Sujet Précédent Sujet Suivant

Trojan-bnk-win32-keylogger-gen

Fermé
stefno13 - 20 juin 2011 à 20:34
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 24 juin 2011 à 10:10
Bonjour,

Mon pc s'estretrouvé bloqué par vista security 2012 "vista security has blocked a program from accessing the internet - rundll32.exe is inected with trojan-bnk.win 32.keylogger.gen
Après avoir consulté le site voici ce que j'ai fait :
passer en mode sans echec avec prise en charge du reseau
telecharger Malwarebytes - supprimer la selection
voici le rapport :

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Version de la base de données: 6896

Windows 6.0.6000 (Safe Mode)
Internet Explorer 7.0.6000.17037

19/06/2011 19:26:57
mbam-log-2011-06-19 (19-26-57).txt

Type d'examen: Examen complet (C:\|F:\|G:\|)
Elément(s) analysé(s): 259065
Temps écoulé: 37 minute(s), 29 seconde(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5

Processus mémoire infecté(s):
c:\Users\stephanie\AppData\Local\xlw.exe (Trojan.ExeShell.Gen) -> 1976 -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\2994978569 (Trojan.ExeShell.Gen) -> Value: 2994978569 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Value: {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Value: {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.exe\shell\open\command\(default) (Hijack.ExeFile) -> Value: (default) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Users\Stephanie\AppData\Local\xlw.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\exefile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("C:\Users\Stephanie\AppData\Local\xlw.exe" -a "%1" %*) Good: ("%1" %*) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\Users\stephanie\AppData\Local\xlw.exe (Trojan.ExeShell.Gen) -> Quarantined and deleted successfully.
c:\Users\stephanie\AppData\Local\Temp\nsr6B34.tmp\bardiscover.exe (Adware.BarDiscover) -> Quarantined and deleted successfully.
c:\Users\stephanie\AppData\Local\Temp\nsr6B34.tmp\uninstall.exe (Adware.BarDiscover) -> Quarantined and deleted successfully.
c:\Users\stephanie\Desktop\rk_quarantine\xlw.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\stephanie\documents\applicationsetup.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
Puis j'ai telechargé Ad-Remover - lancer le nettoyage
voici le rapport :
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 19:59:28 le 20/06/2011, Mode normal

Microsoft® Windows Vista(TM) Édition Familiale Premium (X86)
Stephanie@PC-DE-STEPHANIE (Sony Corporation VGN-CR21Z_R)

============== ACTION(S) ==============


Erreur suppression fichier: C:\Windows\system32\wbem\Performance\WmiApRpl_new.ini

(!) -- Fichiers temporaires supprimés.


Clé supprimée: HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Clé supprimée: HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Clé supprimée: HKLM\Software\Trymedia Systems


============== SCAN ADDITIONNEL ==============

**** Internet Explorer Version [7.0.6000.17037] ****

IEXPLORE.EXE\Shell\Open\Command - iexplore.exe
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} - "Google Desktop" (hxxp://127.0.0.1:4664/search&s=51wo1EWxwf3PbvFL-JSyGV3W3Sw?q={searchTerms})
HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
HKLM_Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - "?" (?)
BHO\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - "SSVHelper Class" (C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll)
BHO\{CA6319C0-31B7-401E-A518-A07C3DB8F777} - "CBrowserHelperObject Object" (C:\PROGRA~1\GOOGLE~1\BAE.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 20/06/2011 19:59:48 (2360 Octet(s))

Fin à: 20:00:46, 20/06/2011

============== E.O.F ==============
Mes problèmes sont ils résolus et mon pc court-il des risques ?
D'avance merci
A voir également:

13 réponses

Réponse 1 / 13
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
20 juin 2011 à 21:14
bonjour

colle nous un rapport de recherche (option 1 ) avec roguekiller

puis
slt

Télécharge ZHPDiag ( de Nicolas coolman ).
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html


(outil de diagnostic)

Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )

Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Executer en tant qu'admin ( vista )

Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.

Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.

Rend toi sur Cjoint : http://www.cijoint.fr/

Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "

Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau

Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message

ou sinon pour transmettre ton rapport:
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer les rapports.
Donnes le liens pjjoint ici ensuite pour pouvoir être consultés.
1
Réponse 2 / 13
stefno13
20 juin 2011 à 22:15
Bonsoir et merci de ton aide.
voici le 1er rapport :

RogueKiller V5.2.3 [16/06/2011] par Tigzy
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html

Systeme d'exploitation: Windows Vista (6.0.6000 ) 32 bits version
Demarrage : Mode normal
Utilisateur: Stephanie [Droits d'admin]
Mode: Recherche -- Date : 20/06/2011 21:50:46

Processus malicieux: 0

Entrees de registre: 2
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

Fichier HOSTS:
127.0.0.1 localhost
::1 localhost


Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt



et le second :

Rapport de ZHPDiag v1.27.2341 par Nicolas Coolman, Update du 20/06/2011
Run by Stephanie at 20/06/2011 22:01:08
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html


---\\ Web Browser
MSIE: Internet Explorer v7.0.6000.17037 (Defaut)

---\\ System Information
Windows Vista Home Premium Edition, 32-bit (Build 6000)
Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2045 MB (48% free)
System Restore: Activé (Enable)
System drive C: has 93 GB (52%) free of 177 GB

---\\ Logged in mode
Computer Name: PC-DE-STEPHANIE
User Name: Stephanie
All Users Names: Stephanie, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=C:\Users\Stephanie\AppData\Roaming
%LocalAppData%=C:\Users\Stephanie\AppData\Local
%StartMenu%=C:\Users\Stephanie\AppData\Roaming\Microsoft\Windows\Start Menu

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 93 Go of 177 Go)
D:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
E:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
F:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK



---\\ Recherche particulière de fichiers génériques
[MD5.37440D09DEAE0B672A04DCCF7ABF06BE] - (.Microsoft Corporation - Explorateur Windows.) (.12/12/2009 15:03:52.) -- C:\Windows\Explorer.exe [2923520]
[MD5.D4385B03E8CCCEE6F0EE249F827C1F3E] - (.Microsoft Corporation - Application de démarrage de Windows.) (.02/11/2006 10:45:57.) -- C:\Windows\system32\Wininit.exe [95744]
[MD5.0F340B61FA7221DDF8B8375BC0217B71] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.09/03/2010 17:54:49.) -- C:\Windows\system32\wininet.dll [832512]
[MD5.9F75392B9128A91ABAFB044EA350BAAD] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.02/11/2006 10:45:57.) -- C:\Windows\system32\Winlogon.exe [308224]
[MD5.B35CFCEF838382AB6490B321C87EDF17] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.12/12/2009 15:04:36.) -- C:\Windows\system32\drivers\atapi.sys [21560]
[MD5.37430AA7A66D7A63407ADC2C0D05E9F6] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.14/12/2009 23:30:35.) -- C:\Windows\system32\drivers\ntfs.sys [1060920]



---\\ Processus lancés
[MD5.9AD9E2FB2811123DA13DE84CC154AB77] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1006264]
[MD5.5CE6D96C5210D5B0145EE39C0B8E7C8A] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [835584]
[MD5.DC068189910FCC0375B8A9CC9C3D179D] - (.Sony Corporation - Pas de description.) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe [317560]
[MD5.9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F] - (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192]
[MD5.9C1C80BBF8E6044980890E2D2D91091C] - (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe [83608]
[MD5.3CEA63CDF8815EEFE52C5739CDA40961] - (.Nokia - Nokia M Platform.) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe [1540096]
[MD5.C871215D9A7DD80CF19511BEF80B0A1E] - (.Pas de propriétaire - Face-Plus MFC Application.) -- C:\Program Files\faceplus\faceplus.exe [77824]
[MD5.36B9FC05B2091A5782D4A0189FE1735C] - (.ATI Technologies Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE [49152]
[MD5.768525F5AE2DD21781241E81FDEDE408] - (.Nokia - Nokia Ovi Suite.) -- C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [724536]
[MD5.15698CEFF3FBFA6DE2D8ADAC952B54EC] - (.Sony Corporation - VAIO Update.) -- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe [551032]
[MD5.AF334CA84536E743D6AEF32548223403] - (.Sony Corporation - Wireless Switch Setting Utility.) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe [469112]
[MD5.CC0D9AC0AD3AA394BBA42B0B304BCF13] - (.Nokia - Nokia Launch Application.) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1451520]
[MD5.99650307EEBDB49B8F092042A0578A11] - (.TOSHIBA CORPORATION. - TosBtMng.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2756608]
[MD5.A8F118883233EF3322FAB4D19B41F0AE] - (.Hauppauge Computer Works, Inc. - WinTVTray.) -- C:\Program Files\WinTV\WinTV7\WinTVTray.exe [98304]
[MD5.75407DBFC47A6AC6243F557861EEB596] - (.TOSHIBA CORPORATION. - TosA2dp.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe [278528]
[MD5.2C92B17E820094F37037B6CE114BEB69] - (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe [69632]
[MD5.FEF735DE1A59D43D8640DB1FC703E8F2] - (.TOSHIBA CORPORATION. - TosBtHSP.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe [274432]
[MD5.75D803D088218D65CDE2E0278A4E9EB1] - (.Nokia - Toshiba Bluetooth Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclToBTSrv.exe [141824]
[MD5.0FC4CA031C46CE1BBDD8A7E91ED2251B] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [49152]
[MD5.60A2FA29C0BCE4CABF664F0BADBD7CF8] - (.Nokia - Microsoft Bluetooth Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe [134144]
[MD5.578A0286700A2B2F9557D80C42788456] - (.TOSHIBA CORPORATION. - TosAVRC.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe [278528]
[MD5.1BEEBFE3E8C97FCA56864E590E20B45F] - (.TOSHIBA CORPORATION. - tosOBEX.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe [307200]
[MD5.1790D0B70FD12CB1A318F15E35A4998F] - (.TOSHIBA CORPORATION. - TosBtProc.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe [2170880]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53472]
[MD5.2087D3A19C7E721C03789476E228100E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\ieuser.exe [301568]
[MD5.6AAA2F3476638AF74E306B796989BBBD] - (.Adobe Systems, Inc. - Adobe Flash Player Helper 10.0 r42.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe [257440]
[MD5.259E27152180B895DF395ED3E412B90E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [634648]
[MD5.05CB3DA78A4BBD9B799A5957F9D101CC] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [68608]
[MD5.349CD4318E6E351C9BB72EE13B7CA807] - (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe [320000]
[MD5.FF7F14FDA901090E337488A1900E3660] - (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe [151040]
[MD5.75BAAA579A5ABDCB0EF2D82EFD256F1B] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [659456]



