Infection trojan Bifrose.LA - Page 2

Résolu
Précédent
  • 1
  • 2
  1. Patour57 Messages postés 41 Statut Membre 1
     
    Salut

    Voila le résultat avec Spybot

    --- Search result list ---
    Le conseil du jour: Cliquez sur la barre située à droite pour voir plus d'informations! ()

    Win32.Bifrose.LA: [SBI $44EDC9AF] Réglages (Clé du registre, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Cn911

    --- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

    2008-07-07 blindman.exe (1.0.0.8)
    2008-07-07 SDFiles.exe (1.6.0.4)
    2008-07-07 SDMain.exe (1.0.0.6)
    2008-07-07 SDShred.exe (1.0.2.3)
    2008-07-07 SDUpdate.exe (1.6.0.8)
    2008-07-07 SDWinSec.exe (1.0.0.12)
    2008-07-07 SpybotSD.exe (1.6.0.30)
    2008-08-18 TeaTimer.exe (1.6.2.23)
    2008-08-09 unins000.exe (51.49.0.0)
    2008-08-12 unins001.exe (51.49.0.0)
    2008-07-07 Update.exe (1.6.0.7)
    2008-07-07 advcheck.dll (1.6.1.12)
    2007-04-02 aports.dll (2.1.0.0)
    2008-06-14 DelZip179.dll (1.79.11.1)
    2008-07-07 SDHelper.dll (1.6.0.12)
    2008-06-19 sqlite3.dll
    2008-07-07 Tools.dll (2.1.5.7)
    2008-08-05 Includes\Adware.sbi (*)
    2008-08-19 Includes\AdwareC.sbi (*)
    2008-06-03 Includes\Cookies.sbi (*)
    2008-06-03 Includes\Dialer.sbi (*)
    2008-08-05 Includes\DialerC.sbi (*)
    2008-07-23 Includes\HeavyDuty.sbi (*)
    2008-08-19 Includes\Hijackers.sbi (*)
    2008-08-19 Includes\HijackersC.sbi (*)
    2008-08-05 Includes\Keyloggers.sbi (*)
    2008-08-12 Includes\KeyloggersC.sbi (*)
    2004-11-29 Includes\LSP.sbi (*)
    2008-08-20 Includes\Malware.sbi (*)
    2008-08-19 Includes\MalwareC.sbi (*)
    2008-08-05 Includes\PUPS.sbi (*)
    2008-08-19 Includes\PUPSC.sbi (*)
    2007-11-07 Includes\Revision.sbi (*)
    2008-06-18 Includes\Security.sbi (*)
    2008-08-19 Includes\SecurityC.sbi (*)
    2008-06-03 Includes\Spybots.sbi (*)
    2008-06-03 Includes\SpybotsC.sbi (*)
    2008-08-12 Includes\Spyware.sbi (*)
    2008-08-12 Includes\SpywareC.sbi (*)
    2008-06-03 Includes\Tracks.uti
    2008-08-05 Includes\Trojans.sbi (*)
    2008-08-20 Includes\TrojansC.sbi (*)
    2008-03-04 Plugins\Chai.dll
    2008-03-05 Plugins\Fennel.dll
    2008-02-26 Plugins\Mate.dll
    2007-12-24 Plugins\TCPIPAddress.dll

    --- System information ---
    Windows Vista (Build: 6001) Service Pack 1 (6.0.6001)
    / MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
    / MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
    / MSXML4SP2: Security update for MSXML4 SP2 (KB941833)

    --- Startup entries list ---
    Located: HK_LM:Run, !AVG Anti-Spyware
    command: "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    file: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    size: 6731312
    MD5: CC6BC45DD5A58158645E7FB2953604FE

    Located: HK_LM:Run, ArcSoft Connection Service
    command: C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    file: C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    size: 31232
    MD5: 464C9D3EB01BB20968493C68B1511159

    Located: HK_LM:Run, avgnt
    command: "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    file: C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    size: 266497
    MD5: 6E812818306D460D62B4ABEA9FDC6679

    Located: HK_LM:Run, hpWirelessAssistant
    command: %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    file: C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    size: 472800
    MD5: F3C9ADCBF74090552EDC76F81A553D81

    Located: HK_LM:Run, NvCplDaemon
    command: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    file: C:\Windows\system32\NvCpl.dll
    size: 13535776
    MD5: 7522597DD61F651A95A471D798E08304

    Located: HK_LM:Run, SynTPEnh
    command: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    file: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    size: 1033512
    MD5: 19D93154C82FE39A99B269CED1056A92

    Located: HK_LM:Run, WAWifiMessage
    command: %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    file: C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    size: 317152
    MD5: 6006C370B18A345203D26038518F5F86

    Located: HK_LM:Run, Windows Defender
    command: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    file: C:\Program Files\Windows Defender\MSASCui.exe
    size: 1008184
    MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E

    Located: HK_LM:Run, Windows Mobile-based device management
    command: %windir%\WindowsMobile\wmdSync.exe
    file: C:\Windows\WindowsMobile\wmdSync.exe
    size: 215552
    MD5: 4AB05041D5C922B9A7A5D9059F5538CD

    Located: HK_LM:Run, !AVG Anti-Spyware (DISABLED)
    command: "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    file: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    size: 6731312
    MD5: CC6BC45DD5A58158645E7FB2953604FE

    Located: HK_LM:Run, Adobe Reader Speed Launcher (DISABLED)
    command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    size: 39792
    MD5: 8B9145D229D4E89D15ACB820D4A3A90F

    Located: HK_LM:Run, HP Health Check Scheduler (DISABLED)
    command: C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    file: C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    size: 46704
    MD5: 58EC2A2D7B7211F568A75C8D30C68257

    Located: HK_LM:Run, HP Software Update (DISABLED)
    command: C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    file: C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    size: 49152
    MD5: 821F73B833C4DAEBC33C1A9A4B16BB5A

    Located: HK_LM:Run, hpqSRMon (DISABLED)
    command: C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe
    file: C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe
    size: 80896
    MD5: 941A08CBDEEDF16B6C986B6BA7C9A5D0

    Located: HK_LM:Run, NvMediaCenter (DISABLED)
    command: RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    file: C:\Windows\system32\NvMcTray.dll
    size: 92704
    MD5: C1E17F8DF7524B454E57A0C887307403

    Located: HK_LM:Run, NvSvc (DISABLED)
    command: RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    file: C:\Windows\system32\nvsvc.dll
    size: 526880
    MD5: B88B306A3DD3B470A8747B15B7C00703

    Located: HK_LM:Run, QlbCtrl (DISABLED)
    command: %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    file: C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    size: 159744
    MD5: 20321CA0F49D143FDB4CEF926A05E10A

    Located: HK_LM:Run, QPService (DISABLED)
    command: "C:\Program Files\HP\QuickPlay\QPService.exe"
    file: C:\Program Files\HP\QuickPlay\QPService.exe
    size: 167936
    MD5: 9F8F1BA3941DAD9325FFC166E76DFADB

    Located: HK_LM:Run, QuickTime Task (DISABLED)
    command: "C:\Program Files\VistaCodecPack\QT\QTTask.exe" -atboottime
    file: C:\Program Files\VistaCodecPack\QT\QTTask.exe
    size: 286720
    MD5: 49CCFBE5D5225B9D3CC78C09DEE147D0

    Located: HK_LM:Run, SunJavaUpdateSched (DISABLED)
    command: "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
    file: C:\Program Files\Java\jre1.6.0\bin\jusched.exe
    size: 77824
    MD5: 8F5E772B91A10AC97415B760FF21A94F

    Located: HK_LM:Run, SynTPStart (DISABLED)
    command: C:\Program Files\Synaptics\SynTP\SynTPStart.exe
    file: C:\Program Files\Synaptics\SynTP\SynTPStart.exe
    size: 102400
    MD5: A3418E4D4A5EE636D44922DC2567FA18

    Located: HK_LM:Run, Windows Mobile Device Center (DISABLED)
    command: %windir%\WindowsMobile\wmdc.exe
    file: C:\Windows\WindowsMobile\wmdc.exe
    size: 648072
    MD5: 96B3C4E20F02CA16AA1E3E425BFFCC8B

    Located: HK_LM:Run, Windows Mobile-based device management (DISABLED)
    command: %windir%\WindowsMobile\wmdSync.exe
    file: C:\Windows\WindowsMobile\wmdSync.exe
    size: 215552
    MD5: 4AB05041D5C922B9A7A5D9059F5538CD

    Located: HK_CU:Run, Sidebar
    where: S-1-5-19...
    command: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
    file: C:\Program Files\Windows Sidebar\Sidebar.exe
    size: 1233920
    MD5: FD278E51A7D6F52D22FCE6C67E037AD6

    Located: HK_CU:Run, WindowsWelcomeCenter
    where: S-1-5-19...
    command: rundll32.exe oobefldr.dll,ShowWelcomeCenter
    file: C:\Windows\system32\oobefldr.dll
    size: 2153472
    MD5: 83E4A5435B0FA6AD0166722621A04725

    Located: HK_CU:Run, Sidebar
    where: S-1-5-20...
    command: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
    file: C:\Program Files\Windows Sidebar\Sidebar.exe
    size: 1233920
    MD5: FD278E51A7D6F52D22FCE6C67E037AD6

    Located: HK_CU:Run, WindowsWelcomeCenter
    where: S-1-5-20...
    command: rundll32.exe oobefldr.dll,ShowWelcomeCenter
    file: C:\Windows\system32\oobefldr.dll
    size: 2153472
    MD5: 83E4A5435B0FA6AD0166722621A04725

    Located: HK_CU:Run, SpybotSD TeaTimer
    where: S-1-5-21-3858235561-3552012657-3696386842-1000...
    command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    size: 1832272
    MD5: FFB5BAC9C29303904365640A2E2A6D0C

    Located: HK_CU:Run, WMPNSCFG
    where: S-1-5-21-3858235561-3552012657-3696386842-1000...
    command: C:\Program Files\Windows Media Player\WMPNSCFG.exe
    file: C:\Program Files\Windows Media Player\WMPNSCFG.exe
    size: 202240
    MD5: 35937EAD711207544E219C2A19A78A7D

    Located: HK_CU:Run, ehTray.exe (DISABLED)
    where: S-1-5-21-3858235561-3552012657-3696386842-1000...
    command: C:\Windows\ehome\ehTray.exe
    file: C:\Windows\ehome\ehTray.exe
    size: 125952
    MD5: BF08674925F151BD4537B89A493E3E0C

    Located: HK_CU:Run, Sidebar (DISABLED)
    where: S-1-5-21-3858235561-3552012657-3696386842-1000...
    command: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    file: C:\Program Files\Windows Sidebar\sidebar.exe
    size: 1233920
    MD5: FD278E51A7D6F52D22FCE6C67E037AD6

    Located: Démarrage (tous utilisateurs), Event Reminder.lnk
    where: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup...
    command: C:\Program Files\Broderbund\PrintMaster\PMremind.exe
    file: C:\Program Files\Broderbund\PrintMaster\PMremind.exe
    size: 323584
    MD5: BBCC597AB4227C13540849865952017D

    --- Browser helper object list ---
    {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Programme d'aide de l'Assistant de connexion Windows Live
    Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live\
    Long name: WindowsLiveLogin.dll
    Short name: WINDOW~1.DLL
    Date (created): 20/09/2007 11:30:18
    Date (last access): 11/11/2007 21:05:48
    Date (last write): 20/09/2007 11:30:18
    Filesize: 328752
    Attributes: archive
    MD5: 59CF5BF6684AFCF906CADAD39B4214DE
    CRC32: C363813C
    Version: 4.200.520.1

    {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Google Toolbar Helper
    description: Google toolbar
    classification: Open for discussion
    known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
    info link: http://www.google.com/intl/fr/toolbar/ie/index.html
    info source: TonyKlein
    Path: c:\program files\google\
    Long name: GoogleToolbar2.dll
    Short name: GOOGLE~2.DLL
    Date (created): 17/05/2007 21:52:40
    Date (last access): 17/05/2007 21:52:40
    Date (last write): 17/05/2007 21:52:40
    Filesize: 2436160
    Attributes: readonly archive
    MD5: 6D44E0C3B43D27484FBB355E470C4188
    CRC32: 2DE875CD
    Version: 4.0.1601.4978

    --- ActiveX list ---
    {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control)
    DPF name:
    CLSID name: OnlineScanner Control
    Installer: C:\Windows\Downloaded Program Files\OnlineScanner.inf
    Codebase: https://www.eset.com/
    Path: C:\Windows\system32\
    Long name: OnlineScanner.ocx
    Short name: ONLINE~1.OCX
    Date (created): 06/08/2007 13:18:16
    Date (last access): 06/08/2007 13:18:16
    Date (last write): 06/08/2007 13:18:16
    Filesize: 2707456
    Attributes: archive
    MD5: 41B8A44F69C6C5C2F9DAFEA1ED184D20
    CRC32: E1F281AC
    Version: 1.0.0.337

    {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control)
    DPF name:
    CLSID name: BDSCANONLINE Control
    Installer: C:\Windows\Downloaded Program Files\oscan8.inf
    Codebase: http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    description:
    classification: Legitimate
    known filename: oscan8.ocx
    info link:
    info source: Safer Networking Ltd.
    Path: C:\Windows\DOWNLO~1\
    Long name: oscan8.ocx
    Short name:
    Date (created): 25/10/2007 16:54:18
    Date (last access): 25/10/2007 16:54:18
    Date (last write): 25/10/2007 16:54:18
    Filesize: 471040
    Attributes: archive
    MD5: BC4E154A06C9208EF36669B1B9E5FDAD
    CRC32: DF08A08D
    Version: 1.0.0.1

    {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
    DPF name:
    CLSID name:
    Installer: C:\Windows\Downloaded Program Files\erma.inf
    Codebase: http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    description:
    classification: Open for discussion
    known filename:
    info link:
    info source: Safer Networking Ltd.

