virus à éradiquer, please !

[ptiskrab]

bonjour,

j'ai lu sur le forum qu'il fallait faire un hijack, je l'ai fait et voilà le rapport :

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:09:13, on 19/03/2011

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.19019)

Boot mode: Safe mode with network support

 

Running processes:

C:\Windows\Explorer.EXE

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Mail\WinMail.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Carine 2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N9L25DWA\HiJackThis[1].exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=2&o=vb32&d=0509&m=easynote_lj65

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=2&o=vb32&d=0509&m=easynote_lj65

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=2&o=vb32&d=0509&m=easynote_lj65

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=C:\Windows\system32\ezShellStart.exe

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll

O3 - Toolbar: Fast Browser Search Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -k

O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTray.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Video Web Camera\traybar.exe"

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"

O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"

O4 - HKLM\..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe

O4 - HKLM\..\Run: [skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup

O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [ClickPotatoLiteSA] "C:\Program Files\ClickPotatoLite\bin\10.0.666.0\ClickPotatoLiteSA.exe"

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [browserChoice] "C:\Windows\System32\browserchoice.exe" /run

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: McAfee Security Scan Plus.lnk = ?

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: ClickPotato - {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - C:\Program Files\ClickPotatoLite\bin\10.0.666.0\ClickPotatoLiteSABHO.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O13 - Gopher Prefix:

O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.com/s/v/70.11/uploader2.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O20 - AppInit_DLLs: C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL

O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\PACKARD BELL\Packard Bell PowerSave Solution\ePowerSvc.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Service Google Update (gupdate1ca4c25526f5f60) (gupdate1ca4c25526f5f60) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe

O23 - Service: QuestBrowse Service - Unknown owner - C:\ProgramData\QuestBrwSearch\questbrowse127.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe

 

Merci beaucoup.

[bernard53]

Bonjour

 

Ton rapport "hijack" n'est pas installé au bon endroit, pas grave laisse comme cela.

 

fait ceci s.t.p

 

 

Installe Malewarebytes' Antimalware,

 

Malwarebytes

 

Prends bien la version FREE

 

*** Met-le à jour puis choisi, Exécuter un examen complet

 

*** Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection

 

Poste le rapport final.

 

 

Ensuite ceci.

 

 

Télécharges << ZHPDiag>> (de Nicolas Coolman)

 

dezzipes le fichier sur ton bureau...

Fais un clic-droit sur l'icône ZHPDiag .exe et choisis "exécuter en tant qu'administrateur".

 

 

L'installation va créer raccourcis (ZHPDiag et ZHPFix et MBRchek) sur ton bureau

 

 

 

A la fin de l'installation ZHPDiag va se lancer....

 

Cliques sur l'icône "Options" (image du tournevis) et coches toutes les options.

Cliques sur "Lancer le diagnostique" (image de la loupe) et patiente...

 

A la fin du scan cliques sur l'icône "sauvegarder le fichier sous" (image de la disquette bleu) et enregistre le rapport sur ton bureau.

 

Mets le rapport ici car il prend bien de la place.

Cliquez ici.

 

 

Modifié le 19 mars 2011 par bernard53

[ptiskrab]

Merci pour la réponse, voici le premier rapport demandé.

 

 

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

 

Version de la base de données: 6107

 

Windows 6.0.6002 Service Pack 2 (Safe Mode)

Internet Explorer 8.0.6001.19019

 

19/03/2011 23:16:05

mbam-log-2011-03-19 (23-16-05).txt

 

Type d'examen: Examen complet (C:\|)

Elément(s) analysé(s): 404500

Temps écoulé: 1 heure(s), 15 minute(s), 47 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 44

Valeur(s) du Registre infectée(s): 2

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 10

Fichier(s) infecté(s): 21

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QuestBrowse Service (Adware.QuestBrowse) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ClickPotatoLiteAX.info.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ClickPotatoLiteAX.info (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{814BAA91-DC22-4350-87D6-0C86E93F7F08} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{B035BA6B-57CD-4F72-B545-65BE465FCAF6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{D44FD6F0-9746-484E-B5C4-C66688393872} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB38E21A-0133-419D-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ClickPotatoLiteSA (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShoppingReport2.HbAx (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShoppingReport2.HbAx.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShoppingReport2.HbInfoBand (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShoppingReport2.HbInfoBand.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShoppingReport2.IEButton (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShoppingReport2.IEButton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShoppingReport2.IEButtonA (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShoppingReport2.IEButtonA.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShoppingReport2.RprtCtrl (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShoppingReport2.RprtCtrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\QuestBrowse (Adware.QuestBrowse) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuestBrowse (Adware.QuestBrowse) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport2 (Adware.Hotbar) -> Quarantined and deleted successfully.

 

Valeur(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ClickPotatoLiteSA (Adware.ClickPotato) -> Value: ClickPotatoLiteSA -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Value: ClickPotatoLite@ClickPotatoLite.com -> Quarantined and deleted successfully.

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

c:\program files\clickpotatolite (Adware.ClickPotato) -> Quarantined and deleted successfully.

c:\program files\clickpotatolite\bin (Adware.ClickPotato) -> Quarantined and deleted successfully.

c:\program files\clickpotatolite\bin\10.0.666.0 (Adware.ClickPotato) -> Quarantined and deleted successfully.

c:\program files\clickpotatolite\bin\10.0.666.0\firefox (Adware.ClickPotato) -> Quarantined and deleted successfully.

c:\program files\clickpotatolite\bin\10.0.666.0\firefox\extensions (Adware.ClickPotato) -> Quarantined and deleted successfully.

c:\program files\clickpotatolite\bin\10.0.666.0\firefox\extensions\plugins (Adware.ClickPotato) -> Quarantined and deleted successfully.

c:\program files\shoppingreport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.

c:\programdata\microsoft\Windows\start menu\Programs\clickpotato (Adware.ClickPotato) -> Quarantined and deleted successfully.

c:\program files\questbrwsearch (Adware.QuestBrowse) -> Quarantined and deleted successfully.

c:\programdata\questbrwsearch (Adware.QuestBrowse) -> Quarantined and deleted successfully.