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKUS\S-1-5-21-441941528-2226617130-1150552487-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (7.00.6000.16386 (vista_rtm.061101-2205)) -- C:\Windows\system32\ieframe.dll



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll



---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} . (.Your Company Name - BAE.dll.) -- C:\PROGRA~1\GOOGLE~1\BAE.dll



---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [ISBMgr.exe] . (.Sony Corporation - Pas de description.) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [Google Desktop Search] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O4 - HKLM\..\Run: [Norton Save and Restore 2.0] . (.Symantec Corporation - Tray Application.) -- C:\Program Files\Norton Save and Restore\Agent\VProTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [StartCCC] . (...) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [Face-Plus] . (.Pas de propriétaire - Application MFC faceplus.) -- C:\Program Files\faceplus\pre_faceplus.exe
O4 - HKLM\..\Run: [NokiaMServer] Clé orpheline
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [NokiaOviSuite2] . (.Nokia - Nokia Ovi Suite.) -- C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
O4 - HKCU\..\Run: [PC Suite Tray] . (.Nokia - Nokia Launch Application.) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - Chargeur CTF.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-441941528-2226617130-1150552487-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-441941528-2226617130-1150552487-1000\..\Run: [NokiaOviSuite2] . (.Nokia - Nokia Ovi Suite.) -- C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
O4 - HKUS\S-1-5-21-441941528-2226617130-1150552487-1000\..\Run: [PC Suite Tray] . (.Nokia - Nokia Launch Application.) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
O4 - HKUS\S-1-5-21-441941528-2226617130-1150552487-1000\..\Run: [ctfmon.exe] . (.Microsoft Corporation - Chargeur CTF.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk . (.Hauppauge Computer Works.) -- C:\Program Files\WinTV\Ir.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk . (.TOSHIBA CORPORATION..) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status..lnk . (.Hauppauge Computer Works, Inc..) -- C:\Program Files\WinTV\WinTV7\WinTVTray.exe



---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Stephanie\Desktop\AD-R.lnk . (...) -- C:\Program Files\Ad-Remover\main.exe
O4 - Global Startup: C:\Users\Stephanie\Desktop\RogueKiller - Raccourci.lnk . (...) -- D:\RogueKiller.exe (.not file.)
O4 - Global Startup: C:\Users\Stephanie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Stephanie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Clé orpheline
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Envoyer à OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKLM\...\Domains] *.canalplay.com
O15 - Trusted Zone: [HKLM\...\Domains\www] *.canalplay.com
O15 - Trusted Zone: [HKLM\...\Domains] *.canalplusactive.com
O15 - Trusted Zone: [HKLM\...\Domains\www] *.canalplusactive.com



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B49F3DDF-D851-4D91-93CD-C72007A71DF8}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{B49F3DDF-D851-4D91-93CD-C72007A71DF8}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{A1841C45-8842-4319-BE30-13256A47D554}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{B49F3DDF-D851-4D91-93CD-C72007A71DF8}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241



---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (...) -- igfxdev.dll
O20 - Winlogon Notify: VESWinlogon . (.Sony Corporation - VAIO Event Service (Winlogon Notification M.) -- C:\Windows\System32\VESWinlogon.dll



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\system32\webcheck.dll



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) . (...) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (.not file.)
O23 - Service: HauppaugeTVServer (HauppaugeTVServer) . (.Hauppauge Computer Works - Hauppauge TV Server.) - C:\PROGRA~1\WinTV\TVServer\HAUPPA~1.exe
O23 - Service: IviRegMgr (IviRegMgr) . (.InterVideo - RegMgr Module.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: TOSHIBA Bluetooth Service (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: VAIO Event Service (VAIO Event Service) . (.Sony Corporation - VAIO Event Service (Service Module).) - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) . (.Sony Corporation - VAIO Entertainment Database Service.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) . (.Sony Corporation - VAIO Entertainment File Import Service.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService (XAudioService) . (.Conexant Systems, Inc. - Modem Audio Service.) - C:\Windows\system32\DRIVERS\xaudio.exe



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe



---\\ Tâches planifiées en automatique (O39)
[MD5.15698CEFF3FBFA6DE2D8ADAC952B54EC] [APT] [VAIO Update] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
[MD5.AF334CA84536E743D6AEF32548223403] [APT] [WSSU] (.Sony Corporation.) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (DfsC) . (.Microsoft Corporation - DFS Client MUP Surrogate Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (DMICall) . (.Sony Corporation - Windows 2000 DMI Call Kernel Driver.) - C:\Windows\System32\DRIVERS\DMICall.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Tcpip) . (.Microsoft Corporation - TCP/IP Driver.) - C:\Windows\System32\drivers\tcpip.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (Tosrfcom) . (.TOSHIBA Corporation - Bluetooth RFCOMM Driver.) - C:\Windows\System32\Drivers\tosrfcom.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys



---\\ Logiciels installés (O42)
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: ATI Uninstaller - (.ATI Technologies, Inc..) [HKLM] -- ATI Uninstaller
O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites - (.Microsoft Corporation.) [HKLM] -- Activation Assistant for the 2007 Microsoft Office suites
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 9 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- ShockwaveFlash
O42 - Logiciel: Adobe Reader 8.1.0 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A81000000003}
O42 - Logiciel: ArcSoft Codec - (.ArcSoft.) [HKLM] -- {3AC67A17-5DB7-425B-93FA-1D82A27B55F5}
O42 - Logiciel: ArcSoft Magic-i Visual Effects Installer - (.ArcSoft.) [HKLM] -- {9AB83A3C-604D-4B4F-AA25-A23A3FC39844}
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Atlantis - Sky Patrol - (.Pas de propriétaire.) [HKLM] -- Atlantis - Sky Patrol
O42 - Logiciel: Bluetooth Stack for Windows by Toshiba - (.Pas de propriétaire.) [HKLM] -- {CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
O42 - Logiciel: Browser Address Error Redirector - (.Pas de propriétaire.) [HKLM] -- {3EE33958-7381-4E7B-A4F3-6E43098E9E9C}
O42 - Logiciel: Centre de Big Fish Games - (.Pas de propriétaire.) [HKLM] -- Centre de Big Fish Games
O42 - Logiciel: Click to DVD 2.0.05 Menu Data - (.Sony Corporation.) [HKLM] -- {9E407618-D9CD-4F39-9490-9ED45294073D}
O42 - Logiciel: Click to DVD 2.6.00 - (.Sony Corporation.) [HKLM] -- {E809063C-51A3-4269-8984-D1EB742F2151}
O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2}
O42 - Logiciel: DivX Converter - (.DivX, Inc..) [HKLM] -- {B13A7C41581B411290FBC0395694E2A9}
O42 - Logiciel: DivX Player - (.DivXNetworks, Inc..) [HKLM] -- {8ADFC4160D694100B5B8A22DE9DCABD9}
O42 - Logiciel: Faceplus - (.Faceplus.) [HKLM] -- {29EAE5E2-E92F-4278-A660-AF3975D72691}_is1
O42 - Logiciel: GearDrvs - (.Symantec Corporation.) [HKLM] -- {206FD69B-F9FE-4164-81BD-D52552BC9C23}
O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop
O42 - Logiciel: HDAUDIO SoftV92 Data Fax Modem with SmartCP - (.Pas de propriétaire.) [HKLM] -- CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200
O42 - Logiciel: Hauppauge MCE XP/Vista Software Encoder (2.0.27022) - (.Hauppauge Computer Works, Inc..) [HKLM] -- Hauppauge MCE2005 Software Encoder
O42 - Logiciel: Hauppauge MPEG-4/H.264 Decoder Installation - (.Pas de propriétaire.) [HKLM] -- Hauppauge MPEG-4/H.264 Decoder Installation
O42 - Logiciel: Hauppauge WinTV 7 - (.Pas de propriétaire.) [HKLM] -- Hauppauge WinTV 7
O42 - Logiciel: Hauppauge WinTV Infrared Remote - (.Hauppauge Computer Works, Inc..) [HKLM] -- Hauppauge WinTV Infrared Remote
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}
O42 - Logiciel: Instant Mode - (.InterVideo.) [HKLM] -- {E6707034-D7A4-49B1-94D0-F5AACE46F06C}
O42 - Logiciel: Java(TM) SE Runtime Environment 6 Update 1 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160010}
O42 - Logiciel: Lecteur CANALPLAY 2.3 - (.Canal+ Active.) [HKLM] -- {E9E37358-E3E1-47BA-9E21-375EF3616BC9}
O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] -- {37477865-A3F1-4772-AD43-AAFC6BCFF99F}
O42 - Logiciel: Mahjong Towers Eternity - (.Pas de propriétaire.) [HKLM] -- Mahjong Towers Eternity
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.0.1200 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Mystery Case Files - Prime Suspects - (.Pas de propriétaire.) [HKLM] -- Mystery Case Files - Prime Suspects
O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM] -- {25CFEF55-A945-41FC-86ED-76469F31DF37}
O42 - Logiciel: Nokia Ovi Suite - (.Nokia.) [HKLM] -- Nokia Ovi Suite
O42 - Logiciel: Nokia Ovi Suite - (.Nokia.) [HKLM] -- {6339663B-F26F-4FE3-B813-0E1DEC4ED976}
O42 - Logiciel: Nokia Ovi Suite Software Updater - (.Nokia Corporation.) [HKLM] -- {A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}
O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM] -- Nokia PC Suite
O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM] -- {9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}
O42 - Logiciel: Norton 360 - (.Symantec Corporation.) [HKLM] -- {63A6E9A9-A190-46D4-9430-2DB28654AFD8}
O42 - Logiciel: Norton Save and Restore - (.Symantec.) [HKLM] -- {B0255743-165B-4BD5-8DA8-37DFB993B201}
O42 - Logiciel: OpenMG Limited Patch 4.7-07-15-19-01 - (.Pas de propriétaire.) [HKLM] -- OpenMG HotFix4.7-07-13-22-01
O42 - Logiciel: OpenMG Secure Module 4.7.00 - (.Sony Corporation.) [HKLM] -- InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}
O42 - Logiciel: Outil VAIO Media Registration 6.0 - (.Sony Corporation.) [HKLM] -- {AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}
O42 - Logiciel: Outil de restauration de données VAIO - (.Sony Corporation.) [HKLM] -- {57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: Ovi Desktop Sync Engine - (.Nokia.) [HKLM] -- {BEF7FC5C-0182-4DDE-BDDD-F7D132AB833D}
O42 - Logiciel: OviMPlatform - (.Nokia.) [HKLM] -- {4CA10D13-F83A-487E-9B30-CC979FEF7A70}
O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {3DE96337-68D2-48E0-A863-6E4A5CD3BC25}
O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693
O42 - Logiciel: Picasa 2 - (.Google, Inc..) [HKLM] -- Picasa2
O42 - Logiciel: Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Roxio Easy Media Creator Home - (.Roxio.) [HKLM] -- {B7FB0C86-41A4-4402-9A33-912C462042A0}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD907315-705A-4475-A1A0-2A1245803E4D}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A0173254-F442-4D04-9154-43FA157B83D0}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Setting Utility Series - (.Sony Corporation.) [HKLM] -- {A7DA438C-2E43-4C20-BFDA-C1F4A6208558}
O42 - Logiciel: Skype 3.2 - (.Skype Technologies S.A..) [HKLM] -- Skype_is1
O42 - Logiciel: Skype Plugin Manager - (.Skype Limited.) [HKLM] -- {3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}
O42 - Logiciel: SonicStage Mastering Studio - (.Sony Corporation.) [HKLM] -- {6332AFF1-9D9A-429C-AA03-F82749FA4F49}
O42 - Logiciel: SonicStage Mastering Studio Audio Filter - (.Sony Corporation.) [HKLM] -- {DF7DB916-90E5-40F2-9010-B8125EB5FD6F}
O42 - Logiciel: SonicStage Mastering Studio Audio Filter Custom Preset - (.Sony Corporation.) [HKLM] -- {EC37A846-53AC-4DA7-98FA-76A4E74AA900}
O42 - Logiciel: SonicStage Mastering Studio Plugins - (.Sony Corporation.) [HKLM] -- {9C1C8A04-F8CA-4472-A92D-4288CE32DE86}
O42 - Logiciel: Sony Video Shared Library - (.Sony Corporation.) [HKLM] -- {01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: VAIO Aqua Breeze Wallpaper - (.Sony Corporation.) [HKLM] -- {97BCD719-6ECB-458F-97D6-F38D2E07375E}
O42 - Logiciel: VAIO Camera Capture Utility - (.Sony Corporation.) [HKLM] -- {6D2576EC-A0E9-418A-A09A-409933A3B6F4}
O42 - Logiciel: VAIO Content Folder Setting - (.Sony Corporation.) [HKLM] -- {23825B69-36DF-4DAD-9CFD-118D11D80F16}
O42 - Logiciel: VAIO Content Importer / VAIO Content Exporter - (.Sony Corporation.) [HKLM] -- {68A69CFF-130D-4CDE-AB0E-7374ECB144C8}
O42 - Logiciel: VAIO Content Metadata Intelligent Analyzing Manager - (.Sony Corporation.) [HKLM] -- {FAA6B94E-78A7-489C-B2DB-050D9FEBFADA}
O42 - Logiciel: VAIO Content Metadata Manager Setting - (.Sony Corporation.) [HKLM] -- {69351E9E-23ED-41D5-B146-EDBF83C63B66}
O42 - Logiciel: VAIO Content Metadata XML Interface Library - (.Sony Corporation.) [HKLM] -- {5F5DE5D5-D130-4110-A3A4-69FFB0B14BD9}
O42 - Logiciel: VAIO Control Center - (.Sony Corporation.) [HKLM] -- {72042FA6-5609-489F-A8EA-3C2DD650F667}
O42 - Logiciel: VAIO Cozy Orange Wallpaper - (.Sony Corporation.) [HKLM] -- {2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}
O42 - Logiciel: VAIO Entertainment Platform - (.Sony Corporation.) [HKLM] -- {6B1F20F2-6321-4669-A58C-33DF8E7517FF}
O42 - Logiciel: VAIO Event Service - (.Sony Corporation.) [HKLM] -- {F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}
O42 - Logiciel: VAIO Launcher - (.Sony Corporation.) [HKLM] -- {15D5C238-4C2E-4AEA-A66D-D6989A4C586B}
O42 - Logiciel: VAIO Long Battery Life Wallpaper - (.Sony Corporation.) [HKLM] -- {BBFFB027-7D53-4E1B-95BC-35A2216D1D60}
O42 - Logiciel: VAIO Media 6.0 - (.Sony Corporation.) [HKLM] -- {560F6B2E-F0DF-44E5-8190-A4A161F0E205}
O42 - Logiciel: VAIO Media AC3 Decoder 1.0 - (.Pas de propriétaire.) [HKLM] -- {2063C2E8-3812-4BBD-9998-6610F80C1DD4}
O42 - Logiciel: VAIO Media Content Collection 6.0 - (.Sony Corporation.) [HKLM] -- {500162A0-4DD5-460A-BAFD-895AAE48C532}
O42 - Logiciel: VAIO Media Integrated Server 6.1 - (.Sony Corporation.) [HKLM] -- {785EB1D4-ECEC-4195-99B4-73C47E187721}
O42 - Logiciel: VAIO Media Redistribution 6.0 - (.Sony Corporation.) [HKLM] -- {5855C127-1F20-404D-B7FB-1FD84D7EAB5E}
O42 - Logiciel: VAIO Movie Story - (.Sony Corporation.) [HKLM] -- {B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}
O42 - Logiciel: VAIO Movie Story Template Data - (.Sony Corporation.) [HKLM] -- {6FA8BA2C-052B-4072-B8E2-2302C268BE9E}
O42 - Logiciel: VAIO MusicBox - (.Sony Corporation.) [HKLM] -- {4EA55D20-27FB-45D7-8726-147E8A5F6C62}
O42 - Logiciel: VAIO MusicBox Sample Music - (.Sony Corporation.) [HKLM] -- {98FC7A64-774B-49B5-B046-4B4EBC053FA9}
O42 - Logiciel: VAIO Original Function Setting - (.Sony Corporation.) [HKLM] -- {A63E7492-A0BC-4BB9-89A7-352965222380}
O42 - Logiciel: VAIO Original Screen Saver - (.Pas de propriétaire.) [HKLM] -- {1BEF9285-5530-426B-A5F1-5836B95C7EB1}
O42 - Logiciel: VAIO Power Management - (.Sony Corporation.) [HKLM] -- {802889F8-6AF5-45A5-9764-CA5B999E50FC}
O42 - Logiciel: VAIO Tender Green Wallpaper - (.Sony Corporation.) [HKLM] -- {934A3213-1CB6-4264-84A2-EE080C017BCA}
O42 - Logiciel: VAIO Update 3 - (.Sony Corporation.) [HKLM] -- {48820099-ED7D-424B-890C-9A82EF00656D}
O42 - Logiciel: VAIO Xblack Contents - (.Pas de propriétaire.) [HKLM] -- VAIO Xblack Contents
O42 - Logiciel: VLC media player 1.1.2 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Virtual Villagers - (.Pas de propriétaire.) [HKLM] -- Virtual Villagers
O42 - Logiciel: WinDVD for VAIO - (.InterVideo Inc..) [HKLM] -- InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {ED00D08A-3C5F-488D-93A0-A04F21F23956}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}
O42 - Logiciel: Wireless Switch Setting Utility - (.Sony Corporation.) [HKLM] -- {2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ATI Technologies Inc.]
[HKCU\Software\ATI]
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Atlantis - Sky Patrol]
[HKCU\Software\BAE]
[HKCU\Software\CDDB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Convar]
[HKCU\Software\DivXNetworks]
[HKCU\Software\GNU]
[HKCU\Software\GlarySoft]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\InterVideo]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lake]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Mahjong Towers Eternity]
[HKCU\Software\MainConcept (HCW)]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MimarSinan]
[HKCU\Software\Mystery Case Files - Prime Suspects]
[HKCU\Software\Netscape]
[HKCU\Software\Nokia]
[HKCU\Software\ODBC]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\Roxio]
[HKCU\Software\Sonic]
[HKCU\Software\Sony Corporation]
[HKCU\Software\Synaptics]
[HKCU\Software\Toshiba]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\Virtual Villagers]
[HKCU\Software\YahooPartnerToolbar]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adobe]
[HKLM\Software\ArcSoft]
[HKLM\Software\BroadCom]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CDDB]
[HKLM\Software\CXT]
[HKLM\Software\Canal+ Active]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conexant Systems Inc ]
[HKLM\Software\Conexant]
[HKLM\Software\Debug]
[HKLM\Software\DivXNetworks]
[HKLM\Software\Google]
[HKLM\Software\Hauppauge]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Lake]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\MainConceptMCE]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nokia Mobile Phones]
[HKLM\Software\Nokia]
[HKLM\Software\ODBC]
[HKLM\Software\OMSI]
[HKLM\Software\PC Connectivity Solution]
[HKLM\Software\PCSuite]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Roxio]
[HKLM\Software\S3R521]
[HKLM\Software\SOFTWARE]
[HKLM\Software\SRS Labs]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Corporation]
[HKLM\Software\Sony]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\Toshiba]
[HKLM\Software\TuneUp]
[HKLM\Software\VideoLAN]
[HKLM\Software\VirtualVillagers]
[HKLM\Software\Volatile]
[HKLM\Software\illiminable]