    --- Process list ---
    PID: 1808 (1172) C:\Windows\system32\Dwm.exe
    size: 81920
    MD5: 59903071D7ACE6A02093C47E9E38AF97
    PID: 1816 (1784) C:\Windows\Explorer.EXE
    size: 2927104
    MD5: FFA764631CB70A30065C12EF8E174F9F
    PID: 1288 (1192) C:\Windows\system32\taskeng.exe
    size: 169472
    MD5: 5F109032CE46B7184ED9E50F9FE8489E
    PID: 1644 (1816) C:\Program Files\Windows Defender\MSASCui.exe
    size: 1008184
    MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E
    PID: 1764 (1816) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    size: 1033512
    MD5: 19D93154C82FE39A99B269CED1056A92
    PID: 876 (1816) C:\Windows\WindowsMobile\wmdSync.exe
    size: 215552
    MD5: 4AB05041D5C922B9A7A5D9059F5538CD
    PID: 1528 (1816) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    size: 31232
    MD5: 464C9D3EB01BB20968493C68B1511159
    PID: 1700 (1816) C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    size: 266497
    MD5: 6E812818306D460D62B4ABEA9FDC6679
    PID: 1080 (1816) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    size: 6731312
    MD5: CC6BC45DD5A58158645E7FB2953604FE
    PID: 1108 (1816) C:\Program Files\Windows Media Player\wmpnscfg.exe
    size: 202240
    MD5: 35937EAD711207544E219C2A19A78A7D
    PID: 3768 (1764) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    size: 95528
    MD5: 892699A6AEB910C58B726BD70BEA4F4B
    PID: 2792 ( 892) C:\Windows\system32\wbem\unsecapp.exe
    size: 37888
    MD5: 25873356E52849C3F5B3F1B02317E8C8
    PID: 1604 (1816) C:\Program Files\Mozilla Firefox\firefox.exe
    size: 7667312
    MD5: 8FD9724777C5DA9665ADB7B554F746BC
    PID: 3312 (3936) C:\Windows\system32\conime.exe
    size: 69120
    MD5: F96EBC5A624349D81DCC7600A3C5DC43
    PID: 3356 (3936) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    size: 4891472
    MD5: 3B1B5D09D3C9C4CD39D4DB06ED7A0855
    PID: 0 ( 0) [System Process]
    PID: 4 ( 0) System
    PID: 480 ( 4) smss.exe
    size: 64000
    PID: 584 ( 572) csrss.exe
    size: 6144
    PID: 636 ( 572) wininit.exe
    size: 96768
    PID: 648 ( 628) csrss.exe
    size: 6144
    PID: 684 ( 636) services.exe
    size: 279040
    PID: 700 ( 636) lsass.exe
    size: 9728
    PID: 708 ( 636) lsm.exe
    size: 229888
    PID: 784 ( 628) winlogon.exe
    size: 314880
    PID: 892 ( 684) svchost.exe
    size: 21504
    PID: 944 ( 684) nvvsvc.exe
    size: 118784
    PID: 972 ( 684) svchost.exe
    size: 21504
    PID: 1012 ( 684) svchost.exe
    size: 21504
    PID: 1124 ( 684) svchost.exe
    size: 21504
    PID: 1172 ( 684) svchost.exe
    size: 21504
    PID: 1192 ( 684) svchost.exe
    size: 21504
    PID: 1256 (1124) audiodg.exe
    size: 88064
    PID: 1300 ( 684) SLsvc.exe
    size: 2623488
    PID: 1324 ( 684) svchost.exe
    size: 21504
    PID: 1392 ( 944) rundll32.exe
    size: 44544
    PID: 1588 ( 684) svchost.exe
    size: 21504
    PID: 1900 ( 684) spoolsv.exe
    size: 125952
    PID: 1940 ( 684) sched.exe
    PID: 1960 ( 684) svchost.exe
    size: 21504
    PID: 1968 (1172) wlanext.exe
    size: 74240
    PID: 424 (1192) taskeng.exe
    size: 169472
    PID: 2284 ( 684) a2service.exe
    PID: 2316 ( 684) ACService.exe
    PID: 2352 ( 684) avguard.exe
    PID: 2380 ( 684) guard.exe
    PID: 2392 ( 684) svchost.exe
    size: 21504
    PID: 2412 ( 684) CLCapSvc.exe
    PID: 2460 ( 684) LSSrvc.exe
    PID: 2500 ( 684) MDM.EXE
    PID: 2564 ( 684) svchost.exe
    size: 21504
    PID: 2640 ( 684) svchost.exe
    size: 21504
    PID: 2704 ( 684) svchost.exe
    size: 21504
    PID: 2748 ( 684) SearchIndexer.exe
    size: 302080
    PID: 2784 ( 684) XAudio.exe
    PID: 2976 ( 684) nSvcAppFlt.exe
    PID: 3224 ( 684) hpqwmiex.exe
    PID: 3276 ( 684) nSvcIp.exe
    PID: 3364 ( 684) CLSched.exe
    PID: 3440 ( 684) SDWinSec.exe
    size: 809296
    MD5: 55C1E4FDFD62A48FB5A2CE25F3AA8AE8
    PID: 3868 ( 684) svchost.exe
    size: 21504
    PID: 4020 ( 684) wmpnetwk.exe
    PID: 4060 ( 684) alg.exe
    size: 59392
    PID: 2100 ( 892) WmiPrvSE.exe
    PID: 3896 ( 684) HPHC_Service.exe

    --- Browser start & search pages list ---
    Spybot - Search & Destroy browser pages report, 21/08/2008 16:40:42

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
    C:\Windows\system32\blank.htm
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
    https://actus.sfr.fr
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
    https://actus.sfr.fr
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
    http://home.neuf.fr/
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
    http://www.bing.com/spresults.aspx
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
    http://home.microsoft.com/access/autosearch.asp?p=%s
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
    %SystemRoot%\system32\blank.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
    https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
    https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
    https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
    https://actus.sfr.fr
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
    https://actus.sfr.fr

    --- Winsock Layered Service Provider list ---
    Protocol 0: NVIDIA App Filter over [MSAFD Tcpip [TCP/IP]]
    GUID: {9D84A3BB-54AB-451E-9D02-4C4EDEC0DAC4}
    Filename: %SYSTEMROOT%\system32\nvLsp.dll

    Protocol 1: NVIDIA App Filter over [MSAFD Tcpip [UDP/IP]]
    GUID: {9D84A3BB-54AB-451E-9D02-4C4EDEC0DAC4}
    Filename: %SYSTEMROOT%\system32\nvLsp.dll

    Protocol 2: NVIDIA App Filter over [MSAFD Tcpip [RAW/IP]]
    GUID: {9D84A3BB-54AB-451E-9D02-4C4EDEC0DAC4}
    Filename: %SYSTEMROOT%\system32\nvLsp.dll

    Protocol 3: NVIDIA App Filter over [MSAFD Tcpip [TCP/IPv6]]
    GUID: {9D84A3BB-54AB-451E-9D02-4C4EDEC0DAC4}
    Filename: %SYSTEMROOT%\system32\nvLsp.dll

    Protocol 4: NVIDIA App Filter over [MSAFD Tcpip [UDP/IPv6]]
    GUID: {9D84A3BB-54AB-451E-9D02-4C4EDEC0DAC4}
    Filename: %SYSTEMROOT%\system32\nvLsp.dll

    Protocol 5: NVIDIA App Filter over [MSAFD Tcpip [RAW/IPv6]]
    GUID: {9D84A3BB-54AB-451E-9D02-4C4EDEC0DAC4}
    Filename: %SYSTEMROOT%\system32\nvLsp.dll

    Protocol 32: NVIDIA App Filter
    GUID: {561A1E9F-D78B-40E3-866D-4CE5CF6BB83F}
    Filename: %SYSTEMROOT%\system32\nvLsp.dll

    Namespace Provider 1: Fournisseur Shim d'affectation de noms de messagerie
    GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
    Filename:

    Namespace Provider 2: Fournisseur d'espace de noms du nuage PNRP
    GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
    Filename:

    Namespace Provider 3: Fournisseur d'espace de noms du nom PNRP
    GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
    Filename:

    --- Uninstall list ---
    Adobe Flash Player ActiveX 9.0.115.0 (Adobe Flash Player ActiveX)
    uninstall cmd: C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    publisher: Adobe Systems Incorporated
    help link: https://helpx.adobe.com/flash-player.html

    Adobe Flash Player Plugin 9.0.124.0 (Adobe Flash Player Plugin)
    uninstall cmd: C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    publisher: Adobe Systems Incorporated

    Avira AntiVir Personal - Free Antivirus (AntiVir PersonalEdition Classic)
    uninstall cmd: C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
    publisher: Avira GmbH
    help link: http://www.avira.com/classic-support

    AVG Anti-Spyware 7.5 (AVGAntiSpyware75)
    install location: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5
    uninstall cmd: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
    publisher: Grisoft Ltd.
    help link: https://www.avg.com/fr-fr/homepage

    Broadcom 802.11 Wireless LAN Adapter 4.102.15.61 (Broadcom 802.11b Network Adapter)
    uninstall cmd: "C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver"
    publisher: Broadcom Corporation

    CamStudio 2.02 Fr (CamStudio 2.02 Fr_is1)
    uninstall cmd: "C:\Program Files\CamStudio\unins000.exe"

    Canon Inkjet Printer Driver Add-On Module (CANONIJINBOXADDON100)
    uninstall cmd: C:\Program Files\Common Files\Canon\IJ\InboxPrnV100\SETUP.EXE -R

    CCleaner (remove only) (CCleaner)
    uninstall cmd: "C:\Program Files\CCleaner\uninst.exe"

    CD Jaquette 5.0 (CD Jaquette)
    uninstall cmd: "C:\JSAL Software\CD Jaquette\uninstall.exe"

    Conexant HD Audio (CNXT_HDAUDIO)
    uninstall cmd: C:\Program Files\CONEXANT\CNXT_HDAUDIO\UIU32a.exe -U -IwisR30B7.INF

    HDAUDIO Soft Data Fax Modem with SmartCP (CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30B7)
    uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30B7\UIU32m.EXE -U -IwqcVenz.inf

    HDAUDIO Soft Data Fax Modem with SmartCP (CNXT_MODEM_HDA_HSF)
    uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_HDA_HSF\UIU32m.exe -U -IwqcVenz.inf

    (Connection Manager)

    devolo dLAN - Assistant de configuration 11.0.0.0 (dlanconf)
    uninstall cmd: C:\Program Files\devolo\setup.exe /remove:dlanconf
    publisher: devolo AG
    help link: www.devolo.com

    devolo Informer 17.0.0.0 (dslmon)
    uninstall cmd: C:\Program Files\devolo\setup.exe /remove:dslmon
    publisher: devolo AG
    help link: www.devolo.com

    Canon Utilities Easy-PhotoPrint (Easy-PhotoPrint)
    uninstall cmd: C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini

    Easy-WebPrint (Easy-WebPrint)
    uninstall cmd: C:\Windows\IsUn040c.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"

    devolo EasyClean 3.0.0.0 (easyclean)
    uninstall cmd: C:\Program Files\devolo\setup.exe /remove:easyclean
    publisher: devolo AG
    help link: www.devolo.com

    devolo EasyShare 4.0.0.0 (easyshare)
    uninstall cmd: C:\Program Files\devolo\setup.exe /remove:easyshare
    publisher: devolo AG
    help link: www.devolo.com

    eMule (eMule)
    uninstall cmd: "C:\Program Files\eMule\Uninstall.exe"

    EVEREST Ultimate Edition v4.50 4.50 (EVEREST Ultimate Edition_is1)
    install location: C:\Program Files\Lavalys\EVEREST Ultimate Edition\
    uninstall cmd: "C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
    publisher: Lavalys, Inc.
    help link: http://www.lavalys.com

    HijackThis 2.0.2 2.0.2 (HijackThis)
    uninstall cmd: "C:\Users\Patrice CATTELAIN\Desktop\HijackThis.exe" /uninstall
    publisher: TrendMicro

    (InstallShield Uninstall Information)

    NVIDIA ForceWare Network Access Manager 1.00.6781 (InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD})
    version: 16783997
    version (major): 1
    estimated size: 40358
    install date: 20080813
    install location: C:\Program Files\NVIDIA Corporation\NetworkAccessManager\
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\{A37C9AAA-0183-4D00-AECB-9075B4A73964}\
    uninstall cmd: "C:\Program Files\InstallShield Installation Information\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\setup.exe" -runfromtemp -l0x040c -removeonly
    publisher: NVIDIA Corporation

    jv16 PowerTools 1.3 (jv16 PowerTools_is1)
    uninstall cmd: "C:\Program Files\jv16 PowerTools\unins000.exe"

    K-Lite Codec Pack 3.6.5 Full 3.6.5 (KLiteCodecPack_is1)
    install date: 20080111
    install location: C:\Program Files\K-Lite Codec Pack\
    uninstall cmd: "C:\Program Files\K-Lite Codec Pack\unins000.exe"

    LimeWire 4.16.6 4.16.6 (LimeWire)
    uninstall cmd: "C:\Program Files\LimeWire\uninstall.exe"
    publisher: Lime Wire, LLC
    help link: http://www.limewire.com/support

    LM 2.5 (LM 2.5)
    uninstall cmd: C:\Program Files\LM Version-2.5-F\Désintallation de la Lanterne Magique.exe

    Malwarebytes' Anti-Malware (Malwarebytes' Anti-Malware_is1)
    install date: 20080819
    install location: C:\Program Files\Malwarebytes' Anti-Malware\
    uninstall cmd: "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    publisher: Malwarebytes Corporation
    help link: https://www.malwarebytes.com/

    Media Player Classic 6.4.8.3 6.4.8.3 (Media Player Classic)
    uninstall cmd: C:\Program Files\Media Player Classic\mpc_uninst.exe
    publisher: Gabest

    Mozilla Firefox (2.0.0.16) 2.0.0.16 (fr) (Mozilla Firefox (2.0.0.16))
    install location: C:\Program Files\Mozilla Firefox
    uninstall cmd: C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    publisher: Mozilla
    comments: Mozilla Firefox

    Canon MP Navigator 2.0 (MP Navigator 2.0)
    install location: C:\Program Files\Canon\MP Navigator 2.0
    uninstall cmd: "C:\Program Files\Canon\MP Navigator 2.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator 2.0\uninst.ini

    Barre d'outils MSN (MSN Toolbar)
    uninstall cmd: C:\Program Files\MSN Toolbar\01.01.2607.0\fr\mtbs.exe c

    Neuf - Kit de connexion 7.11.22.4 (Neuf_Kit)
    uninstall cmd: C:\Program Files\Neuf\Kit\uninstall.exe
    publisher: Neuf
    help link: http://abonnes.neuf.fr
    help telephone: 0892 222 109

    Neuf - Media Center 7.12.5.0 (Neuf_Media Center)
    uninstall cmd: C:\Program Files\Neuf\Media Center\uninstall.exe
    publisher: Neuf
    help link: http://abonnes.neuf.fr
    help telephone: 0892 79 00 09

    NVIDIA Drivers (NVIDIA Drivers)
    uninstall cmd: C:\Windows\system32\NVUNINST.EXE UninstallGUI

    Picasa 2 2.0 (Picasa2)
    uninstall cmd: "C:\Program Files\Picasa2\Uninstall.exe"
    publisher: Google, Inc.
    help link: http://picasa.google.com/

    SAMSUNG CDMA Modem Driver Set (SAMSUNG CDMA Modem)
    uninstall cmd: C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe

    SAMSUNG Mobile USB Modem Software (SAMSUNG Mobile USB Modem)
    uninstall cmd: C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe

    SAMSUNG Mobile USB Modem 1.0 Software (SAMSUNG Mobile USB Modem 1.0)
    uninstall cmd: C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe

    Smart Data Recovery v3.1 3.1 (Smart Data Recovery_is1)
    install location: C:\Program Files\Smart Data Recovery\
    uninstall cmd: "C:\Program Files\Smart Data Recovery\unins001.exe"
    publisher: Smart PC Solutions, LLC
    help link: https://smartpctools.com/

    Synaptics Pointing Device Driver 10.2.4.0 (SynTPDeinstKey)
    uninstall cmd: rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    publisher: Synaptics

    System Requirements Lab (SystemRequirementsLab)
    uninstall cmd: C:\Program Files\SystemRequirementsLab\Uninstall.exe

    VivilProject SpeedTest v4.02 version Francaise (VivilProject SpeedTest_is1)
    install date: 20080427
    install location: C:\VivilProject SpeedTest\
    uninstall cmd: "C:\VivilProject SpeedTest\unins000.exe"
    publisher: Sebastien WILLEMIJNS
    help link: http://80.247.230.136/speedtest

    VideoLAN VLC media player 0.8.6i 0.8.6i (VLC media player)
    uninstall cmd: C:\Program Files\VideoLAN\VLC\uninstall.exe
    publisher: VideoLAN Team

    Vodafone WCDMA Composite Device Drive Software (Vodafone WCDMA Composite Device Drive)
    uninstall cmd: C:\Windows\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe

    GIMP 2.4.6 (WinGimp-2.0_is1)
    install date: 20080606
    install location: C:\Program Files\GIMP-2.0\
    uninstall cmd: "C:\Program Files\GIMP-2.0\setup\unins000.exe"
    help link: https://groups.yahoo.com/neo/groups/gimpwin-users/info

    Archiveur WinRAR (WinRAR archiver)
    uninstall cmd: C:\Program Files\WinRAR\uninstall.exe

