][64Bits] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Moovida - (.Fluendo.) [HKLM][64Bits] -- Moovida
O42 - Logiciel: Moovida - (.Secure Digital Services.) [HKLM][64Bits] -- {6084C211-01A1-464E-97A0-09772E122B50}
O42 - Logiciel: Mozilla Firefox (3.6.17) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox (3.6.17)
O42 - Logiciel: MyWinLocker - (.EgisTec.) [HKLM][64Bits] -- {68301905-2DEA-41CE-A4D4-E8B443B099BA}
O42 - Logiciel: Mystery Solitaire - Secret Island - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}
O42 - Logiciel: NTI Backup Now 5 - (.NewTech Infosystems.) [HKLM][64Bits] -- InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}
O42 - Logiciel: NTI Media Maker 8 - (.NewTech Infosystems.) [HKLM][64Bits] -- InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}
O42 - Logiciel: Notepad++ - (.Pas de propriétaire.) [HKLM][64Bits] -- Notepad++
O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM][64Bits] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: PDFTiger - (.Pas de propriétaire.) [HKLM][64Bits] -- PDFTiger_is1
O42 - Logiciel: PDFTigerDriver - (.Pas de propriétaire.) [HKLM][64Bits] -- {AEM384L1-28E3-1232-1233-1JD74JDIEK32}_is1
O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre
O42 - Logiciel: PlayReady PC runtime - (.Microsoft Corporation.) [HKLM] -- {704ABF63-B0B1-446B-9D92-C5D06AFCE7B6}
O42 - Logiciel: PrintPratic - (.Micro Application.) [HKLM][64Bits] -- PrintPratic
O42 - Logiciel: Pro100 - (.Pas de propriétaire.) [HKLM][64Bits] -- Pro100
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {EB900AF8-CC61-4E15-871B-98D1EA3E8025}
O42 - Logiciel: Radio Bar 2 Toolbar - (.Radio Bar 2.) [HKLM][64Bits] -- Radio_Bar_2 Toolbar
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: SAGEM Wi-Fi 11g USB adapter (pilote) - (.Pas de propriétaire.) [HKLM][64Bits] -- {E2AA331E-E10E-438C-B1C0-24B2FFD3D9C4}
O42 - Logiciel: Sagem Wi-Fi 11g USB adapter (driver) - (.Pas de propriétaire.) [HKLM][64Bits] -- {2ED60C17-4568-4CD5-830A-03C4688B09A1}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2466156) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CEF209AB-F96D-404F-B5CC-44057C057CA3}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM][64Bits] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2464583) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{151E2FEA-C3A6-4CB6-BE6B-16651FDF04BE}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM][64Bits] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: Softonic_France Toolbar - (.Softonic_France.) [HKLM][64Bits] -- Softonic_France Toolbar
O42 - Logiciel: TRENDnet TEW-424UB Wireless USB 2.0 Adapter Vista Driver and Utility - (.Pas de propriétaire.) [HKLM][64Bits] -- InstallShield_{B1BDEA80-95CE-4DFB-B9D3-DC800E7F87B4}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM][64Bits] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: Veetle TV 0.9.18 - (.Veetle, Inc.) [HKLM][64Bits] -- Veetle TV
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM][64Bits] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {1B8ABA62-74F0-47ED-B18C-A43128E591B8}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM][64Bits] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM] -- {5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {DA54F80E-261C-41A2-A855-549A144F2F59}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {92EA4134-10D1-418A-91E1-5A0453131A38}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM][64Bit
0
Réponse 28 / 60
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
il est incomplet, héberge le stp
0
Réponse 29 / 60
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
Rapport de ZHPDiag v1.27.2302 par Nicolas Coolman, Update du 14/06/2011
Run by Lucile at 14/06/2011 21:11:56
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox v3.6.17 (fr) (Defaut)

---\\ System Information
Windows Vista Home Premium Edition, 64-bit Service Pack 2 (Build 6002)
Processor: Intel64 Family 6 Model 23 Stepping 7, GenuineIntel
Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8190 MB (76% free)
System Restore: Activé (Enable)
System drive C: has 229 GB (67%) free of 339 GB

---\\ Logged in mode
Computer Name: PC-DE-MAT
User Name: Lucile
All Users Names: Mat, Lucile, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=C:\Users\Lucile\AppData\Roaming
%LocalAppData%=C:\Users\Lucile\AppData\Local
%StartMenu%=C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 229 Go of 339 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 339 Go of 339 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK



---\\ Recherche particulière de fichiers génériques
[MD5.6B08E54A451B3F95E4109DBA7E594270] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 08:10:17.) -- C:\Windows\Explorer.exe [3079168]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 03:48:04.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.A1236375B74EA63C75657D564890C436] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/05/2011 10:15:05.) -- C:\Windows\system32\wininet.dll [1126912]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]



---\\ Processus lancés
[MD5.5AB0C4B2BF41A973A48A56E28A2DE3CF] - (.McAfee, Inc. - McAfee Integrated Security Platform.) -- c:\PROGRA~2\mcafee.com\agent\mcagent.exe [641208]
[MD5.2A2551A08CF94DBE93B5A50C68648246] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [182808]
[MD5.25173C73A8E66BDCE0991643B3810BC8] - (.EgisTec Inc. - mwlDaemon Application.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [346672]
[MD5.E616A6A6E91B0A86F2F6217CDE835FFE] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856]
[MD5.D06276D4CAD46CDCEABEFDEB1A0D3C0D] - (...) -- C:\Program Files (x86)\Microsoft Office\Office\OSA.EXE [51984]
[MD5.7D58A86122808AAB00B4F955BBE388CF] - (.Microsoft Corporation - Gestionnaire Microsoft Office.) -- C:\Program Files (x86)\Microsoft Office\Office\MSOFFICE.EXE [340480]
[MD5.4A9E4F98604CC817845E54B6B31C142B] - (.Microsoft Corporation - Microsoft Recherche accélérée.) -- C:\Program Files (x86)\Microsoft Office\Office\FINDFAST.EXE [111376]
[MD5.DC35217E5F49C2FE2D5EBC7CB52FEC65] - (.Pas de propriétaire - WlanCU MFC Application.) -- C:\Program Files (x86)\TRENDnet\TEW-424UB\WlanCU.exe [434176]
[MD5.2B2D8EF4BE4648FC0BB91DE59D395574] - (.EgisTec Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464]
[MD5.B62D8C47FFF285F910A4896836BCD744] - (.CyberLink Corp. - Acer Arcade Deluxe Resident Program.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [156968]
[MD5.D3D3B1CFA81DD68D38362D533F443FD1] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [202024]
[MD5.8DCED3E27B271E76743C268DBD51EEEC] - (.Acer Corp. - Acer Arcade Deluxe PlayMovie Resident Progr.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [173288]
[MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248040]
[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [54576]
[MD5.4C6898F15701AE7C41775C14E423FE25] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3459712]
[MD5.8CD9E7BC107216D6BB81B0799603CD93] - (.Spigot, Inc. - Search Settings.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [532320]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\SysWOW64\conime.exe [69120]
[MD5.D938FB6915EA338BDFC0DCF8773634C5] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [912344]
[MD5.E68C1EFDA668BFF3E2023C72E9EF7A93] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [16856]
[MD5.1D9C196D71449C3D6A116BEA6642269F] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag2\ZHPDiag.exe [659968]



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Lucile\AppData\Roaming\Mozilla\Firefox\Profiles\qler3qru.default\prefs.js
M2 - MFEP: prefs.js [Lucile - qler3qru.default\engine@conduit.com] [] Conduit Engine v3.2.5.2 (.Conduit Ltd..)
M2 - MFEP: prefs.js [Lucile - qler3qru.default\ffxtlbr@babylon.com] [] Babylon v1.1.3 (.Babylon.)
M2 - MFEP: prefs.js [Lucile - qler3qru.default\toolbar@ask.com] [] Ask Toolbar v3.12.2.16749 (.Ask.com.)
M2 - MFEP: prefs.js [Lucile - qler3qru.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.1 (.Microsoft.)
M2 - MFEP: prefs.js [Lucile - qler3qru.default\{4daac69c-cba7-45e2-9bc8-1044483d3352}] [] Softonic_France Community Toolbar v3.2.5.2 (.Conduit Ltd..)
M2 - MFEP: prefs.js [Lucile - qler3qru.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar v1.6.6.20090220 (.Yahoo!.)



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com
R0 - HKUS\S-1-5-21-216722422-4163288635-495304682-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-216722422-4163288635-495304682-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\system32\ieframe.dll
R3 - URLSearchHook: (no name) [64Bits] - {B922D405-6D13-4A2B-AE89-08A030DA4402} . (...) (No version) -- (.not file.)
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar [64Bits] - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) (3,3,1,137) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll
R3 - URLSearchHook: (no name) [64Bits] - {9bb815eb-3f9f-4e11-9150-cb70e29b40fc} . (...) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {4daac69c-cba7-45e2-9bc8-1044483d3352} . (...) (No version) -- (.not file.)



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll



---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: McAfee Phishing Filter [64Bits] - {27B4851A-3207-45A2-B947-BE8AFE6163AB} . (...) -- c:\PROGRA~2\mcafee\msk\MSKAPB~1.DLL
O2 - BHO: scriptproxy [64Bits] - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll
O2 - BHO: McAfee SiteAdvisor BHO [64Bits] - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter [64Bits] - {27B4851A-3207-45A2-B947-BE8AFE6163AB} . (...) -- c:\PROGRA~2\mcafee\msk\mskapbho.dll
O2 - BHO: Conduit Engine [64Bits] - {30F9B915-B755-4826-820B-08FBA6BD249D} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: Softonic_France [64Bits] - {4daac69c-cba7-45e2-9bc8-1044483d3352} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\Softonic_France\tbSoft.dll
O2 - BHO: scriptproxy [64Bits] - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\
O2 - BHO: Radio Bar 2 Toolbar [64Bits] - {9bb815eb-3f9f-4e11-9150-cb70e29b40fc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\Radio_Bar_2\tbRadi.dll
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO [64Bits] - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: pdfforge Toolbar [64Bits] - {B922D405-6D13-4A2B-AE89-08A030DA4402} . (.Spigot, Inc. - Widgi Toolbar for Internet Explorer.) -- C:\Program Files (x86)\pdfforge Toolbar\IE\4.4\pdfforgeToolbarIE.dll
O2 - BHO: Ask Toolbar BHO [64Bits] - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Interest recogniser for Moovida (powered by Spointer) [64Bits] - {E2A7BD67-0EAF-497f-B05B-748D7BF3C421} . (.Moovida - Interest Recognizer for Moovida.) -- C:\Program Files (x86)\Fluendo\Moovida\spointer\extensions\moovida_air_ie.dll



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: McAfee SiteAdvisor Toolbar [64Bits] - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll
O3 - Toolbar: Google Toolbar [64Bits] - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll



---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [mwlDaemon] . (.EgisTec Inc. - mwlDaemon Application.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKCU\..\Run: [ProductReg] . (.Acer - ProductR Application.) -- C:\Program Files\Acer\WR_PopUp\ProductReg.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [EgisTecLiveUpdate] . (.EgisTec Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [MDS_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePDRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exer\7.0 (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Wow6432Node\Run: [ArcadeDeluxeAgent] . (.CyberLink Corp. - Acer Arcade Deluxe Resident Program.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [CLMLServer] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
O4 - HKLM\..\Wow6432Node\Run: [PlayMovie] . (.Acer Corp. - Acer Arcade Deluxe PlayMovie Resident Progr.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
O4 - HKLM\..\Wow6432Node\Run: [mcagent_exe] . (.McAfee, Inc. - McAfee Integrated Security Platform.) -- C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [ApnUpdater] . (.Ask - Ask Updater.) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
O4 - HKLM\..\Wow6432Node\Run: [SearchSettings] . (.Spigot, Inc. - Search Settings.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-216722422-4163288635-495304682-1001\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-216722422-4163288635-495304682-1001\..\Run: [ProductReg] . (.Acer - ProductR Application.) -- C:\Program Files\Acer\WR_PopUp\ProductReg.exe
O4 - HKUS\S-1-5-21-216722422-4163288635-495304682-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-216722422-4163288635-495304682-1001\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe (.not file.)
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Démarrage d'Office.lnk . (...) -- C:\Program Files (x86)\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Gestionnaire Microsoft Office.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft Office\Office\MSOFFICE.EXE
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Recherche accélérée.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Configuration Utility.lnk . (...) -- C:\Program Files (x86)\TRENDnet\TEW-424UB\WlanCU.exe



---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moovida.lnk . (.Fluendo Embedded.) -- C:\Program Files (x86)\Fluendo\Moovida\Moovida.exe
O4 - Global Startup: C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Lucile\Desktop\Architecture 3D 3.1 - Premium (demo).lnk . (.Anuman-Interactive.com.) -- C:\Program Files (x86)\Anuman Interactive\Architecture 3D 3.1 - Premium (demo)\Bin\Launch.exe
O4 - Global Startup: C:\Users\Lucile\Desktop\CyberLink PowerDirector.lnk . (.CyberLink Corp..) -- C:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe
O4 - Global Startup: C:\Users\Lucile\Desktop\Installation du Contrôle Parental.lnk . (.InstallShield Software Corporation.) -- C:\Program Files (x86)\Securitoo\Contrôle Parental\securitoo_controle_parental.exe
O4 - Global Startup: C:\Users\Lucile\Desktop\MediaShow.lnk . (.CyberLink Corp..) -- C:\Program Files (x86)\CyberLink\MediaShow4\MediaShow.exe
O4 - Global Startup: C:\Users\Lucile\Desktop\Moovida.lnk . (.Fluendo Embedded.) -- C:\Program Files (x86)\Fluendo\Moovida\Moovida.exe
O4 - Global Startup: C:\Users\Lucile\Desktop\Page d'accueil de Architecture 3D 3.1 - Premium (demo).lnk . (...) -- C:\Program Files (x86)\Anuman Interactive\Architecture 3D 3.1 - Premium (demo)\Bin\WebLaunch.exe
O4 - Global Startup: C:\Users\Lucile\Desktop\Pas à pas vidéo.lnk . (...) -- C:\Program Files (x86)\Anuman Interactive\Aménagement intérieur\Videos\MenuVideos_v2_1.exe
O4 - Global Startup: C:\Users\Lucile\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files (x86)\PhotoFiltre\photofiltre.exe
O4 - Global Startup: C:\Users\Lucile\Desktop\Shortcut to securitoo_controle_parental.exe.lnk . (.InstallShield Software Corporation.) -- C:\Program Files (x86)\Securitoo\Contrôle Parental\securitoo_controle_parental.exe
O4 - Global Startup: C:\Users\Lucile\Desktop\Site internet.lnk . (...) -- C:\Program Files (x86)\Anuman Interactive\Aménagement intérieur\Site.url
O4 - Global Startup: C:\Users\Lucile\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\Lucile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DraftSight.lnk . (.Acresso Software Inc..) -- C:\Windows\Installer\{6EF329B9-C15C-4329-A6B3-E03071AAAECA}\NewShortcut31_F8E29BF1EB70468CB0249B43C7758D35.exe
O4 - Global Startup: C:\Users\Lucile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk . (.Gretech Corp..) -- C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe
O4 - Global Startup: C:\Users\Lucile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Lucile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\Lucile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~1\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{96EA266D-011F-401F-ADA5-CAADC0B9FCBB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{96EA266D-011F-401F-ADA5-CAADC0B9FCBB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{96EA266D-011F-401F-ADA5-CAADC0B9FCBB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{E9B67D63-0FE5-4D92-BC4D-CC010806B3DD}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{96EA266D-011F-401F-ADA5-CAADC0B9FCBB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{E9B67D63-0FE5-4D92-BC4D-CC010806B3DD}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1