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15/12/2009 - 22:03:36 - [17650308] ----D- C:\Program Files\a-squared Anti-Malware
O43 - CFD: 14/08/2007 - 10:23:00 - [12683101] ----D- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
O43 - CFD: 20/06/2011 - 19:59:30 - [85366217] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 14/08/2007 - 10:24:20 - [940817755] ----D- C:\Program Files\Adobe
O43 - CFD: 06/12/2009 - 18:53:40 - [18304190] ----D- C:\Program Files\ArcSoft
O43 - CFD: 06/12/2009 - 18:45:16 - [14395069] ----D- C:\Program Files\ATI
O43 - CFD: 06/12/2009 - 18:46:40 - [140088681] ----D- C:\Program Files\ATI Technologies
O43 - CFD: 14/08/2007 - 10:25:44 - [330980] ----D- C:\Program Files\BFG
O43 - CFD: 06/02/2011 - 16:41:16 - [866554207] ----D- C:\Program Files\Common Files
O43 - CFD: 13/08/2007 - 16:53:24 - [1061344] ----D- C:\Program Files\CONEXANT
O43 - CFD: 27/10/2010 - 21:49:00 - [7202991] ----D- C:\Program Files\Convar
O43 - CFD: 09/01/2010 - 23:29:42 - [800824] ----D- C:\Program Files\DIFX
O43 - CFD: 14/08/2007 - 10:26:30 - [47207860] ----D- C:\Program Files\DivX
O43 - CFD: 03/11/2010 - 21:52:56 - [848641] ----D- C:\Program Files\faceplus
O43 - CFD: 13/08/2007 - 15:22:26 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 11/12/2009 - 18:10:38 - [21217899] ----D- C:\Program Files\Google
O43 - CFD: 14/08/2007 - 10:28:30 - [98346] ----D- C:\Program Files\Google BAE
O43 - CFD: 06/02/2011 - 16:41:16 - [125207777] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 13/08/2007 - 16:39:00 - [64860] ----D- C:\Program Files\Intel
O43 - CFD: 03/04/2010 - 23:02:36 - [1552411] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 06/12/2009 - 19:24:28 - [161476026] ----D- C:\Program Files\InterVideo
O43 - CFD: 09/01/2010 - 23:54:34 - [82549671] ----D- C:\Program Files\Java
O43 - CFD: 06/12/2009 - 18:44:40 - [12575240] ----D- C:\Program Files\Lecteur CANALPLAY
O43 - CFD: 19/06/2011 - 18:42:06 - [7566414] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 15/12/2009 - 21:28:02 - [226432] ----D- C:\Program Files\Microsoft
O43 - CFD: 12/12/2009 - 16:07:38 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 02/11/2006 - 14:37:36 - [92804023] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 14/08/2007 - 10:27:52 - [370791301] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 18/06/2011 - 14:22:30 - [38411899] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 19/12/2009 - 00:25:56 - [151889282] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 14/08/2007 - 10:20:30 - [8152064] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 13/03/2010 - 01:53:08 - [99153006] ----D- C:\Program Files\Movie Maker
O43 - CFD: 02/11/2006 - 14:37:36 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 02/11/2006 - 14:37:36 - [3272760] ----D- C:\Program Files\MSN
O43 - CFD: 13/08/2007 - 16:09:30 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 14/06/2011 - 21:45:50 - [131658651] ----D- C:\Program Files\Nokia
O43 - CFD: 14/08/2007 - 10:29:40 - [94833564] ----D- C:\Program Files\Norton Save and Restore
O43 - CFD: 14/06/2011 - 21:44:20 - [13568935] ----D- C:\Program Files\PC Connectivity Solution
O43 - CFD: 14/08/2007 - 10:28:58 - [28466101] ----D- C:\Program Files\Picasa2
O43 - CFD: 13/08/2007 - 16:47:50 - [15550595] ----D- C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:36 - [38637313] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 06/12/2009 - 18:55:42 - [11081992] ----D- C:\Program Files\Roxio
O43 - CFD: 06/12/2009 - 18:57:14 - [30291695] ----D- C:\Program Files\Skype
O43 - CFD: 06/12/2009 - 19:33:18 - [638444567] ----D- C:\Program Files\Sony
O43 - CFD: 13/08/2007 - 16:54:46 - [13533934] ----D- C:\Program Files\Synaptics
O43 - CFD: 06/12/2009 - 18:59:34 - [49141926] ----D- C:\Program Files\Toshiba
O43 - CFD: 27/10/2010 - 22:34:14 - [3072] ----D- C:\Program Files\TuneUp Utilities 2009
O43 - CFD: 02/11/2006 - 15:01:56 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 14/08/2010 - 22:41:52 - [77883493] ----D- C:\Program Files\VideoLAN
O43 - CFD: 14/12/2009 - 08:46:30 - [1016832] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 19/12/2009 - 00:09:10 - [2761216] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 13/08/2007 - 16:13:26 - [4486592] ----D- C:\Program Files\Windows Defender
O43 - CFD: 19/12/2009 - 00:09:10 - [7078008] ----D- C:\Program Files\Windows Journal
O43 - CFD: 15/12/2009 - 21:27:56 - [45938529] ----D- C:\Program Files\Windows Live
O43 - CFD: 15/12/2009 - 21:27:40 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 17/04/2010 - 22:05:58 - [9071240] ----D- C:\Program Files\Windows Mail
O43 - CFD: 19/12/2009 - 00:09:10 - [4496487] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 13/08/2007 - 15:22:26 - [7940176] ----D- C:\Program Files\Windows NT
O43 - CFD: 02/11/2006 - 14:42:34 - [13463714] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 19/12/2009 - 00:09:10 - [6503190] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 06/02/2011 - 16:42:32 - [21579252] ----D- C:\Program Files\WinTV
O43 - CFD: 20/06/2011 - 22:01:12 - [3910360] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 14/08/2007 - 10:24:34 - [10816539] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 06/02/2011 - 16:41:16 - [2121728] ----D- C:\Program Files\Common Files\ArcSoft
O43 - CFD: 14/08/2007 - 10:20:44 - [92976] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 06/12/2009 - 18:53:38 - [12485718] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 06/12/2009 - 19:24:28 - [179248] ----D- C:\Program Files\Common Files\InterVideo
O43 - CFD: 14/08/2007 - 10:31:32 - [33818526] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 06/02/2011 - 16:39:46 - [433949967] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 14/06/2011 - 21:47:10 - [84437582] ----D- C:\Program Files\Common Files\Nokia
O43 - CFD: 09/01/2010 - 23:29:56 - [88064] ----D- C:\Program Files\Common Files\PCSuite
O43 - CFD: 14/08/2007 - 10:26:24 - [3926944] ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 06/12/2009 - 18:55:54 - [35615825] ----D- C:\Program Files\Common Files\Roxio Shared
O43 - CFD: 19/12/2009 - 00:09:10 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 06/12/2009 - 18:57:14 - [1828440] ----D- C:\Program Files\Common Files\Skype
O43 - CFD: 06/12/2009 - 18:55:54 - [6702640] ----D- C:\Program Files\Common Files\Sonic Shared
O43 - CFD: 06/12/2009 - 19:16:08 - [111675498] ----D- C:\Program Files\Common Files\Sony Shared
O43 - CFD: 02/11/2006 - 13:18:34 - [41100711] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 15/12/2009 - 21:16:22 - [10384960] ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 13/08/2007 - 16:13:30 - [42700430] ----D- C:\Program Files\Common Files\System
O43 - CFD: 11/12/2009 - 18:29:42 - [34617570] ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 12/12/2009 - 15:48:46 - [8139] -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller
O43 - CFD: 14/08/2007 - 10:25:00 - [764] ----D- C:\ProgramData\Adobe
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 13/08/2007 - 15:22:26 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 13/08/2007 - 15:22:26 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 11/12/2009 - 18:07:52 - [14402] ----D- C:\ProgramData\Google
O43 - CFD: 09/01/2010 - 23:14:04 - [142991209] ----D- C:\ProgramData\Installations
O43 - CFD: 19/06/2011 - 18:42:04 - [6837559] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 13/08/2007 - 15:22:26 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 15/06/2011 - 22:50:56 - [127012177] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 18/06/2011 - 14:53:08 - [57040] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 13/08/2007 - 15:22:26 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 14/06/2011 - 22:11:12 - [182650906] ----D- C:\ProgramData\Nokia
O43 - CFD: 14/06/2011 - 22:08:54 - [0] ----D- C:\ProgramData\NokiaAccount
O43 - CFD: 06/11/2010 - 23:57:32 - [643478868] ----D- C:\ProgramData\NokiaInstallerCache
O43 - CFD: 09/01/2010 - 23:38:26 - [97323] ----D- C:\ProgramData\PC Suite
O43 - CFD: 13/02/2011 - 18:50:26 - [0] ----D- C:\ProgramData\Roxio
O43 - CFD: 06/12/2009 - 18:57:14 - [2215641] ----D- C:\ProgramData\Skype
O43 - CFD: 06/12/2009 - 18:56:02 - [972] ----D- C:\ProgramData\Sonic
O43 - CFD: 14/08/2007 - 10:26:08 - [11045956] ----D- C:\ProgramData\Sony
O43 - CFD: 03/02/2010 - 20:13:06 - [972427484] ----D- C:\ProgramData\Sony Corporation
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 07/02/2010 - 18:59:16 - [46545] ----D- C:\ProgramData\Symantec
O43 - CFD: 27/10/2010 - 22:30:18 - [0] ---AD- C:\ProgramData\TEMP
O43 - CFD: 02/11/2006 - 15:02:06 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 27/10/2010 - 21:58:40 - [46080] ----D- C:\ProgramData\TuneUp Software
O43 - CFD: 06/12/2009 - 19:16:12 - [0] ----D- C:\ProgramData\VAIO Media Platform
O43 - CFD: 12/12/2009 - 15:48:24 - [217606] ----D- C:\ProgramData\WLInstaller
O43 - CFD: 14/08/2007 - 10:22:58 - [6904817] ----D- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
O43 - CFD: 27/10/2010 - 21:58:18 - [17716224] -SH-D- C:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357}
O43 - CFD: 27/12
0
Réponse 3 / 13
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
21 juin 2011 à 10:02
ok fais l option 2 de roguekiller et colle nous le rapport . Puis remets un rapport zhpdiag en le transmettant selon la procédure indiquée plus haut sinon le rapport est incomplet . A plus
0
Réponse 4 / 13
stefno13
21 juin 2011 à 19:00
bonjour, voici:
RogueKiller V5.2.3 [16/06/2011] par Tigzy
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html