    Yahoo! Toolbar avec bloqueur de fenêtres pop-up (Yahoo! Companion)
    uninstall cmd: C:\PROGRA~1\Yahoo!\Common\unyt.exe

    HP Wireless Assistant 3.00 B2 ({02F33FB0-F7D5-4C0A-B4AD-8CE5CE230BBE})
    version: 50331650
    version (major): 3
    estimated size: 3847
    install date: 20070330
    install location: C:\Program Files\Hewlett-Packard\HP Wireless Assistant\
    install source: C:\Swsetup\WLASST\disk1\
    uninstall cmd: MsiExec.exe /I{02F33FB0-F7D5-4C0A-B4AD-8CE5CE230BBE}
    publisher: Hewlett-Packard
    comments: HP Wireless Assistant
    help link: https://www8.hp.com/fr/fr/home.html

    Roxio Creator Tools 3.3.0 ({0394CDC8-FABD-4ed8-B104-03393876DFDF})
    version: 50528256
    version (major): 3
    version (minor): 3
    estimated size: 345
    install date: 20070330
    install source: C:\SWSETUP\RoxioCB9\RCP_TOOLS_33\
    uninstall cmd: MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
    publisher: Roxio
    help link: http://support.sonic.com/

    Roxio Creator Data 3.3.0 ({0D397393-9B50-4c52-84D5-77E344289F87})
    version: 50528256
    version (major): 3
    version (minor): 3
    estimated size: 892
    install date: 20070330
    install source: C:\SWSETUP\RoxioCB9\RCP_DATA_33\
    uninstall cmd: MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
    publisher: Roxio
    help link: http://support.sonic.com/

    Security Update for CAPICOM (KB931906) 2.1.0.2 ({0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A})
    version: 33619968
    version (major): 2
    version (minor): 1
    estimated size: 770
    install date: 20071111
    install source: C:\Windows\TEMP\IXP000.TMP\
    uninstall cmd: MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    publisher: Microsoft Corporation

    Roxio Creator EasyArchive 3.3.0 ({11F93B4B-48F0-4A4E-AE77-DFA96A99664B})
    version: 50528256
    version (major): 3
    version (minor): 3
    estimated size: 1690
    install date: 20070330
    install source: C:\SWSETUP\RoxioCB9\RCP_EASYARCHIVE_33\
    uninstall cmd: MsiExec.exe /I{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
    publisher: Roxio
    help link: http://support.sonic.com/

    HPPhotoSmartPhotobookWebPack1 1.00.0000 ({12A76360-388E-4B27-ABEB-D5FC5378DD2A})
    version: 16777216
    version (major): 1
    estimated size: 1821
    install date: 20080407
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\7zSA535.tmp\setup\HPPhotoSmartPhotobookWebPack1\
    publisher: Hewlett-Packard

    HP Active Support Library 1.0.21 ({21E62565-8639-457C-B64C-A3FF0A8B4D80})
    version: 16777237
    version (major): 1
    estimated size: 11184
    install date: 20070330
    install location: C:\Program Files\Hewlett-Packard\HP Health Check\
    install source: C:\Users\ADMINI~1\AppData\Local\Temp\{359098A0-743B-4349-8C7E-11F521CC5DBC}\
    uninstall cmd: C:\Program Files\InstallShield Installation Information\{21E62565-8639-457C-B64C-A3FF0A8B4D80}\setup.exe -runfromtemp -l0x0409
    publisher: Hewlett-Packard

    Hewlett-Packard Active Check 1.1.4.0 ({254C37AA-6B72-4300-84F6-98A82419187E})
    version: 16842756
    version (major): 1
    version (minor): 1
    estimated size: 530
    install date: 20070330
    install source: C:\Users\ADMINI~1\AppData\Local\Temp\
    uninstall cmd: MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
    publisher: Hewlett-Packard

    Java(TM) SE Runtime Environment 6 1.6.0.0 ({3248F0A8-6813-11D6-A77B-00B0D0160000})
    version: 17170432
    version (major): 1
    version (minor): 6
    estimated size: 117374
    install date: 20070330
    install source: C:\Users\Administrateur\AppData\LocalLow\Sun\Java\jre1.6.0\
    uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
    publisher: Sun Microsystems, Inc.
    contact: https://www.java.com/en/
    help link: https://www.java.com/en/
    readme: C:\Program Files\Java\jre1.6.0\README.txt

    Roxio MyDVD Basic v9 9.0.114 ({33C65B6A-5D73-4E3E-A1F9-127C27BD3F72})
    version: 150995058
    version (major): 9
    estimated size: 306791
    install date: 20070330
    install location: C:\Program Files\Roxio\Roxio MyDVD Basic v9\
    install source: C:\SWSETUP\RoxioCB9\EMC_90\
    uninstall cmd: MsiExec.exe /I{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}
    publisher: Roxio
    comments: Digital Media Suite - Programme d'installation
    contact: https://www.corel.com/fr/support/
    help link: https://www.corel.com/fr/support/
    readme: C:\Program Files\Roxio\Roxio MyDVD Basic v9\ReadMe.htm

    PSSWCORE 2.02.0000 ({34BFB099-07B2-4E95-A673-7362D60866A2})
    version: 33685504
    version (major): 2
    version (minor): 2
    estimated size: 30949
    install date: 20080407
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\7zSA535.tmp\setup\HPPhotoSmartCore\
    publisher: Hewlett-Packard

    HP Quick Launch Buttons 6.10 B9 6.10 B9 ({34D2AB40-150D-475D-AE32-BD23FB5EE355})
    version: 101318865
    install date: 20070330
    install location: C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons
    install source: C:\SWSETUP\QLB\Disk1\
    uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -l0x40c uninst
    publisher: Hewlett-Packard
    help link: https://www8.hp.com/fr/fr/home.html

    Sonic Activation Module 1.0 ({35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0})
    version: 16777216
    version (major): 1
    estimated size: 8214
    install date: 20070330
    install source: C:\SWSETUP\RoxioCB9\ACTIVATION_103\
    uninstall cmd: MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
    publisher: Sonic Solutions

    MSXML 4.0 SP2 (KB927978) 4.20.9841.0 ({37477865-A3F1-4772-AD43-AAFC6BCFF99F})
    version: 68429425
    version (major): 4
    version (minor): 20
    estimated size: 1269
    install date: 20070518
    install source: c:\a6c4c6168ed6c8b212f23e91df4c34\
    uninstall cmd: MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/927978/ms06-071-security-update-for-microsoft-xml-core-services-4-0

    HP Easy Setup - Frontend 5.00.0000 ({40F7AED3-0C7D-4582-99F6-484A515C73F2})
    version: 83886080
    install date: 20070330
    install location: C:\Program Files\Hewlett-Packard\HP Easy Setup - Frontend
    install source: c:\HP\tmp\src\
    uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly
    publisher: Hewlett-Packard

    HP QuickPlay 3.0 ({45D707E9-F3C4-11D9-A373-0050BAE317E1})
    uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\setup.exe" -uninstall

    ArcSoft Software Suite ({497A1721-088F-41EF-8876-B43C9DA5528B})
    uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{497A1721-088F-41EF-8876-B43C9DA5528B}\Setup.exe" -l0x40c
    publisher: ArcSoft

    Cards_Calendar_OrderGift_DoMorePlugout 1.00.0000 ({4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6})
    version: 16777216
    version (major): 1
    estimated size: 1888
    install date: 20080407
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\7zSA535.tmp\setup\Cards_Calendar_Ordergift_Domore_Plugout\
    publisher: Hewlett-Packard

    HP Pavilion Webcam Driver for Vista v061.001.00005 061.001.00005 ({5CA81D12-9EC2-4082-972B-43ECA63F41F2})
    version: 1023475717
    install date: 20070517
    install location: C:\SWSETUP\MISC5\
    install source: C:\SWSetup\WCAM1\Setup.exe
    uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CA81D12-9EC2-4082-972B-43ECA63F41F2}\setup.exe" -l0x40c -removeonly
    publisher: Chicony

    Roxio Creator Copy 3.3.0 ({619CDD8A-14B6-43a1-AB6C-0F4EE48CE048})
    version: 50528256
    version (major): 3
    version (minor): 3
    estimated size: 648
    install date: 20070330
    install source: C:\SWSETUP\RoxioCB9\RCP_COPY_33\
    uninstall cmd: MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
    publisher: Roxio
    help link: http://support.sonic.com/

    Roxio Express Labeler 3 2.1.0 ({6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA})
    version: 33619968
    version (major): 2
    version (minor): 1
    estimated size: 16612
    install date: 20070330
    install source: C:\SWSETUP\RoxioCB9\EXPRESSLABELER_31\
    uninstall cmd: MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
    publisher: Roxio

    Hewlett-Packard Asset Agent 2.0.55.0 ({669D4A35-146B-4314-89F1-1AC3D7B88367})
    version: 33554487
    version (major): 2
    estimated size: 849
    install date: 20070330
    install source: C:\Users\ADMINI~1\AppData\Local\Temp\
    uninstall cmd: MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
    publisher: HP

    Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) 8.1.2 ({6846389C-BAC0-4374-808E-B120F86AF5D7})
    version: 134283266
    version (major): 8
    version (minor): 1
    estimated size: 8180
    install date: 20080707
    install location: C:\Program Files\Adobe\Security Update\
    install source: C:\Users\Patrice CATTELAIN\AppData\Local\Adobe\Updater5\Install\reader8rdr-fr_FR\
    uninstall cmd: MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
    publisher: Adobe Systems, Inc
    comments: Your Comments
    contact: Customer Support Department
    help link: https://www.adobe.com/
    help telephone: 1-555-555-4505

    Windows Media Player Firefox Plugin 1.0.0.8 ({69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4})
    version: 16777216
    version (major): 1
    estimated size: 296
    install date: 20080410
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\IXP000.TMP\
    uninstall cmd: MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    publisher: Microsoft Corp

    Microsoft Works 08.05.0822 ({6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C})
    version: 134546230
    version (major): 8
    version (minor): 5
    estimated size: 276579
    install date: 20070330
    install source: C:\swsetup\MSWorks\FR\
    uninstall cmd: MsiExec.exe /I{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
    publisher: Microsoft Corporation
    comments: Microsoft Works 8.0 installation.
    help link: https://support.microsoft.com/ph/1188
    help telephone:

    Apple Software Update 2.0.0.21 ({74EC78BC-B379-4E29-9006-8F161DCAABA6})
    version: 33554432
    version (major): 2
    estimated size: 2204
    install date: 20080628
    install location: C:\Program Files\Apple Software Update\
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\IXP316.TMP\
    uninstall cmd: MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
    publisher: Apple Inc.
    contact: Assistance AppleCare
    help link: https://support.apple.com/fr-fr
    help telephone: 0825 888 024

    6.5.1 ({7585478E9D9B42108671C12F8714CEFE})
    install location: C:\Program Files\DivX
    uninstall cmd: C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    publisher: DivX, Inc.

    Samsung Samples Installer 1.00.0000 ({7AC15160-A49B-4A89-B181-D4619C025FFF})
    version: 16777216
    install date: 20080510
    install location: C:\Program Files\Samsung\Samsung PC Studio 3
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\byeE9C0.tmp\Disk1\
    uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AC15160-A49B-4A89-B181-D4619C025FFF}\setup.exe" -l0x40c -removeonly
    publisher: Samsung Electronics Co., Ltd.

    NVIDIA ForceWare Network Access Manager 1.00.6781 ({7CFA46E3-CC2F-4355-82AE-6012DC3633FD})
    version: 16783997
    version (major): 1
    estimated size: 40358
    install date: 20080813
    install location: C:\Program Files\NVIDIA Corporation\NetworkAccessManager\
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\{A37C9AAA-0183-4D00-AECB-9075B4A73964}\
    uninstall cmd: MsiExec.exe /I{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
    publisher: NVIDIA Corporation

    Roxio Creator Audio 3.3.0 ({83FFCFC7-88C6-41c6-8752-958A45325C82})
    version: 50528256
    version (major): 3
    version (minor): 3
    estimated size: 1110
    install date: 20070330
    install source: C:\SWSETUP\RoxioCB9\RCP_AUDIO_33\
    uninstall cmd: MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
    publisher: Roxio
    help link: http://support.sonic.com/

    ArcSoft PhotoStudio 5.5 ({85309D89-7BE9-4094-BB17-24999C6118FC})
    version (major): 5
    version (minor): 5
    install location: C:\Program Files\ArcSoft\PhotoStudio 5.5
    uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x40c
    publisher: ArcSoft

    VSO CopyToDVD 4 4.0.5 ({870F1750-BA89-11DA-A94D-0800200C9A66}_is1)
    install date: 20080218
    install location: C:\Program Files\VSO\
    uninstall cmd: "C:\Program Files\VSO\unins000.exe"
    publisher: VSO Software

    Microsoft Silverlight 1.0.30716.0 ({89F4137D-6C26-4A84-BDB8-2E5A4BB71E00})
    version: 16807932
    version (major): 1
    estimated size: 1186
    install date: 20080820
    install source: c:\temp\ext8202\
    uninstall cmd: MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    publisher: Microsoft Corporation
    help link: http://www.microsoft.com/SILVERLIGHT/

    3.0.7.009 ({8ADC27DB-E2C8-446C-A576-166C05C2DD24})
    version: 50331655
    version (major): 3
    estimated size: 192
    install date: 20070330
    install source: C:\SwSetup\HPUpdate\
    publisher: Hewlett-Packard

    DivX Player 6.6.0 ({8ADFC4160D694100B5B8A22DE9DCABD9})
    install location: C:\Program Files\DivX
    uninstall cmd: C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER

    HP Update 4.000.005.007 ({8C6027FD-53DC-446D-BB75-CACD7028A134})
    version: 67108869
    version (major): 4
    estimated size: 3654
    install date: 20070330
    install source: C:\SwSetup\HPUpdate\
    uninstall cmd: MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
    publisher: Hewlett-Packard
    contact: https://support.hp.com/us-en?openCLC=true

    PrintMaster ({8DD144C1-5EAD-4D55-80A1-ACAF893A4FFE})
    uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8DD144C1-5EAD-4D55-80A1-ACAF893A4FFE}\setup.exe" anything

    Microsoft Office Professional Edition 2003 11.0.8173.0 ({9011040C-6000-11D3-8CFE-0150048383C9})
    version: 184557549
    version (major): 11
    estimated size: 864359
    install date: 20080815
    uninstall cmd: MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us
    readme: C:\Program Files\Microsoft Office\OFFICE11\1036\OFREADME.HTM

    Microsoft Office FrontPage 2003 11.0.8173.0 ({9017040C-6000-11D3-8CFE-0150048383C9})
    version: 184557549
    version (major): 11
    estimated size: 553058
    install date: 20080815
    install source: C:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\
    uninstall cmd: MsiExec.exe /I{9017040C-6000-11D3-8CFE-0150048383C9}
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us
    readme: C:\Program Files\Microsoft Office\OFFICE11\1036\OFREADME.HTM

    Microsoft Office Project Professional 2003 11.0.8173.0 ({903B040C-6000-11D3-8CFE-0150048383C9})
    version: 184557549
    version (major): 11
    estimated size: 378371
    install date: 20080815
    install source: C:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\
    uninstall cmd: MsiExec.exe /I{903B040C-6000-11D3-8CFE-0150048383C9}
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us
    readme: C:\Program Files\Microsoft Office\OFFICE11\1036\PJREADME.HTM

    Gestionnaire pour appareils Windows Mobile 6.1.6965.0 ({904CCF62-818D-4675-BC76-D37EB399F917})
    version: 100735797
    version (major): 6
    version (minor): 1
    estimated size: 28165
    install date: 20080316
    install source: C:\Windows\WindowsMobile\
    uninstall cmd: MsiExec.exe /X{904CCF62-818D-4675-BC76-D37EB399F917}
    publisher: Microsoft Corporation