 

Fichier(s) infecté(s):

c:\program files\clickpotatolite\bin\10.0.666.0\clickpotatolitesa.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.

c:\programdata\questbrwsearch\questbrowse127.exe (Adware.QuestBrowse) -> Quarantined and deleted successfully.

c:\program files\clickpotatolite\bin\10.0.666.0\clickpotatolitesaax.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.

c:\program files\clickpotatolite\bin\10.0.666.0\clickpotatolitesabho.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.

c:\program files\clickpotatolite\bin\10.0.666.0\clickpotatoliteuninstaller.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.

c:\program files\clickpotatolite\bin\10.0.666.0\firefox\extensions\plugins\npclntax_clickpotatolitesa.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.

c:\program files\fast browser search\IE\searchguardplus.exe (PUP.Fbsearch) -> Not selected for removal.

c:\program files\fast browser search\IE\update.exe (PUP.Fbsearch) -> Not selected for removal.

c:\program files\questbrwsearch\questbrwsearch.dll (Adware.Agent.Gen) -> Quarantined and deleted successfully.

c:\program files\questbrwsearch\questbrwsearch.exe (Adware.QuestBrowse) -> Quarantined and deleted successfully.

c:\programdata\alwil software\Avast5\arpot\16cdcf18-1190-0.dat (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\Users\Carine 2\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\TWIJM3IS\vlcsetup[1].exe (Adware.Hotbar) -> Quarantined and deleted successfully.

c:\Users\Carine 2\AppData\Local\Temp\sai6D5.exe (Adware.QuestBrowse) -> Quarantined and deleted successfully.

c:\Windows\System32\msrun.exe (Trojan.Agent) -> Quarantined and deleted successfully.

c:\Users\Carine 2\AppData\Local\Temp\0.19915282916386023.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

c:\Users\Carine 2\AppData\Local\Temp\0.29437475118489154.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

c:\program files\shoppingreport2\Uninst.exe (Adware.ShoppingReport2) -> Quarantined and deleted successfully.

c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\About Us.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.

c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\clickpotato customer support.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.

c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\clickpotato uninstall instructions.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.

c:\program files\questbrwsearch\uninstall.exe (Adware.QuestBrowse) -> Quarantined and deleted successfully.

[ptiskrab]

Rapport de ZHPDiag v1.27.18 par Nicolas Coolman, Update du 19/03/2011

Run by Carine 2 at 20/03/2011 07:36:04

Web site : ZHPDiag Outil de diagnostic

Contact : nicolascoolman@yahoo.fr

 

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.19019 (Defaut)

GCIE: Google Chrome v10.0.648.133

 

---\\ System Information

Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002)

Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel

Operating System: 32 Bits

Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)

Total RAM: 3068 MB (72% free)

System Restore: Activé (Enable)

System drive C: has 57 GB (26%) free of 220 GB

 

---\\ Logged in mode

Computer Name: PC-DE-CARINE

User Name: Carine 2

All Users Names: Carine 2, Administrateur,

Unselected Option: None

Logged in as Administrator

 

---\\ Environnement Variables

%AppData%=C:\Users\Carine 2\AppData\Roaming

%LocalAppData%=C:\Users\Carine 2\AppData\Local

%StartMenu%=C:\Users\Carine 2\AppData\Roaming\Microsoft\Windows\Start Menu

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 57 Go of 220 Go)

D:\ CD-ROM drive (Not Inserted)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

 

---\\ Recherche particulière de fichiers génériques

[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 07:27:36.) -- C:\Windows\Explorer.exe [2926592]

[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 03:33:13.) -- C:\Windows\System32\Wininit.exe [96768]

[MD5.74BCC23D622F32DA0450D164735ACAB1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.18/12/2010 07:27:04.) -- C:\Windows\System32\wininet.dll [916480]

[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]

[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 07:32:26.) -- C:\Windows\System32\drivers\atapi.sys [19944]

[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 07:32:49.) -- C:\Windows\System32\drivers\ntfs.sys [1083880]

 

 

 

---\\ Processus lancés

[MD5.B988D7F127B94BD5BF8356FE81B985C4] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638232]

[MD5.745C54B66C61E9B52318D329D62708DD] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Users\Carine 2\Desktop\ZHPDiag\ZHPDiag.exe [658432]

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Google\Picasa3\npPicasa3.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60129.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.448] - (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.3.448] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.448] - (.RealNetworks, Inc. - 6.0.12.448.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com

R0 - HKUS\S-1-5-21-907945516-2096931806-623574403-1002\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Google

R1 - HKUS\S-1-5-21-907945516-2096931806-623574403-1002\Software\Microsoft\Internet Explorer\Main,Search Page = Google

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

[ptiskrab]

---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\ezShellStart.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll

 

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: Fast Browser Search Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

 

 

 

---\\ ---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe

O4 - HKLM\..\Run: [Google Desktop Search] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O4 - HKLM\..\Run: [backupManagerTray] . (.NewTech Infosystems, Inc. - Packard Bell MyBackup.) -- C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe

O4 - HKLM\..\Run: [Acer ePower Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTray.exe

O4 - HKLM\..\Run: [startCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

O4 - HKLM\..\Run: [Camera Assistant Software] . (.Chicony - traybar.) -- C:\Program Files\Video Web Camera\traybar.exe

O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\PROGRA~1\LAUNCH~1\LManager.exe

O4 - HKLM\..\Run: [RemoteControl8] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe

O4 - HKLM\..\Run: [PDVD8LanguageShortcut] . (.Pas de propriétaire - Language Application.) -- C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe

O4 - HKLM\..\Run: [FBSSA] . (.Pas de propriétaire - IE3SH Application.) -- C:\Program Files\SGPSA\ie3sh.exe

O4 - HKLM\..\Run: [skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Program Files\Realtek\Audio\HDA\Skytel.exe

O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe

O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe

O4 - HKLM\..\Run: [NokiaMServer] Clé orpheline

O4 - HKLM\..\Run: [NokiaMusic FastStart] Clé orpheline

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe

O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Users\Carine 2\Desktop\Malwarebytes' Anti-Malware\mbam.exe