Systeme d'exploitation: Windows Vista (6.0.6000 ) 32 bits version
Demarrage : Mode normal
Utilisateur: Stephanie [Droits d'admin]
Mode: Suppression -- Date : 21/06/2011 18:46:12

Processus malicieux: 0

Entrees de registre: 2
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

Fichier HOSTS:
127.0.0.1 localhost
::1 localhost


Termine : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt


et le second:
Rapport de ZHPDiag v1.27.2341 par Nicolas Coolman, Update du 20/06/2011
Run by Stephanie at 21/06/2011 18:58:50
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html


---\\ Web Browser
MSIE: Internet Explorer v7.0.6000.17037 (Defaut)

---\\ System Information
Windows Vista Home Premium Edition, 32-bit (Build 6000)
Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2045 MB (55% free)
System Restore: Activé (Enable)
System drive C: has 90 GB (50%) free of 177 GB

---\\ Logged in mode
Computer Name: PC-DE-STEPHANIE
User Name: Stephanie
All Users Names: Stephanie, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=C:\Users\Stephanie\AppData\Roaming
%LocalAppData%=C:\Users\Stephanie\AppData\Local
%StartMenu%=C:\Users\Stephanie\AppData\Roaming\Microsoft\Windows\Start Menu

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 90 Go of 177 Go)
D:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
E:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
F:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK



---\\ Recherche particulière de fichiers génériques
[MD5.37440D09DEAE0B672A04DCCF7ABF06BE] - (.Microsoft Corporation - Explorateur Windows.) (.12/12/2009 15:03:52.) -- C:\Windows\Explorer.exe [2923520]
[MD5.D4385B03E8CCCEE6F0EE249F827C1F3E] - (.Microsoft Corporation - Application de démarrage de Windows.) (.02/11/2006 10:45:57.) -- C:\Windows\system32\Wininit.exe [95744]
[MD5.0F340B61FA7221DDF8B8375BC0217B71] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.09/03/2010 17:54:49.) -- C:\Windows\system32\wininet.dll [832512]
[MD5.9F75392B9128A91ABAFB044EA350BAAD] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.02/11/2006 10:45:57.) -- C:\Windows\system32\Winlogon.exe [308224]
[MD5.B35CFCEF838382AB6490B321C87EDF17] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.12/12/2009 15:04:36.) -- C:\Windows\system32\drivers\atapi.sys [21560]
[MD5.37430AA7A66D7A63407ADC2C0D05E9F6] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.14/12/2009 23:30:35.) -- C:\Windows\system32\drivers\ntfs.sys [1060920]



---\\ Processus lancés
[MD5.9AD9E2FB2811123DA13DE84CC154AB77] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1006264]
[MD5.5CE6D96C5210D5B0145EE39C0B8E7C8A] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [835584]
[MD5.66D4456C920E21BD2188F8CC33680DF5] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [40048]
[MD5.DC068189910FCC0375B8A9CC9C3D179D] - (.Sony Corporation - Pas de description.) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe [317560]
[MD5.9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F] - (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192]
[MD5.9C1C80BBF8E6044980890E2D2D91091C] - (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe [83608]
[MD5.36B9FC05B2091A5782D4A0189FE1735C] - (.ATI Technologies Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE [49152]
[MD5.3CEA63CDF8815EEFE52C5739CDA40961] - (.Nokia - Nokia M Platform.) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe [1540096]
[MD5.C871215D9A7DD80CF19511BEF80B0A1E] - (.Pas de propriétaire - Face-Plus MFC Application.) -- C:\Program Files\faceplus\faceplus.exe [77824]
[MD5.15698CEFF3FBFA6DE2D8ADAC952B54EC] - (.Sony Corporation - VAIO Update.) -- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe [551032]
[MD5.AF334CA84536E743D6AEF32548223403] - (.Sony Corporation - Wireless Switch Setting Utility.) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe [469112]
[MD5.768525F5AE2DD21781241E81FDEDE408] - (.Nokia - Nokia Ovi Suite.) -- C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [724536]
[MD5.CC0D9AC0AD3AA394BBA42B0B304BCF13] - (.Nokia - Nokia Launch Application.) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1451520]
[MD5.99650307EEBDB49B8F092042A0578A11] - (.TOSHIBA CORPORATION. - TosBtMng.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2756608]
[MD5.0FC4CA031C46CE1BBDD8A7E91ED2251B] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [49152]
[MD5.75407DBFC47A6AC6243F557861EEB596] - (.TOSHIBA CORPORATION. - TosA2dp.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe [278528]
[MD5.2C92B17E820094F37037B6CE114BEB69] - (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe [69632]
[MD5.FEF735DE1A59D43D8640DB1FC703E8F2] - (.TOSHIBA CORPORATION. - TosBtHSP.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe [274432]
[MD5.75D803D088218D65CDE2E0278A4E9EB1] - (.Nokia - Toshiba Bluetooth Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclToBTSrv.exe [141824]
[MD5.578A0286700A2B2F9557D80C42788456] - (.TOSHIBA CORPORATION. - TosAVRC.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe [278528]
[MD5.2087D3A19C7E721C03789476E228100E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\ieuser.exe [301568]
[MD5.1BEEBFE3E8C97FCA56864E590E20B45F] - (.TOSHIBA CORPORATION. - tosOBEX.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe [307200]
[MD5.60A2FA29C0BCE4CABF664F0BADBD7CF8] - (.Nokia - Microsoft Bluetooth Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe [134144]
[MD5.6AAA2F3476638AF74E306B796989BBBD] - (.Adobe Systems, Inc. - Adobe Flash Player Helper 10.0 r42.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe [257440]
[MD5.1790D0B70FD12CB1A318F15E35A4998F] - (.TOSHIBA CORPORATION. - TosBtProc.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe [2170880]
[MD5.AE2E36868172164EAD298DFC6051E5C3] - (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe [397312]
[MD5.259E27152180B895DF395ED3E412B90E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [634648]
[MD5.FF7F14FDA901090E337488A1900E3660] - (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\NOTEPAD.EXE [151040]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53472]
[MD5.75BAAA579A5ABDCB0EF2D82EFD256F1B] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [659456]



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKUS\S-1-5-21-441941528-2226617130-1150552487-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (7.00.6000.16386 (vista_rtm.061101-2205)) -- C:\Windows\system32\ieframe.dll



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll



---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} . (.Your Company Name - BAE.dll.) -- C:\PROGRA~1\GOOGLE~1\BAE.dll



---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [ISBMgr.exe] . (.Sony Corporation - Pas de description.) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [Google Desktop Search] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O4 - HKLM\..\Run: [Norton Save and Restore 2.0] . (.Symantec Corporation - Tray Application.) -- C:\Program Files\Norton Save and Restore\Agent\VProTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [StartCCC] . (...) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [Face-Plus] . (.Pas de propriétaire - Application MFC faceplus.) -- C:\Program Files\faceplus\pre_faceplus.exe
O4 - HKLM\..\Run: [NokiaMServer] Clé orpheline
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [NokiaOviSuite2] . (.Nokia - Nokia Ovi Suite.) -- C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
O4 - HKCU\..\Run: [PC Suite Tray] . (.Nokia - Nokia Launch Application.) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - Chargeur CTF.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-441941528-2226617130-1150552487-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-441941528-2226617130-1150552487-1000\..\Run: [NokiaOviSuite2] . (.Nokia - Nokia Ovi Suite.) -- C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
O4 - HKUS\S-1-5-21-441941528-2226617130-1150552487-1000\..\Run: [PC Suite Tray] . (.Nokia - Nokia Launch Application.) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
O4 - HKUS\S-1-5-21-441941528-2226617130-1150552487-1000\..\Run: [ctfmon.exe] . (.Microsoft Corporation - Chargeur CTF.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk . (.TOSHIBA CORPORATION..) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe



---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Stephanie\Desktop\AD-R.lnk . (...) -- C:\Program Files\Ad-Remover\main.exe
O4 - Global Startup: C:\Users\Stephanie\Desktop\RogueKiller - Raccourci.lnk . (...) -- D:\RogueKiller.exe (.not file.)
O4 - Global Startup: C:\Users\Stephanie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Stephanie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Clé orpheline
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Envoyer à OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKLM\...\Domains] *.canalplay.com
O15 - Trusted Zone: [HKLM\...\Domains\www] *.canalplay.com
O15 - Trusted Zone: [HKLM\...\Domains] *.canalplusactive.com
O15 - Trusted Zone: [HKLM\...\Domains\www] *.canalplusactive.com



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A1841C45-8842-4319-BE30-13256A47D554}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\..\{B49F3DDF-D851-4D91-93CD-C72007A71DF8}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{A1841C45-8842-4319-BE30-13256A47D554}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{B49F3DDF-D851-4D91-93CD-C72007A71DF8}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{A1841C45-8842-4319-BE30-13256A47D554}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{B49F3DDF-D851-4D91-93CD-C72007A71DF8}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241



---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (...) -- igfxdev.dll
O20 - Winlogon Notify: VESWinlogon . (.Sony Corporation - VAIO Event Service (Winlogon Notification M.) -- C:\Windows\System32\VESWinlogon.dll



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\system32\webcheck.dll



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) . (...) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (.not file.)
O23 - Service: IviRegMgr (IviRegMgr) . (.InterVideo - RegMgr Module.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: TOSHIBA Bluetooth Service (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: VAIO Event Service (VAIO Event Service) . (.Sony Corporation - VAIO Event Service (Service Module).) - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) . (.Sony Corporation - VAIO Entertainment Database Service.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) . (.Sony Corporation - VAIO Entertainment File Import Service.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService (XAudioService) . (.Conexant Systems, Inc. - Modem Audio Service.) - C:\Windows\system32\DRIVERS\xaudio.exe