---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: dssrequest [64Bits] - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll
O18 - Handler: sacore [64Bits] - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) [64Bits] - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (Application Updater) . (.Spigot, Inc. - Application Updater.) - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: (Autodesk Licensing Service) . (.Autodesk - System Level Service Utility.) - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: (CLHNService) . (.Pas de propriétaire - CLHNService Module.) - C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: (CyberLink Media Server Monitor Service) . (...) - C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSMonitorService.exe
O23 - Service: (CyberLink Media Server Service) . (.CyberLink - CLMSServer.) - C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: (gupdatem) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: (McAfee SiteAdvisor Service) . (.McAfee, Inc. - SiteAdvisor.) - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: (mcmscsvc) . (.McAfee, Inc. - McAfee Services.) - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
O23 - Service: (McNASvc) . (.McAfee, Inc. - McAfee Network Agent.) - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: (McODS) . (.McAfee, Inc. - McAfee VirusScan - On Demand Scan.) - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: (McProxy) . (.McAfee, Inc. - McAfee Proxy Service Module.) - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: (McShield) . (.McAfee, Inc. - On-Access Scanner service.) - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: (McSysmon) . (.McAfee, Inc. - McAfee SystemGuards Service.) - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: (MpfService) . (.McAfee, Inc. - McAfee Personal Firewall Service.) - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
O23 - Service: (MSK80Service) . (.McAfee, Inc. - McAfee Anti-Spam Server.) - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
O23 - Service: (MWLService) . (.EgisTec Inc. - MyWinLocker Service.) - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
O23 - Service: (NTIBackupSvc) . (.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: (NTISchedulerSvc) . (.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\McDefragTask.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\McQcTask.job
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.9198C6139A560FE25F69A80CE38E2E1B] [APT] [HPCustParticipation HP Deskjet 2050 J510 series] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe
[MD5.13844F66D4FF9929D87177398E157C95] [APT] [McQcTask] (.McAfee, Inc..) -- c:\PROGRA~2\mcafee\mqc\QcConsol.exe
[MD5.4B5F5E8F51BE2541CD3E066CE175042A] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Tcpip) . (.Microsoft Corporation - TCP/IP Driver.) - C:\Windows\System32\drivers\tcpip.sys
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: McAfee Inc. mfehidk (mfehidk) . (.McAfee, Inc. - Host Intrusion Detection Link Driver.) - C:\Windows\System32\drivers\mfehidk.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (MPFP) . (.McAfee, Inc. - McAfee Personal Firewall Plus Driver.) - C:\Windows\System32\Drivers\Mpfp.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys



---\\ Logiciels installés (O42)
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: AV Input Selection - (.YUAN.) [HKLM][64Bits] -- {F429ED71-4A8B-457A-85E4-F6398CE73E58}
O42 - Logiciel: Acer Arcade Deluxe - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}
O42 - Logiciel: Acer Arcade Deluxe - (.CyberLink Corp..) [HKLM][64Bits] -- {2637C347-9DAD-11D6-9EA2-00055D0CA761}
O42 - Logiciel: Acer Product Registration - (.Acer Incorporated.) [HKLM][64Bits] -- {DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}
O42 - Logiciel: Acer ScreenSaver - (.Acer Incorporated.) [HKLM][64Bits] -- {79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}
O42 - Logiciel: Acer eRecovery Management - (.Acer Incorporated.) [HKLM][64Bits] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9 - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-A90000000001}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player
O42 - Logiciel: Akamai NetSession Interface - (.Pas de propriétaire.) [HKLM][64Bits] -- Akamai
O42 - Logiciel: Alice Greenfingers - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}
O42 - Logiciel: Alien Shooter - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110082360}
O42 - Logiciel: Aménagement intérieur - (.Anuman Interactive.) [HKLM][64Bits] -- Aménagement intérieur_is1
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
O42 - Logiciel: Architecture 3D 3.1 - Premium (demo) - (.Anuman Interactive.) [HKLM][64Bits] -- Architecture_3D_3-Premium_Demo_is1
O42 - Logiciel: Artlantis Studio 3.0.5 - (.Abvent R&D.) [HKLM][64Bits] -- Artlantis Studio 3
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM][64Bits] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE}
O42 - Logiciel: AutoCAD LT 2008 - Français - (.Autodesk.) [HKLM][64Bits] -- AutoCAD LT 2008 - Français
O42 - Logiciel: Autodesk DWF Viewer 7 - (.Autodesk, Inc..) [HKLM][64Bits] -- {9A346205-EA92-4406-B1AB-50379DA3F057}
O42 - Logiciel: Avery Wizard 3.1 - (.Avery.) [HKLM][64Bits] -- {77077FFF-8831-470F-9627-E86F06A50CCD}
O42 - Logiciel: Beetle Junior - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110052107}
O42 - Logiciel: C:\Program Files (x86)\Acer GameZone\GameConsole - (.Oberon Media, Inc..) [HKLM][64Bits] -- {71C2828F-2678-4675-BDEC-895424861262}_is1
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM][64Bits] -- {3594EE90-B157-4519-9E82-8B6F4711A0A1}
O42 - Logiciel: Chicken Invaders 2 - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}
O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM][64Bits] -- conduitEngine
O42 - Logiciel: CyberLink MediaShow - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}
O42 - Logiciel: CyberLink MediaShow - (.CyberLink Corp..) [HKLM][64Bits] -- {80E158EA-7181-40FE-A701-301CE6BE64AB}
O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DraftSight - (.Dassault Systèmes.) [HKLM][64Bits] -- {6EF329B9-C15C-4329-A6B3-E03071AAAECA}
O42 - Logiciel: Dream Day First Home - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}
O42 - Logiciel: GIMP 2.6.8 - (.Pas de propriétaire.) [HKLM][64Bits] -- WinGimp-2.0_is1
O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM][64Bits] -- GOM Player
O42 - Logiciel: Galapago - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: Go-Go Gourmet - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}
O42 - Logiciel: Google SketchUp Pro 8 - (.Google, Inc..) [HKLM][64Bits] -- {F067EE71-369C-4D72-BDB7-DE7CF346660F}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Deskjet 2050 J510 series - Enquête sur l'amélioration du produit - (.Hewlett-Packard Co..) [HKLM] -- {88FD4472-F950-4083-A6FA-A829AC785B04}
O42 - Logiciel: HP Deskjet 2050 J510 series Aide - (.Hewlett Packard.) [HKLM][64Bits] -- {7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {DE77FE3F-A33D-499A-87AD-5FC406617B40}
O42 - Logiciel: Heroes of Hellas - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM][64Bits] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM][64Bits] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Intel(R) Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java(TM) 6 Update 20 - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216018FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Logiciel de base du périphérique HP Deskjet 2050 J510 series - (.Hewlett-Packard Co..) [HKLM] -- {D7716C7E-75F1-4C51-A2D5-C6A1E8311D53}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Magic Farm - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114717227}
O42 - Logiciel: Magic Match Adventures - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11408540}
O42 - Logiciel: McAfee SecurityCenter - (.McAfee, Inc..) [HKLM][64Bits] -- MSC
O42 - Logiciel: Micro Application - 3D Architecte Ultimate - (.Pas de propriétaire.) [HKLM][64Bits] -- {5C971370-7A50-4EB7-8A52-5C0C4D0951AC}
O42 - Logiciel: Micro Application - Architecte 3DHD Expert Cad - (.Pas de propriétaire.) [HKLM][64Bits] -- {4C739491-3A77-4A3E-A478-9A0136F44743}
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-040C-1000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office 97 Professional - (.Pas de propriétaire.) [HKLM][64Bits] -- Office8.0
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Office 64-bit Components 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM][64Bits] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {B6E3757B-5E77-3915-866A-CCFC4B8D194C}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM][64Bits] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 - (.Microsoft Corporation.) [HKLM] -- {aac9fcc4-dd9e-4add-901c-b5496a07ab2e}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM][64Bits] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM][64Bits] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Moovida - (.Fluendo.) [HKLM][64Bits] -- Moovida
O42 - Logiciel: Moovida - (.Secure Digital Services.) [HKLM][64Bits] -- {6084C211-01A1-464E-97A0-09772E122B50}
O42 - Logiciel: Mozilla Firefox (3.6.17) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox (3.6.17)
O42 - Logiciel: MyWinLocker - (.EgisTec.) [HKLM][64Bits] -- {68301905-2DEA-41CE-A4D4-E8B443B099BA}
O42 - Logiciel: Mystery Solitaire - Secret Island - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}
O42 - Logiciel: NTI Backup Now 5 - (.NewTech Infosystems.) [HKLM][64Bits] -- InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}
O42 - Logiciel: NTI Media Maker 8 - (.NewTech Infosystems.) [HKLM][64Bits] -- InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}
O42 - Logiciel: Notepad++ - (.Pas de propriétaire.) [HKLM][64Bits] -- Notepad++
O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM][64Bits] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: PDFTiger - (.Pas de propriétaire.) [HKLM][64Bits] -- PDFTiger_is1
O42 - Logiciel: PDFTigerDriver - (.Pas de propriétaire.) [HKLM][64Bits] -- {AEM384L1-28E3-1232-1233-1JD74JDIEK32}_is1
O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre
O42 - Logiciel: PlayReady PC runtime - (.Microsoft Corporation.) [HKLM] -- {704ABF63-B0B1-446B-9D92-C5D06AFCE7B6}
O42 - Logiciel: PrintPratic - (.Micro Application.) [HKLM][64Bits] -- PrintPratic
O42 - Logiciel: Pro100 - (.Pas de propriétaire.) [HKLM][64Bits] -- Pro100
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {EB900AF8-CC61-4E15-871B-98D1EA3E8025}
O42 - Logiciel: Radio Bar 2 Toolbar - (.Radio Bar 2.) [HKLM][64Bits] -- Radio_Bar_2 Toolbar
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: SAGEM Wi-Fi 11g USB adapter (pilote) - (.Pas de propriétaire.) [HKLM][64Bits] -- {E2AA331E-E10E-438C-B1C0-24B2FFD3D9C4}
O42 - Logiciel: Sagem Wi-Fi 11g USB adapter (driver) - (.Pas de propriétaire.) [HKLM][64Bits] -- {2ED60C17-4568-4CD5-830A-03C4688B09A1}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2466156) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CEF209AB-F96D-404F-B5CC-44057C057CA3}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM][64Bits] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2464583) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{151E2FEA-C3A6-4CB6-BE6B-16651FDF04BE}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM][64Bits] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: Softonic_France Toolbar - (.Softonic_France.) [HKLM][64Bits] -- Softonic_France Toolbar
O42 - Logiciel: TRENDnet TEW-424UB Wireless USB 2.0 Adapter Vista Driver and Utility - (.Pas de propriétaire.) [HKLM][64Bits] -- InstallShield_{B1BDEA80-95CE-4DFB-B9D3-DC800E7F87B4}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM][64Bits] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: Veetle TV 0.9.18 - (.Veetle, Inc.) [HKLM][64Bits] -- Veetle TV
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM][64Bits] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {1B8ABA62-74F0-47ED-B18C-A43128E591B8}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM][64Bits] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM] -- {5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {DA54F80E-261C-41A2-A855-549A144F2F59}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {92EA4134-10D1-418A-91E1-5A0453131A38}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM][64Bits] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM][64Bits] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Micros
0
Réponse 30 / 60
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
Comment on héberge déjà? je ne retrouve plus ton explication, désolée :-(
0
Réponse 31 / 60
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
Hébergement de rapport sur pjjoint.malekal.com

▶ Rends toi sur pjjoint.malekal.com
▶ Clique sur le bouton Parcourir
▶ Sélectionne le fichier que tu veux heberger et clique sur Ouvrir
▶ Clique sur le bouton Envoyer
▶ Un message de confirmation s''affiche (L''upload a réussi ! - Le lien à transmettre à vos correspondant pour visualiser le fichier est : https://pjjoint.malekal.com/files.php?id=df5ea299241015 Copie le lien dans ta prochaine réponse.

.::. Contributeur Sécurité .::.
0
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
Je viens de le faire, j'ai bien enregistré mais je ne retrouve ni sur le bureau ni dans mes documents le zhpdiag.txt
0
Réponse 32 / 60
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
Je te mets la seconde partie du rapport en copier coller :

O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM][64Bits] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {09F56A49-A7B1-4AAB-95B9-D13094254AD1}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B9A92DA-6374-4872-B646-253F18624D5F}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM][64Bits] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
O42 - Logiciel: Windows Movie Maker 2.6 - (.Microsoft Corporation.) [HKLM][64Bits] -- {B3DAF54F-DB25-4586-9EF1-96D24BB14088}
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- avast
O42 - Logiciel: eSobi v2 - (.esobi Inc..) [HKLM][64Bits] -- InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}
O42 - Logiciel: livebox - (.Pas de propriétaire.) [HKLM][64Bits] -- {17342E3B-0818-4A6F-BFF8-99476605ADD6}
O42 - Logiciel: livebox - (.Pas de propriétaire.) [HKLM][64Bits] -- {AB3F9176-E74A-4F28-9A09-4F22349B145E}
O42 - Logiciel: pdfforge Toolbar v4.4 - (.Spigot, Inc..) [HKLM][64Bits] -- {BCB52F35-4C56-49F2-A3D6-FDED54B01847}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\A.R.T.]
[HKCU\Software\ALWIL Software]
[HKCU\Software\APN]
[HKCU\Software\ATI Technologies Inc.]
[HKCU\Software\ATI]
[HKCU\Software\AVAST Software]
[HKCU\Software\Abvent]
[HKCU\Software\Acer]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\AskToolbarInfo]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\AskToolbar]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\PriceGong]
[HKCU\Software\AppDataLow\Software\Radio_Bar_2]
[HKCU\Software\AppDataLow\Software\Search Settings]
[HKCU\Software\AppDataLow\Software\Softonic_France]
[HKCU\Software\AppDataLow\Software\conduitEngine]
[HKCU\Software\AppDataLow\Software\pdfforge]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Ask.com]
[HKCU\Software\Autodesk]
[HKCU\Software\Avery]
[HKCU\Software\Borland]
[HKCU\Software\Bugsplat]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Command]
[HKCU\Software\CyberLink]
[HKCU\Software\Ecru]
[HKCU\Software\GRETECH]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\McAfee]
[HKCU\Software\Micro Application]
[HKCU\Software\Moovida]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Northcode Inc]
[HKCU\Software\Novell]
[HKCU\Software\ODBC]
[HKCU\Software\PDFCreator]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\SWActivation]
[HKCU\Software\Softonic]
[HKCU\Software\Spointer]
[HKCU\Software\TechSmith]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Veetle]
[HKCU\Software\VirtuaMedia]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\YFSoftware]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\mb Software AG]
[HKCU\Software\yahooinstall]
[HKLM\Software\ALWIL Software]
[HKLM\Software\AMD]
[HKLM\Software\APN]
[HKLM\Software\ART Inc]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AVAST Software]
[HKLM\Software\Acer Incorporated]
[HKLM\Software\Acer]
[HKLM\Software\Adobe]
[HKLM\Software\America Online]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Application Updater]
[HKLM\Software\AskToolbar]
[HKLM\Software\Autodesk]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\CyberLink]
[HKLM\Software\Cyberlink]
[HKLM\Software\Digital River]
[HKLM\Software\EgisTec Egis Software Update]
[HKLM\Software\EgisTec]
[HKLM\Software\FlexCell Studio]
[HKLM\Software\GRETECH]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\InstallShield]
[HKLM\Software\InstallationKit]
[HKLM\Software\Intel]
[HKLM\Software\Interface]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee.com]
[HKLM\Software\McAfee]
[HKLM\Software\Micro Application]
[HKLM\Software\MicroQuill]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NOS]
[HKLM\Software\NewTech Infosystems]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\Oberon Media]
[HKLM\Software\OemSetup]
[HKLM\Software\PDFCreator]
[HKLM\Software\Policies]
[HKLM\Software\Radio_Bar_2]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Sagem]
[HKLM\Software\Search Settings]
[HKLM\Software\SecureDigitalServices]
[HKLM\Software\Set8187B]
[HKLM\Software\SimDebug]
[HKLM\Software\SiteAdvisor]
[HKLM\Software\Softonic_France]
[HKLM\Software\Sonic]
[HKLM\Software\Veetle]
[HKLM\Software\Volatile]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Yahoo]
[HKLM\Software\mozilla.org]
[HKLM\Software\office]
[HKLM\Software\pdfforge]