    Microsoft Office Visio Professional 2003 11.0.8173.0 ({9051040C-6000-11D3-8CFE-0150048383C9})
    version: 184557549
    version (major): 11
    estimated size: 449531
    install date: 20080409
    install source: C:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\
    uninstall cmd: MsiExec.exe /I{9051040C-6000-11D3-8CFE-0150048383C9}
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us
    readme: C:\Program Files\Microsoft Office\Visio11\1036\VIREADME.HTM

    Microsoft Office OneNote 2003 11.0.8173.0 ({90A1040C-6000-11D3-8CFE-0150048383C9})
    version: 184557549
    version (major): 11
    estimated size: 297457
    install date: 20080815
    install source: C:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\
    uninstall cmd: MsiExec.exe /I{90A1040C-6000-11D3-8CFE-0150048383C9}
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us
    readme: C:\Program Files\Microsoft Office\OFFICE11\1036\OFREADME.HTM

    Microsoft Office PowerPoint Viewer 2003 11.0.8164.0 ({90AF040C-6000-11D3-8CFE-0150048383C9})
    version: 184555834
    version (major): 11
    estimated size: 4111
    install date: 20080315
    install location: C:\Program Files\Microsoft Office\
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\IXP000.TMP\
    uninstall cmd: MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us

    Canon MP170 ({91175441-4E5D-4e13-B116-828FD352CDB2})
    uninstall cmd: "C:\Windows\system32\CanonIJ Uninstaller Information\{91175441-4E5D-4e13-B116-828FD352CDB2}\DelDrv.exe" /U:{91175441-4E5D-4e13-B116-828FD352CDB2} /L0x0009

    QuickTime 7.2.0.240 ({95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC})
    version: 117571584
    version (major): 7
    version (minor): 2
    estimated size: 75788
    install date: 20080628
    install location: C:\Program Files\VistaCodecPack\QT\
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\IXP316.TMP\
    uninstall cmd: MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
    publisher: Apple Inc.
    contact: Assistance AppleCare
    help link: https://support.apple.com/fr-fr
    help telephone: (33) 0825 888 024

    PHOTOfunSTUDIO -viewer- 2.00.000 ({9A9DBEBC-C800-4776-A970-D76D6AA405B1})
    version: 33554432
    install date: 20080628
    install location: C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-
    install source: E:\PHOTOFUN\Setup\
    uninstall cmd: C:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}\setup.exe -runfromtemp -l0x040c -z"Uninstall" -removeonly
    publisher: Panasonic

    Private folder 1.00.0000 ({A3D7D9D7-9A65-4F7D-B660-CBD4105129CF})
    version: 16777216
    version (major): 1
    estimated size: 2078
    install date: 20071114
    install location: C:\Program Files\Private folder\My Product Name\
    install source: C:\Windows\Downloaded Installations\{81098DCE-9FAC-4204-8890-06EF3B89C358}\
    uninstall cmd: MsiExec.exe /I{A3D7D9D7-9A65-4F7D-B660-CBD4105129CF}
    publisher: Your Company Name

    Galerie de photos Windows Live 12.0.1347.0718 ({A70FA218-6598-4AC9-813D-63597C5DD068})
    version: 201327939
    version (major): 12
    estimated size: 21445
    install date: 20080807
    install source: C:\Windows\SoftwareDistribution\Download\3a0ec7b3c737fb664542cf342f6fe212\img\
    uninstall cmd: MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/windows/windows-essentials-2707b879-5004-4349-c4a4-e5900945f2a9

    HP Customer Experience Enhancements 1.00.0000 ({AB5E289E-76BF-4251-9F3F-9B763F681AE0})
    version: 16777216
    install date: 20070330
    install location: C:\Program Files\Hewlett-Packard\HP Customer Experience Enhancements
    install source: c:\HP\tmp\src\
    uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly
    publisher: Hewlett-Packard

    Adobe Reader 8.1.2 - Français 8.1.2 ({AC76BA86-7AD7-1036-7B44-A81200000003})
    version: 134283266
    version (major): 8
    version (minor): 1
    estimated size: 147922
    install date: 20080316
    install location: C:\Program Files\Adobe\Reader 8.0\Reader\
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\Adobe Reader 8\
    uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
    publisher: Adobe Systems Incorporated
    comments:
    contact: Support clientèle
    help link: https://helpx.adobe.com/support.html
    readme: C:\Program Files\Adobe\Reader 8.0\Reader\Lisezmoi.htm

    Assistant de connexion Windows Live 4.200.520.1 ({AFA4E5FD-ED70-4D92-99D0-162FD56DC986})
    version: 80216584
    version (major): 4
    version (minor): 200
    estimated size: 1333
    install date: 20071111
    install source: C:\Program Files\Common Files\WindowsLiveInstaller\MsiSources\
    uninstall cmd: MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    publisher: Microsoft Corporation

    DivX Converter 6.5.1 ({B13A7C41581B411290FBC0395694E2A9})
    install location: C:\Program Files\DivX
    uninstall cmd: C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    publisher: DivX, Inc.

    HP Image Zone Express 1.1.002.037 ({B314F1F2-49DF-41DD-A1B4-DC4192EC1021})
    version: 16842754
    version (major): 1
    version (minor): 1
    estimated size: 7818
    install date: 20080416
    install location: C:\Program Files\HP\
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\IXP000.TMP\
    uninstall cmd: MsiExec.exe /X{B314F1F2-49DF-41DD-A1B4-DC4192EC1021}
    publisher: Hewlett-Packard
    help link: https://www8.hp.com/fr/fr/home.html

    Spybot - Search & Destroy 1.6.0 ({B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1)
    install date: 20080812
    install location: C:\Program Files\Spybot - Search & Destroy\
    uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins001.exe"
    publisher: Safer Networking Limited
    help link: https://www.safer-networking.org/?page=support

    DivX Web Player 1.4.0 ({B7050CBDB2504B34BC2A9CA0A692CC29})
    install location: C:\Program Files\DivX
    uninstall cmd: C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    publisher: DivX,Inc.

    HP Photosmart Essential 2.5 1.02.0000 ({BAD0FA60-09CF-4411-AE6A-C2844C
    0
  2. Patour57 Messages postés 41 Statut Membre 1
     
    Salut

    Voila le résultat avec Spybot

    --- Search result list ---
    Le conseil du jour: Cliquez sur la barre située à droite pour voir plus d'informations! ()

    Win32.Bifrose.LA: [SBI $44EDC9AF] Réglages (Clé du registre, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Cn911

    --- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

    2008-07-07 blindman.exe (1.0.0.8)
    2008-07-07 SDFiles.exe (1.6.0.4)
    2008-07-07 SDMain.exe (1.0.0.6)
    2008-07-07 SDShred.exe (1.0.2.3)
    2008-07-07 SDUpdate.exe (1.6.0.8)
    2008-07-07 SDWinSec.exe (1.0.0.12)
    2008-07-07 SpybotSD.exe (1.6.0.30)
    2008-08-18 TeaTimer.exe (1.6.2.23)
    2008-08-09 unins000.exe (51.49.0.0)
    2008-08-12 unins001.exe (51.49.0.0)
    2008-07-07 Update.exe (1.6.0.7)
    2008-07-07 advcheck.dll (1.6.1.12)
    2007-04-02 aports.dll (2.1.0.0)
    2008-06-14 DelZip179.dll (1.79.11.1)
    2008-07-07 SDHelper.dll (1.6.0.12)
    2008-06-19 sqlite3.dll
    2008-07-07 Tools.dll (2.1.5.7)
    2008-08-05 Includes\Adware.sbi (*)
    2008-08-19 Includes\AdwareC.sbi (*)
    2008-06-03 Includes\Cookies.sbi (*)
    2008-06-03 Includes\Dialer.sbi (*)
    2008-08-05 Includes\DialerC.sbi (*)
    2008-07-23 Includes\HeavyDuty.sbi (*)
    2008-08-19 Includes\Hijackers.sbi (*)
    2008-08-19 Includes\HijackersC.sbi (*)
    2008-08-05 Includes\Keyloggers.sbi (*)
    2008-08-12 Includes\KeyloggersC.sbi (*)
    2004-11-29 Includes\LSP.sbi (*)
    2008-08-20 Includes\Malware.sbi (*)
    2008-08-19 Includes\MalwareC.sbi (*)
    2008-08-05 Includes\PUPS.sbi (*)
    2008-08-19 Includes\PUPSC.sbi (*)
    2007-11-07 Includes\Revision.sbi (*)
    2008-06-18 Includes\Security.sbi (*)
    2008-08-19 Includes\SecurityC.sbi (*)
    2008-06-03 Includes\Spybots.sbi (*)
    2008-06-03 Includes\SpybotsC.sbi (*)
    2008-08-12 Includes\Spyware.sbi (*)
    2008-08-12 Includes\SpywareC.sbi (*)
    2008-06-03 Includes\Tracks.uti
    2008-08-05 Includes\Trojans.sbi (*)
    2008-08-20 Includes\TrojansC.sbi (*)
    2008-03-04 Plugins\Chai.dll
    2008-03-05 Plugins\Fennel.dll
    2008-02-26 Plugins\Mate.dll
    2007-12-24 Plugins\TCPIPAddress.dll

    --- System information ---
    Windows Vista (Build: 6001) Service Pack 1 (6.0.6001)
    / MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
    / MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
    / MSXML4SP2: Security update for MSXML4 SP2 (KB941833)

    --- Startup entries list ---
    Located: HK_LM:Run, !AVG Anti-Spyware
    command: "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    file: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    size: 6731312
    MD5: CC6BC45DD5A58158645E7FB2953604FE

    Located: HK_LM:Run, ArcSoft Connection Service
    command: C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    file: C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    size: 31232
    MD5: 464C9D3EB01BB20968493C68B1511159

    Located: HK_LM:Run, avgnt
    command: "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    file: C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    size: 266497
    MD5: 6E812818306D460D62B4ABEA9FDC6679

    Located: HK_LM:Run, hpWirelessAssistant
    command: %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    file: C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    size: 472800
    MD5: F3C9ADCBF74090552EDC76F81A553D81

    Located: HK_LM:Run, NvCplDaemon
    command: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    file: C:\Windows\system32\NvCpl.dll
    size: 13535776
    MD5: 7522597DD61F651A95A471D798E08304

    Located: HK_LM:Run, SynTPEnh
    command: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    file: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    size: 1033512
    MD5: 19D93154C82FE39A99B269CED1056A92

    Located: HK_LM:Run, WAWifiMessage
    command: %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    file: C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    size: 317152
    MD5: 6006C370B18A345203D26038518F5F86

    Located: HK_LM:Run, Windows Defender
    command: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    file: C:\Program Files\Windows Defender\MSASCui.exe
    size: 1008184
    MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E

    Located: HK_LM:Run, Windows Mobile-based device management
    command: %windir%\WindowsMobile\wmdSync.exe
    file: C:\Windows\WindowsMobile\wmdSync.exe
    size: 215552
    MD5: 4AB05041D5C922B9A7A5D9059F5538CD

    Located: HK_LM:Run, !AVG Anti-Spyware (DISABLED)
    command: "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    file: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    size: 6731312
    MD5: CC6BC45DD5A58158645E7FB2953604FE

    Located: HK_LM:Run, Adobe Reader Speed Launcher (DISABLED)
    command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    size: 39792
    MD5: 8B9145D229D4E89D15ACB820D4A3A90F

    Located: HK_LM:Run, HP Health Check Scheduler (DISABLED)
    command: C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    file: C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    size: 46704
    MD5: 58EC2A2D7B7211F568A75C8D30C68257

    Located: HK_LM:Run, HP Software Update (DISABLED)
    command: C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    file: C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    size: 49152
    MD5: 821F73B833C4DAEBC33C1A9A4B16BB5A

    Located: HK_LM:Run, hpqSRMon (DISABLED)
    command: C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe
    file: C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe
    size: 80896
    MD5: 941A08CBDEEDF16B6C986B6BA7C9A5D0

    Located: HK_LM:Run, NvMediaCenter (DISABLED)
    command: RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    file: C:\Windows\system32\NvMcTray.dll
    size: 92704
    MD5: C1E17F8DF7524B454E57A0C887307403

    Located: HK_LM:Run, NvSvc (DISABLED)
    command: RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    file: C:\Windows\system32\nvsvc.dll
    size: 526880
    MD5: B88B306A3DD3B470A8747B15B7C00703

    Located: HK_LM:Run, QlbCtrl (DISABLED)
    command: %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    file: C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    size: 159744
    MD5: 20321CA0F49D143FDB4CEF926A05E10A

    Located: HK_LM:Run, QPService (DISABLED)
    command: "C:\Program Files\HP\QuickPlay\QPService.exe"
    file: C:\Program Files\HP\QuickPlay\QPService.exe
    size: 167936
    MD5: 9F8F1BA3941DAD9325FFC166E76DFADB

    Located: HK_LM:Run, QuickTime Task (DISABLED)
    command: "C:\Program Files\VistaCodecPack\QT\QTTask.exe" -atboottime
    file: C:\Program Files\VistaCodecPack\QT\QTTask.exe
    size: 286720
    MD5: 49CCFBE5D5225B9D3CC78C09DEE147D0

    Located: HK_LM:Run, SunJavaUpdateSched (DISABLED)
    command: "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
    file: C:\Program Files\Java\jre1.6.0\bin\jusched.exe
    size: 77824
    MD5: 8F5E772B91A10AC97415B760FF21A94F

    Located: HK_LM:Run, SynTPStart (DISABLED)
    command: C:\Program Files\Synaptics\SynTP\SynTPStart.exe
    file: C:\Program Files\Synaptics\SynTP\SynTPStart.exe
    size: 102400
    MD5: A3418E4D4A5EE636D44922DC2567FA18

    Located: HK_LM:Run, Windows Mobile Device Center (DISABLED)
    command: %windir%\WindowsMobile\wmdc.exe
    file: C:\Windows\WindowsMobile\wmdc.exe
    size: 648072
    MD5: 96B3C4E20F02CA16AA1E3E425BFFCC8B

    Located: HK_LM:Run, Windows Mobile-based device management (DISABLED)
    command: %windir%\WindowsMobile\wmdSync.exe
    file: C:\Windows\WindowsMobile\wmdSync.exe
    size: 215552
    MD5: 4AB05041D5C922B9A7A5D9059F5538CD

    Located: HK_CU:Run, Sidebar
    where: S-1-5-19...
    command: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
    file: C:\Program Files\Windows Sidebar\Sidebar.exe
    size: 1233920
    MD5: FD278E51A7D6F52D22FCE6C67E037AD6

    Located: HK_CU:Run, WindowsWelcomeCenter
    where: S-1-5-19...
    command: rundll32.exe oobefldr.dll,ShowWelcomeCenter
    file: C:\Windows\system32\oobefldr.dll
    size: 2153472
    MD5: 83E4A5435B0FA6AD0166722621A04725

    Located: HK_CU:Run, Sidebar
    where: S-1-5-20...
    command: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
    file: C:\Program Files\Windows Sidebar\Sidebar.exe
    size: 1233920
    MD5: FD278E51A7D6F52D22FCE6C67E037AD6

    Located: HK_CU:Run, WindowsWelcomeCenter
    where: S-1-5-20...
    command: rundll32.exe oobefldr.dll,ShowWelcomeCenter
    file: C:\Windows\system32\oobefldr.dll
    size: 2153472
    MD5: 83E4A5435B0FA6AD0166722621A04725

    Located: HK_CU:Run, SpybotSD TeaTimer
    where: S-1-5-21-3858235561-3552012657-3696386842-1000...
    command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    size: 1832272
    MD5: FFB5BAC9C29303904365640A2E2A6D0C