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe



---\\ Tâches planifiées en automatique (O39)
[MD5.15698CEFF3FBFA6DE2D8ADAC952B54EC] [APT] [VAIO Update] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
[MD5.AF334CA84536E743D6AEF32548223403] [APT] [WSSU] (.Sony Corporation.) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (DfsC) . (.Microsoft Corporation - DFS Client MUP Surrogate Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (DMICall) . (.Sony Corporation - Windows 2000 DMI Call Kernel Driver.) - C:\Windows\System32\DRIVERS\DMICall.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Tcpip) . (.Microsoft Corporation - TCP/IP Driver.) - C:\Windows\System32\drivers\tcpip.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (Tosrfcom) . (.TOSHIBA Corporation - Bluetooth RFCOMM Driver.) - C:\Windows\System32\Drivers\tosrfcom.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys



---\\ Logiciels installés (O42)
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: ATI Uninstaller - (.ATI Technologies, Inc..) [HKLM] -- ATI Uninstaller
O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites - (.Microsoft Corporation.) [HKLM] -- Activation Assistant for the 2007 Microsoft Office suites
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 9 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- ShockwaveFlash
O42 - Logiciel: Adobe Reader 8.1.0 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A81000000003}
O42 - Logiciel: ArcSoft Magic-i Visual Effects Installer - (.ArcSoft.) [HKLM] -- {9AB83A3C-604D-4B4F-AA25-A23A3FC39844}
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Bluetooth Stack for Windows by Toshiba - (.Pas de propriétaire.) [HKLM] -- {CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
O42 - Logiciel: Browser Address Error Redirector - (.Pas de propriétaire.) [HKLM] -- {3EE33958-7381-4E7B-A4F3-6E43098E9E9C}
O42 - Logiciel: Click to DVD 2.0.05 Menu Data - (.Sony Corporation.) [HKLM] -- {9E407618-D9CD-4F39-9490-9ED45294073D}
O42 - Logiciel: Click to DVD 2.6.00 - (.Sony Corporation.) [HKLM] -- {E809063C-51A3-4269-8984-D1EB742F2151}
O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2}
O42 - Logiciel: DivX Converter - (.DivX, Inc..) [HKLM] -- {B13A7C41581B411290FBC0395694E2A9}
O42 - Logiciel: DivX Player - (.DivXNetworks, Inc..) [HKLM] -- {8ADFC4160D694100B5B8A22DE9DCABD9}
O42 - Logiciel: Faceplus - (.Faceplus.) [HKLM] -- {29EAE5E2-E92F-4278-A660-AF3975D72691}_is1
O42 - Logiciel: GearDrvs - (.Symantec Corporation.) [HKLM] -- {206FD69B-F9FE-4164-81BD-D52552BC9C23}
O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop
O42 - Logiciel: HDAUDIO SoftV92 Data Fax Modem with SmartCP - (.Pas de propriétaire.) [HKLM] -- CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}
O42 - Logiciel: Instant Mode - (.InterVideo.) [HKLM] -- {E6707034-D7A4-49B1-94D0-F5AACE46F06C}
O42 - Logiciel: Java(TM) SE Runtime Environment 6 Update 1 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160010}
O42 - Logiciel: Lecteur CANALPLAY 2.3 - (.Canal+ Active.) [HKLM] -- {E9E37358-E3E1-47BA-9E21-375EF3616BC9}
O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] -- {37477865-A3F1-4772-AD43-AAFC6BCFF99F}
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.0.1200 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM] -- {25CFEF55-A945-41FC-86ED-76469F31DF37}
O42 - Logiciel: Nokia Ovi Suite - (.Nokia.) [HKLM] -- Nokia Ovi Suite
O42 - Logiciel: Nokia Ovi Suite - (.Nokia.) [HKLM] -- {6339663B-F26F-4FE3-B813-0E1DEC4ED976}
O42 - Logiciel: Nokia Ovi Suite Software Updater - (.Nokia Corporation.) [HKLM] -- {A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}
O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM] -- Nokia PC Suite
O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM] -- {9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}
O42 - Logiciel: Norton 360 - (.Symantec Corporation.) [HKLM] -- {63A6E9A9-A190-46D4-9430-2DB28654AFD8}
O42 - Logiciel: Norton Save and Restore - (.Symantec.) [HKLM] -- {B0255743-165B-4BD5-8DA8-37DFB993B201}
O42 - Logiciel: OpenMG Limited Patch 4.7-07-15-19-01 - (.Pas de propriétaire.) [HKLM] -- OpenMG HotFix4.7-07-13-22-01
O42 - Logiciel: OpenMG Secure Module 4.7.00 - (.Sony Corporation.) [HKLM] -- InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}
O42 - Logiciel: Outil VAIO Media Registration 6.0 - (.Sony Corporation.) [HKLM] -- {AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}
O42 - Logiciel: Outil de restauration de données VAIO - (.Sony Corporation.) [HKLM] -- {57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: Ovi Desktop Sync Engine - (.Nokia.) [HKLM] -- {BEF7FC5C-0182-4DDE-BDDD-F7D132AB833D}
O42 - Logiciel: OviMPlatform - (.Nokia.) [HKLM] -- {4CA10D13-F83A-487E-9B30-CC979FEF7A70}
O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {3DE96337-68D2-48E0-A863-6E4A5CD3BC25}
O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693
O42 - Logiciel: Picasa 2 - (.Google, Inc..) [HKLM] -- Picasa2
O42 - Logiciel: Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Roxio Easy Media Creator Home - (.Roxio.) [HKLM] -- {B7FB0C86-41A4-4402-9A33-912C462042A0}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD907315-705A-4475-A1A0-2A1245803E4D}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A0173254-F442-4D04-9154-43FA157B83D0}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Setting Utility Series - (.Sony Corporation.) [HKLM] -- {A7DA438C-2E43-4C20-BFDA-C1F4A6208558}
O42 - Logiciel: Skype 3.2 - (.Skype Technologies S.A..) [HKLM] -- Skype_is1
O42 - Logiciel: Skype Plugin Manager - (.Skype Limited.) [HKLM] -- {3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}
O42 - Logiciel: SonicStage Mastering Studio - (.Sony Corporation.) [HKLM] -- {6332AFF1-9D9A-429C-AA03-F82749FA4F49}
O42 - Logiciel: SonicStage Mastering Studio Audio Filter - (.Sony Corporation.) [HKLM] -- {DF7DB916-90E5-40F2-9010-B8125EB5FD6F}
O42 - Logiciel: SonicStage Mastering Studio Audio Filter Custom Preset - (.Sony Corporation.) [HKLM] -- {EC37A846-53AC-4DA7-98FA-76A4E74AA900}
O42 - Logiciel: SonicStage Mastering Studio Plugins - (.Sony Corporation.) [HKLM] -- {9C1C8A04-F8CA-4472-A92D-4288CE32DE86}
O42 - Logiciel: Sony Video Shared Library - (.Sony Corporation.) [HKLM] -- {01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: VAIO Aqua Breeze Wallpaper - (.Sony Corporation.) [HKLM] -- {97BCD719-6ECB-458F-97D6-F38D2E07375E}
O42 - Logiciel: VAIO Camera Capture Utility - (.Sony Corporation.) [HKLM] -- {6D2576EC-A0E9-418A-A09A-409933A3B6F4}
O42 - Logiciel: VAIO Content Folder Setting - (.Sony Corporation.) [HKLM] -- {23825B69-36DF-4DAD-9CFD-118D11D80F16}
O42 - Logiciel: VAIO Content Importer / VAIO Content Exporter - (.Sony Corporation.) [HKLM] -- {68A69CFF-130D-4CDE-AB0E-7374ECB144C8}
O42 - Logiciel: VAIO Content Metadata Intelligent Analyzing Manager - (.Sony Corporation.) [HKLM] -- {FAA6B94E-78A7-489C-B2DB-050D9FEBFADA}
O42 - Logiciel: VAIO Content Metadata Manager Setting - (.Sony Corporation.) [HKLM] -- {69351E9E-23ED-41D5-B146-EDBF83C63B66}
O42 - Logiciel: VAIO Content Metadata XML Interface Library - (.Sony Corporation.) [HKLM] -- {5F5DE5D5-D130-4110-A3A4-69FFB0B14BD9}
O42 - Logiciel: VAIO Control Center - (.Sony Corporation.) [HKLM] -- {72042FA6-5609-489F-A8EA-3C2DD650F667}
O42 - Logiciel: VAIO Cozy Orange Wallpaper - (.Sony Corporation.) [HKLM] -- {2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}
O42 - Logiciel: VAIO Entertainment Platform - (.Sony Corporation.) [HKLM] -- {6B1F20F2-6321-4669-A58C-33DF8E7517FF}
O42 - Logiciel: VAIO Event Service - (.Sony Corporation.) [HKLM] -- {F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}
O42 - Logiciel: VAIO Launcher - (.Sony Corporation.) [HKLM] -- {15D5C238-4C2E-4AEA-A66D-D6989A4C586B}
O42 - Logiciel: VAIO Long Battery Life Wallpaper - (.Sony Corporation.) [HKLM] -- {BBFFB027-7D53-4E1B-95BC-35A2216D1D60}
O42 - Logiciel: VAIO Media 6.0 - (.Sony Corporation.) [HKLM] -- {560F6B2E-F0DF-44E5-8190-A4A161F0E205}
O42 - Logiciel: VAIO Media AC3 Decoder 1.0 - (.Pas de propriétaire.) [HKLM] -- {2063C2E8-3812-4BBD-9998-6610F80C1DD4}
O42 - Logiciel: VAIO Media Content Collection 6.0 - (.Sony Corporation.) [HKLM] -- {500162A0-4DD5-460A-BAFD-895AAE48C532}
O42 - Logiciel: VAIO Media Integrated Server 6.1 - (.Sony Corporation.) [HKLM] -- {785EB1D4-ECEC-4195-99B4-73C47E187721}
O42 - Logiciel: VAIO Media Redistribution 6.0 - (.Sony Corporation.) [HKLM] -- {5855C127-1F20-404D-B7FB-1FD84D7EAB5E}
O42 - Logiciel: VAIO Movie Story - (.Sony Corporation.) [HKLM] -- {B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}
O42 - Logiciel: VAIO Movie Story Template Data - (.Sony Corporation.) [HKLM] -- {6FA8BA2C-052B-4072-B8E2-2302C268BE9E}
O42 - Logiciel: VAIO MusicBox - (.Sony Corporation.) [HKLM] -- {4EA55D20-27FB-45D7-8726-147E8A5F6C62}
O42 - Logiciel: VAIO MusicBox Sample Music - (.Sony Corporation.) [HKLM] -- {98FC7A64-774B-49B5-B046-4B4EBC053FA9}
O42 - Logiciel: VAIO Original Function Setting - (.Sony Corporation.) [HKLM] -- {A63E7492-A0BC-4BB9-89A7-352965222380}
O42 - Logiciel: VAIO Original Screen Saver - (.Pas de propriétaire.) [HKLM] -- {1BEF9285-5530-426B-A5F1-5836B95C7EB1}
O42 - Logiciel: VAIO Power Management - (.Sony Corporation.) [HKLM] -- {802889F8-6AF5-45A5-9764-CA5B999E50FC}
O42 - Logiciel: VAIO Tender Green Wallpaper - (.Sony Corporation.) [HKLM] -- {934A3213-1CB6-4264-84A2-EE080C017BCA}
O42 - Logiciel: VAIO Update 3 - (.Sony Corporation.) [HKLM] -- {48820099-ED7D-424B-890C-9A82EF00656D}
O42 - Logiciel: VAIO Xblack Contents - (.Pas de propriétaire.) [HKLM] -- VAIO Xblack Contents
O42 - Logiciel: VLC media player 1.1.2 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WinDVD for VAIO - (.InterVideo Inc..) [HKLM] -- InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {ED00D08A-3C5F-488D-93A0-A04F21F23956}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}
O42 - Logiciel: Wireless Switch Setting Utility - (.Sony Corporation.) [HKLM] -- {2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ATI Technologies Inc.]
[HKCU\Software\ATI]
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\BAE]
[HKCU\Software\CDDB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Convar]
[HKCU\Software\DivXNetworks]
[HKCU\Software\GNU]
[HKCU\Software\GlarySoft]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\InterVideo]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lake]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept (HCW)]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MimarSinan]
[HKCU\Software\Netscape]
[HKCU\Software\Nokia]
[HKCU\Software\ODBC]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\Roxio]
[HKCU\Software\Sonic]
[HKCU\Software\Sony Corporation]
[HKCU\Software\Synaptics]
[HKCU\Software\Toshiba]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\YahooPartnerToolbar]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adobe]
[HKLM\Software\ArcSoft]
[HKLM\Software\BroadCom]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CDDB]
[HKLM\Software\CXT]
[HKLM\Software\Canal+ Active]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conexant Systems Inc ]
[HKLM\Software\Conexant]
[HKLM\Software\Debug]
[HKLM\Software\DivXNetworks]
[HKLM\Software\Google]
[HKLM\Software\Hauppauge]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Lake]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nokia Mobile Phones]
[HKLM\Software\Nokia]
[HKLM\Software\ODBC]
[HKLM\Software\OMSI]
[HKLM\Software\PC Connectivity Solution]
[HKLM\Software\PCSuite]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Roxio]
[HKLM\Software\S3R521]
[HKLM\Software\SOFTWARE]
[HKLM\Software\SRS Labs]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Corporation]
[HKLM\Software\Sony]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\Toshiba]
[HKLM\Software\TuneUp]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\illiminable]