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/08/2009 - 17:45:14 - [18102598] ----D- C:\Program Files\Acer
O43 - CFD: 24/10/2010 - 20:40:44 - [177441443] ----D- C:\Program Files\Alwil Software
O43 - CFD: 10/10/2006 - 13:14:28 - [18872087] ----D- C:\Program Files\ATI
O43 - CFD: 12/06/2011 - 20:58:46 - [225657767] ----D- C:\Program Files\Common Files
O43 - CFD: 24/08/2009 - 17:44:18 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 25/08/2009 - 14:08:20 - [2909912] ----D- C:\Program Files\Google
O43 - CFD: 30/12/2010 - 21:22:20 - [46675275] ----D- C:\Program Files\HP
O43 - CFD: 22/05/2011 - 11:16:28 - [6668552] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 14/04/2009 - 01:48:26 - [12453845] ----D- C:\Program Files\McAfee
O43 - CFD: 02/11/2006 - 17:07:28 - [94671287] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 14/04/2009 - 01:36:50 - [1141526] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 13/08/2010 - 09:52:54 - [116334702] ----D- C:\Program Files\Movie Maker
O43 - CFD: 02/11/2006 - 17:07:28 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 14/04/2009 - 01:42:04 - [1350378] ----D- C:\Program Files\PlayReady
O43 - CFD: 14/04/2009 - 01:22:24 - [12455104] ----D- C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 17:07:28 - [36351145] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 02/11/2006 - 17:44:56 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 21/01/2008 - 05:09:42 - [1302528] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 19/10/2009 - 14:49:30 - [2963968] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 19/10/2009 - 14:49:30 - [6394224] ----D- C:\Program Files\Windows Defender
O43 - CFD: 19/10/2009 - 14:49:30 - [9655416] ----D- C:\Program Files\Windows Journal
O43 - CFD: 25/10/2010 - 17:54:24 - [43896] ----D- C:\Program Files\Windows Live
O43 - CFD: 12/05/2011 - 10:19:46 - [9619128] ----D- C:\Program Files\Windows Mail
O43 - CFD: 15/10/2010 - 08:54:26 - [5140215] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 24/08/2009 - 17:44:18 - [8057896] ----D- C:\Program Files\Windows NT
O43 - CFD: 19/10/2009 - 14:49:30 - [16439458] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 19/11/2009 - 11:52:12 - [167424] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 19/10/2009 - 14:49:30 - [8304146] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 14/04/2009 - 01:48:08 - [1597230] ----D- C:\Program Files\Common Files\McAfee
O43 - CFD: 25/10/2010 - 17:54:14 - [213844953] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 02/11/2006 - 15:33:54 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 02/11/2006 - 15:33:54 - [608256] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 21/01/2008 - 05:09:30 - [9604626] ----D- C:\Program Files\Common Files\System
O43 - CFD: 06/03/2011 - 12:33:54 - [53] ----D- C:\ProgramData\Abvent
O43 - CFD: 10/10/2006 - 13:21:34 - [19484] ----D- C:\ProgramData\Acer GameZone Console
O43 - CFD: 14/04/2009 - 02:06:02 - [769] ----D- C:\ProgramData\Adobe
O43 - CFD: 24/10/2010 - 20:35:42 - [55826438] ----D- C:\ProgramData\Alwil Software
O43 - CFD: 07/03/2011 - 18:16:22 - [16878592] ----D- C:\ProgramData\Apple
O43 - CFD: 07/03/2011 - 18:17:12 - [26927616] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 02/11/2006 - 17:42:18 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 10/10/2006 - 13:26:52 - [187] ----D- C:\ProgramData\ATI
O43 - CFD: 02/10/2009 - 12:57:36 - [10297] ----D- C:\ProgramData\Autodesk
O43 - CFD: 24/08/2009 - 17:44:18 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 14/06/2011 - 10:48:36 - [16956604] --H-D- C:\ProgramData\CanonBJ
O43 - CFD: 18/05/2011 - 17:29:28 - [108560] ----D- C:\ProgramData\CyberLink
O43 - CFD: 16/01/2011 - 15:08:32 - [881376] ----D- C:\ProgramData\Dassault Systemes
O43 - CFD: 02/11/2006 - 17:42:18 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 17:42:18 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 14/04/2009 - 01:55:38 - [0] ----D- C:\ProgramData\EgisTec
O43 - CFD: 14/04/2009 - 02:19:32 - [420] ----D- C:\ProgramData\eSobi
O43 - CFD: 24/08/2009 - 17:44:18 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 17:42:18 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 17/10/2010 - 13:50:42 - [7816461] ----D- C:\ProgramData\Google
O43 - CFD: 31/01/2011 - 21:42:10 - [51032961] ----D- C:\ProgramData\HP
O43 - CFD: 24/08/2009 - 17:47:36 - [33835744] ----D- C:\ProgramData\McAfee
O43 - CFD: 24/08/2009 - 17:44:18 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 25/10/2010 - 17:54:44 - [327171838] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 14/06/2011 - 10:49:30 - [57688] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 24/08/2009 - 17:44:18 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 14/04/2009 - 01:50:42 - [36] ----D- C:\ProgramData\SiteAdvisor
O43 - CFD: 02/11/2006 - 17:42:18 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 29/03/2010 - 17:21:08 - [154] ----D- C:\ProgramData\Sun
O43 - CFD: 10/10/2006 - 13:18:20 - [163911] ----D- C:\ProgramData\Temp
O43 - CFD: 02/11/2006 - 17:42:18 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 06/03/2011 - 12:21:16 - [0] ----D- C:\ProgramData\WinZip
O43 - CFD: 14/06/2011 - 21:11:46 - [26547936] -S--D- C:\Users\Lucile\AppData\Roaming\Microsoft
O43 - CFD: 06/03/2011 - 12:33:54 - [0] ----D- C:\Users\Lucile\AppData\Roaming\Abvent
O43 - CFD: 12/06/2011 - 15:39:44 - [32348] ----D- C:\Users\Lucile\AppData\Roaming\Abvent_Artlantis3
O43 - CFD: 10/10/2006 - 13:21:34 - [29536] ----D- C:\Users\Lucile\AppData\Roaming\Acer GameZone Console
O43 - CFD: 26/08/2009 - 17:10:50 - [4607281] ----D- C:\Users\Lucile\AppData\Roaming\Adobe
O43 - CFD: 01/09/2009 - 22:29:18 - [695440] ----D- C:\Users\Lucile\AppData\Roaming\Anuman Interactive
O43 - CFD: 24/05/2011 - 17:33:14 - [208093] ----D- C:\Users\Lucile\AppData\Roaming\ArchiFacile
O43 - CFD: 25/08/2009 - 11:13:42 - [0] ----D- C:\Users\Lucile\AppData\Roaming\ATI
O43 - CFD: 02/10/2009 - 12:57:36 - [4879444] ----D- C:\Users\Lucile\AppData\Roaming\Autodesk
O43 - CFD: 31/01/2011 - 21:54:04 - [18325143] ----D- C:\Users\Lucile\AppData\Roaming\Avery
O43 - CFD: 18/05/2011 - 17:29:30 - [0] ----D- C:\Users\Lucile\AppData\Roaming\CyberLink
O43 - CFD: 16/01/2011 - 15:09:50 - [3047986] ----D- C:\Users\Lucile\AppData\Roaming\DraftSight
O43 - CFD: 10/06/2011 - 16:34:30 - [91038] ----D- C:\Users\Lucile\AppData\Roaming\Décorateur de plinthes frises et corniches
O43 - CFD: 25/05/2011 - 17:44:56 - [2401464] ----D- C:\Users\Lucile\AppData\Roaming\Décorateur de surfaces
O43 - CFD: 25/05/2011 - 17:31:28 - [61] ----D- C:\Users\Lucile\AppData\Roaming\EASYTools
O43 - CFD: 17/10/2010 - 13:51:46 - [611912] ----D- C:\Users\Lucile\AppData\Roaming\Google
O43 - CFD: 06/06/2011 - 23:23:28 - [171] ----D- C:\Users\Lucile\AppData\Roaming\gtk-2.0
O43 - CFD: 30/12/2010 - 21:25:58 - [0] ----D- C:\Users\Lucile\AppData\Roaming\HpUpdate
O43 - CFD: 25/08/2009 - 11:13:12 - [0] ----D- C:\Users\Lucile\AppData\Roaming\Identities
O43 - CFD: 24/05/2011 - 14:19:04 - [3567] ----D- C:\Users\Lucile\AppData\Roaming\LiveCAD3
O43 - CFD: 25/08/2009 - 11:13:38 - [3052656] ----D- C:\Users\Lucile\AppData\Roaming\Macromedia
O43 - CFD: 02/11/2006 - 17:07:26 - [0] ----D- C:\Users\Lucile\AppData\Roaming\Media Center Programs
O43 - CFD: 04/02/2011 - 12:50:42 - [629144] ----D- C:\Users\Lucile\AppData\Roaming\moovida-1
O43 - CFD: 24/02/2010 - 15:54:38 - [11900132] ----D- C:\Users\Lucile\AppData\Roaming\Mozilla
O43 - CFD: 24/02/2010 - 18:42:42 - [167871] ----D- C:\Users\Lucile\AppData\Roaming\Notepad++
O43 - CFD: 07/03/2011 - 21:59:10 - [570] ----D- C:\Users\Lucile\AppData\Roaming\PhotoFiltre
O43 - CFD: 18/05/2011 - 17:29:34 - [42666103] ----D- C:\Users\Lucile\AppData\Roaming\PowerCinema
O43 - CFD: 09/01/2011 - 11:56:24 - [1081344] ----D- C:\Users\Lucile\AppData\Roaming\V-Safe
O43 - CFD: 06/03/2011 - 12:30:38 - [12] ----D- C:\Users\Lucile\AppData\Roaming\WinRAR
O43 - CFD: 30/03/2011 - 15:58:34 - [2053596916] ----D- C:\Users\Lucile\Appdata\Local\Microsoft
O43 - CFD: 18/05/2011 - 17:29:36 - [0] ----D- C:\Users\Lucile\Appdata\Local\Acer Arcade Deluxe
O43 - CFD: 26/08/2009 - 17:11:28 - [3066359] ----D- C:\Users\Lucile\Appdata\Local\Adobe
O43 - CFD: 07/03/2011 - 18:16:24 - [0] ----D- C:\Users\Lucile\Appdata\Local\Apple
O43 - CFD: 07/03/2011 - 18:19:12 - [2016] ----D- C:\Users\Lucile\Appdata\Local\Apple Computer
O43 - CFD: 25/08/2009 - 11:13:02 - [0] -SH-D- C:\Users\Lucile\Appdata\Local\Application Data
O43 - CFD: 25/08/2009 - 11:13:42 - [42011] ----D- C:\Users\Lucile\Appdata\Local\ATI
O43 - CFD: 22/09/2009 - 18:00:30 - [1666447] ----D- C:\Users\Lucile\Appdata\Local\Autodesk
O43 - CFD: 16/01/2011 - 15:09:50 - [0] ----D- C:\Users\Lucile\Appdata\Local\CrashRpt
O43 - CFD: 25/08/2009 - 11:13:34 - [181] ----D- C:\Users\Lucile\Appdata\Local\EgisTec
O43 - CFD: 20/05/2011 - 14:37:32 - [2015411] ----D- C:\Users\Lucile\Appdata\Local\Google
O43 - CFD: 25/08/2009 - 11:13:02 - [0] -SH-D- C:\Users\Lucile\Appdata\Local\Historique
O43 - CFD: 30/12/2010 - 21:21:26 - [18132] ----D- C:\Users\Lucile\Appdata\Local\HP
O43 - CFD: 19/11/2010 - 18:06:32 - [1132080] ----D- C:\Users\Lucile\Appdata\Local\Micro Application
O43 - CFD: 01/10/2009 - 14:24:02 - [0] ----D- C:\Users\Lucile\Appdata\Local\Microsoft Help
O43 - CFD: 19/11/2010 - 18:06:30 - [2465] ----D- C:\Users\Lucile\Appdata\Local\Micro_Application
O43 - CFD: 12/06/2011 - 20:41:54 - [656561] ----D- C:\Users\Lucile\Appdata\Local\moovida Air
O43 - CFD: 24/02/2010 - 15:54:32 - [58826013] ----D- C:\Users\Lucile\Appdata\Local\Mozilla
O43 - CFD: 18/05/2011 - 17:29:28 - [6786] ----D- C:\Users\Lucile\Appdata\Local\PlayMovie
O43 - CFD: 14/06/2011 - 21:11:32 - [254962548] ----D- C:\Users\Lucile\Appdata\Local\Temp
O43 - CFD: 14/06/2011 - 10:35:18 - [34745] ----D- C:\Users\Lucile\Appdata\Local\Temp(2437)
O43 - CFD: 25/08/2009 - 11:13:02 - [0] -SH-D- C:\Users\Lucile\Appdata\Local\Temporary Internet Files
O43 - CFD: 03/03/2011 - 13:04:34 - [331740408] ----D- C:\Users\Lucile\Appdata\Local\VirtualStore
O43 - CFD: 17/05/2011 - 12:03:44 - [65536] ----D- C:\Users\Lucile\Appdata\Local\Windows Live
O43 - CFD: 14/05/2011 - 09:36:36 - [0] ----D- C:\Users\Lucile\Appdata\Local\{0639F198-8089-42BF-9489-8A5685BAC680}
O43 - CFD: 29/04/2011 - 11:56:26 - [0] ----D- C:\Users\Lucile\Appdata\Local\{0F95D372-BB80-4BE7-B8AD-562B1707BC04}
O43 - CFD: 02/05/2011 - 12:15:32 - [0] ----D- C:\Users\Lucile\Appdata\Local\{3C3AD67A-121E-4876-9E1C-AD18019FE342}
O43 - CFD: 10/05/2011 - 11:03:00 - [0] ----D- C:\Users\Lucile\Appdata\Local\{405BE581-CC90-45CD-8BA7-C990273DC41F}
O43 - CFD: 04/05/2011 - 11:57:28 - [0] ----D- C:\Users\Lucile\Appdata\Local\{41098126-7973-4647-AB83-B518555A6A56}
O43 - CFD: 09/05/2011 - 18:37:54 - [0] ----D- C:\Users\Lucile\Appdata\Local\{43BA2FAA-A320-42BD-B011-D68049FFA117}
O43 - CFD: 03/05/2011 - 12:52:34 - [0] ----D- C:\Users\Lucile\Appdata\Local\{4455C7AC-1208-4400-BACF-363112A2ABCA}
O43 - CFD: 10/05/2011 - 20:59:16 - [0] ----D- C:\Users\Lucile\Appdata\Local\{4E07790C-4A4A-458E-8F29-EA99899E7153}
O43 - CFD: 17/05/2011 - 12:03:34 - [0] ----D- C:\Users\Lucile\Appdata\Local\{51944C5A-A475-402D-B2BF-0291E5E2A104}
O43 - CFD: 13/05/2011 - 13:31:18 - [0] ----D- C:\Users\Lucile\Appdata\Local\{552F1D02-DD1C-4014-A476-2192A8106311}
O43 - CFD: 03/05/2011 - 11:35:00 - [0] ----D- C:\Users\Lucile\Appdata\Local\{56E60AC2-B526-4707-81AF-B963F7D93EE9}
O43 - CFD: 16/05/2011 - 11:57:46 - [0] ----D- C:\Users\Lucile\Appdata\Local\{68D09AF5-E28C-4C42-B2D4-DB3AF2DE78EA}
O43 - CFD: 01/05/2011 - 10:43:12 - [0] ----D- C:\Users\Lucile\Appdata\Local\{729009AF-22E2-41D5-9F72-5255100FA224}
O43 - CFD: 09/05/2011 - 17:03:16 - [0] ----D- C:\Users\Lucile\Appdata\Local\{7899ABD9-C186-4F5D-A106-1E86E111DB5B}
O43 - CFD: 29/04/2011 - 12:20:24 - [0] ----D- C:\Users\Lucile\Appdata\Local\{7994562D-7C24-424D-B543-14975C03773A}
O43 - CFD: 12/05/2011 - 13:07:24 - [0] ----D- C:\Users\Lucile\Appdata\Local\{7CC0D17D-F854-4DDB-B1F1-6765F6096534}
O43 - CFD: 15/05/2011 - 20:18:36 - [0] ----D- C:\Users\Lucile\Appdata\Local\{7CE7A8B0-C142-4968-ADE3-08128276FF26}
O43 - CFD: 03/05/2011 - 13:54:38 - [0] ----D- C:\Users\Lucile\Appdata\Local\{7F518336-22F7-47B0-9B63-AC60E73C6BCB}
O43 - CFD: 08/05/2011 - 10:48:20 - [0] ----D- C:\Users\Lucile\Appdata\Local\{82B340DF-A7F5-4409-8723-CD6B01D893FA}
O43 - CFD: 06/05/2011 - 16:44:44 - [0] ----D- C:\Users\Lucile\Appdata\Local\{8DD8FB52-8F6F-4726-82EC-DF8715AFAB32}
O43 - CFD: 09/05/2011 - 00:25:32 - [0] ----D- C:\Users\Lucile\Appdata\Local\{967E7020-CF11-4068-A5AB-74A94E3DCC35}
O43 - CFD: 29/04/2011 - 18:21:34 - [0] ----D- C:\Users\Lucile\Appdata\Local\{99FF0D54-E0E5-44BB-8F50-9472C517A8A7}
O43 - CFD: 30/04/2011 - 21:00:54 - [0] ----D- C:\Users\Lucile\Appdata\Local\{9C78ED74-EA53-4C77-8B35-B156CE6C28FE}
O43 - CFD: 27/04/2011 - 22:16:14 - [0] ----D- C:\Users\Lucile\Appdata\Local\{A4B5008D-268D-402E-B48F-B860BE105E8F}
O43 - CFD: 05/05/2011 - 09:09:02 - [0] ----D- C:\Users\Lucile\Appdata\Local\{A7B33CC3-9634-46E0-A27D-84534667924D}
O43 - CFD: 07/05/2011 - 12:12:28 - [0] ----D- C:\Users\Lucile\Appdata\Local\{B0B9EB10-5021-475C-AF71-A831C83CD47B}
O43 - CFD: 30/04/2011 - 09:59:40 - [0] ----D- C:\Users\Lucile\Appdata\Local\{D7447C39-08F1-45D0-A226-DC21ECB8507B}
O43 - CFD: 02/05/2011 - 22:10:18 - [0] ----D- C:\Users\Lucile\Appdata\Local\{D9269A38-E314-417D-953B-9BAE52B319F7}
O43 - CFD: 04/05/2011 - 12:38:12 - [0] ----D- C:\Users\Lucile\Appdata\Local\{DE354A4C-E930-4A34-8E5C-A54637D05A04}
O43 - CFD: 12/05/2011 - 22:31:12 - [0] ----D- C:\Users\Lucile\Appdata\Local\{E00BD210-332D-4B57-9AAF-058336A36CAB}
O43 - CFD: 05/05/2011 - 21:27:00 - [0] ----D- C:\Users\Lucile\Appdata\Local\{E0C0BF25-D5CE-451D-BD14-8EBFC068E85D}
O43 - CFD: 09/05/2011 - 10:50:42 - [0] ----D- C:\Users\Lucile\Appdata\Local\{E6CE0CB2-55F9-41D9-8076-F7FD6DA2C009}
O43 - CFD: 28/04/2011 - 10:44:50 - [0] ----D- C:\Users\Lucile\Appdata\Local\{FFBF0DB0-C14E-40DA-A91A-209CC1C473E7}
O43 - CFD: 21/01/2008 - 05:20:46 - [15271] R---D- C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 25/08/2009 - 11:13:20 - [174] R---D- C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 06/03/2011 - 12:33:26 - [3013] ----D- C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Artlantis Studio 3
O43 - CFD: 14/04/2009 - 01:53:26 - [8144] ----D- C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink MediaShow4
O43 - CFD: 14/04/2009 - 02:00:38 - [6584] ----D- C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
O43 - CFD: 21/01/2008 - 05:20:46 - [548] R---D- C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 15/12/2010 - 23:53:32 - [1066] ----D- C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moovida
O43 - CFD: 24/02/2010 - 18:30:02 - [0] ----D- C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 07/03/2011 - 21:55:14 - [0] ----D- C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre
O43 - CFD: 25/08/2009 - 11:13:20 - [174] R---D- C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 22/05/2011 - 11:06:06 - [2027] ----D- C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TRENDnet
O43 - CFD: 06/03/2011 - 12:18:50 - [2681] ----D- C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 14/06/2011 - 21:12:02 - [3900665] ----D- C:\Program Files (x86)\ZHPDiag2
O43 - CFD: 10/10/2006 - 13:21:02 - [223662572] ----D- C:\Program Files (x86)\Acer Arcade Deluxe
O43 - CFD: 14/04/2009 - 02:26:32 - [552085911] ----D- C:\Program Files (x86)\Acer GameZone
O43 - CFD: 10/10/2006 - 13:22:18 - [0] ----D- C:\Program Files (x86)\Acer Incorporated
O43 - CFD: 14/04/2009 - 02:05:52 - [236344790] ----D- C:\Program Files (x86)\Adobe
O43 - CFD: 14/06/2011 - 10:48:54 - [2483125784] ----D- C:\Program Files (x86)\Anuman Interactive
O43 - CFD: 07/03/2011 - 18:16:22 - [2221118] ----D- C:\Program Files (x86)\Apple Software Update
O43 - CFD: 14/06/2011 - 10:48:54 - [393197] ----D- C:\Program Files (x86)\Application Updater
O43 - CFD: 14/06/2011 - 10:51:08 - [125322534] ----D- C:\Program Files (x86)\Artlantis Studio 3
O43 - CFD: 14/06/2011 - 10:48:56 - [2402546] ----D- C:\Program Files (x86)\Ask.com
O43 - CFD: 10/10/2006 - 13:15:14 - [65900295] ----D- C:\Program Files (x86)\ATI Technologies
O43 - CFD: 22/09/2009 - 18:03:40 - [310993660] ----D- C:\Program Files (x86)\AutoCAD LT 2008
O43 - CFD: 22/09/2009 - 17:58:08 - [38496812] ----D- C:\Program Files (x86)\Autodesk
O43 - CFD: 14/06/2011 - 10:48:56 - [1035340011] ----D- C:\Program Files (x86)\Common Files
O43 - CFD: 25/09/2010 - 21:13:20 - [1064128] ----D- C:\Program Files (x86)\Conduit
O43 - CFD: 14/06/2011 - 10:51:08 - [3925305] ----D- C:\Program Files (x86)\ConduitEngine
O43 - CFD: 14/04/2009 - 01:57:58 - [795721418] ----D- C:\Program Files (x86)\CyberLink
O43 - CFD: 16/01/2011 - 15:08:28 - [157462441] ----D- C:\Program Files (x86)\Dassault Systemes
O43 - CFD: 14/04/2009 - 01:42:22 - [33770667] ----D- C:\Program Files (x86)\EgisTec
O43 - CFD: 14/04/2009 - 01:42:24 - [1636481] ----D- C:\Program Files (x86)\EgisTec Egis Software Update
O43 - CFD: 14/04/2009 - 02:19:24 - [23923792] ----D- C:\Program Files (x86)\eSobi
O43 - CFD: 14/06/2011 - 10:48:56 - [47588169] ----D- C:\Program Files (x86)\Fluendo
O43 - CFD: 25/03/2010 - 16:14:38 - [99230433] ----D- C:\Program Files (x86)\GIMP-2.0
O43 - CFD: 04/03/2011 - 14:33:36 - [170468310] ----D- C:\Program Files (x86)\Google
O43 - CFD: 14/06/2011 - 10:48:58 - [14867011] ----D- C:\Program Files (x86)\GRETECH
O43 - CFD: 30/12/2010 - 21:26:00 - [5706539] ----D- C:\Program Files (x86)\HP
O43 - CFD: 25/05/2011 - 17:23:26 - [136505791] --H-D- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 14/04/2009 - 01:15:12 - [10065822] ----D- C:\Program Files (x86)\Intel
O43 - CFD: 22/05/2011 - 11:16:28 - [6674184] ----D- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 24/01/2011 - 12:11:10 - [88678980] ----D- C:\Program Files (x86)\Java
O43 - CFD: 29/04/2011 - 11:48:56 - [225750974] ----D- C:\Program Files (x86)\McAfee
O43 - CFD: 14/04/2009 - 01:48:10 - [2211737] ----D- C:\Program Files (x86)\McAfee.com
O43 - CFD: 14/06/2011 - 10:49:08 - [1800967882] ----D- C:\Program Files (x86)\Micro Application
O43 - CFD: 25/08/2009 - 11:50:26 - [464660563] ----D- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 14/04/2009 - 01:47:28 - [7791803] ----D- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 22/04/2011 - 11:41:54 - [38388859] ----D- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 14/04/2009 - 01:46:26 - [1829877] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 17/12/2010 - 11:07:14 - [145421942] ----D- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 26/06/2010 - 09:18:14 - [8167779] ----D- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 01/04/2011 - 10:14:10 - [9339850] ----D- C:\Program Files (x86)\Movie Maker 2.6
O43 - CFD: 24/05/2011 - 20:38:54 - [31494460] ----D- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 02/11/2006 - 17:07:28 - [25757] ----D- C:\Program Files (x86)\MSBuild
O43 - CFD: 25/08/2009 - 15:12:32 - [0] ----D- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 14/04/2009 - 02:04:56 - [228538519] ----D- C:\Program Files (x86)\NewTech Infosystems
O43 - CFD: 03/02/2011 - 19:33:36 - [0] ----D- C:\Program Files (x86)\NOS
O43 - CFD: 24/02/2010 - 18:45:18 - [9055746] ----D- C:\Program Files (x86)\Notepad++
O43 - CFD: 06/10/2010 - 21:42:56 - [25472309] ----D- C:\Program Files (x86)\PDFCreator
O43 - CFD: 14/06/2011 - 10:49:30 - [971734] ----D- C:\Program Files (x86)\pdfforge Toolbar
O43 - CFD: 06/10/2010 - 11:42:18 - [17582154] ----D- C:\Program Files (x86)\PDFTiger
O43 - CFD: 07/03/2011 - 21:55:14 - [3699431] ----D- C:\Program Files (x86)\PhotoFiltre
O43 - CFD: 14/04/2009 - 01:42:04 - [1041368] ----D- C:\Program Files (x86)\PlayReady
O43 - CFD: 29/03/2010 - 18:18:58 - [72467524] ----D- C:\Program Files (x86)\Pro100Demo
O43 - CFD: 07/03/2011 - 18:18:16 - [76334922] ----D- C:\Program Files (x86)\QuickTime
O43 - CFD: 10/10/2010 - 18:39:56 - [861434] ----D- C:\Program Files (x86)\qvPDF
O43 - CFD: 14/06/2011 - 10:49:30 - [4054743] ----D- C:\Program Files (x86)\Radio_Bar_2
O43 - CFD: 14/04/2009 - 01:22:00 - [4186249] ----D- C:\Program Files (x86)\Realtek
O43 - CFD: 02/11/2006 - 17:07:28 - [38690561] ----D- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 25/08/2009 - 13:53:12 - [13130506] ----D- C:\Program Files (x86)\SAGEM
O43 - CFD: 25/08/2009 - 11:19:36 - [21030881] ----D- C:\Program Files (x86)\Securitoo
O43 - CFD: 14/06/2011 - 10:49:30 - [8327467] ----D- C:\Program Files (x86)\Softonic_France
O43 - CFD: 10/10/2006 - 13:07:22 - [0] ----D- C:\Program Files (x86)\Temp
O43 - CFD: 17/09/2009 - 11:15:28 - [5468421] ----D- C:\Program Files (x86)\TRENDnet
O43 - CFD: 02/11/2006 - 17:36:08 - [0] ----D- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 24/10/2010 - 20:22:04 - [10428379] ----D- C:\Program Files (x86)\Veetle
O43 - CFD: 25/08/2009 - 13:54:44 - [17904979] ----D- C:\Program Files (x86)\Wanadoo
O43 - CFD: 19/10/2009 - 14:49:30 - [1016832] ----D- C:\Program Files (x86)\Windows Calendar
O43 - CFD: 21/01/2008 - 05:09:48 - [53248] ----D- C:\Program Files (x86)\Windows Collaboration
O43 - CFD: 21/01/2008 - 05:09:42 - [504128] ----D- C:\Program Files (x86)\Windows Defender
O43 - CFD: 31/03/2011 - 10:18:32 - [146221717] ----D- C:\Program Files (x86)\Windows Live
O43 - CFD: 12/05/2011 - 10:19:46 - [8935608] ----D- C:\Program Files (x86)\Windows Mail
O43 - CFD: 15/10/2010 - 08:54:26 - [3013093] ----D- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/06/2011 - 10:49:30 - [563886] ----D- C:\Program Files (x86)\Windows Messaging
O43 - CFD: 02/11/2006 - 17:07:28 - [7957544] ----D- C:\Program Files (x86)\Windows NT
O43 - CFD: 19/10/2009 - 14:49:30 - [13528738] ----D- C:\Program Files (x86)\Windows Photo Gallery
O43 - CFD: 19/11/2009 - 11:52:12 - [134144] ----D- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 19/10/2009 - 14:49:30 - [6527558] ----D- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 06/03/2011 - 12:18:50 - [3886217] ----D- C:\Program Files (x86)\WinRAR
O43 - CFD: 10/10/2006 - 13:17:10 - [1975295] ----D- C:\Program Files (x86)\YUAN
O43 - CFD: 12/06/2011 - 17:38:12 - [761969] ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD: 14/04/2009 - 02:05:52 - [4594718] ----D- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 14/06/2011 - 20:27:32 - [14002407] ----D- C:\Program Files (x86)\Common Files\Akamai
O43 - CFD: 07/03/2011 - 18:16:32 - [44308227] ----D- C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 22/09/2009 - 18:03:44 - [48611435] ----D- C:\Program Files (x86)\Common Files\Autodesk Shared
O43 - CFD: 14/04/2009 - 01:38:02 - [92976] ----D- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 14/04/2009 - 01:42:24 - [101672] ----D- C:\Program Files (x86)\Common Files\EgisTec
O43 - CFD: 22/09/2009 - 17:58:26 - [7203276] ----D- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 29/03/2010 - 17:21:06 - [1231815] ----D- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 14/04/2009 - 01:48:50 - [10016660] ----D- C:\Program Files (x86)\Common Files\McAfee
O43 - CFD: 25/10/2010 - 17:54:06 - [442054155] ----D- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 14/04/2009 - 02:07:02 - [354896] ----D- C:\Program Files (x86)\Common Files\Oberon Media
O43 - CFD: 02/11/2006 - 15:33:54 - [2702] ----D- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 02/11/2006 - 15:33:54 - [41101735] ----D- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 14/06/2011 - 10:48:56 - [1135487] ----D- C:\Program Files (x86)\Common Files\Spigot
O43 - CFD: 19/10/2009 - 14:49:30 - [42750094] ----D- C:\Program Files (x86)\Common Files\System
O43 - CFD: 14/04/2009 - 01:44:28 - [377777756] ----D- C:\Program Files (x86)\Common Files\Windows Live
0
Réponse 33 / 60
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
Et la 3eme partie :

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.8A8B6BDFD8E6113E431E5E579FB83213] - 14/06/2011 - 19:34:47 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1495948]
O44 - LFC:[MD5.87EFAA7FCCB4B4688D01AD302A59BF8C] - 14/06/2011 - 19:34:47 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [103872]
O44 - LFC:[MD5.66698686357017F286A3312D9D2FDD3D] - 14/06/2011 - 19:34:47 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [126420]
O44 - LFC:[MD5.8B35253C2DA2AFD46B4FFC688F0D6A10] - 14/06/2011 - 19:34:47 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [595798]
O44 - LFC:[MD5.78DFFE778B612FE9ADA993825B9E0959] - 14/06/2011 - 19:34:47 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [678804]
O44 - LFC:[MD5.7CEE1700D64DE17500DCFD7E50EF1700] - 14/06/2011 - 19:30:41 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1691036]
O44 - LFC:[MD5.495A02420B9995343E9F250FAFA0D2A4] - 14/06/2011 - 19:27:15 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.EF07F36113B2144380621790F663B2AA] - 14/06/2011 - 15:55:03 ---A- . (...) -- C:\Windows\SysNative\Config.MPF [6755]
O44 - LFC:[MD5.13AE2579BD594C6DF293FA99A5788DA7] - 14/06/2011 - 15:41:33 ---A- . (...) -- C:\Windows\SysNative\spsys.log [16168]
O44 - LFC:[MD5.79812776BC168A91B9A8A1ABCB674153] - 12/06/2011 - 20:14:09 ---A- . (...) -- C:\ComboFix.txt [80571]
O44 - LFC:[MD5.59B1EBC7407DEFD2B4318116CB898A14] - 12/06/2011 - 20:05:28 ---A- . (...) -- C:\Windows\PFRO.log [764368]
O44 - LFC:[MD5.65AC9F645B6B604445E4C2F0C1703298] - 12/06/2011 - 17:53:33 ---A- . (...) -- C:\UsbFix.txt [5823]
O44 - LFC:[MD5.55B7D542A0939140CEED247ACAEF3C3C] - 06/06/2011 - 22:50:47 ---A- . (...) -- C:\Windows\Lucile.pcb [8192]
O44 - LFC:[MD5.341CA955D1A6BB774D712D310FFC830B] - 24/05/2011 - 19:15:52 ---A- . (...) -- C:\Windows\MEMORY.DMP [273431298]
O44 - LFC:[MD5.081DAF5BB955EA5CBB88E8F736337C6C] - 22/05/2011 - 10:15:23 ---A- . (...) -- C:\Windows\IE9_main.log [3126]
O44 - LFC:[MD5.ECD81B99477AB4A93D7838EB40B870D0] - 22/05/2011 - 10:15:15 ---A- . (...) -- C:\Windows\SysNative\icrav03.rat [8798]
O44 - LFC:[MD5.6D21D0A95286DCD09E354B612F592EB7] - 22/05/2011 - 10:15:15 ---A- . (...) -- C:\Windows\SysNative\ticrf.rat [1988]
O44 - LFC:[MD5.ECD81B99477AB4A93D7838EB40B870D0] - 22/05/2011 - 10:15:15 ---A- . (...) -- C:\Windows\System32\icrav03.rat [8798]
O44 - LFC:[MD5.6D21D0A95286DCD09E354B612F592EB7] - 22/05/2011 - 10:15:15 ---A- . (...) -- C:\Windows\System32\ticrf.rat [1988]
O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 22/05/2011 - 10:15:04 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [72822]
O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 22/05/2011 - 10:14:56 ---A- . (...) -- C:\Windows\SysNative\ieuinit.inf [72822]



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (...) -- (.not file.)(.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- (.not file.)(.not file.)(.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (...) -- (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (...) -- (.not file.)(.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- (.not file.)(.not file.)(.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys . (...) -- (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys . (...) -- (.not file.)(.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys . (...) -- (.not file.)(.not file.)(.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgr.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgrx.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys . (...) -- (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\nsiproxy.sys . (...) -- (.not file.)(.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpencdd.sys . (...) -- (.not file.)(.not file.)(.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgr.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgrx.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.F14215E37CF124104575073F782111D2] - 21/01/2008 - 03:46:53 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [486456]
O58 - SDL:[MD5.7D05A75E3066861A6610F7EE04FF085C] - 21/01/2008 - 03:46:54 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [342584]
O58 - SDL:[MD5.820A201FE08A0C345B3BEDBC30E1A77C] - 21/01/2008 - 03:46:54 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (X64).) -- C:\Windows\system32\drivers\adpu160m.sys [126520]
O58 - SDL:[MD5.9B4AB6854559DC168FBB4C24FC52E794] - 21/01/2008 - 03:47:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [185912]
O58 - SDL:[MD5.157D0898D4B73F075CE9FA26B482DF98] - 21/01/2008 - 03:46:50 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15976]
O58 - SDL:[MD5.BA8417D4765F3988FF921F30F630E303] - 21/01/2008 - 03:46:52 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [90680]
O58 - SDL:[MD5.9D41C435619733B34CC16A511E644B11] - 21/01/2008 - 03:47:00 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [91192]
O58 - SDL:[MD5.F1DBE3D02FFCDEE5246F29B0ECEBE6E0] - 10/05/2011 - 12:59:37 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [22360]
O58 - SDL:[MD5.F3E75DD1BCC358FB4629357AD09E7C84] - 10/05/2011 - 12:59:48 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [64344]
O58 - SDL:[MD5.FCCBDC045DC12AFD1508205117E7ED11] - 10/05/2011 - 12:59:59 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [31064]
O58 - SDL:[MD5.5824DCA602A0A30E866BC2AC98C6D970] - 10/05/2011 - 13:04:08 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [600920]
O58 - SDL:[MD5.AF07B4BEF920F90205148F3A05E2974C] - 10/05/2011 - 13:04:07 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [287576]
O58 - SDL:[MD5.A3ECA5AF3B4823A523C285A8DF0F9E4F] - 10/05/2011 - 13:02:41 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [53592]
O58 - SDL:[MD5.8EA545F0F90E6388DCACA8F4F9404DC5] - 12/11/2008 - 16:42:22 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [4999680]
O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 18/09/2006 - 22:30:15 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]
O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 18/09/2006 - 22:30:15 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]
O58 - SDL:[MD5.F0F0BA4D815BE446AA6A4583CA3BCA9B] - 02/11/2006 - 09:43:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [86528]
O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 18/09/2006 - 22:30:18 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]
O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 18/09/2006 - 22:30:18 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]
O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 19/09/2006 - 12:42:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]
O58 - SDL:[MD5.E5D5499A1C50A54B5161296B6AFE6192] - 21/01/2008 - 03:46:50 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [18024]
O58 - SDL:[MD5.222CB641B4B8A1D1126F8033F9FD6A00] - 02/11/2006 - 12:50:06 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [88168]
O58 - SDL:[MD5.264CEE7B031A9D6C827F3D0CB031F2FE] - 21/01/2008 - 03:46:56 ---A- . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G6032E.sys [146176]
O58 - SDL:[MD5.BDDC6F6C49633AA85A30A989418E30F4] - 21/11/2008 - 02:53:32 ---A- . (.Intel Corporation - Intel(R) Gigabit Network Connection NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\e1y60x64.sys [306304]
O58 - SDL:[MD5.C4636D6E10469404AB5308D9FD45ED07] - 21/01/2008 - 03:46:59 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [397368]
O58 - SDL:[MD5.D7109A1E6BD2DFDBCBA72A6BC626A13B] - 21/01/2008 - 03:46:59 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [47672]
O58 - SDL:[MD5.756879FA65978DF948437CE3FD1EACCD] - 12/09/2008 - 12:48:26 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStor.sys [406040]
O58 - SDL:[MD5.3E3BF3627D886736D0B4E90054F929F6] - 21/01/2008 - 03:46:59 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [290872]
O58 - SDL:[MD5.8C3951AD2FE886EF76C7B5027C3125D3] - 02/11/2006 - 13:02:39 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44648]
O58 - SDL:[MD5.63C766CDC609FF8206CB447A65ABBA4A] - 02/11/2006 - 13:02:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [37480]
O58 - SDL:[MD5.1281FE73B17664631D12F643CBEA3F59] - 02/11/2006 - 13:02:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [37480]
O58 - SDL:[MD5.ACBE1AF32D3123E330A07BFBC5EC4A9B] - 21/01/2008 - 03:46:51 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [113720]
O58 - SDL:[MD5.799FFB2FC4729FA46D2157C0065B3525] - 21/01/2008 - 03:46:56 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [105016]
O58 - SDL:[MD5.F445FF1DAAD8A226366BFAF42551226B] - 21/01/2008 - 03:47:01 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [113720]
O58 - SDL:[MD5.5C5CD6AACED32FB26C3FB34B3DCF972F] - 21/01/2008 - 03:46:59 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [35896]
O58 - SDL:[MD5.859BC2436B076C77C159ED694ACFE8F8] - 21/01/2008 - 03:46:56 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [438328]
O58 - SDL:[MD5.8996F52497FEA75D4B7A1E9BA1EC046F] - 26/09/2008 - 19:01:06 ---A- . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\Windows\system32\drivers\mfeavfk.sys [101832]
O58 - SDL:[MD5.ED276A940E62B8AE25617C4C3D3DEAC1] - 26/09/2008 - 19:01:06 ---A- . (.McAfee, Inc. - Host Intrusion Detection Link Driver.) -- C:\Windows\system32\drivers\mfehidk.sys [306504]
O58 - SDL:[MD5.81C337F82CA538207A290845056ABE0E] - 26/09/2008 - 18:54:12 ---A- . (.McAfee, Inc. - VSCore Code Analysis Driver.) -- C:\Windows\system32\drivers\mferkdk.sys [40904]
O58 - SDL:[MD5.C1D3C9A17DA89629111D7FAE76E1044F] - 26/09/2008 - 19:01:06 ---A- . (.McAfee, Inc. - System Monitor Filter Driver.) -- C:\Windows\system32\drivers\mfesmfk.sys [49480]
O58 - SDL:[MD5.E843A4295A3381347B4CD17C5DE4090A] - 26/08/2008 - 12:51:36 ---A- . (.McAfee, Inc. - McAfee Personal Firewall Plus Driver.) -- C:\Windows\system32\drivers\Mpfp.sys [176144]
O58 - SDL:[MD5.3C200630A89EF2C0864D515B7A75802E] - 02/11/2006 - 13:02:24 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [39016]
O58 - SDL:[MD5.FB3D139AD1AC117B99A16042C1DD02D1] - 27/10/2008 - 11:06:00 ---A- . (.Egis Incorporated. - PSD Filter Driver.) -- C:\Windows\system32\drivers\mwlPSDFilter.sys [22064]
O58 - SDL:[MD5.BF3F82A3EA6FBB6657DFE081A6BA4E2E] - 27/10/2008 - 11:06:00 ---A- . (.Egis Incorporated. - MyWinLocker PSD Named Pipe Driver.) -- C:\Windows\system32\drivers\mwlPSDNserv.sys [20528]
O58 - SDL:[MD5.DA24873DCB2891805692A03BAD1E34B4] - 27/10/2008 - 11:06:00 ---A- . (.Egis Incorporated. - MyWinLocker PSD Virtual Disk Driver.) -- C:\Windows\system32\drivers\mwlPSDVDisk.sys [59952]
O58 - SDL:[MD5.40A54ED5BECB5ADD057A54A1B1F16E02] - 01/12/2008 - 07:02:54 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 Wireless Adapter Driver.) -- C:\Windows\system32\drivers\netr28x.sys [532480]
O58 - SDL:[MD5.4AC08BD6AF2DF42E0C3196D826C8AEA7] - 02/11/2006 - 13:03:03 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51816]
O58 - SDL:[MD5.7D397449AAF52B0E7C79B64F6AD4473E] - 30/01/2008 - 10:48:32 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\Windows\system32\drivers\NTIDrvr.sys [16384]
O58 - SDL:[MD5.2C040B7ADA5B06F6FACADAC8514AA034] - 21/01/2008 - 03:46:54 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [128056]
O58 - SDL:[MD5.F7EA0FE82842D05EDA3EFDD376DBFDBA] - 21/01/2008 - 03:46:54 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [54328]
O58 - SDL:[MD5.0B83F4E681062F3839BE2EC1D98FD94A] - 21/01/2008 - 03:46:52 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1221176]
O58 - SDL:[MD5.E1C80F8D4D1E39EF9595809C1369BF2A] - 02/11/2006 - 12:50:27 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [124008]
O58 - SDL:[MD5.C3CF92F7983477FF305BD1AFAE411152] - 20/02/2009 - 11:10:00 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RtHDMIVX.sys [191392]
O58 - SDL:[MD5.FDFC40441FAC0F3114A974168125279F] - 10/03/2009 - 09:24:14 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [1733024]
O58 - SDL:[MD5.739E2720AECC4C4AA41A35C9BDF10648] - 23/07/2007 - 17:26:08 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8187B NDIS Driver.) -- C:\Windows\system32\drivers\RTL8187B.sys [340000]
O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 30/09/2006 - 00:51:44 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]
O58 - SDL:[MD5.3A2F769FAB9582BC720E11EA1DFB184D] - 21/01/2008 - 03:47:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [78392]
O58 - SDL:[MD5.2F26A2C6FC96B29BEFF5D8ED74E6625B] - 02/11/2006 - 13:02:52 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [49256]
O58 - SDL:[MD5.A909667976D3BCCD1DF813FED517D837] - 02/11/2006 - 13:02:37 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [44648]
O58 - SDL:[MD5.36887B56EC2D98B9C362F6AE4DE5B7B0] - 02/11/2006 - 13:02:47 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [48232]
O58 - SDL:[MD5.00C8CE31657624A125FDB90EFD554371] - 30/01/2008 - 10:48:16 ---A- . (.NewTech Infosystems Corporation - NTI CDROM Filter Driver.) -- C:\Windows\system32\drivers\UBHelper.sys [16384]
O58 - SDL:[MD5.697F0446134CDC8F99E69306184FBBB4] - 21/01/2008 - 03:46:56 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [284728]
O58 - SDL:[MD5.31707F09846056651EA2C37858F5DDB0] - 02/11/2006 - 12:50:54 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [148072]
O58 - SDL:[MD5.85E5E43ED5B48C8376281BAB519271B7] - 21/01/2008 - 03:46:52 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series x64 Windows Driver.) -- C:\Windows\system32\drivers\ulsata2.sys [174696]
O58 - SDL:[MD5.8294B6C3FDB6C33F24E150DE647ECDAA] - 21/01/2008 - 03:46:50 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [18024]
O58 - SDL:[MD5.A68F455ED2673835209318DD61BFBB0E] - 21/01/2008 - 03:47:25 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [149048]



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM][64Bits] -- ZHPDiag_is1



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWFSBLK.sys - (.not file.) - aswFsBlk (aswFsBlk) .(...) - LEGACY_ASWFSBLK
O64 - Services: CurCS - 30/12/1899 - C:\Windows\system32\drivers\aswMonFlt.sys - aswMonFlt(aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWRDR.sys - (.not file.) - aswRdr (aswRdr) .(...) - LEGACY_ASWRDR
O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWSNX.sys - (.not file.) - aswSnx (aswSnx) .(...) - LEGACY_ASWSNX
O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWSP.sys - (.not file.) - avast! Self Protection (aswSP) .(...) - LEGACY_ASWSP
O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWTDI.sys - (.not file.) - avast! Network Shield Support (aswTdi) .(...) - LEGACY_ASWTDI
O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(...) - LEGACY_FASTFAT
O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC
O64 - Services: CurCS - C:\Windows\System32\drivers\mfeavfk.sys - McAfee Inc. mfeavfk (mfeavfk) .(...) - LEGACY_MFEAVFK
O64 - Services: CurCS - C:\Windows\System32\drivers\mfehidk.sys - McAfee Inc. mfehidk (mfehidk) .(...) - LEGACY_MFEHIDK
O64 - Services: CurCS - C:\Windows\System32\drivers\mfesmfk.sys - McAfee Inc. mfesmfk (mfesmfk) .(...) - LEGACY_MFESMFK
O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\Drivers\Mpfp.sys - MPFP(MPFP) .(.McAfee, Inc. - McAfee Personal Firewall Plus Driver.) - LEGACY_MPFP
O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS
O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\mwlPSDFilter.sys - mwlPSDFilter(mwlPSDFilter) .(.Egis Incorporated. - PSD Filter Driver.) - LEGACY_MWLPSDFILTER
O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\mwlPSDNServ.sys - mwlPSDNServ(mwlPSDNServ) .(.Egis Incorporated. - MyWinLocker PSD Named Pipe Driver.) - LEGACY_MWLPSDNSERV
O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys - mwlPSDVDisk(mwlPSDVDisk) .(.Egis Incorporated. - MyWinLocker PSD Virtual Disk Driver.) - LEGACY_MWLPSDVDISK
O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY
O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(...) - LEGACY_NTFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL
O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(...) - LEGACY_SECDRV
O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR
O64 - Services: CurCS - C:\Windows\system32\Drivers\UBHELPER.sys - UBHelper (UBHelper) .(...) - LEGACY_UBHELPER



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe



---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("CT2542115.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2542115
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.abar-war-timeout", "4000");
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.cbid", "LH");
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.config-updated", false);
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.crumb", "2011.03.07+12.10.04-toolbar002iad-FR-UmVubmVzLEZyYW5jZQ%3D%3D");
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.default-channel-url-mask", "https://fr.ask.com/{query}&qsrc={qsrc}&o={o}&l={l}");
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.dtid", "YYYYYYYYFR");
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", true);
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.first-launch-url", "file:///C:/Program%20Files%20(x86)/Micro%20Application/3D%
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.http-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\",
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.last-config-req", "1307779787086");
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.locale", "fr_FR");
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.o", "15503");
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.qsrc", "2871");
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.r", "2");
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.search-suggestions-enabled", true);
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.silent-upgrade", true);
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", true);
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.socialmini-first", true);
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.socialmini-interval", "1200000");
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.socialmini-max-items", "30");
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.socialmini-native-on", true);
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.socialmini-speed", "5000");
O69 - SBI: prefs.js [Lucile - qler3qru.default] user_pref("extensions.asktb.socialmini-transition-first-open", false);
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {EE7FC551-87A0-4571-AC51-3E8CD2E52165} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {FD736862-6FAF-4C8A-A203-B9FF1E79792F} - (Yahoo! Search) - https://fr.search.yahoo.com/



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.857AD36625346F478760045998E46124] [SPRF] (.Autodesk, Inc. - AutoCAD component.) -- C:\Users\Lucile\AppData\Local\Temp\AcDeltree.exe [150632]
[MD5.D0565CE04FEC25F7E2B9C603F22E80C8] [SPRF] (.Ask.com - wrapper Application.) -- C:\Users\Lucile\AppData\Local\Temp\askToolbarInstaller.exe [2327440]
[MD5.D0103DA25CEF21CDC1591683FB96F5FC] [SPRF] (.Gretech Corporation - GOM ENCODER Installer.) -- C:\Users\Lucile\AppData\Local\Temp\GomEncDnInstaller.exe [217088]
[MD5.BEE3BE7186EADDF6EAE7BA37BB9692AE] [SPRF] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Lucile\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe [921376]
[MD5.8E4A7D2735469C7F6780E75F5B6D1DA2] [SPRF] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Lucile\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe [1017632]
[MD5.DF1D765B2786A53A59DD03728570C12E] [SPRF] (.Netviewer AG - Netviewer application.) -- C:\Users\Lucile\AppData\Local\Temp\NV_Support_Participant.exe [1678712]
[MD5.D3E007FBC92173642415D33A0CD83D18] [SPRF] (.Google Inc. - GoogleToolbarNotifier.) -- C:\Users\Lucile\AppData\Local\Temp\SearchWithGoogleUpdate.exe [426552]
[MD5.813EB60A3F2E3587DEAF57E8693D9B7C] [SPRF] (.Ask - Wrapper Application.) -- C:\Users\Lucile\AppData\Local\Temp\setup.exe [3486088]
[MD5.AF528EBA5F5942C080AAABE29D31BD62] [SPRF] (...) -- C:\Users\Lucile\AppData\Local\Temp\Softonic_France.exe [2494288]
[MD5.FFFEA40F5A3B83F558A9022534FDAE3B] [SPRF] (...) -- C:\Users\Lucile\AppData\Local\Temp\Uninstall.exe [64378]
[MD5.7871F5EBFFA2F2A17194A4CD3653DDD5] [SPRF] (.Fluendo - Pas de description.) -- C:\Users\Lucile\AppData\Local\Temp\Update_off_moovidaImmersed-2.0.4.2-win32.exe [43546840]
[MD5.5C82BE7AD1775B67916EE19C15B99331] [SPRF] (.Microsoft Corporation - Win32 Cabinet Self-Extractor.) -- C:\Users\Lucile\AppData\Local\Temp\vcredist_x86_2005.exe [2723264]
[MD5.B936F0F378B9A35489353E878154E899] [SPRF] (.Microsoft Corporation - Microsoft Visual C++ 2008 Redistributable Setup.) -- C:\Users\Lucile\AppData\Local\Temp\vcredist_x86_2008.exe [1821192]
[MD5.BD19CCD98ED8EC973B56A145662C0169] [SPRF] (.Microsoft Corporation - Windows Live Installer.) -- C:\Users\Lucile\AppData\Local\Temp\wlsetup-cvr.exe [36278120]
[MD5.887173F53072CD2D238014F4199B35CF] [SPRF] (...) -- C:\Users\Lucile\AppData\Local\Temp\xmlUpdater.exe [118784]
[MD5.B9B0ABB41ABA16E2562B261F5F9D9323] [SPRF] (...) -- C:\Users\Lucile\AppData\Roaming\init.dll [701]
[MD5.B9B0ABB41ABA16E2562B261F5F9D9323] [SPRF] (...) -- C:\Users\Lucile\AppData\Roaming\sound.dll [701]
[MD5.11131A291823134CFB0092926438DAA1] [SPRF] (...) -- C:\Users\Lucile\AppData\Roaming\SYSTEM32.dll [6]
[MD5.22650CEC38F14EA171DFC0B3BF6B366C] [SPRF] (...) -- C:\Users\Lucile\AppData\Roaming\tigersetting.dll [48]



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "FPS-SpoolSvc-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" |Out - Domain - P6 - TRUE | .(...) -- C:\Windows\system32\lsass.exe (.not file.)
O87 - FAEL: "WinCollab-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-DFSR-Out-TCP" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\dfsr.exe (.not file.)
O87 - FAEL: "WinCollab-DFSR-In-TCP" |In - Domain - P6 - TRUE | .(...) -- C:\Windows\system32\dfsr.exe (.not file.)
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-In-UDP" |In - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "{C5159984-553C-4823-BF32-B2DFF233CC6D}" | In - Domain - P17 - TRUE | .(.McAfee, Inc. - McAfee Network Agent.) -- C:\Program Files (x86)\Common Files\Mcafee\MNA\McNaSvc.exe
O87 - FAEL: "{BB6635D5-3886-4845-B466-E925B3887D79}" | In - None - P17 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- C:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe
O87 - FAEL: "{C91DF075-46FD-497B-A89A-CCBA8C466255}" | In - Public - P6 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O87 - FAEL: "{DC50D5E6-0294-472B-896F-CFA7F7DB1EFE}" | In - Public - P17 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O87 - FAEL: "{86EBC3BD-6066-43A5-9F22-714963395E99}" | In - Public - P6 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O87 - FAEL: "{9880492A-BB17-499F-9186-89E48FA1B2A7}" | In - Public - P17 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O87 - FAEL: "{8652B5C8-ADF1-4F02-BCFB-0094D8327D8F}" | In - None - P17 - TRUE | .(.CyberLink Corp. - Acer HomeMedia Connect.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\HomeMedia Connect.exe
O87 - FAEL: "{FB7FA5C7-2E21-49AE-AE61-C1EFB72892BF}" | In - None - P17 - TRUE | .(.CyberLink - CLMSService.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSService.exe
O87 - FAEL: "{DF6B6BAE-CC46-41B4-9B04-3E6A9FDE06FC}" | In - None - P17 - TRUE | .(.CyberLink - CLMSServer.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O87 - FAEL: "{81C66A96-2DD7-413B-8C3C-6216D14532B2}" | In - None - P17 - TRUE | .(.Acer Incorporated - Acer Arcade Deluxe.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe
O87 - FAEL: "{2F4180B0-86A0-45A8-9A11-EE2AD9A52E32}" | In - None - P17 - TRUE | .(.Acer Corp. - Acer Arcade Deluxe PlayMovie.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe
O87 - FAEL: "{661A4126-5448-4065-B80B-5FF56828EC20}" | In - None - P17 - TRUE | .(.Acer Corp. - Acer Arcade Deluxe PlayMovie Resident Program.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
O87 - FAEL: "{634458B1-00F4-4A56-AB03-61E77418402C}" | In - None - P17 - TRUE | .(.Acer Incorporated - Acer HomeMedia.) -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe
O87 - FAEL: "{940E1B4C-86B1-44D9-A67D-A19A268B0C5C}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O87 - FAEL: "TCP Query User{028D0211-19FB-41BC-8E85-95C36B27E087}C:\program files (x86)\internet explorer\iexplore.exe" | In - Private - P6 - TRUE | .(.Microsoft Corporation.) -- C:\program files (x86)\internet explorer\iexplore.exe
O87 - FAEL: "UDP Query User{BE2CB21F-EE07-4A7C-BA66-CB20C225167E}C:\program files (x86)\internet explorer\iexplore.exe" | In - Private - P17 - TRUE | .(.Microsoft Corporation.) -- C:\program files (x86)\internet explorer\iexplore.exe
O87 - FAEL: "{C844DD31-C49C-4AFD-B027-64FD4F05C0C3}" | In - Private - P6 - TRUE | .(.Hewlett-Packard Co. - USBSetup.exe.) -- C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
O87 - FAEL: "{FB800EBD-6D41-4524-AC98-6181595B52C4}" | In - Private - P17 - TRUE | .(.Hewlett-Packard Co. - USBSetup.exe.) -- C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe



---\\ Scan Additionnel (O88)
Database Version : 8370 - (14/06/2011)
Clés trouvées (Keys found) : 76
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 23
Fichiers trouvés (Files found) : 0

[HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Adware.AskSBar
[HKLM\Software\Wow6432Node\Classes\AppID\GenericAskToolbar.DLL] =>Adware.AskSBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine] =>Toolbar.Conduit
[HKLM\Software\Classes\Conduit.Engine] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Conduit.Engine] =>Toolbar.Conduit
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd] =>Adware.AskSBar
[HKLM\Software\Wow6432Node\Classes\GenericAskToolbar.ToolbarWnd] =>Adware.AskSBar
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1] =>Adware.AskSBar
[HKLM\Software\Wow6432Node\Classes\GenericAskToolbar.ToolbarWnd.1] =>Adware.AskSBar
[HKLM\Software\Classes\Toolbar.CT2405727] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT2405727] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.CT2542115] =>Adware.Hotbar
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT2542115] =>Adware.Hotbar
[HKLM\Software\Classes\Wow6432Node\TypeLib\{14816CF6-426C-40D7-904C-E5600F015EC2}] =>PUP.OfferBox
[HKLM\Software\Classes\TypeLib\{14816CF6-426C-40D7-904C-E5600F015EC2}] =>PUP.OfferBox
[HKLM\Software\Classes\Wow6432Node\TypeLib\{282D18C0-5424-44F4-A531-55F9AC5B8FD8}] =>PUP.OfferBox
[HKLM\Software\Classes\TypeLib\{282D18C0-5424-44F4-A531-55F9AC5B8FD8}] =>PUP.OfferBox
[HKLM\Software\Classes\Wow6432Node\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Adware.AskSBar
[HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Adware.AskSBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4daac69c-cba7-45e2-9bc8-1044483d3352}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4daac69c-cba7-45e2-9bc8-1044483d3352}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{58EFBE9C-4621-4d79-90E7-8BEE265CA951}] =>Adware.ShopperReports
[HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{7935436E-8F14-4C84-9ECF-BEB791296619}] =>Adware.ShopperReports
[HKLM\Software\Classes\Interface\{7CF4E72E-C9C0-4CA8-A039-1F5BAD426CCE}] =>Adware.BHO
[HKLM\Software\Classes\Interface\{81B32B9F-AFDC-4F7E-8F13-E39BB8ECF638}] =>Adware.BHO
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Adware.AskSBar
[HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{925C24DC-0C0B-4AE7-98F5-18252822C89C}] =>Adware.BHO
[HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Adware.AskSBar
[HKLM\Software\Wow6432Node\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Adware.AskSBar
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Adware.AskSBar
[HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{B3DBB2D5-5F06-4EC2-904D-812ECE520509}] =>Adware.ShopperReports
[HKLM\Software\Classes\Interface\{CA1BC665-4B6B-435C-80C1-0E12D993ED49}] =>Adware.BHO
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBar
[HKLM\Software\Classes\Interface\{D5AB027D-C91A-4324-8C78-12CF1A588C48}] =>PUP.OfferBox
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E2A7BD67-0EAF-497f-B05B-748D7BF3C421}] =>Adware.SPointer
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E2A7BD67-0EAF-497f-B05B-748D7BF3C421}] =>Adware.SPointer
[HKLM\Software\Classes\Interface\{E5DB89B8-5BE1-461C-A7EF-89B68211889D}] =>PUP.OfferBox
[HKLM\Software\Classes\Wow6432Node\TypeLib\{FD06B491-1EA6-4F5C-86D2-C86D3A3A3731}] =>PUP.OfferBox
[HKLM\Software\Classes\TypeLib\{FD06B491-1EA6-4F5C-86D2-C86D3A3A3731}] =>PUP.OfferBox
[HKLM\Software\Classes\Installer\Features\53F25BCB65C42F943A6DDFDE450B8174] =>Adware.BHO
[HKLM\Software\Classes\Installer\Products\53F25BCB65C42F943A6DDFDE450B8174] =>Adware.BHO
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\53F25BCB65C42F943A6DDFDE450B8174] =>Adware.BHO
[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Adware.AskSBar
[HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Adware.AskSBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Adware.AskSBar
[HKLM\SYSTEM\CurrentControlSet\Services\Application Updater] =>PUP.Dealio
[HKLM\Software\Wow6432Node\Application Updater] =>PUP.Dealio
[HKCU\Software\Ask.com] =>Adware.AskBar
[HKCU\Software\Ask.com] =>Adware.AskBarDis
[HKCU\Software\AppDataLow\Software\AskToolbar] =>Adware.AskTBar
[HKLM\Software\Wow6432Node\AskToolbar] =>Adware.AskTBar
[HKCU\Software\AppDataLow\AskToolbarInfo] =>Adware.AskTBar
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\conduitEngine] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\conduitEngine] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\pdfforge] =>PUP.Dealio
[HKLM\Software\Wow6432Node\pdfforge] =>PUP.Dealio
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\AppDataLow\Software\Search Settings] =>PUP.Dealio
[HKLM\Software\Wow6432Node\Search Settings] =>PUP.Dealio
[HKCU\Software\AppDataLow\Software\Softonic_France] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Softonic_France] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\AskToolbar] =>Adware.AskTBar
[HKCU\Software\Spointer] =>Adware.SPointer
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar] =>Adware.AskTBar
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{30F9B915-B755-4826-820B-08FBA6BD249D} =>Toolbar.Conduit
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{B922D405-6D13-4A2B-AE89-08A030DA4402} =>PUP.Dealio
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Adware.AskSBar
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moovida =>Adware.SPointer
C:\Users\Lucile\Appdata\Local\moovida air =>Adware.SPointer
C:\Users\Lucile\Appdata\LocalLow\AskToolbar =>Adware.AskTBar
C:\Users\Lucile\Appdata\LocalLow\BabylonToolbar =>Toolbar.Babylon
C:\Users\Lucile\Appdata\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\Lucile\Appdata\LocalLow\ConduitEngine =>Toolbar.Conduit
C:\Users\Lucile\Appdata\LocalLow\pdfforge =>PUP.Dealio
C:\Users\Lucile\Appdata\LocalLow\PriceGong =>Adware.PriceGong
C:\Users\Lucile\Appdata\LocalLow\Search Settings =>PUP.Dealio
C:\Users\Lucile\Appdata\LocalLow\Softonic_France =>Toolbar.Conduit
C:\Documents and Settings\Lucile\Local Settings\Application Data\moovida air =>Adware.SPointer
C:\Program Files (x86)\Application Updater =>PUP.Dealio
C:\Program Files (x86)\Ask.com =>Adware.AskBar
C:\Program Files (x86)\Conduit =>Toolbar.Conduit
C:\Program Files (x86)\ConduitEngine =>Toolbar.Conduit
C:\Program Files (x86)\pdfforge Toolbar =>PUP.Dealio
C:\Program Files (x86)\Softonic_France =>Toolbar.Conduit
C:\Program Files (x86)\Common Files\Spigot =>PUP.Dealio
C:\Users\Lucile\AppData\Roaming\Mozilla\Firefox\Profiles\qler3qru.default\Conduit =>Toolbar.Conduit
C:\Users\Lucile\AppData\Roaming\Mozilla\Firefox\Profiles\qler3qru.default\ConduitEngine =>Toolbar.Conduit
C:\Users\Lucile\AppData\Roaming\Mozilla\Firefox\Profiles\qler3qru.default\Extensions\engine@conduit.com =>Toolbar.Conduit
C:\Users\Lucile\AppData\Roaming\Mozilla\Firefox\Profiles\qler3qru.default\Extensions\ffxtlbr@babylon.com =>Toolbar.Babylon
C:\Users\Lucile\AppData\Roaming\Mozilla\Firefox\Profiles\qler3qru.default\Extensions\toolbar@ask.com =>Adware.AskTBar



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 06/05/2011 393112 | (Application Updater) . (.Spigot, Inc..) - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
SR - | Auto 06/05/2011 0 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\system32\Ati2evxx.exe
SS - | Demand 22/09/2009 85096 | (Autodesk Licensing Service) . (.Autodesk.) - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
SR - | Auto 10/05/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 18/12/2008 75048 | (CLHNService) . (...) - C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
SR - | Auto 24/12/2008 58664 | (CyberLink Media Server Monitor Service) . (...) - C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSMonitorService.exe
SR - | Auto 24/12/2008 288120 | (CyberLink Media Server Service) . (.CyberLink.) - C:\Program Files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
SS - | Auto 29/01/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 29/01/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 25/08/2009 182768 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 12/09/2008 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
SR - | Auto 16/02/2011 101048 | (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
SR - | Auto 31/10/2008 793208 | (mcmscsvc) . (.McAfee, Inc..) - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
SR - | Auto 12/09/2008 2482848 | (McNASvc) . (.McAfee, Inc..) - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
SS - | Demand 26/09/2008 694800 | (McODS) . (.McAfee, Inc..) - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
SR - | Auto 10/09/2008 359248 | (McProxy) . (.McAfee, Inc..) - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
SS - | Auto 26/09/2008 152896 | (McShield) . (.McAfee, Inc..) - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
SS - | Disabled 26/09/2008 606736 | (McSysmon) . (.McAfee, Inc..) - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
SR - | Auto 12/09/2008 884360 | (MpfService) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
SR - | Auto 22/09/2008 25416 | (MSK80Service) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
SR - | Auto 27/10/2008 306736 | (MWLService) . (.EgisTec Inc..) - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
SS - | Demand 23/09/2008 50424 | (NTIBackupSvc) . (.NewTech InfoSystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
SR - | Auto 23/09/2008 144632 | (NTISchedulerSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
SR - | Auto 09/01/2009 247152 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Lucile at 14/06/2011 21:12:51

device: opened successfully
user: error reading MBR

Disk trace:
error: Read Descripteur non valide
kernel: error reading MBR



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Lucile at 14/06/2011 21:12:53

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin



End of the scan (1454 lines in 00mn 57s)(0)
0
Réponse 34 / 60
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
Hébergement de rapport sur pjjoint.malekal.com

▶ Rends toi sur pjjoint.malekal.com
▶ Clique sur le bouton Parcourir
▶ Sélectionne le fichier que tu veux heberger et clique sur Ouvrir
▶ Clique sur le bouton Envoyer
▶ Un message de confirmation s''affiche (L''upload a réussi ! - Le lien à transmettre à vos correspondant pour visualiser le fichier est : https://pjjoint.malekal.com/files.php?id=df5ea299241015 Copie le lien dans ta prochaine réponse.
0
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
J'ai suivi la même procédure qu'hier mais comme je te l'ai dit, lorsque je clique sur parcourir, je ne retrouve pas mon fichier ZHPDiag.txt que je viens d'enregistrer sur mon disque dur.

Je t'ai mis la suite du rapport au-dessus en copier coller
0
Réponse 35 / 60
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
Repasse combofix stp
0
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
Je dois malheureusement y aller. Je repasse combofix demain après midi et je t'envoie le rapport. Merci en tout cas Juju et à demain si tu passes par là.
0
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
yep ;)
0
Réponse 36 / 60
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
Bonjour, voici le rapport combofix :

ComboFix 11-06-14.03 - Lucile 15/06/2011 13:40:37.1.4 - x64
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.8190.6331 [GMT 2:00]
Lancé depuis: c:\users\Lucile\Desktop\combo.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: McAfee VirusScan *Disabled/Outdated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Personal Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: McAfee VirusScan *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Lucile\ArchiFacile.exe
c:\users\Lucile\wrar392fr.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-05-15 au 2011-06-15 ))))))))))))))))))))))))))))))))))))
.
.
2011-06-15 11:49 . 2011-06-15 11:53 -------- d-----w- c:\users\Lucile\AppData\Local\temp
2011-06-15 11:49 . 2011-06-15 11:49 -------- d-----w- c:\users\Mat\AppData\Local\temp
2011-06-15 11:49 . 2011-06-15 11:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-12 16:09 . 2011-06-12 16:53 -------- d-----w- C:\UsbFix
2011-06-12 15:38 . 2011-06-12 15:38 -------- d-----w- c:\program files (x86)\ZHPDiag
2011-06-10 14:34 . 2011-06-10 14:34 -------- d-----w- c:\users\Lucile\AppData\Roaming\Décorateur de plinthes frises et corniches
2011-05-30 21:12 . 2011-05-30 21:12 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-25 15:44 . 2011-05-25 15:44 -------- d-----w- c:\users\Lucile\AppData\Roaming\Décorateur de surfaces
2011-05-25 15:31 . 2011-05-25 15:31 -------- d-----w- c:\users\Lucile\AppData\Roaming\EASYTools
2011-05-24 18:46 . 2004-02-16 17:48 323584 ----a-w- c:\windows\SysWow64\AcShlExt.dll
2011-05-24 18:46 . 1995-09-20 14:16 456976 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\DAO\dao3032.dll
2011-05-24 18:41 . 2011-05-25 15:22 282756 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2011-05-24 18:41 . 2011-05-24 18:41 163972 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2011-05-24 18:41 . 2005-03-24 03:18 692224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2011-05-24 18:41 . 2002-12-05 12:10 155648 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2011-05-24 18:41 . 2002-12-02 13:22 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2011-05-24 18:41 . 2002-12-02 11:33 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2011-05-24 18:41 . 2002-12-02 11:33 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2011-05-24 13:39 . 2011-06-14 08:48 -------- d-----w- c:\program files (x86)\GRETECH
2011-05-22 09:14 . 2011-05-22 09:14 995328 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll
2011-05-21 10:24 . 2011-06-14 08:48 -------- d-----w- c:\program files (x86)\Application Updater
2011-05-21 10:24 . 2011-06-14 08:49 -------- d-----w- c:\program files (x86)\pdfforge Toolbar
2011-05-18 15:29 . 2011-05-18 15:29 -------- d-----w- c:\users\Lucile\AppData\Local\Acer Arcade Deluxe
2011-05-18 15:29 . 2011-05-18 15:29 -------- d-----w- c:\users\Lucile\AppData\Roaming\CyberLink
2011-05-18 15:29 . 2011-05-18 15:29 -------- d-----w- c:\users\Lucile\AppData\Local\PlayMovie
2011-05-17 10:03 . 2011-05-17 10:03 -------- d-----w- c:\users\Lucile\AppData\Local\{51944C5A-A475-402D-B2BF-0291E5E2A104}
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-10 12:10 . 2010-10-24 18:36 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:10 . 2009-08-25 12:13 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-05-10 12:10 . 2011-01-19 13:46 253888 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-10 12:04 . 2011-02-24 19:27 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 12:04 . 2009-08-25 12:13 287576 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:02 . 2009-08-25 12:13 53592 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-10 11:59 . 2009-08-25 12:13 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2009-08-25 12:13 64344 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-10 11:59 . 2009-08-25 12:13 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-03-23 16:24 . 2011-03-23 16:22 80705832 ----a-w- c:\users\Lucile\GoogleSketchUpProWFR.exe
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{9bb815eb-3f9f-4e11-9150-cb70e29b40fc}"= "c:\program files (x86)\Radio_Bar_2\tbRadi.dll" [2010-09-12 3863136]
"{4daac69c-cba7-45e2-9bc8-1044483d3352}"= "c:\program files (x86)\Softonic_France\tbSoft.dll" [2010-11-13 3913000]
.
[HKEY_CLASSES_ROOT\clsid\{9bb815eb-3f9f-4e11-9150-cb70e29b40fc}]
.
[HKEY_CLASSES_ROOT\clsid\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-09-12 13:02 3863136 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
2010-11-13 20:58 3913000 ----a-w- c:\program files (x86)\Softonic_France\tbSoft.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{9bb815eb-3f9f-4e11-9150-cb70e29b40fc}]
2010-09-12 13:02 3863136 ----a-w- c:\program files (x86)\Radio_Bar_2\tbRadi.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-05-17 11:29 1490312 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{E2A7BD67-0EAF-497f-B05B-748D7BF3C421}]
2010-08-19 12:24 135840 ----a-w- c:\program files (x86)\Fluendo\Moovida\spointer\extensions\moovida_air_ie.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{9bb815eb-3f9f-4e11-9150-cb70e29b40fc}"= "c:\program files (x86)\Radio_Bar_2\tbRadi.dll" [2010-09-12 3863136]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-09-12 3863136]
"{4daac69c-cba7-45e2-9bc8-1044483d3352}"= "c:\program files (x86)\Softonic_France\tbSoft.dll" [2010-11-13 3913000]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
.
[HKEY_CLASSES_ROOT\clsid\{9bb815eb-3f9f-4e11-9150-cb70e29b40fc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-10-27 10:05 40496 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-11-17 135168]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-24 68856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [2008-10-27 199464]
"MDS_Menu"="c:\program files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePDRShortCut"="c:\program files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-02-09 156968]
"CLMLServer"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2009-02-09 202024]
"PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-02-06 173288]
"mcagent_exe"="c:\program files (x86)\McAfee.com\Agent\mcagent.exe" [2008-10-31 641208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-08-10 421888]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-05-10 3459712]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2011-05-17 395144]
"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-05-06 532320]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
D'marrage d'Office.lnk - c:\program files (x86)\Microsoft Office\Office\OSA.EXE [1997-8-29 51984]
Gestionnaire Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office\MSOFFICE.EXE [1997-8-29 340480]
Microsoft Recherche acc'l'r'e.lnk - c:\program files (x86)\Microsoft Office\Office\FINDFAST.EXE [1997-8-29 111376]
Wireless Configuration Utility.lnk - c:\program files (x86)\TRENDnet\TEW-424UB\WlanCU.exe [2007-4-29 434176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-29 135664]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-29 135664]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-09-23 50424]
R3 RTL8187B;TRENDnet TEW-424UB 54M USB Dongle;c:\windows\system32\DRIVERS\RTL8187B.sys [x]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-21 27648]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2011-05-06 393112]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 CLHNService;CLHNService;c:\program files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-12-18 75048]
S2 CyberLink Media Server Monitor Service;CyberLink Media Server Monitor Service;c:\program files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSMonitorService.exe [2008-12-24 58664]
S2 CyberLink Media Server Service;CyberLink Media Server Service;c:\program files (x86)\Acer Arcade Deluxe\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-12-24 288120]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe [2011-02-16 101048]
S2 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S2 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S2 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2008-10-27 306736]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-09-23 144632]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contenu du dossier 'Tâches planifiées'
.
2011-06-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-29 08:49]
.
2011-06-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-29 08:49]
.
2009-04-13 c:\windows\Tasks\McDefragTask.job
- c:\progra~2\mcafee\mqc\QcConsol.exe [2009-04-13 22:32]
.
2009-04-13 c:\windows\Tasks\McQcTask.job
- c:\progra~2\mcafee\mqc\QcConsol.exe [2009-04-13 22:32]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 134384 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-10-27 10:05 51248 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files (x86)\Windows Defender\MSASCui.exe" [BU]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-09-12 182808]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-03-10 7212576]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-03-10 1833504]
"mwlDaemon"="c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2008-10-27 346672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=1&o=vp64&d=1006&m=aspire_x3810
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Lucile\AppData\Roaming\Mozilla\Firefox\Profiles\qler3qru.default\
FF - prefs.js: keyword.URL - hxxp://fr.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Softonic_France Community Toolbar: {4daac69c-cba7-45e2-9bc8-1044483d3352} - %profile%\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files (x86)\McAfee\SiteAdvisor
FF - user.js: yahoo.homepage.dontask - true
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe
WebBrowser-{9BB815EB-3F9F-4E11-9150-CB70E29B40FC} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@SACL=
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid]
@Denied: (A 2) (Everyone)
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\progra~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\program files (x86)\McAfee\MPF\MPFSrv.exe
c:\program files (x86)\McAfee\MSK\MskSrver.exe
c:\program files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\progra~2\McAfee\MSC\mcmscsvc.exe
c:\progra~2\mcafee.com\agent\mcagent.exe
c:\progra~2\COMMON~1\mcafee\mna\mcnasvc.exe
.
**************************************************************************
.
Heure de fin: 2011-06-15 14:00:42 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-06-15 12:00
ComboFix2.txt 2011-06-12 19:14
ComboFix3.txt 2011-06-12 17:26
.
Avant-CF: 245 430 198 272 octets libres
Après-CF: 246 019 563 520 octets libres
.
Current=1 Default=1 Failed=0 LastKnownGood=11 Sets=1,2,3,4,5,6,7,8,9,11
- - End Of File - - 0B9263B035A0E74232749247849870C4
0
Réponse 37 / 60
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
bien, la suite :

Ton pc présente diverses infections Adwares.
CF : https://www.futura-sciences.com/tech/definitions/internet-adware-1857/

Télécharge de AD-Remover sur ton Bureau. (TeamXScript)

http://www.teamxscript.org/adremoverTelechargement.html ( Lien officiel )
OU
https://www.androidworld.fr/ ( Miroir )

/!\ Ferme toutes applications en cours /!\

▶ Double-clique sur l''icône Ad-remover située sur ton Bureau.
▶ Sur la page, clique sur le bouton « Scanner »
▶ Confirme lancement du scan
▶ Laisse travailler l''outil.
▶ Quand il a fini, un rapport s'ouvrira : ferme le.

♦ Pour me transmettre le rapport

clique sur ce lien : http://www.cijoint.fr/

▶ Clique sur Parcourir et cherche le fichier C:\Ad-Report-SCAN[1].txt

▶ Clique sur Ouvrir.

▶ Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

est ajouté dans la page.

▶ Copie ce lien dans ta réponse.
0
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
Merci. Voici le lien :

http://www.cijoint.fr/cjlink.php?file=cj201106/cijjCEuBSb.txt
0
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
parfait :)

▶ Relance AD-Remover, clique sur Nettoyer
▶ Laisse le pc redémarrer.
▶ Une fois revenu sur le bureau, le rapport devrait s''ouvrir : poste son contenu.
▶ S''il ne s''ouvre pas; il se trouve là : C:\AD-Report[CLEAN]1.txt
0
Réponse 38 / 60
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
Voilà :


====== RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 14:42:10 le 15/06/2011, Mode normal

Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2 (X64)
Lucile@PC-DE-MAT (Acer Aspire X3810)

============== ACTION(S) ==============

Service: "Application Updater" Stoppé et supprimé

Fichier supprimé: C:\Program Files (x86)\Mozilla FireFox\extensions\pdfforge@mybrowserbar.com
Dossier supprimé: C:\Users\Lucile\AppData\Roaming\Mozilla\FireFox\Profiles\qler3qru.default\extensions\toolbar@ask.com
Dossier supprimé: C:\Users\Lucile\AppData\Roaming\Mozilla\FireFox\Profiles\qler3qru.default\conduit
Dossier supprimé: C:\Users\Lucile\AppData\Roaming\Mozilla\FireFox\Profiles\qler3qru.default\ConduitEngine
Dossier supprimé: C:\Users\Lucile\AppData\Roaming\Mozilla\FireFox\Profiles\qler3qru.default\extensions\engine@conduit.com
Dossier supprimé: C:\Program Files (x86)\Ask.com
Dossier supprimé: C:\Users\Lucile\AppData\LocalLow\AskToolbar
Dossier supprimé: C:\Users\Lucile\AppData\LocalLow\Conduit
Dossier supprimé: C:\Program Files (x86)\Conduit
Dossier supprimé: C:\Users\Lucile\AppData\LocalLow\ConduitEngine
Dossier supprimé: C:\Program Files (x86)\ConduitEngine
Dossier supprimé: C:\Program Files (x86)\Application Updater
Dossier supprimé: C:\Users\Lucile\AppData\LocalLow\pdfforge
Dossier supprimé: C:\Program Files (x86)\pdfforge Toolbar
Dossier supprimé: C:\Users\Lucile\AppData\LocalLow\PriceGong
Dossier supprimé: C:\Users\Lucile\AppData\LocalLow\Search Settings
Dossier supprimé: C:\Program Files (x86)\Common Files\Spigot
Dossier supprimé: C:\Program Files (x86)\Fluendo

(!) -- Fichiers temporaires supprimés.


-- Fichier ouvert: C:\Users\Lucile\AppData\Roaming\Mozilla\FireFox\Profiles\qler3qru.default\Prefs.js --
Ligne supprimée: user_pref("CT2542115.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT254...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"")...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/935078/930862/FR", "\"0\"")...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2542115", ...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63443493058760...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/20...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/30/2...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/20...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2542115/CT2542115...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/Newtab/Softonic/CT1351374.xml", "\"0331f...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=fr-fr", "\"...
Ligne supprimée: user_pref("CommunityToolbar.EngineOwner", "CT2542115");
Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerGuid", "{4daac69c-cba7-45e2-9bc8-1044483d3352}");
Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "softonic_france");
Ligne supprimée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2542115");
Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{4daac69c-cba7-45e2-9bc8-1044483d3352}");
Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "softonic_france");
Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://fr.search.yahoo.com/search?fr=gre...
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2542115");
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "CT2542115");
Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Jun 14 2011 20:42:19 GMT+0200");
Ligne supprimée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Ligne supprimée: user_pref("CommunityToolbar.alert.locale", "en");
Ligne supprimée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Jun 14 2011 20:42:19 GMT+0200");
Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Ligne supprimée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Ligne supprimée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Ligne supprimée: user_pref("CommunityToolbar.alert.showTrayIcon", false);
Ligne supprimée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Ligne supprimée: user_pref("CommunityToolbar.alert.userId", "bf040e50-79e9-44dc-8506-a6c25aa91a38");
Ligne supprimée: user_pref("ConduitEngine.FirstServerDate", "01/02/2011 20");
Ligne supprimée: user_pref("ConduitEngine.FirstTime", true);
Ligne supprimée: user_pref("ConduitEngine.FirstTimeFF3", true);
Ligne supprimée: user_pref("ConduitEngine.HasUserGlobalKeys", true);
Ligne supprimée: user_pref("ConduitEngine.Initialize", true);
Ligne supprimée: user_pref("ConduitEngine.InitializeCommonPrefs", true);
Ligne supprimée: user_pref("ConduitEngine.InstalledDate", "Sun Jan 02 2011 18:54:20 GMT+0100");
Ligne supprimée: user_pref("ConduitEngine.IsMulticommunity", false);
Ligne supprimée: user_pref("ConduitEngine.IsOpenThankYouPage", false);
Ligne supprimée: user_pref("ConduitEngine.IsOpenUninstallPage", true);
Ligne supprimée: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Tue Jun 14 2011 20:42:22 GMT+0200");
Ligne supprimée: user_pref("ConduitEngine.LastLogin_3.2.5.2", "Wed Jun 15 2011 14:03:26 GMT+0200");
Ligne supprimée: user_pref("ConduitEngine.PublisherContainerWidth", 0);
Ligne supprimée: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Ligne supprimée: user_pref("ConduitEngine.SettingsLastCheckTime", "Wed Jun 15 2011 14:03:26 GMT+0200");
Ligne supprimée: user_pref("ConduitEngine.UserID", "UN69156112347012148");
Ligne supprimée: user_pref("ConduitEngine.engineLocale", "fr");
Ligne supprimée: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Tue Jun 14 2011 20:42:22 GMT+0200");
Ligne supprimée: user_pref("ConduitEngine.initDone", true);
Ligne supprimée: user_pref("extensions.asktb.abar-war-timeout", "4000");
Ligne supprimée: user_pref("extensions.asktb.cbid", "LH");
Ligne supprimée: user_pref("extensions.asktb.config-updated", false);
Ligne supprimée: user_pref("extensions.asktb.crumb", "2011.03.07+12.10.04-toolbar002iad-FR-UmVubmVzLEZyYW5jZQ%3D%3D")...
Ligne supprimée: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&...
Ligne supprimée: user_pref("extensions.asktb.dtid", "YYYYYYYYFR");
Ligne supprimée: user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", true);
Ligne supprimée: user_pref("extensions.asktb.first-launch-url", "file:///C:/Program%20Files%20(x86)/Micro%20Applicati...
Ligne supprimée: user_pref("extensions.asktb.fresh-install", false);
Ligne supprimée: user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com...
Ligne supprimée: user_pref("extensions.asktb.l", "dis");
Ligne supprimée: user_pref("extensions.asktb.last-config-req", "1308076938467");
Ligne supprimée: user_pref("extensions.asktb.locale", "fr_FR");
Ligne supprimée: user_pref("extensions.asktb.o", "15503");
Ligne supprimée: user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Ligne supprimée: user_pref("extensions.asktb.qsrc", "2871");
Ligne supprimée: user_pref("extensions.asktb.r", "2");
Ligne supprimée: user_pref("extensions.asktb.search-suggestions-enabled", true);
Ligne supprimée: user_pref("extensions.asktb.silent-upgrade", true);
Ligne supprimée: user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", true);
Ligne supprimée: user_pref("extensions.asktb.socialmini-first", true);
Ligne supprimée: user_pref("extensions.asktb.socialmini-interval", "1200000");
Ligne supprimée: user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Ligne supprimée: user_pref("extensions.asktb.socialmini-max-items", "30");
Ligne supprimée: user_pref("extensions.asktb.socialmini-native-on", true);
Ligne supprimée: user_pref("extensions.asktb.socialmini-speed", "5000");
Ligne supprimée: user_pref("extensions.asktb.socialmini-transition-first-open", false);
Ligne supprimée: user_pref("extensions.enabledItems", "{B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1,{20a82645-c095-46...
-- Fichier Fermé --


Clé supprimée: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Clé supprimée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé supprimée: HKLM\Software\Classes\CLSID\{58EFBE9C-4621-4d79-90E7-8BEE265CA951}
Clé supprimée: HKLM\Software\Classes\CLSID\{7935436E-8F14-4C84-9ECF-BEB791296619}
Clé supprimée: HKLM\Software\Classes\Interface\{7935436E-8F14-4C84-9ECF-BEB791296619}
Clé supprimée: HKLM\Software\Classes\CLSID\{80131410-ADBA-4C6E-A080-9CD15417E7AF}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{80131410-ADBA-4C6E-A080-9CD15417E7AF}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{80131410-ADBA-4C6E-A080-9CD15417E7AF}
Clé supprimée: HKLM\Software\Classes\CLSID\{A1F69D68-5FE7-40F5-9021-A49F7E26BCFB}
Clé supprimée: HKLM\Software\Classes\CLSID\{B3DBB2D5-5F06-4EC2-904D-812ECE520509}
Clé supprimée: HKLM\Software\Classes\Interface\{B3DBB2D5-5F06-4EC2-904D-812ECE520509}
Clé supprimée: HKLM\Software\Classes\CLSID\{C4A743DE-EAAC-4cd0-9BF6-378E8141868B}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4A743DE-EAAC-4cd0-9BF6-378E8141868B}
Clé supprimée: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé supprimée: HKLM\Software\Classes\CLSID\{DCE997C8-5920-4c09-99EE-59F46634FE2C}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DCE997C8-5920-4c09-99EE-59F46634FE2C}
Clé supprimée: HKLM\Software\Classes\CLSID\{E2A7BD67-0EAF-497f-B05B-748D7BF3C421}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E2A7BD67-0EAF-497f-B05B-748D7BF3C421}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E2A7BD67-0EAF-497f-B05B-748D7BF3C421}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E2A7BD67-0EAF-497f-B05B-748D7BF3C421}
Clé supprimée: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Clé supprimée: HKLM\Software\Classes\Interface\{7CF4E72E-C9C0-4CA8-A039-1F5BAD426CCE}
Clé supprimée: HKLM\Software\Classes\Interface\{81B32B9F-AFDC-4F7E-8F13-E39BB8ECF638}
Clé supprimée: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Clé supprimée: HKLM\Software\Classes\Interface\{925C24DC-0C0B-4AE7-98F5-18252822C89C}
Clé supprimée: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Clé supprimée: HKLM\Software\Classes\Interface\{CA1BC665-4B6B-435C-80C1-0E12D993ED49}
Clé supprimée: HKLM\Software\Classes\Interface\{D5AB027D-C91A-4324-8C78-12CF1A588C48}
Clé supprimée: HKLM\Software\Classes\Interface\{E5DB89B8-5BE1-461C-A7EF-89B68211889D}
Clé supprimée: HKLM\Software\Classes\TypeLib\{14816CF6-426C-40D7-904C-E5600F015EC2}
Clé supprimée: HKLM\Software\Classes\TypeLib\{282D18C0-5424-44F4-A531-55F9AC5B8FD8}
Clé supprimée: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Clé supprimée: HKLM\Software\Classes\TypeLib\{FD06B491-1EA6-4F5C-86D2-C86D3A3A3731}
Clé supprimée: HKLM\Software\Classes\Conduit.Engine
Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2405727
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2542115
Clé supprimée: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
Clé supprimée: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Clé supprimée: HKLM\Software\Application Updater
Clé supprimée: HKLM\Software\AskToolbar
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKLM\Software\conduitEngine
Clé supprimée: HKLM\Software\pdfforge
Clé supprimée: HKLM\Software\Search Settings
Clé supprimée: HKCU\Software\Ask.com
Clé supprimée: HKCU\Software\Spointer
Clé supprimée: HKCU\Software\AppDataLow\AskToolbarInfo
Clé supprimée: HKCU\Software\AppDataLow\Toolbar
Clé supprimée: HKCU\Software\AppDataLow\Software\AskToolbar
Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit
Clé supprimée: HKCU\Software\AppDataLow\Software\conduitEngine
Clé supprimée: HKCU\Software\AppDataLow\Software\pdfforge
Clé supprimée: HKCU\Software\AppDataLow\Software\PriceGong
Clé supprimée: HKCU\Software\AppDataLow\Software\Search Settings
Clé supprimée: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5DB24F50-8C65-4772-9844-47FE8701BE57}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF9AD60B-D4EA-4AD3-B264-435FFAECD26B}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|moovida@spointer.com
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|SearchSettings
Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}
Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{30F9B915-B755-4826-820B-08FBA6BD249D}


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [3.6.17 (fr)] ****

HKLM_Extensions|{B7082FAA-CB62-4872-9106-E42DD88EDE45} - C:\Program Files (x86)\McAfee\SiteAdvisor

-- C:\Users\Lucile\AppData\Roaming\Mozilla\FireFox\Profiles\qler3qru.default --
Extensions\ffxtlbr@babylon.com (Babylon)
Extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352} (Softonic_France Community Toolbar)
Prefs.js - browser.download.lastDir, C:\\Users\\Lucile\\Pictures
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.17
Prefs.js - keyword.URL, hxxp://fr.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=

========================================

**** Internet Explorer Version [9.0.8112.16421] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - "McAfee SiteAdvisor Toolbar" (c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll)
HKCU_URLSearchHooks|{9bb815eb-3f9f-4e11-9150-cb70e29b40fc} - "Radio Bar 2 Toolbar" (C:\Program Files (x86)\Radio_Bar_2\tbRadi.dll)
HKCU_URLSearchHooks|{4daac69c-cba7-45e2-9bc8-1044483d3352} - "Softonic_France Toolbar" (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKLM_URLSearchHooks|{9bb815eb-3f9f-4e11-9150-cb70e29b40fc} - "Radio Bar 2 Toolbar" (C:\Program Files (x86)\Radio_Bar_2\tbRadi.dll)
HKLM_URLSearchHooks|{4daac69c-cba7-45e2-9bc8-1044483d3352} - "Softonic_France Toolbar" (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKCU_Toolbar\WebBrowser|{9BB815EB-3F9F-4E11-9150-CB70E29B40FC} (C:\Program Files (x86)\Radio_Bar_2\tbRadi.dll)
HKCU_Toolbar\WebBrowser|{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKLM_Toolbar|{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} (c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll)
HKLM_Toolbar|{9bb815eb-3f9f-4e11-9150-cb70e29b40fc} (C:\Program Files (x86)\Radio_Bar_2\tbRadi.dll)
HKLM_Toolbar|{4daac69c-cba7-45e2-9bc8-1044483d3352} (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files (x86)\Veetle\Player\vtl_hfs.exe (?)
HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files (x86)\Veetle\Player\player.exe (?)
HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files (x86)\Veetle\Player\vtl_hfax.exe (?)
HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files (x86)\Veetle\Player\vtl_hfs.exe (?)
HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files (x86)\Veetle\Player\player.exe (?)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files (x86)\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)
HKLM_ElevationPolicy\{B4008F16-16C4-4694-84C8-764ED1FE8386} - C:\Program Files (x86)\Radio_Bar_2\Radio_Bar_2ToolbarHelper.exe (?)
HKLM_ElevationPolicy\{DAABE21E-DB8C-49b8-9511-9E6547ECBC5F} - c:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files (x86)\Veetle\Player\vtl_hfax.exe (?)
BHO\{27B4851A-3207-45A2-B947-BE8AFE6163AB} - "McAfee Phishing Filter" (c:\PROGRA~2\mcafee\msk\mskapbho.dll)
BHO\{4daac69c-cba7-45e2-9bc8-1044483d3352} - "Softonic_France Toolbar" (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
BHO\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} - "scriptproxy" (C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll)
BHO\{9bb815eb-3f9f-4e11-9150-cb70e29b40fc} - "Radio Bar 2 Toolbar" (C:\Program Files (x86)\Radio_Bar_2\tbRadi.dll)
BHO\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} - "McAfee SiteAdvisor BHO" (c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 601 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 18 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 15/06/2011 14:42:13 (21383 Octet(s))
C:\Ad-Report-SCAN[1].txt - 15/06/2011 14:22:18 (22634 Octet(s))

Fin à: 14:43:22, 15/06/2011

============== E.O.F ==============
0
Réponse 39 / 60
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
on y verra plus clair :p
en gros il a désinfecté tes navigateurs :)

relance zhpdiag, clique sur le loupe
aux 100% tu le ferme
héberge zhpdiag.txt et colle le lien obtenu ici
on va finaliser :)
0
Réponse 40 / 60
nicolenicole Messages postés 265 Date d'inscription   Statut Membre Dernière intervention   5
 
Je n'arrive toujours pas à le retrouver pour l'héberger. Donc je te le copie-colle en plusieurs fois comme hier.


Rapport de ZHPDiag v1.27.2302 par Nicolas Coolman, Update du 14/06/2011
Run by Lucile at 15/06/2011 14:58:27
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)
MFIE: Mozilla Firefox v3.6.17 (fr)

---\\ System Information
Windows Vista Home Premium Edition, 64-bit Service Pack 2 (Build 6002)
Processor: Intel64 Family 6 Model 23 Stepping 7, GenuineIntel
Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8190 MB (75% free)
System Restore: Activé (Enable)
System drive C: has 229 GB (67%) free of 339 GB

---\\ Logged in mode
Computer Name: PC-DE-MAT
User Name: Lucile
All Users Names: Mat, Lucile, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=C:\Users\Lucile\AppData\Roaming
%LocalAppData%=C:\Users\Lucile\AppData\Local
%StartMenu%=C:\Users\Lucile\AppData\Roaming\Microsoft\Windows\Start Menu

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 229 Go of 339 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 339 Go of 339 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK



---\\ Recherche particulière de fichiers génériques
[MD5.6B08E54A451B3F95E4109DBA7E594270] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 08:10:17.) -- C:\Windows\Explorer.exe [3079168]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 03:48:04.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.A1236375B74EA63C75657D564890C436] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/05/2011 10:15:05.) -- C:\Windows\system32\wininet.dll [1126912]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]



---\\ Processus lancés
[MD5.5AB0C4B2BF41A973A48A56E28A2DE3CF] - (.McAfee, Inc. - McAfee Integrated Security Platform.) -- c:\PROGRA~2\mcafee.com\agent\mcagent.exe [641208]
[MD5.2A2551A08CF94DBE93B5A50C68648246] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [182808]
[MD5.25173C73A8E66BDCE0991643B3810BC8] - (.EgisTec Inc. - mwlDaemon Application.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [346672]
[MD5.E616A6A6E91B0A86F2F6217CDE835FFE] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856]
[MD5.D06276D4CAD46CDCEABEFDEB1A0D3C0D] - (...) -- C:\Program Files (x86)\Microsoft Office\Office\OSA.EXE [51984]
[MD5.7D58A86122808AAB00B4F955BBE388CF] - (.Microsoft Corporation - Gestionnaire Microsoft Office.) -- C:\Program Files (x86)\Microsoft Office\Office\MSOFFICE.EXE [340480]
[MD5.4A9E4F98604CC817845E54B6B31C142B] - (.Microsoft Corporation - Microsoft Recherche accélérée.) -- C:\Program Files (x86)\Microsoft Office\Office\FINDFAST.EXE [111376]
[MD5.DC35217E5F49C2FE2D5EBC7CB52FEC65] - (.Pas de propriétaire - WlanCU MFC Application.) -- C:\Program Files (x86)\TRENDnet\TEW-424UB\WlanCU.exe [434176]
[MD5.2B2D8EF4BE4648FC0BB91DE59D395574] - (.EgisTec Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464]
[MD5.B62D8C47FFF285F910A4896836BCD744] - (.CyberLink Corp. - Acer Arcade Deluxe Resident Program.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [156968]
[MD5.D3D3B1CFA81DD68D38362D533F443FD1] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [202024]
[MD5.8DCED3E27B271E76743C268DBD51EEEC] - (.Acer Corp. - Acer Arcade Deluxe PlayMovie Resident Progr.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [173288]
[MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248040]
[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [54576]
[MD5.4C6898F15701AE7C41775C14E423FE25] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3459712]
[MD5.904E13BA41AF2E353A32CF351CA53639] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [748336]
[MD5.CD94B1501F66744AE1A00668DE36BBF9] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe [307376]
[MD5.711FD53E441255983C0AB014E2F107F4] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe [233936]
[MD5.1D9C196D71449C3D6A116BEA6642269F] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag2\ZHPDiag.exe [659968]



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Lucile\AppData\Roaming\Mozilla\Firefox\Profiles\qler3qru.default\prefs.js
M2 - MFEP: prefs.js [Lucile - qler3qru.default\ffxtlbr@babylon.com] [] Babylon v1.1.3 (.Babylon.)
M2 - MFEP: prefs.js [Lucile - qler3qru.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.1 (.Microsoft.)
M2 - MFEP: prefs.js [Lucile - qler3qru.default\{4daac69c-cba7-45e2-9bc8-1044483d3352}] [] Softonic_France Community Toolbar v3.2.5.2 (.Conduit Ltd..)
M2 - MFEP: prefs.js [Lucile - qler3qru.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar v1.6.6.20090220 (.Yahoo!.)



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com
R0 - HKUS\S-1-5-21-216722422-4163288635-495304682-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\system32\ieframe.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar [64Bits] - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) (3,3,1,137) -- c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll
R3 - URLSearchHook: (no name) [64Bits] - {9bb815eb-3f9f-4e11-9150-cb70e29b40fc} . (...) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {4daac69c-cba7-45e2-9bc8-1044483d3352} . (...) (No version) -- (.not file.)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
0

Discussions similaires

Comment supprimer le virus Trojan
vitsou -
vitsou -

18 réponses
Aide pour un virus
cerise92700 -
MisteryBean -

41 réponses
Trojan impossible à supprimer!
Gridouu -
Malekal_morte- -

12 réponses
cheval de troie trojan
idnoder -
idnoder -

42 réponses
Trojan Csrss.exe
stevenw -
stevenw -

4 réponses