    Located: HK_CU:Run, WMPNSCFG
    where: S-1-5-21-3858235561-3552012657-3696386842-1000...
    command: C:\Program Files\Windows Media Player\WMPNSCFG.exe
    file: C:\Program Files\Windows Media Player\WMPNSCFG.exe
    size: 202240
    MD5: 35937EAD711207544E219C2A19A78A7D

    Located: HK_CU:Run, ehTray.exe (DISABLED)
    where: S-1-5-21-3858235561-3552012657-3696386842-1000...
    command: C:\Windows\ehome\ehTray.exe
    file: C:\Windows\ehome\ehTray.exe
    size: 125952
    MD5: BF08674925F151BD4537B89A493E3E0C

    Located: HK_CU:Run, Sidebar (DISABLED)
    where: S-1-5-21-3858235561-3552012657-3696386842-1000...
    command: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    file: C:\Program Files\Windows Sidebar\sidebar.exe
    size: 1233920
    MD5: FD278E51A7D6F52D22FCE6C67E037AD6

    Located: Démarrage (tous utilisateurs), Event Reminder.lnk
    where: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup...
    command: C:\Program Files\Broderbund\PrintMaster\PMremind.exe
    file: C:\Program Files\Broderbund\PrintMaster\PMremind.exe
    size: 323584
    MD5: BBCC597AB4227C13540849865952017D

    --- Browser helper object list ---
    {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Programme d'aide de l'Assistant de connexion Windows Live
    Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live\
    Long name: WindowsLiveLogin.dll
    Short name: WINDOW~1.DLL
    Date (created): 20/09/2007 11:30:18
    Date (last access): 11/11/2007 21:05:48
    Date (last write): 20/09/2007 11:30:18
    Filesize: 328752
    Attributes: archive
    MD5: 59CF5BF6684AFCF906CADAD39B4214DE
    CRC32: C363813C
    Version: 4.200.520.1

    {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Google Toolbar Helper
    description: Google toolbar
    classification: Open for discussion
    known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
    info link: http://www.google.com/intl/fr/toolbar/ie/index.html
    info source: TonyKlein
    Path: c:\program files\google\
    Long name: GoogleToolbar2.dll
    Short name: GOOGLE~2.DLL
    Date (created): 17/05/2007 21:52:40
    Date (last access): 17/05/2007 21:52:40
    Date (last write): 17/05/2007 21:52:40
    Filesize: 2436160
    Attributes: readonly archive
    MD5: 6D44E0C3B43D27484FBB355E470C4188
    CRC32: 2DE875CD
    Version: 4.0.1601.4978

    --- ActiveX list ---
    {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control)
    DPF name:
    CLSID name: OnlineScanner Control
    Installer: C:\Windows\Downloaded Program Files\OnlineScanner.inf
    Codebase: https://www.eset.com/
    Path: C:\Windows\system32\
    Long name: OnlineScanner.ocx
    Short name: ONLINE~1.OCX
    Date (created): 06/08/2007 13:18:16
    Date (last access): 06/08/2007 13:18:16
    Date (last write): 06/08/2007 13:18:16
    Filesize: 2707456
    Attributes: archive
    MD5: 41B8A44F69C6C5C2F9DAFEA1ED184D20
    CRC32: E1F281AC
    Version: 1.0.0.337

    {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control)
    DPF name:
    CLSID name: BDSCANONLINE Control
    Installer: C:\Windows\Downloaded Program Files\oscan8.inf
    Codebase: http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    description:
    classification: Legitimate
    known filename: oscan8.ocx
    info link:
    info source: Safer Networking Ltd.
    Path: C:\Windows\DOWNLO~1\
    Long name: oscan8.ocx
    Short name:
    Date (created): 25/10/2007 16:54:18
    Date (last access): 25/10/2007 16:54:18
    Date (last write): 25/10/2007 16:54:18
    Filesize: 471040
    Attributes: archive
    MD5: BC4E154A06C9208EF36669B1B9E5FDAD
    CRC32: DF08A08D
    Version: 1.0.0.1

    {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
    DPF name:
    CLSID name:
    Installer: C:\Windows\Downloaded Program Files\erma.inf
    Codebase: http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    description:
    classification: Open for discussion
    known filename:
    info link:
    info source: Safer Networking Ltd.

    --- Process list ---
    PID: 1808 (1172) C:\Windows\system32\Dwm.exe
    size: 81920
    MD5: 59903071D7ACE6A02093C47E9E38AF97
    PID: 1816 (1784) C:\Windows\Explorer.EXE
    size: 2927104
    MD5: FFA764631CB70A30065C12EF8E174F9F
    PID: 1288 (1192) C:\Windows\system32\taskeng.exe
    size: 169472
    MD5: 5F109032CE46B7184ED9E50F9FE8489E
    PID: 1644 (1816) C:\Program Files\Windows Defender\MSASCui.exe
    size: 1008184
    MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E
    PID: 1764 (1816) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    size: 1033512
    MD5: 19D93154C82FE39A99B269CED1056A92
    PID: 876 (1816) C:\Windows\WindowsMobile\wmdSync.exe
    size: 215552
    MD5: 4AB05041D5C922B9A7A5D9059F5538CD
    PID: 1528 (1816) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    size: 31232
    MD5: 464C9D3EB01BB20968493C68B1511159
    PID: 1700 (1816) C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    size: 266497
    MD5: 6E812818306D460D62B4ABEA9FDC6679
    PID: 1080 (1816) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    size: 6731312
    MD5: CC6BC45DD5A58158645E7FB2953604FE
    PID: 1108 (1816) C:\Program Files\Windows Media Player\wmpnscfg.exe
    size: 202240
    MD5: 35937EAD711207544E219C2A19A78A7D
    PID: 3768 (1764) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    size: 95528
    MD5: 892699A6AEB910C58B726BD70BEA4F4B
    PID: 2792 ( 892) C:\Windows\system32\wbem\unsecapp.exe
    size: 37888
    MD5: 25873356E52849C3F5B3F1B02317E8C8
    PID: 1604 (1816) C:\Program Files\Mozilla Firefox\firefox.exe
    size: 7667312
    MD5: 8FD9724777C5DA9665ADB7B554F746BC
    PID: 3312 (3936) C:\Windows\system32\conime.exe
    size: 69120
    MD5: F96EBC5A624349D81DCC7600A3C5DC43
    PID: 3356 (3936) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    size: 4891472
    MD5: 3B1B5D09D3C9C4CD39D4DB06ED7A0855
    PID: 0 ( 0) [System Process]
    PID: 4 ( 0) System
    PID: 480 ( 4) smss.exe
    size: 64000
    PID: 584 ( 572) csrss.exe
    size: 6144
    PID: 636 ( 572) wininit.exe
    size: 96768
    PID: 648 ( 628) csrss.exe
    size: 6144
    PID: 684 ( 636) services.exe
    size: 279040
    PID: 700 ( 636) lsass.exe
    size: 9728
    PID: 708 ( 636) lsm.exe
    size: 229888
    PID: 784 ( 628) winlogon.exe
    size: 314880
    PID: 892 ( 684) svchost.exe
    size: 21504
    PID: 944 ( 684) nvvsvc.exe
    size: 118784
    PID: 972 ( 684) svchost.exe
    size: 21504
    PID: 1012 ( 684) svchost.exe
    size: 21504
    PID: 1124 ( 684) svchost.exe
    size: 21504
    PID: 1172 ( 684) svchost.exe
    size: 21504
    PID: 1192 ( 684) svchost.exe
    size: 21504
    PID: 1256 (1124) audiodg.exe
    size: 88064
    PID: 1300 ( 684) SLsvc.exe
    size: 2623488
    PID: 1324 ( 684) svchost.exe
    size: 21504
    PID: 1392 ( 944) rundll32.exe
    size: 44544
    PID: 1588 ( 684) svchost.exe
    size: 21504
    PID: 1900 ( 684) spoolsv.exe
    size: 125952
    PID: 1940 ( 684) sched.exe
    PID: 1960 ( 684) svchost.exe
    size: 21504
    PID: 1968 (1172) wlanext.exe
    size: 74240
    PID: 424 (1192) taskeng.exe
    size: 169472
    PID: 2284 ( 684) a2service.exe
    PID: 2316 ( 684) ACService.exe
    PID: 2352 ( 684) avguard.exe
    PID: 2380 ( 684) guard.exe
    PID: 2392 ( 684) svchost.exe
    size: 21504
    PID: 2412 ( 684) CLCapSvc.exe
    PID: 2460 ( 684) LSSrvc.exe
    PID: 2500 ( 684) MDM.EXE
    PID: 2564 ( 684) svchost.exe
    size: 21504
    PID: 2640 ( 684) svchost.exe
    size: 21504
    PID: 2704 ( 684) svchost.exe
    size: 21504
    PID: 2748 ( 684) SearchIndexer.exe
    size: 302080
    PID: 2784 ( 684) XAudio.exe
    PID: 2976 ( 684) nSvcAppFlt.exe
    PID: 3224 ( 684) hpqwmiex.exe
    PID: 3276 ( 684) nSvcIp.exe
    PID: 3364 ( 684) CLSched.exe
    PID: 3440 ( 684) SDWinSec.exe
    size: 809296
    MD5: 55C1E4FDFD62A48FB5A2CE25F3AA8AE8
    PID: 3868 ( 684) svchost.exe
    size: 21504
    PID: 4020 ( 684) wmpnetwk.exe
    PID: 4060 ( 684) alg.exe
    size: 59392
    PID: 2100 ( 892) WmiPrvSE.exe
    PID: 3896 ( 684) HPHC_Service.exe

    --- Browser start & search pages list ---
    Spybot - Search & Destroy browser pages report, 21/08/2008 16:40:42

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
    C:\Windows\system32\blank.htm
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
    https://actus.sfr.fr
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
    https://actus.sfr.fr
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
    http://home.neuf.fr/
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
    http://www.bing.com/spresults.aspx
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
    http://home.microsoft.com/access/autosearch.asp?p=%s
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
    %SystemRoot%\system32\blank.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
    https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
    https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
    https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
    https://actus.sfr.fr
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
    https://actus.sfr.fr

    --- Winsock Layered Service Provider list ---
    Protocol 0: NVIDIA App Filter over [MSAFD Tcpip [TCP/IP]]
    GUID: {9D84A3BB-54AB-451E-9D02-4C4EDEC0DAC4}
    Filename: %SYSTEMROOT%\system32\nvLsp.dll

    Protocol 1: NVIDIA App Filter over [MSAFD Tcpip [UDP/IP]]
    GUID: {9D84A3BB-54AB-451E-9D02-4C4EDEC0DAC4}
    Filename: %SYSTEMROOT%\system32\nvLsp.dll

    Protocol 2: NVIDIA App Filter over [MSAFD Tcpip [RAW/IP]]
    GUID: {9D84A3BB-54AB-451E-9D02-4C4EDEC0DAC4}
    Filename: %SYSTEMROOT%\system32\nvLsp.dll

    Protocol 3: NVIDIA App Filter over [MSAFD Tcpip [TCP/IPv6]]
    GUID: {9D84A3BB-54AB-451E-9D02-4C4EDEC0DAC4}
    Filename: %SYSTEMROOT%\system32\nvLsp.dll

    Protocol 4: NVIDIA App Filter over [MSAFD Tcpip [UDP/IPv6]]
    GUID: {9D84A3BB-54AB-451E-9D02-4C4EDEC0DAC4}
    Filename: %SYSTEMROOT%\system32\nvLsp.dll

    Protocol 5: NVIDIA App Filter over [MSAFD Tcpip [RAW/IPv6]]
    GUID: {9D84A3BB-54AB-451E-9D02-4C4EDEC0DAC4}
    Filename: %SYSTEMROOT%\system32\nvLsp.dll

    Protocol 32: NVIDIA App Filter
    GUID: {561A1E9F-D78B-40E3-866D-4CE5CF6BB83F}
    Filename: %SYSTEMROOT%\system32\nvLsp.dll

    Namespace Provider 1: Fournisseur Shim d'affectation de noms de messagerie
    GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
    Filename:

    Namespace Provider 2: Fournisseur d'espace de noms du nuage PNRP
    GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
    Filename:

    Namespace Provider 3: Fournisseur d'espace de noms du nom PNRP
    GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
    Filename:

    --- Uninstall list ---
    Adobe Flash Player ActiveX 9.0.115.0 (Adobe Flash Player ActiveX)
    uninstall cmd: C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    publisher: Adobe Systems Incorporated
    help link: https://helpx.adobe.com/flash-player.html

    Adobe Flash Player Plugin 9.0.124.0 (Adobe Flash Player Plugin)
    uninstall cmd: C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    publisher: Adobe Systems Incorporated

    Avira AntiVir Personal - Free Antivirus (AntiVir PersonalEdition Classic)
    uninstall cmd: C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
    publisher: Avira GmbH
    help link: http://www.avira.com/classic-support

    AVG Anti-Spyware 7.5 (AVGAntiSpyware75)
    install location: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5
    uninstall cmd: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
    publisher: Grisoft Ltd.
    help link: https://www.avg.com/fr-fr/homepage

    Broadcom 802.11 Wireless LAN Adapter 4.102.15.61 (Broadcom 802.11b Network Adapter)
    uninstall cmd: "C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver"
    publisher: Broadcom Corporation

    CamStudio 2.02 Fr (CamStudio 2.02 Fr_is1)
    uninstall cmd: "C:\Program Files\CamStudio\unins000.exe"

    Canon Inkjet Printer Driver Add-On Module (CANONIJINBOXADDON100)
    uninstall cmd: C:\Program Files\Common Files\Canon\IJ\InboxPrnV100\SETUP.EXE -R

    CCleaner (remove only) (CCleaner)
    uninstall cmd: "C:\Program Files\CCleaner\uninst.exe"

    CD Jaquette 5.0 (CD Jaquette)
    uninstall cmd: "C:\JSAL Software\CD Jaquette\uninstall.exe"

    Conexant HD Audio (CNXT_HDAUDIO)
    uninstall cmd: C:\Program Files\CONEXANT\CNXT_HDAUDIO\UIU32a.exe -U -IwisR30B7.INF

    HDAUDIO Soft Data Fax Modem with SmartCP (CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30B7)
    uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30B7\UIU32m.EXE -U -IwqcVenz.inf

    HDAUDIO Soft Data Fax Modem with SmartCP (CNXT_MODEM_HDA_HSF)
    uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_HDA_HSF\UIU32m.exe -U -IwqcVenz.inf

    (Connection Manager)

    devolo dLAN - Assistant de configuration 11.0.0.0 (dlanconf)
    uninstall cmd: C:\Program Files\devolo\setup.exe /remove:dlanconf
    publisher: devolo AG
    help link: www.devolo.com

    devolo Informer 17.0.0.0 (dslmon)
    uninstall cmd: C:\Program Files\devolo\setup.exe /remove:dslmon
    publisher: devolo AG
    help link: www.devolo.com

    Canon Utilities Easy-PhotoPrint (Easy-PhotoPrint)
    uninstall cmd: C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini

    Easy-WebPrint (Easy-WebPrint)
    uninstall cmd: C:\Windows\IsUn040c.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"

    devolo EasyClean 3.0.0.0 (easyclean)
    uninstall cmd: C:\Program Files\devolo\setup.exe /remove:easyclean
    publisher: devolo AG
    help link: www.devolo.com

    devolo EasyShare 4.0.0.0 (easyshare)
    uninstall cmd: C:\Program Files\devolo\setup.exe /remove:easyshare
    publisher: devolo AG
    help link: www.devolo.com

    eMule (eMule)
    uninstall cmd: "C:\Program Files\eMule\Uninstall.exe"

    EVEREST Ultimate Edition v4.50 4.50 (EVEREST Ultimate Edition_is1)
    install location: C:\Program Files\Lavalys\EVEREST Ultimate Edition\
    uninstall cmd: "C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
    publisher: Lavalys, Inc.
    help link: http://www.lavalys.com

    HijackThis 2.0.2 2.0.2 (HijackThis)
    uninstall cmd: "C:\Users\Patrice CATTELAIN\Desktop\HijackThis.exe" /uninstall
    publisher: TrendMicro

    (InstallShield Uninstall Information)

    NVIDIA ForceWare Network Access Manager 1.00.6781 (InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD})
    version: 16783997
    version (major): 1
    estimated size: 40358
    install date: 20080813
    install location: C:\Program Files\NVIDIA Corporation\NetworkAccessManager\
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\{A37C9AAA-0183-4D00-AECB-9075B4A73964}\
    uninstall cmd: "C:\Program Files\InstallShield Installation Information\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\setup.exe" -runfromtemp -l0x040c -removeonly
    publisher: NVIDIA Corporation

    jv16 PowerTools 1.3 (jv16 PowerTools_is1)
    uninstall cmd: "C:\Program Files\jv16 PowerTools\unins000.exe"

    K-Lite Codec Pack 3.6.5 Full 3.6.5 (KLiteCodecPack_is1)
    install date: 20080111
    install location: C:\Program Files\K-Lite Codec Pack\
    uninstall cmd: "C:\Program Files\K-Lite Codec Pack\unins000.exe"

    LimeWire 4.16.6 4.16.6 (LimeWire)
    uninstall cmd: "C:\Program Files\LimeWire\uninstall.exe"
    publisher: Lime Wire, LLC
    help link: http://www.limewire.com/support

    LM 2.5 (LM 2.5)
    uninstall cmd: C:\Program Files\LM Version-2.5-F\Désintallation de la Lanterne Magique.exe

    Malwarebytes' Anti-Malware (Malwarebytes' Anti-Malware_is1)
    install date: 20080819
    install location: C:\Program Files\Malwarebytes' Anti-Malware\
    uninstall cmd: "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    publisher: Malwarebytes Corporation
    help link: https://www.malwarebytes.com/

    Media Player Classic 6.4.8.3 6.4.8.3 (Media Player Classic)
    uninstall cmd: C:\Program Files\Media Player Classic\mpc_uninst.exe
    publisher: Gabest

    Mozilla Firefox (2.0.0.16) 2.0.0.16 (fr) (Mozilla Firefox (2.0.0.16))
    install location: C:\Program Files\Mozilla Firefox
    uninstall cmd: C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    publisher: Mozilla
    comments: Mozilla Firefox

    Canon MP Navigator 2.0 (MP Navigator 2.0)
    install location: C:\Program Files\Canon\MP Navigator 2.0
    uninstall cmd: "C:\Program Files\Canon\MP Navigator 2.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator 2.0\uninst.ini

    Barre d'outils MSN (MSN Toolbar)
    uninstall cmd: C:\Program Files\MSN Toolbar\01.01.2607.0\fr\mtbs.exe c

    Neuf - Kit de connexion 7.11.22.4 (Neuf_Kit)
    uninstall cmd: C:\Program Files\Neuf\Kit\uninstall.exe
    publisher: Neuf
    help link: http://abonnes.neuf.fr
    help telephone: 0892 222 109

    Neuf - Media Center 7.12.5.0 (Neuf_Media Center)
    uninstall cmd: C:\Program Files\Neuf\Media Center\uninstall.exe
    publisher: Neuf
    help link: http://abonnes.neuf.fr
    help telephone: 0892 79 00 09

    NVIDIA Drivers (NVIDIA Drivers)
    uninstall cmd: C:\Windows\system32\NVUNINST.EXE UninstallGUI

    Picasa 2 2.0 (Picasa2)
    uninstall cmd: "C:\Program Files\Picasa2\Uninstall.exe"
    publisher: Google, Inc.
    help link: http://picasa.google.com/

    SAMSUNG CDMA Modem Driver Set (SAMSUNG CDMA Modem)
    uninstall cmd: C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe

    SAMSUNG Mobile USB Modem Software (SAMSUNG Mobile USB Modem)
    uninstall cmd: C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe

    SAMSUNG Mobile USB Modem 1.0 Software (SAMSUNG Mobile USB Modem 1.0)
    uninstall cmd: C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe

    Smart Data Recovery v3.1 3.1 (Smart Data Recovery_is1)
    install location: C:\Program Files\Smart Data Recovery\
    uninstall cmd: "C:\Program Files\Smart Data Recovery\unins001.exe"
    publisher: Smart PC Solutions, LLC
    help link: https://smartpctools.com/

    Synaptics Pointing Device Driver 10.2.4.0 (SynTPDeinstKey)
    uninstall cmd: rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    publisher: Synaptics

    System Requirements Lab (SystemRequirementsLab)
    uninstall cmd: C:\Program Files\SystemRequirementsLab\Uninstall.exe

    VivilProject SpeedTest v4.02 version Francaise (VivilProject SpeedTest_is1)
    install date: 20080427
    install location: C:\VivilProject SpeedTest\
    uninstall cmd: "C:\VivilProject SpeedTest\unins000.exe"
    publisher: Sebastien WILLEMIJNS
    help link: http://80.247.230.136/speedtest

    VideoLAN VLC media player 0.8.6i 0.8.6i (VLC media player)
    uninstall cmd: C:\Program Files\VideoLAN\VLC\uninstall.exe
    publisher: VideoLAN Team

    Vodafone WCDMA Composite Device Drive Software (Vodafone WCDMA Composite Device Drive)
    uninstall cmd: C:\Windows\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe

    GIMP 2.4.6 (WinGimp-2.0_is1)
    install date: 20080606
    install location: C:\Program Files\GIMP-2.0\
    uninstall cmd: "C:\Program Files\GIMP-2.0\setup\unins000.exe"
    help link: https://groups.yahoo.com/neo/groups/gimpwin-users/info

    Archiveur WinRAR (WinRAR archiver)
    uninstall cmd: C:\Program Files\WinRAR\uninstall.exe

    Yahoo! Toolbar avec bloqueur de fenêtres pop-up (Yahoo! Companion)
    uninstall cmd: C:\PROGRA~1\Yahoo!\Common\unyt.exe

    HP Wireless Assistant 3.00 B2 ({02F33FB0-F7D5-4C0A-B4AD-8CE5CE230BBE})
    version: 50331650
    version (major): 3
    estimated size: 3847
    install date: 20070330
    install location: C:\Program Files\Hewlett-Packard\HP Wireless Assistant\
    install source: C:\Swsetup\WLASST\disk1\
    uninstall cmd: MsiExec.exe /I{02F33FB0-F7D5-4C0A-B4AD-8CE5CE230BBE}
    publisher: Hewlett-Packard
    comments: HP Wireless Assistant
    help link: https://www8.hp.com/fr/fr/home.html

    Roxio Creator Tools 3.3.0 ({0394CDC8-FABD-4ed8-B104-03393876DFDF})
    version: 50528256
    version (major): 3
    version (minor): 3
    estimated size: 345
    install date: 20070330
    install source: C:\SWSETUP\RoxioCB9\RCP_TOOLS_33\
    uninstall cmd: MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
    publisher: Roxio
    help link: http://support.sonic.com/

    Roxio Creator Data 3.3.0 ({0D397393-9B50-4c52-84D5-77E344289F87})
    version: 50528256
    version (major): 3
    version (minor): 3
    estimated size: 892
    install date: 20070330
    install source: C:\SWSETUP\RoxioCB9\RCP_DATA_33\
    uninstall cmd: MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
    publisher: Roxio
    help link: http://support.sonic.com/

    Security Update for CAPICOM (KB931906) 2.1.0.2 ({0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A})
    version: 33619968
    version (major): 2
    version (minor): 1
    estimated size: 770
    install date: 20071111
    install source: C:\Windows\TEMP\IXP000.TMP\
    uninstall cmd: MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    publisher: Microsoft Corporation

    Roxio Creator EasyArchive 3.3.0 ({11F93B4B-48F0-4A4E-AE77-DFA96A99664B})
    version: 50528256
    version (major): 3
    version (minor): 3
    estimated size: 1690
    install date: 20070330
    install source: C:\SWSETUP\RoxioCB9\RCP_EASYARCHIVE_33\
    uninstall cmd: MsiExec.exe /I{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
    publisher: Roxio
    help link: http://support.sonic.com/

    HPPhotoSmartPhotobookWebPack1 1.00.0000 ({12A76360-388E-4B27-ABEB-D5FC5378DD2A})
    version: 16777216
    version (major): 1
    estimated size: 1821
    install date: 20080407
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\7zSA535.tmp\setup\HPPhotoSmartPhotobookWebPack1\
    publisher: Hewlett-Packard

    HP Active Support Library 1.0.21 ({21E62565-8639-457C-B64C-A3FF0A8B4D80})
    version: 16777237
    version (major): 1
    estimated size: 11184
    install date: 20070330
    install location: C:\Program Files\Hewlett-Packard\HP Health Check\
    install source: C:\Users\ADMINI~1\AppData\Local\Temp\{359098A0-743B-4349-8C7E-11F521CC5DBC}\
    uninstall cmd: C:\Program Files\InstallShield Installation Information\{21E62565-8639-457C-B64C-A3FF0A8B4D80}\setup.exe -runfromtemp -l0x0409
    publisher: Hewlett-Packard

    Hewlett-Packard Active Check 1.1.4.0 ({254C37AA-6B72-4300-84F6-98A82419187E})
    version: 16842756
    version (major): 1
    version (minor): 1
    estimated size: 530
    install date: 20070330
    install source: C:\Users\ADMINI~1\AppData\Local\Temp\
    uninstall cmd: MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
    publisher: Hewlett-Packard

    Java(TM) SE Runtime Environment 6 1.6.0.0 ({3248F0A8-6813-11D6-A77B-00B0D0160000})
    version: 17170432
    version (major): 1
    version (minor): 6
    estimated size: 117374
    install date: 20070330
    install source: C:\Users\Administrateur\AppData\LocalLow\Sun\Java\jre1.6.0\
    uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
    publisher: Sun Microsystems, Inc.
    contact: https://www.java.com/en/
    help link: https://www.java.com/en/
    readme: C:\Program Files\Java\jre1.6.0\README.txt

    Roxio MyDVD Basic v9 9.0.114 ({33C65B6A-5D73-4E3E-A1F9-127C27BD3F72})
    version: 150995058
    version (major): 9
    estimated size: 306791
    install date: 20070330
    install location: C:\Program Files\Roxio\Roxio MyDVD Basic v9\
    install source: C:\SWSETUP\RoxioCB9\EMC_90\
    uninstall cmd: MsiExec.exe /I{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}
    publisher: Roxio
    comments: Digital Media Suite - Programme d'installation
    contact: https://www.corel.com/fr/support/
    help link: https://www.corel.com/fr/support/
    readme: C:\Program Files\Roxio\Roxio MyDVD Basic v9\ReadMe.htm

    PSSWCORE 2.02.0000 ({34BFB099-07B2-4E95-A673-7362D60866A2})
    version: 33685504
    version (major): 2
    version (minor): 2
    estimated size: 30949
    install date: 20080407
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\7zSA535.tmp\setup\HPPhotoSmartCore\
    publisher: Hewlett-Packard

    HP Quick Launch Buttons 6.10 B9 6.10 B9 ({34D2AB40-150D-475D-AE32-BD23FB5EE355})
    version: 101318865
    install date: 20070330
    install location: C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons
    install source: C:\SWSETUP\QLB\Disk1\
    uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -l0x40c uninst
    publisher: Hewlett-Packard
    help link: https://www8.hp.com/fr/fr/home.html

    Sonic Activation Module 1.0 ({35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0})
    version: 16777216
    version (major): 1
    estimated size: 8214
    install date: 20070330
    install source: C:\SWSETUP\RoxioCB9\ACTIVATION_103\
    uninstall cmd: MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
    publisher: Sonic Solutions

    MSXML 4.0 SP2 (KB927978) 4.20.9841.0 ({37477865-A3F1-4772-AD43-AAFC6BCFF99F})
    version: 68429425
    version (major): 4
    version (minor): 20
    estimated size: 1269
    install date: 20070518
    install source: c:\a6c4c6168ed6c8b212f23e91df4c34\
    uninstall cmd: MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/help/927978/ms06-071-security-update-for-microsoft-xml-core-services-4-0

    HP Easy Setup - Frontend 5.00.0000 ({40F7AED3-0C7D-4582-99F6-484A515C73F2})
    version: 83886080
    install date: 20070330
    install location: C:\Program Files\Hewlett-Packard\HP Easy Setup - Frontend
    install source: c:\HP\tmp\src\
    uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly
    publisher: Hewlett-Packard

    HP QuickPlay 3.0 ({45D707E9-F3C4-11D9-A373-0050BAE317E1})
    uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\setup.exe" -uninstall

    ArcSoft Software Suite ({497A1721-088F-41EF-8876-B43C9DA5528B})
    uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{497A1721-088F-41EF-8876-B43C9DA5528B}\Setup.exe" -l0x40c
    publisher: ArcSoft

    Cards_Calendar_OrderGift_DoMorePlugout 1.00.0000 ({4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6})
    version: 16777216
    version (major): 1
    estimated size: 1888
    install date: 20080407
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\7zSA535.tmp\setup\Cards_Calendar_Ordergift_Domore_Plugout\
    publisher: Hewlett-Packard

    HP Pavilion Webcam Driver for Vista v061.001.00005 061.001.00005 ({5CA81D12-9EC2-4082-972B-43ECA63F41F2})
    version: 1023475717
    install date: 20070517
    install location: C:\SWSETUP\MISC5\
    install source: C:\SWSetup\WCAM1\Setup.exe
    uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CA81D12-9EC2-4082-972B-43ECA63F41F2}\setup.exe" -l0x40c -removeonly
    publisher: Chicony

    Roxio Creator Copy 3.3.0 ({619CDD8A-14B6-43a1-AB6C-0F4EE48CE048})
    version: 50528256
    version (major): 3
    version (minor): 3
    estimated size: 648
    install date: 20070330
    install source: C:\SWSETUP\RoxioCB9\RCP_COPY_33\
    uninstall cmd: MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
    publisher: Roxio
    help link: http://support.sonic.com/

    Roxio Express Labeler 3 2.1.0 ({6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA})
    version: 33619968
    version (major): 2
    version (minor): 1
    estimated size: 16612
    install date: 20070330
    install source: C:\SWSETUP\RoxioCB9\EXPRESSLABELER_31\
    uninstall cmd: MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
    publisher: Roxio

    Hewlett-Packard Asset Agent 2.0.55.0 ({669D4A35-146B-4314-89F1-1AC3D7B88367})
    version: 33554487
    version (major): 2
    estimated size: 849
    install date: 20070330
    install source: C:\Users\ADMINI~1\AppData\Local\Temp\
    uninstall cmd: MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
    publisher: HP

    Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) 8.1.2 ({6846389C-BAC0-4374-808E-B120F86AF5D7})
    version: 134283266
    version (major): 8
    version (minor): 1
    estimated size: 8180
    install date: 20080707
    install location: C:\Program Files\Adobe\Security Update\
    install source: C:\Users\Patrice CATTELAIN\AppData\Local\Adobe\Updater5\Install\reader8rdr-fr_FR\
    uninstall cmd: MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
    publisher: Adobe Systems, Inc
    comments: Your Comments
    contact: Customer Support Department
    help link: https://www.adobe.com/
    help telephone: 1-555-555-4505

    Windows Media Player Firefox Plugin 1.0.0.8 ({69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4})
    version: 16777216
    version (major): 1
    estimated size: 296
    install date: 20080410
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\IXP000.TMP\
    uninstall cmd: MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    publisher: Microsoft Corp

    Microsoft Works 08.05.0822 ({6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C})
    version: 134546230
    version (major): 8
    version (minor): 5
    estimated size: 276579
    install date: 20070330
    install source: C:\swsetup\MSWorks\FR\
    uninstall cmd: MsiExec.exe /I{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
    publisher: Microsoft Corporation
    comments: Microsoft Works 8.0 installation.
    help link: https://support.microsoft.com/ph/1188
    help telephone:

    Apple Software Update 2.0.0.21 ({74EC78BC-B379-4E29-9006-8F161DCAABA6})
    version: 33554432
    version (major): 2
    estimated size: 2204
    install date: 20080628
    install location: C:\Program Files\Apple Software Update\
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\IXP316.TMP\
    uninstall cmd: MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
    publisher: Apple Inc.
    contact: Assistance AppleCare
    help link: https://support.apple.com/fr-fr
    help telephone: 0825 888 024

    6.5.1 ({7585478E9D9B42108671C12F8714CEFE})
    install location: C:\Program Files\DivX
    uninstall cmd: C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    publisher: DivX, Inc.

    Samsung Samples Installer 1.00.0000 ({7AC15160-A49B-4A89-B181-D4619C025FFF})
    version: 16777216
    install date: 20080510
    install location: C:\Program Files\Samsung\Samsung PC Studio 3
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\byeE9C0.tmp\Disk1\
    uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AC15160-A49B-4A89-B181-D4619C025FFF}\setup.exe" -l0x40c -removeonly
    publisher: Samsung Electronics Co., Ltd.

    NVIDIA ForceWare Network Access Manager 1.00.6781 ({7CFA46E3-CC2F-4355-82AE-6012DC3633FD})
    version: 16783997
    version (major): 1
    estimated size: 40358
    install date: 20080813
    install location: C:\Program Files\NVIDIA Corporation\NetworkAccessManager\
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\{A37C9AAA-0183-4D00-AECB-9075B4A73964}\
    uninstall cmd: MsiExec.exe /I{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
    publisher: NVIDIA Corporation

    Roxio Creator Audio 3.3.0 ({83FFCFC7-88C6-41c6-8752-958A45325C82})
    version: 50528256
    version (major): 3
    version (minor): 3
    estimated size: 1110
    install date: 20070330
    install source: C:\SWSETUP\RoxioCB9\RCP_AUDIO_33\
    uninstall cmd: MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
    publisher: Roxio
    help link: http://support.sonic.com/

    ArcSoft PhotoStudio 5.5 ({85309D89-7BE9-4094-BB17-24999C6118FC})
    version (major): 5
    version (minor): 5
    install location: C:\Program Files\ArcSoft\PhotoStudio 5.5
    uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x40c
    publisher: ArcSoft

    VSO CopyToDVD 4 4.0.5 ({870F1750-BA89-11DA-A94D-0800200C9A66}_is1)
    install date: 20080218
    install location: C:\Program Files\VSO\
    uninstall cmd: "C:\Program Files\VSO\unins000.exe"
    publisher: VSO Software

    Microsoft Silverlight 1.0.30716.0 ({89F4137D-6C26-4A84-BDB8-2E5A4BB71E00})
    version: 16807932
    version (major): 1
    estimated size: 1186
    install date: 20080820
    install source: c:\temp\ext8202\
    uninstall cmd: MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    publisher: Microsoft Corporation
    help link: http://www.microsoft.com/SILVERLIGHT/

    3.0.7.009 ({8ADC27DB-E2C8-446C-A576-166C05C2DD24})
    version: 50331655
    version (major): 3
    estimated size: 192
    install date: 20070330
    install source: C:\SwSetup\HPUpdate\
    publisher: Hewlett-Packard

    DivX Player 6.6.0 ({8ADFC4160D694100B5B8A22DE9DCABD9})
    install location: C:\Program Files\DivX
    uninstall cmd: C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER

    HP Update 4.000.005.007 ({8C6027FD-53DC-446D-BB75-CACD7028A134})
    version: 67108869
    version (major): 4
    estimated size: 3654
    install date: 20070330
    install source: C:\SwSetup\HPUpdate\
    uninstall cmd: MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
    publisher: Hewlett-Packard
    contact: https://support.hp.com/us-en?openCLC=true

    PrintMaster ({8DD144C1-5EAD-4D55-80A1-ACAF893A4FFE})
    uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8DD144C1-5EAD-4D55-80A1-ACAF893A4FFE}\setup.exe" anything

    Microsoft Office Professional Edition 2003 11.0.8173.0 ({9011040C-6000-11D3-8CFE-0150048383C9})
    version: 184557549
    version (major): 11
    estimated size: 864359
    install date: 20080815
    uninstall cmd: MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us
    readme: C:\Program Files\Microsoft Office\OFFICE11\1036\OFREADME.HTM

    Microsoft Office FrontPage 2003 11.0.8173.0 ({9017040C-6000-11D3-8CFE-0150048383C9})
    version: 184557549
    version (major): 11
    estimated size: 553058
    install date: 20080815
    install source: C:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\
    uninstall cmd: MsiExec.exe /I{9017040C-6000-11D3-8CFE-0150048383C9}
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us
    readme: C:\Program Files\Microsoft Office\OFFICE11\1036\OFREADME.HTM

    Microsoft Office Project Professional 2003 11.0.8173.0 ({903B040C-6000-11D3-8CFE-0150048383C9})
    version: 184557549
    version (major): 11
    estimated size: 378371
    install date: 20080815
    install source: C:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\
    uninstall cmd: MsiExec.exe /I{903B040C-6000-11D3-8CFE-0150048383C9}
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us
    readme: C:\Program Files\Microsoft Office\OFFICE11\1036\PJREADME.HTM

    Gestionnaire pour appareils Windows Mobile 6.1.6965.0 ({904CCF62-818D-4675-BC76-D37EB399F917})
    version: 100735797
    version (major): 6
    version (minor): 1
    estimated size: 28165
    install date: 20080316
    install source: C:\Windows\WindowsMobile\
    uninstall cmd: MsiExec.exe /X{904CCF62-818D-4675-BC76-D37EB399F917}
    publisher: Microsoft Corporation

    Microsoft Office Visio Professional 2003 11.0.8173.0 ({9051040C-6000-11D3-8CFE-0150048383C9})
    version: 184557549
    version (major): 11
    estimated size: 449531
    install date: 20080409
    install source: C:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\
    uninstall cmd: MsiExec.exe /I{9051040C-6000-11D3-8CFE-0150048383C9}
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us
    readme: C:\Program Files\Microsoft Office\Visio11\1036\VIREADME.HTM

    Microsoft Office OneNote 2003 11.0.8173.0 ({90A1040C-6000-11D3-8CFE-0150048383C9})
    version: 184557549
    version (major): 11
    estimated size: 297457
    install date: 20080815
    install source: C:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\
    uninstall cmd: MsiExec.exe /I{90A1040C-6000-11D3-8CFE-0150048383C9}
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us
    readme: C:\Program Files\Microsoft Office\OFFICE11\1036\OFREADME.HTM

    Microsoft Office PowerPoint Viewer 2003 11.0.8164.0 ({90AF040C-6000-11D3-8CFE-0150048383C9})
    version: 184555834
    version (major): 11
    estimated size: 4111
    install date: 20080315
    install location: C:\Program Files\Microsoft Office\
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\IXP000.TMP\
    uninstall cmd: MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us

    Canon MP170 ({91175441-4E5D-4e13-B116-828FD352CDB2})
    uninstall cmd: "C:\Windows\system32\CanonIJ Uninstaller Information\{91175441-4E5D-4e13-B116-828FD352CDB2}\DelDrv.exe" /U:{91175441-4E5D-4e13-B116-828FD352CDB2} /L0x0009

    QuickTime 7.2.0.240 ({95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC})
    version: 117571584
    version (major): 7
    version (minor): 2
    estimated size: 75788
    install date: 20080628
    install location: C:\Program Files\VistaCodecPack\QT\
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\IXP316.TMP\
    uninstall cmd: MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
    publisher: Apple Inc.
    contact: Assistance AppleCare
    help link: https://support.apple.com/fr-fr
    help telephone: (33) 0825 888 024

    PHOTOfunSTUDIO -viewer- 2.00.000 ({9A9DBEBC-C800-4776-A970-D76D6AA405B1})
    version: 33554432
    install date: 20080628
    install location: C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-
    install source: E:\PHOTOFUN\Setup\
    uninstall cmd: C:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}\setup.exe -runfromtemp -l0x040c -z"Uninstall" -removeonly
    publisher: Panasonic

    Private folder 1.00.0000 ({A3D7D9D7-9A65-4F7D-B660-CBD4105129CF})
    version: 16777216
    version (major): 1
    estimated size: 2078
    install date: 20071114
    install location: C:\Program Files\Private folder\My Product Name\
    install source: C:\Windows\Downloaded Installations\{81098DCE-9FAC-4204-8890-06EF3B89C358}\
    uninstall cmd: MsiExec.exe /I{A3D7D9D7-9A65-4F7D-B660-CBD4105129CF}
    publisher: Your Company Name

    Galerie de photos Windows Live 12.0.1347.0718 ({A70FA218-6598-4AC9-813D-63597C5DD068})
    version: 201327939
    version (major): 12
    estimated size: 21445
    install date: 20080807
    install source: C:\Windows\SoftwareDistribution\Download\3a0ec7b3c737fb664542cf342f6fe212\img\
    uninstall cmd: MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
    publisher: Microsoft Corporation
    help link: https://support.microsoft.com/en-us/windows/windows-essentials-2707b879-5004-4349-c4a4-e5900945f2a9

    HP Customer Experience Enhancements 1.00.0000 ({AB5E289E-76BF-4251-9F3F-9B763F681AE0})
    version: 16777216
    install date: 20070330
    install location: C:\Program Files\Hewlett-Packard\HP Customer Experience Enhancements
    install source: c:\HP\tmp\src\
    uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly
    publisher: Hewlett-Packard

    Adobe Reader 8.1.2 - Français 8.1.2 ({AC76BA86-7AD7-1036-7B44-A81200000003})
    version: 134283266
    version (major): 8
    version (minor): 1
    estimated size: 147922
    install date: 20080316
    install location: C:\Program Files\Adobe\Reader 8.0\Reader\
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\Adobe Reader 8\
    uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
    publisher: Adobe Systems Incorporated
    comments:
    contact: Support clientèle
    help link: https://helpx.adobe.com/support.html
    readme: C:\Program Files\Adobe\Reader 8.0\Reader\Lisezmoi.htm

    Assistant de connexion Windows Live 4.200.520.1 ({AFA4E5FD-ED70-4D92-99D0-162FD56DC986})
    version: 80216584
    version (major): 4
    version (minor): 200
    estimated size: 1333
    install date: 20071111
    install source: C:\Program Files\Common Files\WindowsLiveInstaller\MsiSources\
    uninstall cmd: MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    publisher: Microsoft Corporation

    DivX Converter 6.5.1 ({B13A7C41581B411290FBC0395694E2A9})
    install location: C:\Program Files\DivX
    uninstall cmd: C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    publisher: DivX, Inc.

    HP Image Zone Express 1.1.002.037 ({B314F1F2-49DF-41DD-A1B4-DC4192EC1021})
    version: 16842754
    version (major): 1
    version (minor): 1
    estimated size: 7818
    install date: 20080416
    install location: C:\Program Files\HP\
    install source: C:\Users\PATRIC~1\AppData\Local\Temp\IXP000.TMP\
    uninstall cmd: MsiExec.exe /X{B314F1F2-49DF-41DD-A1B4-DC4192EC1021}
    publisher: Hewlett-Packard
    help link: https://www8.hp.com/fr/fr/home.html

    Spybot - Search & Destroy 1.6.0 ({B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1)
    install date: 20080812
    install location: C:\Program Files\Spybot - Search & Destroy\
    uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins001.exe"
    publisher: Safer Networking Limited
    help link: https://www.safer-networking.org/?page=support

    DivX Web Player 1.4.0 ({B7050CBDB2504B34BC2A9CA0A692CC29})
    install location: C:\Program Files\DivX
    uninstall cmd: C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    publisher: DivX,Inc.

    HP Photosmart Essential 2.5 1.02.0000 ({BAD0FA60-09CF-4411-AE6A-C2844C
    0
  3. Patour57 Messages postés 41 Statut Membre 1
     
    Le rapport n'est pas complet car trop long, est ce que cela te suffit ou il faut que je te poste le rapport complet en plusieurs fois? au moins encore quatre voir cinq fois ce que j'ai déjà mis...

    Win32.Bifrose.LA: [SBI $44EDC9AF] Réglages (Clé du registre, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Cn911

    --- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

    2008-07-07 blindman.exe (1.0.0.8)
    2008-07-07 SDFiles.exe (1.6.0.4)
    2008-07-07 SDMain.exe (1.0.0.6)
    2008-07-07 SDShred.exe (1.0.2.3)
    2008-07-07 SDUpdate.exe (1.6.0.8)
    2008-07-07 SDWinSec.exe (1.0.0.12)
    2008-07-07 SpybotSD.exe (1.6.0.30)
    2008-08-18 TeaTimer.exe (1.6.2.23)
    2008-08-09 unins000.exe (51.49.0.0)
    2008-08-12 unins001.exe (51.49.0.0)
    2008-07-07 Update.exe (1.6.0.7)
    2008-07-07 advcheck.dll (1.6.1.12)
    2007-04-02 aports.dll (2.1.0.0)
    2008-06-14 DelZip179.dll (1.79.11.1)
    2008-07-07 SDHelper.dll (1.6.0.12)
    2008-06-19 sqlite3.dll
    2008-07-07 Tools.dll (2.1.5.7)
    2008-08-05 Includes\Adware.sbi (*)
    2008-08-19 Includes\AdwareC.sbi (*)
    2008-06-03 Includes\Cookies.sbi (*)
    2008-06-03 Includes\Dialer.sbi (*)
    2008-08-05 Includes\DialerC.sbi (*)
    2008-07-23 Includes\HeavyDuty.sbi (*)
    2008-08-19 Includes\Hijackers.sbi (*)
    2008-08-19 Includes\HijackersC.sbi (*)
    2008-08-05 Includes\Keyloggers.sbi (*)
    2008-08-12 Includes\KeyloggersC.sbi (*)
    2004-11-29 Includes\LSP.sbi (*)
    2008-08-20 Includes\Malware.sbi (*)
    2008-08-19 Includes\MalwareC.sbi (*)
    2008-08-05 Includes\PUPS.sbi (*)
    2008-08-19 Includes\PUPSC.sbi (*)
    2007-11-07 Includes\Revision.sbi (*)
    2008-06-18 Includes\Security.sbi (*)
    2008-08-19 Includes\SecurityC.sbi (*)
    2008-06-03 Includes\Spybots.sbi (*)
    2008-06-03 Includes\SpybotsC.sbi (*)
    2008-08-12 Includes\Spyware.sbi (*)
    2008-08-12 Includes\SpywareC.sbi (*)
    2008-06-03 Includes\Tracks.uti
    2008-08-05 Includes\Trojans.sbi (*)
    2008-08-20 Includes\TrojansC.sbi (*)
    2008-03-04 Plugins\Chai.dll
    2008-03-05 Plugins\Fennel.dll
    2008-02-26 Plugins\Mate.dll
    2007-12-24 Plugins\TCPIPAddress.dll
    0
  4. Patour57 Messages postés 41 Statut Membre 1
     
    Salut

    Kduc j'attends encore ton aide...

    Si quelqu'un peux prendre le relais, puisque Kduc ne me donne plus signe de vie depuis 6 jours...

    D'avance merci
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Patour57 Messages postés 41 Statut Membre 1
     
    Toujours personne pour m'aider?
    0
    1. kduc Messages postés 1537 Statut Membre 133
       
      Salut Patour

      Va dans le Menu Démarrer > Exécuter... et tape regedit, puis valide par OK.

      Remonte l' arborescence jusqu' à la clé ...

      HKEY_LOCAL_MACHINE\SOFTWARE\Cn911

      Clique avec le bouton droit, sur la clé (le dossier) concernée par la modification,
      Sélectionne Exporter
      Enregistrer dans (Bureau, par ex.)
      Dans la zone "Nom du fichier", donne-lui un nom (ex. Cn911)
      Dans la zone "Type", laisse par défaut "Fichiers d'enregistrements (*.reg)"
      Clique sur Enregistrer.

      Ensuite, ...

      Ouvre le bloc-notes et fais un copier coller de ce qui est en gras, ci-dessous, (copie tout d'un trait) :

      REGEDIT4

      HKEY_LOCAL_MACHINE\SOFTWARE\Cn911


      Puis "fichier"/"enregistrer sous" :
      dans : sur le bureau
      Nom du fichier : fix.reg
      Type de fichier : "tous les fichiers"
      clique sur "enregistrer"

      L'icône de fix.reg doit ressembler à cela https://www.hiboox.com[/img]

      Quitte Internet et double clique sur fix2.reg => tu dois obligatoirement avoir un message
      "voulez-vous vraiment ajouter les informations contenues dans ce fichier .reg au registre ?"
      Si c'est bien le cas, clique sur "oui".

      ----------
      Enfin, relance un scan Spybot pour voir ce qu' il dit.
      0
  7. Patour57 Messages postés 41 Statut Membre 1
     
    Salut, voila le rapport Spybot

    Le conseil du jour: Cliquez sur la barre située à droite pour voir plus d'informations! ()

    Win32.Bifrose.LA: [SBI $44EDC9AF] Réglages (Clé du registre, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Cn911

    --- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

    2008-07-07 blindman.exe (1.0.0.8)
    2008-07-07 SDFiles.exe (1.6.0.4)
    2008-07-07 SDMain.exe (1.0.0.6)
    2008-07-07 SDShred.exe (1.0.2.3)
    2008-07-07 SDUpdate.exe (1.6.0.8)
    2008-07-07 SDWinSec.exe (1.0.0.12)
    2008-07-07 SpybotSD.exe (1.6.0.30)
    2008-08-18 TeaTimer.exe (1.6.2.23)
    2008-08-09 unins000.exe (51.49.0.0)
    2008-08-12 unins001.exe (51.49.0.0)
    2008-07-07 Update.exe (1.6.0.7)
    2008-07-07 advcheck.dll (1.6.1.12)
    2007-04-02 aports.dll (2.1.0.0)
    2008-06-14 DelZip179.dll (1.79.11.1)
    2008-07-07 SDHelper.dll (1.6.0.12)
    2008-06-19 sqlite3.dll
    2008-07-07 Tools.dll (2.1.5.7)
    2008-08-05 Includes\Adware.sbi (*)
    2008-08-26 Includes\AdwareC.sbi (*)
    2008-06-03 Includes\Cookies.sbi (*)
    2008-06-03 Includes\Dialer.sbi (*)
    2008-08-05 Includes\DialerC.sbi (*)
    2008-07-23 Includes\HeavyDuty.sbi (*)
    2008-08-19 Includes\Hijackers.sbi (*)
    2008-08-26 Includes\HijackersC.sbi (*)
    2008-08-05 Includes\Keyloggers.sbi (*)
    2008-08-26 Includes\KeyloggersC.sbi (*)
    2004-11-29 Includes\LSP.sbi (*)
    2008-08-27 Includes\Malware.sbi (*)
    2008-08-26 Includes\MalwareC.sbi (*)
    2008-08-05 Includes\PUPS.sbi (*)
    2008-08-26 Includes\PUPSC.sbi (*)
    2007-11-07 Includes\Revision.sbi (*)
    2008-06-18 Includes\Security.sbi (*)
    2008-08-26 Includes\SecurityC.sbi (*)
    2008-06-03 Includes\Spybots.sbi (*)
    2008-06-03 Includes\SpybotsC.sbi (*)
    2008-08-12 Includes\Spyware.sbi (*)
    2008-08-26 Includes\SpywareC.sbi (*)
    2008-06-03 Includes\Tracks.uti
    2008-08-05 Includes\Trojans.sbi (*)
    2008-08-27 Includes\TrojansC.sbi (*)
    2008-03-04 Plugins\Chai.dll
    2008-03-05 Plugins\Fennel.dll
    2008-02-26 Plugins\Mate.dll
    2007-12-24 Plugins\TCPIPAddress.dll
    0
  8. kduc Messages postés 1537 Statut Membre 133
     
    Salut Patour57,

    Recommence la même manip ; mais, avec ...

    REGEDIT4

    [-HKEY_LOCAL_MACHINE\SOFTWARE\Cn911]


    la différence c' est les crochets et le tiret !

    A plus.
    0
  9. Patour57 Messages postés 41 Statut Membre 1
     
    Salut kduc

    Spybot fait son scan actuellement, mais je constate déjà que j'ai toujours le problème.

    @+
    0
  10. Patour57 Messages postés 41 Statut Membre 1
     
    Voila le rapport

    Le conseil du jour: Cliquez sur la barre située à droite pour voir plus d'informations! ()

    Win32.Bifrose.LA: [SBI $44EDC9AF] Réglages (Clé du registre, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Cn911

    --- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

    2008-07-07 blindman.exe (1.0.0.8)
    2008-07-07 SDFiles.exe (1.6.0.4)
    2008-07-07 SDMain.exe (1.0.0.6)
    2008-07-07 SDShred.exe (1.0.2.3)
    2008-07-07 SDUpdate.exe (1.6.0.8)
    2008-07-07 SDWinSec.exe (1.0.0.12)
    2008-07-07 SpybotSD.exe (1.6.0.30)
    2008-08-18 TeaTimer.exe (1.6.2.23)
    2008-08-09 unins000.exe (51.49.0.0)
    2008-08-12 unins001.exe (51.49.0.0)
    2008-07-07 Update.exe (1.6.0.7)
    2008-07-07 advcheck.dll (1.6.1.12)
    2007-04-02 aports.dll (2.1.0.0)
    2008-06-14 DelZip179.dll (1.79.11.1)
    2008-07-07 SDHelper.dll (1.6.0.12)
    2008-06-19 sqlite3.dll
    2008-07-07 Tools.dll (2.1.5.7)
    2008-09-02 Includes\Adware.sbi (*)
    2008-09-02 Includes\AdwareC.sbi (*)
    2008-06-03 Includes\Cookies.sbi (*)
    2008-09-02 Includes\Dialer.sbi (*)
    2008-09-02 Includes\DialerC.sbi (*)
    2008-07-23 Includes\HeavyDuty.sbi (*)
    2008-09-02 Includes\Hijackers.sbi (*)
    2008-09-02 Includes\HijackersC.sbi (*)
    2008-09-02 Includes\Keyloggers.sbi (*)
    2008-09-02 Includes\KeyloggersC.sbi (*)
    2004-11-29 Includes\LSP.sbi (*)
    2008-09-02 Includes\Malware.sbi (*)
    2008-09-02 Includes\MalwareC.sbi (*)
    2008-09-02 Includes\PUPS.sbi (*)
    2008-09-02 Includes\PUPSC.sbi (*)
    2007-11-07 Includes\Revision.sbi (*)
    2008-06-18 Includes\Security.sbi (*)
    2008-09-02 Includes\SecurityC.sbi (*)
    2008-06-03 Includes\Spybots.sbi (*)
    2008-06-03 Includes\SpybotsC.sbi (*)
    2008-09-02 Includes\Spyware.sbi (*)
    2008-09-02 Includes\SpywareC.sbi (*)
    2008-06-03 Includes\Tracks.uti
    2008-09-03 Includes\Trojans.sbi (*)
    2008-09-02 Includes\TrojansC.sbi (*)
    2008-03-04 Plugins\Chai.dll
    2008-03-05 Plugins\Fennel.dll
    2008-02-26 Plugins\Mate.dll
    2007-12-24 Plugins\TCPIPAddress.dll
    0
    1. kduc Messages postés 1537 Statut Membre 133
       
      ...

      Télécharge eScan Antivirus Toolkit : https://www.malekal.com/tutorial-escan-antivirus-toolkit/
      Installe eScan Antivirus Toolkit dans le dossier : C:\Kaspersky
      Ouvre le dossier C:\Kaspersky et double-clique sur kavupd.exe pour le mettre à jour.

      Télécharge SDFix
      http://downloads.andymanchesta.com/RemovalTools/SDFix.exe (créé par AndyManchesta)
      et sauvegarde le sur ton Bureau.

      Double-clique sur SDFix.exe et choisissez Install pour l'extraire dans un dossier dédié sur le Bureau.

      Redémarre le PC en mode sans échec ...
      https://www.pcastuces.com/pratique/windows/mode_sans_echec/page2.htm
      --------------------------------------------
      ATTENTION : Tu n' auras pas accès à Internet pendant le "mode sans échec".
      Aussi, copie/colle la procédure dans un fichier texte (word) et mets-la
      sur le "bureau" pour l' avoir à ta disposition.
      --------------------------------------------

      Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur
      RunThis.cmd (ou RunThis.bat) pour lancer le script.

      Appuie sur Y pour commencer le processus de nettoyage.
      Il va supprimer les services et les entrées du Registre des trojans trouvés puis te
      demandera d'appuyer sur une touche pour redémarrer.
      Appuie sur une touche pour redémarrer le PC.
      Ton système sera plus long pour redémarrer qu'à l'accoutumée, car l'outil va
      Continuer à s'exécuter et supprimer des fichiers.

      Après le chargement du Bureau, l'outil terminera son travail et affichera "Finished".
      Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.

      Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera
      Aussi dans le dossier SDFix sous le nom Report.txt.

      Copie/colle le contenu du fichier Report.txt dans ta prochaine réponse.

      -----
      Redémarre de nouveau en mode sans échec ...

      -----
      Ensuite, ouvre le fichier mwavscan.com
      Coche les options comme indiquées sur cette page > https://www.malekal.com/fichiers/eScan/eScan3.png

      Clique Scan Clean pour démarrer le scan et laisse le scan se faire jusqu'au bout.

      Refais un scan avec Malwarebytes (en mode sans echec ou normal, peu importe) et poste le rapport.
      0
  11. Patour57 Messages postés 41 Statut Membre 1
     
    Salut kduc

    J'ai un problème, Sdfix ne fonctionne pas sous vista. Existe t'il un autre logiciel qui a la même fonction?
    0
  12. Patour57 Messages postés 41 Statut Membre 1
     
    J'oublier karspersky non plus, et j'ai fais un scan avec Malwarebytes, il ne trouve rien

    Voila @+
    0
    1. kduc Messages postés 1537 Statut Membre 133
       
      Salut Patour,

      Donc, Spybot te trouves tjrs ...

      HKEY_LOCAL_MACHINE\SOFTWARE\Cn911 ?
      0
  13. Patour57 Messages postés 41 Statut Membre 1
     
    Salut kduc,

    Oui effectivement Spybot me le trouve toujours encore
    0
    1. kduc Messages postés 1537 Statut Membre 133
       
      Salut Patour,

      Fais une mise à jour Spybot et relance le scan ...

      Essaie aussi ceci ...

      Puis, Menu Démarrer > Exécuter, tape regedit et valide par "OK".

      Remonte les clés en cliquant successivement sur les + jusqu' à ...

      HKEY_LOCAL_MACHINE\SOFTWARE\Cn911

      Supprime le(s) fichier(s) en gras (et celui-là), si tu le(s) trouves
      (clic droit dessus > Supprimer).

      Fais-le en mode sans échec ...
      https://www.pcastuces.com/pratique/windows/mode_sans_echec/page2.htm
      0
  14. Patour57 Messages postés 41 Statut Membre 1
     
    Salut kduc;

    Pour info je fais toujours une mise à jour de Spybot avant chaque analyse...

    Je trouve bien le fichier HKEY_LOCAL_MACHINE\SOFTWARE\Cn911 mais impossible de le supprimer...

    (suppression de Cn911 impossible : erreur lors de la suppression des clés) effectué bien sur en mode sans échec
    0
  15. Patour57 Messages postés 41 Statut Membre 1
     
    Salut pour info

    Voila ce qui se trouve dans la case info (coté droit ) aprés un scan avec spybot. Si cela peut aider pour la résolution de mon problème!

    Société:
    Produit: Win32.Bifrose.LA
    Menace: Trojan

    Description
    Win32.Bifrose.LA copies itself into the system directory of the operating system and tries to connect to the internet. When it is connected it waits for new orders to harm the computer.

    @+
    0
    1. kduc Messages postés 1537 Statut Membre 133
       
      Salut Patour,

      HKEY_LOCAL_MACHINE\SOFTWARE\Cn911

      Fais un clic droit de souris sur cette clé de registre et sélectionne "Autorisations" => dans la fenêtre qui s'ouvre, choisis ton profil (dans nom d'utilisateur ou de groupe) => assure toi que la case "Contrôle Total" soit bien cochée.
      Si ce n'est pas le cas, coche-là puis, clique sur "Ok" => fais un clic droit sur la clé et sélectionne "Supprimer".

      Et reviens pour dire ce qu'il en est.
      0
  16. Patour57 Messages postés 41 Statut Membre 1
     
    Salut kduc

    Malgré cette manip, je n'arrive pas à supprimer Cn911.
    0
    1. kduc Messages postés 1537 Statut Membre 133
       
      Salut Patour,

      Copie les lignes en gras, ci-dessous, d'un trait :

      Begin copying here:

      Registry keys to delete:
      HKEY_LOCAL_MACHINE\SOFTWARE\Cn911


      --> Clic droit / "copier"

      Maintenant crée un nouveau document texte :
      clic droit de souris sur le bureau, "Nouveau" > "Document Texte".
      Ouvre-le et colle dedans ce que tu viens de copier précédemment ;
      - Enregistre ce fichier sur ton bureau (nom : mad.txt)

      - Télécharge à présent The Avenger ici : http://www.geekstogo.com/forum/files/file/393-the-avenger-by-swandog46/
      - Dézippe-le sur ton bureau et double-clique sur le fichier "avenger.exe"
      - Clique sur "Ok"
      - Sélectionne "Load Script from File" et clique sur l'icône en forme de dossier.
      - Sélectionne le fichier mad.txt qui est sur ton bureau
      - Clique sur le feu vert pour lancer le script
      - Clique sur "Oui"
      - Accepte de redémarrer ton pc

      après le redémarrage :

      - Ouvre le fichier C:\avenger.txt et copie/colle son contenu ici.
      0
  17. Patour57 Messages postés 41 Statut Membre 1
     
    Salut kduc

    D'abord je m'excuse pour le retard, mais j'avais mon pc en réparation chez HP pour mon problème d'affichage... Panne connue par eux avec changement de la carte mère + MAJ du bios.

    Bon voila le rapport comme demandé

    Logfile of The Avenger Version 2.0, (c) by Swandog46
    http://swandog46.geekstogo.com

    Platform: Windows Vista

    *******************

    Script file opened successfully.
    Script file read successfully.

    Backups directory opened successfully at C:\Avenger

    *******************

    Beginning to process script file:

    Rootkit scan active.
    No rootkits found!

    Registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Cn911" deleted successfully.

    Completed script processing.

    *******************

    Finished! Terminate.

    @+
    0
Précédent
  • 1
  • 2