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15/12/2009 - 22:03:36 - [17650308] ----D- C:\Program Files\a-squared Anti-Malware
O43 - CFD: 14/08/2007 - 10:23:00 - [12683101] ----D- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
O43 - CFD: 20/06/2011 - 19:59:30 - [85366217] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 14/08/2007 - 10:24:20 - [940817755] ----D- C:\Program Files\Adobe
O43 - CFD: 06/12/2009 - 18:53:40 - [18304190] ----D- C:\Program Files\ArcSoft
O43 - CFD: 06/12/2009 - 18:45:16 - [14395069] ----D- C:\Program Files\ATI
O43 - CFD: 06/12/2009 - 18:46:40 - [140088681] ----D- C:\Program Files\ATI Technologies
O43 - CFD: 14/08/2007 - 10:25:44 - [330980] ----D- C:\Program Files\BFG
O43 - CFD: 20/06/2011 - 23:05:22 - [863790943] ----D- C:\Program Files\Common Files
O43 - CFD: 13/08/2007 - 16:53:24 - [1061344] ----D- C:\Program Files\CONEXANT
O43 - CFD: 27/10/2010 - 21:49:00 - [7202991] ----D- C:\Program Files\Convar
O43 - CFD: 09/01/2010 - 23:29:42 - [800824] ----D- C:\Program Files\DIFX
O43 - CFD: 14/08/2007 - 10:26:30 - [47207860] ----D- C:\Program Files\DivX
O43 - CFD: 03/11/2010 - 21:52:56 - [848641] ----D- C:\Program Files\faceplus
O43 - CFD: 13/08/2007 - 15:22:26 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 11/12/2009 - 18:10:38 - [21217899] ----D- C:\Program Files\Google
O43 - CFD: 14/08/2007 - 10:28:30 - [98346] ----D- C:\Program Files\Google BAE
O43 - CFD: 20/06/2011 - 23:09:00 - [123928789] ----D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 13/08/2007 - 16:39:00 - [64860] ----D- C:\Program Files\Intel
O43 - CFD: 03/04/2010 - 23:02:36 - [1552411] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 06/12/2009 - 19:24:28 - [161476026] ----D- C:\Program Files\InterVideo
O43 - CFD: 09/01/2010 - 23:54:34 - [82549671] ----D- C:\Program Files\Java
O43 - CFD: 06/12/2009 - 18:44:40 - [12575240] ----D- C:\Program Files\Lecteur CANALPLAY
O43 - CFD: 19/06/2011 - 18:42:06 - [7566414] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 15/12/2009 - 21:28:02 - [226432] ----D- C:\Program Files\Microsoft
O43 - CFD: 12/12/2009 - 16:07:38 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 02/11/2006 - 14:37:36 - [92804023] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 14/08/2007 - 10:27:52 - [370791301] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 18/06/2011 - 14:22:30 - [38411899] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 19/12/2009 - 00:25:56 - [151889282] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 14/08/2007 - 10:20:30 - [8152064] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 13/03/2010 - 01:53:08 - [99153006] ----D- C:\Program Files\Movie Maker
O43 - CFD: 02/11/2006 - 14:37:36 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 02/11/2006 - 14:37:36 - [3272760] ----D- C:\Program Files\MSN
O43 - CFD: 13/08/2007 - 16:09:30 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 14/06/2011 - 21:45:50 - [131658651] ----D- C:\Program Files\Nokia
O43 - CFD: 14/08/2007 - 10:29:40 - [94833564] ----D- C:\Program Files\Norton Save and Restore
O43 - CFD: 14/06/2011 - 21:44:20 - [13568935] ----D- C:\Program Files\PC Connectivity Solution
O43 - CFD: 14/08/2007 - 10:28:58 - [28466101] ----D- C:\Program Files\Picasa2
O43 - CFD: 13/08/2007 - 16:47:50 - [15550595] ----D- C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:36 - [38637313] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 06/12/2009 - 18:55:42 - [11081992] ----D- C:\Program Files\Roxio
O43 - CFD: 06/12/2009 - 18:57:14 - [30291695] ----D- C:\Program Files\Skype
O43 - CFD: 06/12/2009 - 19:33:18 - [638444567] ----D- C:\Program Files\Sony
O43 - CFD: 13/08/2007 - 16:54:46 - [13533934] ----D- C:\Program Files\Synaptics
O43 - CFD: 06/12/2009 - 18:59:34 - [49141926] ----D- C:\Program Files\Toshiba
O43 - CFD: 27/10/2010 - 22:34:14 - [3072] ----D- C:\Program Files\TuneUp Utilities 2009
O43 - CFD: 02/11/2006 - 15:01:56 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 14/08/2010 - 22:41:52 - [77883493] ----D- C:\Program Files\VideoLAN
O43 - CFD: 14/12/2009 - 08:46:30 - [1016832] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 19/12/2009 - 00:09:10 - [2761216] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 13/08/2007 - 16:13:26 - [4486592] ----D- C:\Program Files\Windows Defender
O43 - CFD: 19/12/2009 - 00:09:10 - [7078008] ----D- C:\Program Files\Windows Journal
O43 - CFD: 15/12/2009 - 21:27:56 - [45938529] ----D- C:\Program Files\Windows Live
O43 - CFD: 15/12/2009 - 21:27:40 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 17/04/2010 - 22:05:58 - [9071240] ----D- C:\Program Files\Windows Mail
O43 - CFD: 19/12/2009 - 00:09:10 - [4496487] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 13/08/2007 - 15:22:26 - [7940176] ----D- C:\Program Files\Windows NT
O43 - CFD: 02/11/2006 - 14:42:34 - [13463714] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 19/12/2009 - 00:09:10 - [6503190] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 21/06/2011 - 18:58:56 - [4012310] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 14/08/2007 - 10:24:34 - [10816539] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 14/08/2007 - 10:20:44 - [92976] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 06/12/2009 - 18:53:38 - [12485718] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 06/12/2009 - 19:24:28 - [179248] ----D- C:\Program Files\Common Files\InterVideo
O43 - CFD: 14/08/2007 - 10:31:32 - [33818526] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 20/06/2011 - 23:07:22 - [433308431] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 14/06/2011 - 21:47:10 - [84437582] ----D- C:\Program Files\Common Files\Nokia
O43 - CFD: 09/01/2010 - 23:29:56 - [88064] ----D- C:\Program Files\Common Files\PCSuite
O43 - CFD: 14/08/2007 - 10:26:24 - [3926944] ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 06/12/2009 - 18:55:54 - [35615825] ----D- C:\Program Files\Common Files\Roxio Shared
O43 - CFD: 19/12/2009 - 00:09:10 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 06/12/2009 - 18:57:14 - [1828440] ----D- C:\Program Files\Common Files\Skype
O43 - CFD: 06/12/2009 - 18:55:54 - [6702640] ----D- C:\Program Files\Common Files\Sonic Shared
O43 - CFD: 06/12/2009 - 19:16:08 - [111675498] ----D- C:\Program Files\Common Files\Sony Shared
O43 - CFD: 02/11/2006 - 13:18:34 - [41100711] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 15/12/2009 - 21:16:22 - [10384960] ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 13/08/2007 - 16:13:30 - [42700430] ----D- C:\Program Files\Common Files\System
O43 - CFD: 11/12/2009 - 18:29:42 - [34617570] ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 12/12/2009 - 15:48:46 - [8139] -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller
O43 - CFD: 14/08/2007 - 10:25:00 - [764] ----D- C:\ProgramData\Adobe
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 13/08/2007 - 15:22:26 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 13/08/2007 - 15:22:26 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 11/12/2009 - 18:07:52 - [14402] ----D- C:\ProgramData\Google
O43 - CFD: 09/01/2010 - 23:14:04 - [142991209] ----D- C:\ProgramData\Installations
O43 - CFD: 19/06/2011 - 18:42:04 - [6837559] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 13/08/2007 - 15:22:26 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 15/06/2011 - 22:50:56 - [129742119] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 18/06/2011 - 14:53:08 - [57040] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 13/08/2007 - 15:22:26 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 14/06/2011 - 22:11:12 - [182650906] ----D- C:\ProgramData\Nokia
O43 - CFD: 14/06/2011 - 22:08:54 - [0] ----D- C:\ProgramData\NokiaAccount
O43 - CFD: 06/11/2010 - 23:57:32 - [643478868] ----D- C:\ProgramData\NokiaInstallerCache
O43 - CFD: 09/01/2010 - 23:38:26 - [97323] ----D- C:\ProgramData\PC Suite
O43 - CFD: 13/02/2011 - 18:50:26 - [0] ----D- C:\ProgramData\Roxio
O43 - CFD: 06/12/2009 - 18:57:14 - [2215641] ----D- C:\ProgramData\Skype
O43 - CFD: 06/12/2009 - 18:56:02 - [972] ----D- C:\ProgramData\Sonic
O43 - CFD: 14/08/2007 - 10:26:08 - [11045956] ----D- C:\ProgramData\Sony
O43 - CFD: 03/02/2010 - 20:13:06 - [972427484] ----D- C:\ProgramData\Sony Corporation
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 07/02/2010 - 18:59:16 - [46545] ----D- C:\ProgramData\Symantec
O43 - CFD: 27/10/2010 - 22:30:18 - [0] ---AD- C:\ProgramData\TEMP
O43 - CFD: 02/11/2006 - 15:02:06 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 27/10/2010 - 21:58:40 - [46080] ----D- C:\ProgramData\TuneUp Software
O43 - CFD: 06/12/2009 - 19:16:12 - [0] ----D- C:\ProgramData\VAIO Media Platform
O43 - CFD: 12/12/2009 - 15:48:24 - [217606] ----D- C:\ProgramData\WLInstaller
O43 - CFD: 14/08/2007 - 10:22:58 - [6904817] ----D- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
O43 - CFD: 27/10/2010 - 21:58:18 - [17716224] -SH-D- C:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357}
O43 - CFD: 27/12/2009 - 23:47:46 - [161128] ----D- C:\Users\Stephanie\AppData\Roaming\Adobe
O43 - CFD: 06/12/2009 - 21:33:36 - [0] ----D- C:\Users\Stephanie\AppData\Roaming\ATI
O43 - CFD: 26/12/2009 - 19:51:12 - [0] ----D- C:\Users\Stephanie\AppData\Roaming\DivX
O43 - CFD: 05/02/2011 - 23:31:50 - [199] ----D- C:\Users\Stephanie\AppData\Roaming\dvdcss
O43 - CFD: 11/12/2009 - 17:04:32 - [0] ----D- C:\Users\Stephanie\AppData\Roaming\Google
O43 - CFD: 13/08/2007 - 15:24:34 - [0] ----D- C:\Users\Stephanie\AppData\Roaming\Identities
O43 - CFD: 13/08/2007 - 16:47:34 - [0] ----D- C:\Users\Stephanie\AppData\Roaming\InstallShield
O43 - CFD: 01/02/2010 - 09:58:56 - [0] ----D- C:\Users\Stephanie\AppData\Roaming\InterVideo
O43 - CFD: 11/12/2009 - 17:06:20 - [2004041] ----D- C:\Users\Stephanie\AppData\Roaming\Macromedia
O43 - CFD: 19/06/2011 - 18:42:18 - [1035229] ----D- C:\Users\Stephanie\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 14:37:36 - [0] ----D- C:\Users\Stephanie\AppData\Roaming\Media Center Programs
O43 - CFD: 14/06/2011 - 21:25:08 - [1667038] -S--D- C:\Users\Stephanie\AppData\Roaming\Microsoft
O43 - CFD: 13/06/2011 - 17:25:58 - [539948450] ----D- C:\Users\Stephanie\AppData\Roaming\Nokia
O43 - CFD: 13/06/2011 - 17:08:26 - [30756181] ----D- C:\Users\Stephanie\AppData\Roaming\PC Suite
O43 - CFD: 13/02/2011 - 17:19:12 - [10624] ----D- C:\Users\Stephanie\AppData\Roaming\Roxio
O43 - CFD: 11/12/2009 - 15:44:06 - [7103275] ----D- C:\Users\Stephanie\AppData\Roaming\Sony Corporation
O43 - CFD: 27/10/2010 - 21:59:18 - [54959] ----D- C:\Users\Stephanie\AppData\Roaming\TuneUp Software
O43 - CFD: 23/04/2011 - 23:42:16 - [1222446] ----D- C:\Users\Stephanie\AppData\Roaming\vlc
O43 - CFD: 27/12/2009 - 23:47:50 - [3311004] ----D- C:\Users\Stephanie\Appdata\Local\Adobe
O43 - CFD: 06/12/2009 - 21:13:16 - [0] -SH-D- C:\Users\Stephanie\Appdata\Local\Application Data
O43 - CFD: 06/12/2009 - 21:33:36 - [36805] ----D- C:\Users\Stephanie\Appdata\Local\ATI
O43 - CFD: 11/12/2009 - 16:40:22 - [162141153] ----D- C:\Users\Stephanie\Appdata\Loca
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 13
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
21 juin 2011 à 19:01
il faut héberger le rapport zhpdiag comme indiqué plus haut sinon je n'ai que la moitié du rapport