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Users\Carine 2\Desktop\Malwarebytes' Anti-Malware\mbamgui.exe

O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] . (.Safer Networking Limited - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [browserChoice] . (.Microsoft Corporation - Choix de navigateur .) -- C:\Windows\System32\browserchoice.exe

O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll

O4 - HKUS\S-1-5-21-907945516-2096931806-623574403-1002\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-21-907945516-2096931806-623574403-1002\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - HKUS\S-1-5-21-907945516-2096931806-623574403-1002\..\Run: [spybotSD TeaTimer] . (.Safer Networking Limited - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-21-907945516-2096931806-623574403-1002\..\Run: [browserChoice] . (.Microsoft Corporation - Choix de navigateur .) -- C:\Windows\System32\browserchoice.exe

O4 - HKUS\S-1-5-21-907945516-2096931806-623574403-1002\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk . (.McAfee, Inc..) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

O4 - Global Startup: C:\Users\Carine 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 - Capture d'écran et lancement.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

 

 

 

---\\ ---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\Carine 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Carine 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe

O4 - Global Startup: C:\Users\Carine 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

O4 - Global Startup: C:\Users\Carine 2\Desktop\CanoScan Toolbox 4.1.lnk . (.CANON INC..) -- C:\Program Files\Canon\CanoScan Toolbox Ver4.1\CSTBox.exe

O4 - Global Startup: C:\Users\Carine 2\Desktop\Carine - Raccourci.lnk . (...) -- C:\Users\Carine

O4 - Global Startup: C:\Users\Carine 2\Desktop\Carine.lnk . (...) -- C:\Users\Carine 2

O4 - Global Startup: C:\Users\Carine 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Easy Audio Cutter.lnk . (.Koyote Soft.) -- C:\Program Files\Free Audio Pack\Easy Audio Cutter\AudioCutter.exe

O4 - Global Startup: C:\Users\Carine 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free CD Ripper.lnk . (.Koyote Soft.) -- C:\Program Files\Free Audio Pack\Free CD Ripper\FreeCDRipper.exe

O4 - Global Startup: C:\Users\Carine 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Mp3 Wma Converter.lnk . (.Koyote Soft - Renan Broquin.) -- C:\Program Files\Free Audio Pack\FreeConverter\FreeConverter.exe

O4 - Global Startup: C:\Users\Carine 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\Carine 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet - Raccourci.lnk - Clé orpheline

O4 - Global Startup: C:\Users\Carine 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Carine 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nokia Ovi Player.lnk . (.Macrovision Corporation.) -- C:\Windows\Installer\{A528306A-C5EC-481C-A619-6106334E6800}\NewShortcut2_CDF681E133824FFDB6C41A0530C561

O4 - Global Startup: C:\Users\Carine 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\RegistryBooster.lnk . (.Uniblue Systems Limited.) -- C:\Program Files\Uniblue\RegistryBooster\Launcher.exe

O4 - Global Startup: C:\Users\Carine 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe

O4 - Global Startup: C:\Users\Carine 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - Global Startup: C:\Users\Carine 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe

O4 - Global Startup: C:\Users\Carine 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

 

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\Windows\system32\GPhotos.scr

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe

O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: &Envoyer à OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO

O9 - Extra button: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

 

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.com/s/v/70.11/uploader2.cab

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{6EF860D8-264D-4330-A60B-D61E9B38F792}: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\..\{EF4AFE76-F879-45AE-B6C6-20C428EE2465}: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CS1\Services\Tcpip\..\{6EF860D8-264D-4330-A60B-D61E9B38F792}: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CS1\Services\Tcpip\..\{EF4AFE76-F879-45AE-B6C6-20C428EE2465}: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\..\{6EF860D8-264D-4330-A60B-D61E9B38F792}: DhcpDomain = lan

O17 - HKLM\System\CCS\Services\Tcpip\..\{EF4AFE76-F879-45AE-B6C6-20C428EE2465}: DhcpDomain = lan

O17 - HKLM\System\CS1\Services\Tcpip\..\{6EF860D8-264D-4330-A60B-D61E9B38F792}: DhcpDomain = lan

O17 - HKLM\System\CS1\Services\Tcpip\..\{EF4AFE76-F879-45AE-B6C6-20C428EE2465}: DhcpDomain = lan

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

 

 

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - AppInit_DLLs: . (.Google - Google Desktop.) - C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.dll

 

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll

 

 

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (AdobeActiveFileMonitor6.0) . (...) - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe

O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: (avast! Mail Scanner) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: (avast! Web Scanner) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: (ePowerSvc) . (.Acer Incorporated - ePowerSvc.) - C:\Program Files\PACKARD BELL\Packard Bell PowerSave Solution\ePowerSvc.exe

O23 - Service: (FLEXnet Licensing Service) . (.Macrovision Europe Ltd. - Activation Licensing Service.) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) . (.Google - Google Desktop.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: (gupdate1ca4c25526f5f60) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: (McComponentHostService) . (.McAfee, Inc. - Component Host Service.) - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe

O23 - Service: (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: (NMIndexingService) . (.Nero AG - Nero Home.) - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: (NTI IScheduleSvc) . (.NewTech Infosystems, Inc. - Backup Manager Module.) - C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe

O23 - Service: (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) - C:\Windows\system32\IoctlSvc.exe

O23 - Service: (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: (ServiceLayer) . (.Nokia - ServiceLayer Module.) - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

 

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{A218C8AB-B022-4066-A2B2-D19EA9F9DA5C}.job

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: (DritekPortIO) . (.Dritek System Inc. - General Port I/O.) - C:\PROGRA~1\LAUNCH~1\DPortIO.sys

O41 - Driver: (fgktmonf) . (. - .) - C:\Windows\system32\drivers\fgktmonf.sys (.not file.)

O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys

O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys

O41 - Driver: (kl1) . (.Kaspersky Lab - Kaspersky Unified Driver.) - C:\Windows\System32\DRIVERS\kl1.sys

O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys

O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys

O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

 

---\\ Logiciels installés (O42)

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems, Inc..) [HKLM] -- {AF36CE1D-FD2C-4BA0-93FA-1196785DD610}

O42 - Logiciel: Adobe Photoshop Elements 6.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Photoshop Elements 6

O42 - Logiciel: Adobe Reader 9.4.1 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}

O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {0C34B801-6AEC-4667-B053-03A67E2D0415}

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}

O42 - Logiciel: ArcSoft PhotoStudio 5 - (.Pas de propriétaire.) [HKLM] -- {03F1CC67-5BD8-4C36-8394-76311B2AE69A}

O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

O42 - Logiciel: Audacity 1.2.6 - (.Pas de propriétaire.) [HKLM] -- Audacity_is1

O42 - Logiciel: Audio Music Editor 2.3.8 - (.SoftRM.) [HKLM] -- Audio Music Editor_is1

O42 - Logiciel: CanoScan Toolbox Ver4.1 - (.Pas de propriétaire.) [HKLM] -- {BCE46757-7674-4416-BEDB-68205A60409E}

O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {7C20E89E-4C3D-468E-97A0-9ECF6B1C93DD}

O42 - Logiciel: CyberLink PowerDVD 8 - (.CyberLink Corp..) [HKLM] -- InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}

O42 - Logiciel: CyberLink PowerDVD 8 - (.CyberLink Corp..) [HKLM] -- {2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}

O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2}

O42 - Logiciel: DivX Converter - (.DivX, Inc..) [HKLM] -- {B13A7C41581B411290FBC0395694E2A9}

O42 - Logiciel: DivX Player - (.DivX, Inc..) [HKLM] -- {8ADFC4160D694100B5B8A22DE9DCABD9}

O42 - Logiciel: DivX Plus DirectShow Filters - (.DivX, Inc..) [HKLM] -- DivX Plus DirectShow Filters

O42 - Logiciel: DivX Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29}

O42 - Logiciel: EasyBits Magic Desktop - (.Pas de propriétaire.) [HKLM] -- EasyBits Magic Desktop

O42 - Logiciel: Fast Browser Search (My Tattoons) - (.Make The Web Better, LLC.) [HKLM] -- TBSB07183.TBSB07183Toolbar

O42 - Logiciel: Fissa - (.Secure Digital Services.) [HKLM] -- {4BD271AB-66E2-4D58-AF88-80FE3B0770C4}

O42 - Logiciel: Free Mp3 Wma Converter V 1.9 - (.Koyote Soft.) [HKLM] -- Free Mp3 Wma Converter_is1

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome

O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Hofmann 7.5 - (.Hofmann.) [HKLM] -- {F06DDFB8-B56B-4EEC-B208-BFDCD6CD32C9}

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

O42 - Logiciel: Identity Card - (.Packard Bell.) [HKLM] -- Identity Card

O42 - Logiciel: InfoCentre - (.Packard Bell.) [HKLM] -- InfoCentre

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}

O42 - Logiciel: Java 6 Update 18 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216018FF}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}

O42 - Logiciel: K-Lite Codec Pack 5.5.1 (Full) - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1

O42 - Logiciel: Launch Manager - (.Packard Bell.) [HKLM] -- LManager

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan

O42 - Logiciel: Messenger Plus! Live - (.Yuna Software.) [HKLM] -- Messenger Plus! Live

O42 - Logiciel: MetaBoli - (.Pas de propriétaire.) [HKLM] -- {709817E4-5439-4206-8738-796B34B623BD}

O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR

O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Live Add-in 1.3 - (.Microsoft Corporation.) [HKLM] -- {57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}

O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95120000-0122-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional 2007 - (.Microsoft Corporation.) [HKLM] -- PROR

O42 - Logiciel: Microsoft Office Professional 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}

O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673}

O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}

O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack

O42 - Logiciel: Music Mixer - (.Pas de propriétaire.) [HKLM] -- Music Mixer

O42 - Logiciel: Nero 8 Essentials - (.Nero AG.) [HKLM] -- {5C1BF3AC-B19D-4C26-B0A0-90833A521036}

O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM] -- {1597D0AE-34A7-4A8B-A395-2E30EB745470}

O42 - Logiciel: Nokia Ovi Player - (.Nokia Ovi Player.) [HKLM] -- {A528306A-C5EC-481C-A619-6106334E6800}

O42 - Logiciel: Nokia_Multimedia_Common_Components_2_5 - (.Nokia.) [HKLM] -- {3762698E-E9DF-4DD8-99F1-8192D0F8EE06}

O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}

O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {9D6B740F-D9A2-45A6-BDC4-0A453D499FE6}

O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693

O42 - Logiciel: Packard Bell Customer Registration - (.Packard Bell.) [HKLM] -- Packard Bell Customer Registration

O42 - Logiciel: Packard Bell MyBackup - (.NewTech Infosystems.) [HKLM] -- InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}

O42 - Logiciel: Packard Bell PowerSave Solution - (.Acer Incorporated.) [HKLM] -- {3DB0448D-AD82-4923-B305-D001E521A964}

O42 - Logiciel: Packard Bell Recovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9}

O42 - Logiciel: PackardBell ScreenSaver - (.PackardBell.) [HKLM] -- PackardBell Screensaver

O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {A429C2AE-EBF1-4F81-A221-1C115CAADDAD}

O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {DC24971E-1946-445D-8A82-CE685433FA7D}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{CD769337-C8AC-46DB-A7DC-643E50089263}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2289158) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{210B16C0-CEBD-4DE9-B474-04A7E8735E16}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2289158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{210B16C0-CEBD-4DE9-B474-04A7E8735E16}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{536FB502-775F-4494-BACE-C02CC90B7A5B}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{5A4E43D5-858F-49BD-BA72-8F30E1793060}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{B23002DD-34EC-4988-B810-A5E2A0BF04F1}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B23002DD-34EC-4988-B810-A5E2A0BF04F1}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer (KB2413381) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{3DED0A62-44C8-4E00-A785-5212F297A9D9}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer (KB2413381) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3DED0A62-44C8-4E00-A785-5212F297A9D9}

O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{3A4CDE54-2403-483D-8D9A-15E3264410DF}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: SetUpMyPC - (.Packard Bell.) [HKLM] -- SetUpMyPC

O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5464-3428-900000000004}

O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1

O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey

O42 - Logiciel: Uniblue RegistryBooster 2010 - (.Uniblue Systems Ltd.) [HKLM] -- {E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}

O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2412171) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{752A0B7C-BD24-4362-AC86-AB63FEE6F46F}

O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2508979) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{D2137BBA-250B-4548-BC1C-19E5009893D7}

O42 - Logiciel: Updator - (.Packard Bell.) [HKLM] -- Updator

O42 - Logiciel: VLC media player 1.1.5 - (.VideoLAN.) [HKLM] -- VLC media player

O42 - Logiciel: Video Web Camera - (.Chicony Electronics Co.,Ltd..) [HKLM] -- {12A1B519-5934-4508-ADBD-335347B0DC87}

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {230B83A5-7D88-4B95-B71E-F44C0C78B002}

O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {9D6524E6-15CF-4852-BF70-04FE973A3DE1}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}

O42 - Logiciel: avast! Free Antivirus - (.Alwil Software.) [HKLM] -- avast5

O42 - Logiciel: myphotobook.fr - (.myphotobook GmbH.) [HKLM] -- fr.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1

O42 - Logiciel: myphotobook.fr - (.myphotobook GmbH.) [HKLM] -- {E930C094-9B48-6BDD-09AE-E021D7C6FE88}

O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ALWIL Software]

[HKCU\Software\ATI Technologies Inc.]

[HKCU\Software\ATI]

[HKCU\Software\Acer]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\ShoppingReport2]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\ArcSoft]

[HKCU\Software\Audacity]

[HKCU\Software\CEC_CM_SW]

[HKCU\Software\Canon]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\CyberLink]

[HKCU\Software\FissaSearch]

[HKCU\Software\GNU]

[HKCU\Software\Gabest]

[HKCU\Software\Google]

[HKCU\Software\Haali]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\Hofmann]

[HKCU\Software\IM Providers]

[HKCU\Software\JavaSoft]

[HKCU\Software\Lake]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\Macromedia]

[HKCU\Software\Magnet]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\Nero]

[HKCU\Software\Netscape]

[HKCU\Software\Nokia]

[HKCU\Software\ODBC]

[HKCU\Software\Patchou]

[HKCU\Software\Policies]

[HKCU\Software\RealNetworks]

[HKCU\Software\Realtek]

[HKCU\Software\Safer Networking Limited]

[HKCU\Software\Synaptics]

[HKCU\Software\TimoCom]

[HKCU\Software\WideStream]

[HKLM\Software\ALWIL Software]

[HKLM\Software\AMD]

[HKLM\Software\ATI Technologies]

[HKLM\Software\ATI]

[HKLM\Software\Acer Incorporated]

[HKLM\Software\Acer]

[HKLM\Software\Adobe]

[HKLM\Software\Ahead]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\ArcSoft]

[HKLM\Software\Audible]

[HKLM\Software\BrowserChoice]

[HKLM\Software\CXT]

[HKLM\Software\Canon]

[HKLM\Software\Chicony Electronics Co.,Ltd.]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Codec Tweak Tool]

[HKLM\Software\Compal]

[HKLM\Software\Conexant]

[HKLM\Software\CyberLink]

[HKLM\Software\Digital River]

[HKLM\Software\DivXNetworks]

[HKLM\Software\EasyBits]

[HKLM\Software\FissaSearch]

[HKLM\Software\GNU]

[HKLM\Software\Google]

[HKLM\Software\HaaliMkx]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\InstalledOptions]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\KLCodecPack]

[HKLM\Software\KasperskyLab]

[HKLM\Software\KasperskyLab]

[HKLM\Software\Lake]

[HKLM\Software\Macromedia]

[HKLM\Software\Macrovision]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\Messenger Plus!\OpenCandy]

[HKLM\Software\Messenger Plus!]

[HKLM\Software\MetaBoli]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NeroDigital]

[HKLM\Software\Nero]

[HKLM\Software\NewTech Infosystems]

[HKLM\Software\Nokia]

[HKLM\Software\Norton]

[HKLM\Software\ODBC]

[HKLM\Software\OEM]

[HKLM\Software\OemSetup]

[HKLM\Software\OpenCandy NSIS SDK]

[HKLM\Software\PC Connectivity Solution]

[HKLM\Software\PCSuite]

[HKLM\Software\Packard Bell]

[HKLM\Software\Patchou]

[HKLM\Software\Policies]

[HKLM\Software\RealNetworks]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\RichFX]

[HKLM\Software\SRS Labs]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\SecureDigitalServices]

[HKLM\Software\SoftRM]

[HKLM\Software\Sonic]

[HKLM\Software\Symantec]

[HKLM\Software\Synaptics]

[HKLM\Software\TrendMicro]

[HKLM\Software\Uniblue]

[HKLM\Software\VideoLAN]

[HKLM\Software\Volatile]

[HKLM\Software\WOW6432Node]

[HKLM\Software\Waves Audio]

[HKLM\Software\Xing Technology Corp.]

[HKLM\Software\mcafeeupdater]

[HKLM\Software\mozilla.org]

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 28/11/2010 - 14:34:04 - [597937843] ----D- C:\Program Files\Adobe

O43 - CFD: 13/09/2010 - 14:08:48 - [140494666] ----D- C:\Program Files\Alwil Software

O43 - CFD: 07/06/2009 - 15:35:48 - [2221118] ----D- C:\Program Files\Apple Software Update

O43 - CFD: 17/06/2009 - 11:43:24 - [23407743] ----D- C:\Program Files\ArcSoft

O43 - CFD: 17/10/2010 - 07:30:38 - [1618] ----D- C:\Program Files\Ask.com

O43 - CFD: 11/05/2009 - 14:21:00 - [14347130] ----D- C:\Program Files\ATI

O43 - CFD: 11/05/2009 - 14:21:42 - [84546604] ----D- C:\Program Files\ATI Technologies

O43 - CFD: 13/02/2010 - 18:27:22 - [8691132] ----D- C:\Program Files\Audacity

O43 - CFD: 17/01/2010 - 10:36:52 - [1536607] ----D- C:\Program Files\Audio Music Editor

O43 - CFD: 17/06/2009 - 12:00:12 - [6786594] ----D- C:\Program Files\Canon

O43 - CFD: 10/01/2011 - 16:00:54 - [1237615462] ----D- C:\Program Files\Common Files

O43 - CFD: 17/03/2009 - 19:36:02 - [1110016] ----D- C:\Program Files\CONEXANT

O43 - CFD: 11/05/2009 - 14:32:36 - [81915952] ----D- C:\Program Files\CyberLink

O43 - CFD: 31/01/2010 - 10:28:12 - [800824] ----D- C:\Program Files\DIFX

O43 - CFD: 18/06/2009 - 20:45:34 - [70306267] ----D- C:\Program Files\DivX

O43 - CFD: 03/06/2009 - 16:47:52 - [86234193] ----D- C:\Program Files\EasyBits For Kids

O43 - CFD: 02/09/2009 - 12:42:44 - [8033078] ----D- C:\Program Files\Fast Browser Search

O43 - CFD: 03/06/2009 - 16:45:50 - [0] -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 31/01/2010 - 20:14:06 - [24349264] ----D- C:\Program Files\Free Audio Pack

O43 - CFD: 03/01/2011 - 18:30:50 - [796585423] ----D- C:\Program Files\Google

O43 - CFD: 02/12/2010 - 08:32:16 - [214876486] ----D- C:\Program Files\Hofmann

O43 - CFD: 17/06/2009 - 12:00:12 - [52174934] --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 17/03/2009 - 19:29:26 - [64867] ----D- C:\Program Files\Intel

O43 - CFD: 12/02/2011 - 03:21:12 - [6380857] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 13/09/2010 - 14:07:18 - [87503816] ----D- C:\Program Files\Java

O43 - CFD: 02/01/2010 - 19:38:06 - [45978088] ----D- C:\Program Files\K-Lite Codec Pack

O43 - CFD: 11/05/2009 - 14:31:08 - [2729015] ----D- C:\Program Files\Launch Manager

O43 - CFD: 17/10/2010 - 07:31:14 - [4] ----D- C:\Program Files\LimeWire

O43 - CFD: 19/03/2011 - 09:03:38 - [768204] ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 08/04/2010 - 19:07:56 - [9453898] ----D- C:\Program Files\McAfee Security Scan

O43 - CFD: 06/11/2010 - 19:08:28 - [13155342] ----D- C:\Program Files\Messenger Plus! Live

O43 - CFD: 04/10/2009 - 07:10:42 - [1544075] ----D- C:\Program Files\Microsoft

O43 - CFD: 02/11/2006 - 13:35:52 - [46946424] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 03/06/2009 - 18:10:10 - [627337490] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 04/10/2009 - 07:08:40 - [1559148] ----D- C:\Program Files\Microsoft Office Outlook Connector

O43 - CFD: 17/03/2009 - 20:08:22 - [7791803] ----D- C:\Program Files\Microsoft Office Suite Activation Assistant

O43 - CFD: 07/03/2011 - 03:18:30 - [38371963] ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD: 17/03/2009 - 20:02:30 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD: 03/10/2009 - 22:10:04 - [2188837] ----D- C:\Program Files\Microsoft Sync Framework

O43 - CFD: 03/06/2009 - 18:10:34 - [14904] ----D- C:\Program Files\Microsoft Visual Studio

O43 - CFD: 17/12/2010 - 03:07:12 - [146453974] ----D- C:\Program Files\Microsoft Works

O43 - CFD: 26/06/2010 - 02:03:06 - [8167779] ----D- C:\Program Files\Microsoft.NET

O43 - CFD: 14/08/2010 - 02:30:32 - [20470054] ----D- C:\Program Files\Movie Maker

O43 - CFD: 02/11/2006 - 13:35:52 - [25757] ----D- C:\Program Files\MSBuild

O43 - CFD: 17/03/2009 - 19:04:12 - [0] ----D- C:\Program Files\MSXML 4.0

O43 - CFD: 17/01/2010 - 10:01:38 - [5597218] ----D- C:\Program Files\Music Mixer

O43 - CFD: 28/11/2010 - 14:34:20 - [15734182] ----D- C:\Program Files\myphotobook.fr

O43 - CFD: 11/05/2009 - 14:38:30 - [358635061] ----D- C:\Program Files\Nero

O43 - CFD: 17/03/2009 - 19:55:48 - [15870803] ----D- C:\Program Files\NewTech Infosystems

O43 - CFD: 31/01/2010 - 10:30:30 - [20693302] ----D- C:\Program Files\Nokia

O43 - CFD: 03/06/2009 - 16:47:32 - [1292575313] ----D- C:\Program Files\PACKARD BELL

O43 - CFD: 13/11/2009 - 17:53:40 - [79279759] ----D- C:\Program Files\QuickTime

O43 - CFD: 13/10/2009 - 17:52:20 - [69100064] ----D- C:\Program Files\Real

O43 - CFD: 11/05/2009 - 14:22:20 - [15438821] ----D- C:\Program Files\Realtek

O43 - CFD: 02/11/2006 - 13:35:52 - [38694657] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 03/10/2010 - 22:59:54 - [876416] ----D- C:\Program Files\SGPSA

O43 - CFD: 04/03/2010 - 21:04:16 - [50859480] ----D- C:\Program Files\Spybot - Search & Destroy

O43 - CFD: 11/05/2009 - 14:29:34 - [21262839] ----D- C:\Program Files\Synaptics

O43 - CFD: 11/05/2009 - 14:22:48 - [0] --H-D- C:\Program Files\Temp

O43 - CFD: 06/11/2010 - 19:08:34 - [17086800] ----D- C:\Program Files\Uniblue

O43 - CFD: 02/11/2006 - 13:58:20 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 11/05/2009 - 14:27:30 - [11862298] ----D- C:\Program Files\Video Web Camera

O43 - CFD: 05/03/2011 - 22:17:38 - [80529230] ----D- C:\Program Files\VideoLAN

O43 - CFD: 27/02/2011 - 14:13:14 - [240548] ----D- C:\Program Files\Widestream6

O43 - CFD: 04/10/2009 - 09:13:50 - [1016832] ----D- C:\Program Files\Windows Calendar

O43 - CFD: 04/10/2009 - 09:13:50 - [2737152] ----D- C:\Program Files\Windows Collaboration

O43 - CFD: 04/10/2009 - 09:13:48 - [4490624] ----D- C:\Program Files\Windows Defender

O43 - CFD: 11/12/2010 - 17:22:00 - [150842546] ----D- C:\Program Files\Windows Live

O43 - CFD: 17/03/2009 - 20:00:56 - [245112] ----D- C:\Program Files\Windows Live SkyDrive

O43 - CFD: 12/02/2011 - 03:21:12 - [8935608] ----D- C:\Program Files\Windows Mail

O43 - CFD: 14/10/2010 - 02:23:50 - [4498121] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 03/06/2009 - 16:45:50 - [7957544] ----D- C:\Program Files\Windows NT

O43 - CFD: 04/10/2009 - 09:13:48 - [8228002] ----D- C:\Program Files\Windows Photo Gallery

O43 - CFD: 18/11/2009 - 03:23:30 - [134144] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 04/10/2009 - 09:13:50 - [6528228] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 08/12/2010 - 22:11:44 - [52214771] ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 28/11/2010 - 14:34:04 - [30826314] ----D- C:\Program Files\Common Files\Adobe AIR

O43 - CFD: 13/11/2009 - 17:50:18 - [33408497] ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 11/05/2009 - 14:32:36 - [114688] ----D- C:\Program Files\Common Files\CyberLink

O43 - CFD: 10/01/2011 - 16:00:54 - [86016] ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD: 18/06/2009 - 20:44:28 - [8024284] ----D- C:\Program Files\Common Files\DivX Shared

O43 - CFD: 17/06/2009 - 11:43:08 - [3192663] ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD: 13/09/2010 - 14:07:56 - [1228747] ----D- C:\Program Files\Common Files\Java

O43 - CFD: 17/03/2009 - 19:52:08 - [655111] ----D- C:\Program Files\Common Files\Macrovision Shared

O43 - CFD: 10/01/2011 - 16:00:54 - [256531166] ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD: 11/05/2009 - 14:39:18 - [137792010] ----D- C:\Program Files\Common Files\Nero

O43 - CFD: 31/01/2010 - 10:30:32 - [35001912] ----D- C:\Program Files\Common Files\Nokia

O43 - CFD: 18/06/2009 - 20:45:08 - [3926944] ----D- C:\Program Files\Common Files\PX Storage Engine

O43 - CFD: 13/10/2009 - 17:53:12 - [20584956] ----D- C:\Program Files\Common Files\Real

O43 - CFD: 02/11/2006 - 12:18:34 - [2702] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 02/11/2006 - 12:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 04/10/2009 - 09:13:48 - [47713968] ----D- C:\Program Files\Common Files\System

O43 - CFD: 17/03/2009 - 19:59:44 - [564856722] ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD: 13/10/2009 - 17:52:44 - [352256] ----D- C:\Program Files\Common Files\xing shared

O43 - CFD: 08/12/2010 - 22:11:44 - [469533977] ----D- C:\ProgramData\Adobe

O43 - CFD: 13/09/2010 - 14:08:48 - [5677554] ----D- C:\ProgramData\Alwil Software

O43 - CFD: 07/06/2009 - 15:35:48 - [13464576] ----D- C:\ProgramData\Apple

O43 - CFD: 13/11/2009 - 17:53:08 - [27894272] ----D- C:\ProgramData\Apple Computer

O43 - CFD: 02/11/2006 - 13:59:46 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 11/05/2009 - 14:26:56 - [188] ----D- C:\ProgramData\ATI

O43 - CFD: 03/06/2009 - 16:45:50 - [0] -SH-D- C:\ProgramData\Bureau

O43 - CFD: 02/11/2009 - 09:42:34 - [17669] ----D- C:\ProgramData\CyberLink

O43 - CFD: 02/11/2006 - 13:59:46 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 02/11/2006 - 13:59:46 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 03/06/2009 - 16:45:50 - [0] -SH-D- C:\ProgramData\Favoris

O43 - CFD: 02/11/2006 - 13:59:46 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 27/07/2009 - 18:10:48 - [670] ----D- C:\ProgramData\FLEXnet

O43 - CFD: 26/08/2009 - 18:52:04 - [536308] ----D- C:\ProgramData\Google

O43 - CFD: 13/09/2010 - 13:57:42 - [0] ----D- C:\ProgramData\Kaspersky Lab

O43 - CFD: 12/09/2009 - 13:21:28 - [121798019] ----D- C:\ProgramData\Kaspersky Lab Setup Files

O43 - CFD: 19/03/2011 - 09:03:36 - [6440044] ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 25/03/2010 - 19:23:10 - [362003] ----D- C:\ProgramData\McAfee

O43 - CFD: 19/03/2011 - 15:06:30 - [853] ----D- C:\ProgramData\McAfee Security Scan

O43 - CFD: 03/06/2009 - 16:45:50 - [0] -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 22/01/2010 - 03:27:18 - [18153] ----D- C:\ProgramData\Messenger Plus!

O43 - CFD: 05/06/2010 - 02:02:02 - [576411717] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 10/03/2011 - 03:02:02 - [63470] ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 03/06/2009 - 16:45:50 - [0] -SH-D- C:\ProgramData\Modèles

O43 - CFD: 11/05/2009 - 14:38:32 - [8689204] ----D- C:\ProgramData\Nero

O43 - CFD: 31/01/2010 - 10:30:22 - [4079104] ----D- C:\ProgramData\NokiaMusic

O43 - CFD: 12/09/2009 - 13:36:58 - [14988] ----D- C:\ProgramData\Norton

O43 - CFD: 17/03/2009 - 20:09:36 - [14300468] ----D- C:\ProgramData\NortonInstaller

O43 - CFD: 07/03/2010 - 15:39:00 - [169] ----D- C:\ProgramData\Real

O43 - CFD: 19/03/2011 - 15:06:30 - [89433865] ----D- C:\ProgramData\Spybot - Search & Destroy

O43 - CFD: 02/11/2006 - 13:59:46 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 13/09/2010 - 14:08:10 - [119] ----D- C:\ProgramData\Sun

O43 - CFD: 10/06/2009 - 07:08:54 - [64] ----D- C:\ProgramData\Symantec

O43 - CFD: 11/05/2009 - 14:31:48 - [53319] ----D- C:\ProgramData\Temp

O43 - CFD: 02/11/2006 - 13:59:46 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 18/10/2009 - 16:54:12 - [0] ----D- C:\ProgramData\WindowsSearch

O43 - CFD: 18/03/2011 - 19:03:52 - [28842] ----D- C:\Users\Carine 2\AppData\Roaming\5718BDC8FCA3007541CB53CCBA1534B7

O43 - CFD: 18/03/2011 - 19:03:44 - [6027554] ----D- C:\Users\Carine 2\AppData\Roaming\Adobe

O43 - CFD: 23/02/2010 - 07:22:14 - [2184] ----D- C:\Users\Carine 2\AppData\Roaming\ArcSoft

O43 - CFD: 30/01/2010 - 12:10:44 - [0] ----D- C:\Users\Carine 2\AppData\Roaming\ATI

O43 - CFD: 09/02/2011 - 08:55:04 - [0] ----D- C:\Users\Carine 2\AppData\Roaming\Canon

O43 - CFD: 30/06/2010 - 18:17:20 - [2503] ----D- C:\Users\Carine 2\AppData\Roaming\CyberLink

O43 - CFD: 27/02/2011 - 13:39:10 - [25115] ----D- C:\Users\Carine 2\AppData\Roaming\FissaSearch

O43 - CFD: 28/11/2010 - 14:34:50 - [182463245] ----D- C:\Users\Carine 2\AppData\Roaming\fr.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1

O43 - CFD: 31/01/2010 - 20:14:08 - [221] ----D- C:\Users\Carine 2\AppData\Roaming\FreeAudioPack

O43 - CFD: 31/01/2010 - 10:33:48 - [28114] ----D- C:\Users\Carine 2\AppData\Roaming\Google

O43 - CFD: 30/01/2010 - 12:10:26 - [0] ----D- C:\Users\Carine 2\AppData\Roaming\Identities

O43 - CFD: 30/01/2010 - 12:11:10 - [115951] ----D- C:\Users\Carine 2\AppData\Roaming\Macromedia

O43 - CFD: 19/03/2011 - 09:03:46 - [14832988] ----D- C:\Users\Carine 2\AppData\Roaming\Malwarebytes

O43 - CFD: 08/12/2010 - 14:41:34 - [21708452] -S--D- C:\Users\Carine 2\AppData\Roaming\Microsoft

O43 - CFD: 13/09/2010 - 14:10:12 - [0] ----D- C:\Users\Carine 2\AppData\Roaming\Mozilla

O43 - CFD: 31/01/2010 - 09:58:00 - [1004] ----D- C:\Users\Carine 2\AppData\Roaming\Nokia

O43 - CFD: 31/01/2010 - 10:44:56 - [354] ----D- C:\Users\Carine 2\AppData\Roaming\PC Suite

O43 - CFD: 07/03/2010 - 15:38:54 - [2004952] ----D- C:\Users\Carine 2\AppData\Roaming\Real

O43 - CFD: 07/03/2011 - 08:09:00 - [1516174] ----D- C:\Users\Carine 2\AppData\Roaming\vlc

O43 - CFD: 27/02/2011 - 13:39:28 - [604] ----D- C:\Users\Carine 2\AppData\Roaming\widestream

[ptiskrab]

grrrrr avec Mydoc ça ne marche pas, et voilà que je n'arrive pas à poster la suite du rapport..

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.A4AAEB9ED2A60A7AB5AFB061C2CE8F6A] - 20/03/2011 - 07:19:12 ---A- . (...) -- C:\Windows\ntbtlog.txt [110046]

O44 - LFC:[MD5.E9F8F13C08627847BD6ABD11F41FE0C5] - 20/03/2011 - 07:18:41 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.9B134EC4F97E5C1535AF7A1E7F62D829] - 19/03/2011 - 23:20:14 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [4384]

O44 - LFC:[MD5.9B134EC4F97E5C1535AF7A1E7F62D829] - 19/03/2011 - 23:20:14 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [4384]

O44 - LFC:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 19/03/2011 - 17:27:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [38224]

[ptiskrab]

O44 - LFC:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 19/03/2011 - 17:27:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [20952]

O44 - LFC:[MD5.01C47C2ECED034EF6F8C1552A97CFF00] - 19/03/2011 - 15:19:36 ---A- . (...) -- C:\Windows\System32\config.nt [2577]

[ptiskrab]

Ca me met "internet explorer ne peut pas afficher cette page web"

alors que là quand j'écris moi-même, ça marche ! C'est fou ce truc !

Modifié le 20 mars 2011 par ptiskrab

[ptiskrab]

je vais pas m'amuser à tout taper à la main, quand même ! Alors que faire ?

[ptiskrab]

Bon, j'ai redémarré mon ordi normalement (et non pas en mode sans échec comme je le faisais jusqu'à présent) et la session s'est affichée.

Par contre il doit quand même y avoir des trucs qui ne vont pas, entre Avast, Mcafee, spybot... je ne m'en sors pas et ils me sortent sans arrêt des "menaces" ou autres "modifications" à approuver ou refuser...

En début de session, j'ai aussi plusieurs fenêtres de messages d'erreur à fermer.

Je vais essayer de redémarrer et de les noter car je n'ai pas retenu les noms de fichiers qui semblaient être en cause.