a plus
0
Réponse 6 / 13
stefno13
21 juin 2011 à 23:35
je ne parviens pas à enregistrer le rapport - ca plante et bloque !
0
Réponse 7 / 13
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
22 juin 2011 à 10:50
sur aucun des deux sites?


sinon à la place

Télécharge OTL de OLDTimer ici :

http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/

et enregistre le sur ton Bureau.

Double clic sur OTL.exe pour le lancer.

Coche les 2 cases Lop et Purity

Coche la case devant "scan all users"

Clic sur Run Scan.

A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)


Pour me le transmettre clique sur ce lien :

http://www.cijoint.fr/

Clique sur Parcourir et cherche le fichier ci-dessus.

Clique sur Ouvrir.

Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt

est ajouté dans la page.

Copie ce lien dans ta réponse.
0
Réponse 8 / 13
stefno13
22 juin 2011 à 22:45
voici

http://www.cijoint.fr/cjlink.php?file=cj201106/cijlCxcHTm.txt
0
Réponse 9 / 13
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
23 juin 2011 à 16:02
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur OTL.exe pour le lancer.


*Copie la liste qui se trouve en gras ci-dessous,

* colle-la dans la zone sous "Personnalisation" :


:processes
explorer.exe
iexplore.exe
firefox.exe
:OTL
PRC - [2010/07/20 15:54:02 | 000,077,824 | ---- | M] () -- C:\Program Files\faceplus\faceplus.exe
O4 - HKLM..\Run: [Face-Plus] C:\Program Files\faceplus\pre_faceplus.exe ()
[2011/06/19 18:56:46 | 000,010,428 | -HS- | M] () -- C:\Users\Stephanie\AppData\Local\v58041ysq61ef58s0dvm
[2011/06/19 18:56:46 | 000,010,428 | -HS- | M] () -- C:\ProgramData\v58041ysq61ef58s0dvm

:Files
C:\Program Files\faceplus
C:\Program Files\faceplus\
C:\Users\Stephanie\AppData\Local\v58041ysq61ef58s0dvm
C:\ProgramData\v58041ysq61ef58s0dvm

:commands
[emptytemp]
[start explorer]
[reboot]


* Clique sur "Correction" pour lancer la suppression.


* Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail appres le redemarrage.



ensuite colle nous un rapport avec malwarebyte antimalware et norton
et dis nous comment va ton pc

a plus
0
Réponse 10 / 13
STEFNO13
24 juin 2011 à 00:00
impossible...mon pc portable a un ecan noir ! une idée ?
0
Réponse 11 / 13
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
24 juin 2011 à 08:48
un ecran noir? c'est à dire? qu'as tu fait pour cela?

peux tu aller en mode sans echec?

avais tu ce problème avant?

as tu tenté de débrancher le pc, retirer la batterie et ensuite appuyer sur le bouton d'allumage quelques secondes puis rebrancher le tout (cela vide les condensateurs)?


....
0
Réponse 12 / 13
stefno13
24 juin 2011 à 09:33
je n'ai rien fait ! simplement tenter de l'allumer pour effectuer ta manip !

en fait le pc s'allume, mais il semble que ce soit windows qui ne se lance pas !

oui, j'ai enlevé la batterie, rallumer...

j'ai également tenter de le lancer en mode sans echec avec prise en charge du réseau....il commence à lancer et bloque

????
0
Réponse 13 / 13
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
24 juin 2011 à 10:10
tente de reparer windows comme ceci:

https://www.commentcamarche.net/informatique/windows/259-que-faire-quand-windows-ne-demarre-plus/#reparer-a-partir-d-un-cd-de-windows-ou-une-cle-usb-contenant-windows
0

Discussions similaires

win32:malware-gen bloqué par avast
ikkual -
Utilisateur anonyme -

69 réponses
C'est quoi "Win32:Trojan-gen {Other}"
Uzumaki -
Utilisateur anonyme -

5 réponses
Que fait le virus LPI Win32 Pup-Gen
Tristan Chrome -
Tristan Chrome -

2 réponses
Comment supprimer le virus Trojan
vitsou -
vitsou -

18 réponses
Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses