Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

windows recovery

gizon

Par gizon
dans Analyses et éradication malwares

 Partager

Messages recommandés

gizon Junior Member

gizon

Posté(e)
Posté(e)

Bonjour,

j'ai eu la desagreable visite d'un virus nommé windows recovery. J'ai réussi à l'eliminer mais depuis mes icones bureau ont disparus ainsi que mes dossiers. J'ai utilisé le nettoyeur de rapport ZHPFIX qui me donne le rapport qui suit, mais maintenant que faire?

Merci d'avance de votre aide

 

RAPPORT:

 

 

Rapport de ZHPDiag v1.27.201 par Nicolas Coolman, Update du 08/05/2011

Run by Christelle Frantxua at 09/05/2011 16:18:03

Web site : ZHPDiag Outil de diagnostic

 

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.7600.16385 (Defaut)

 

---\\ System Information

Windows 7 Home Premium Edition, 64-bit (Build 7600)

Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel

Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 4095 MB (66% free)

System Restore: Activé (Enable)

System drive C: has 402 GB (87%) free of 459 GB

 

---\\ Logged in mode

Computer Name: ORDI

User Name: Christelle Frantxua

All Users Names: HomeGroupUser$, Christelle Frantxua, Administrateur,

Unselected Option: O45,O61,O62,O65,O66,O82

Logged in as Administrator

 

---\\ Environnement Variables

%AppData%=C:\Users\Christelle Frantxua\AppData\Roaming

%LocalAppData%=C:\Users\Christelle Frantxua\AppData\Local

%StartMenu%=C:\Users\Christelle Frantxua\AppData\Roaming\Microsoft\Windows\Start Menu

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 402 Go of 459 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 459 Go of 459 Go)

E:\ CD-ROM drive (Not Inserted)

F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorateur Windows.) (.26/02/2011 07:23:14.) -- C:\Windows\Explorer.exe [2870272]

[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\system32\Wininit.exe [96256]

[MD5.214605C48AE416BC067C39D227CFCC57] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.24/02/2011 06:32:44.) -- C:\Windows\system32\wininet.dll [981504]

 

 

 

---\\ Processus lancés

[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408]

[MD5.FBAA7A56D573BE55A65AD5B8C17ECA03] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [247144]

[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- C:\Windows\SysWOW64\rundll32.exe [44544]

[MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552]

[MD5.638C728F21CCC7EC4F8517A212C34353] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [421160]

[MD5.FBAF93425D4B5A6C48ABB5B7F81088CD] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\SFR\Pack Sécurité\Common\FSM32.EXE [201128]

[MD5.C6697A46554E36541E81182B258A19D6] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [673040]

[MD5.AE619F242F2CE340F3B33DDEAA88248D] - (.Adobe Systems, Inc. - Adobe Flash Player Helper 10.0 r32.) -- C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe [257440]

[MD5.DB1A23EE7DD2E5E04E7DE071A6BEF699] - (.Sun Microsystems, Inc. - Java Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [501480]

[MD5.5375A0D0CEE1C942047367E72A4E750A] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [645632]

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to Windows Live

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Microsoft Corporation

R0 - HKUS\S-1-5-21-1440464493-4113906250-3556615504-1001\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to Windows Live

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKUS\S-1-5-21-1440464493-4113906250-3556615504-1001\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation

R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

 

 

 

---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll

 

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: Google Toolbar [64Bits] - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

 

 

 

---\\ ---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

O4 - HKCU\..\Run: [Fxusader] . (.ArcSoft Inc. - checkactivate.) -- C:\Users\Christelle Frantxua\AppData\Local\masqcsm0.dll

O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe

O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe

O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe

O4 - HKLM\..\Wow6432Node\Run: [F-Secure Manager] . (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\SFR\Pack Sécurité\Common\FSM32.exe

O4 - HKLM\..\Wow6432Node\Run: [F-Secure TNB] . (.F-Secure Corporation - TNBUtil.) -- C:\Program Files (x86)\SFR\Pack Sécurité\FSGUI\TNBUtil.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-21-1440464493-4113906250-3556615504-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-21-1440464493-4113906250-3556615504-1001\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

O4 - HKUS\S-1-5-21-1440464493-4113906250-3556615504-1001\..\Run: [Fxusader] . (.ArcSoft Inc. - checkactivate.) -- C:\Users\Christelle Frantxua\AppData\Local\masqcsm0.dll

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)

O4 - Global Startup: C:\Users\Christelle Frantxua\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk . (...) -- C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: C:\Users\Christelle Frantxua\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outil de détection de support Picture Motion Browser.lnk . (.Sony Corporation.) -- C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\S

 

 

 

---\\ ---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\Christelle Frantxua\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Christelle Frantxua\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Christelle Frantxua\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

 

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: E&xport to Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~1\Office12\EXCEL.exe

O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000009\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{8F9C7D8F-846E-46D6-BCCD-8A8613DD3189}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{8F9C7D8F-846E-46D6-BCCD-8A8613DD3189}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{8F9C7D8F-846E-46D6-BCCD-8A8613DD3189}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

 

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (AdobeActiveFileMonitor7.0) . (.Adobe Systems Incorporated - Adobe Photoshop Elements 7.0 (component).) - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: (CCALib8) . (.Canon Inc. - Canon Camera Access Library 8.) - C:\Program Files (x86)\Canon\CAL\CALMAIN.exe

O23 - Service: (F-Secure Gatekeeper Handler Starter) . (.F-Secure Corporation - F-Secure Anti-Virus Scanning Service.) - C:\Program Files (x86)\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe

O23 - Service: (FLEXnet Licensing Service) . (.Acresso Software Inc. - Activation Licensing Service.) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: (FSDFWD) . (.F-Secure Corporation - F-Secure Internet Shield daemon.) - C:\Program Files (x86)\SFR\Pack Sécurité\FWES\Program\fsdfwd.exe

O23 - Service: (FSMA) . (.F-Secure Corporation - F-Secure Management Agent.) - C:\Program Files (x86)\SFR\Pack Sécurité\Common\FSMA32.exe

O23 - Service: (FSORSPClient) . (.F-Secure Corporation - F-Secure ORSP Service.) - C:\Program Files (x86)\SFR\Pack Sécurité\ORSP Client\fsorsp.exe

O23 - Service: (Greg_Service) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe

O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: (gupdatem) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (64-bit).) - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG - Nero BackItUp.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 191.0.) - C:\Windows\system32\nvvsvc.exe

O23 - Service: (Roxio UPnP Renderer 11) . (...) - C:\Program Files (x86)\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe

O23 - Service: (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: (Updater Service) . (.Acer - Acer Update Service.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe

O23 - Service: (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

 

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Norton Security Scan for Christelle Frantxua.job

[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.AA6DB1D357B0DB08B969D14889D9C9CA] [APT] [Norton Security Scan for Christelle Frantxua] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Security Scan\Engine\2.7.3.34\Nss.exe

[MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys

O41 - Driver: (F-Secure HIPS) . (.F-Secure Corporation - HIPS 64-bit kernel module.) - C:\Program Files (x86)\SFR\Pack Sécurité\HIPS\drivers\fshs.sys

O41 - Driver: (FSES) . (.F-Secure Corporation - F-Secure Email Interceptor.) - C:\Windows\System32\drivers\fses.sys

O41 - Driver: (FSFW) . (.F-Secure Corporation - F-Secure Internet Shield Driver.) - C:\Windows\System32\drivers\fsdfw.sys

O41 - Driver: (fsvista) . (...) - C:\Program Files (x86)\SFR\Pack Sécurité\Anti-Virus\minifilter\fsvista.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys

O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\system32\DRIVERS\serial.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}

O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}

O42 - Logiciel: Adobe Anchor Service CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {1618734A-3957-4ADD-8199-F973763109A8}

O42 - Logiciel: Adobe Bridge CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {83877DB1-8B77-45BC-AB43-2BAC22E093E0}

O42 - Logiciel: Adobe CMaps CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {94D398EB-D2FD-4FD1-B8C4-592635E8A191}

O42 - Logiciel: Adobe CS4 American English Speech Analysis Models - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}

O42 - Logiciel: Adobe Default Language CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {C52E3EC1-048C-45E1-8D53-10B0C6509683}

O42 - Logiciel: Adobe Device Central CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {67F0E67A-8E93-4C2C-B29D-47C48262738A}

O42 - Logiciel: Adobe Dynamiclink Support - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}

O42 - Logiciel: Adobe Encore CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {5EAD5443-7194-46CC-A055-428E6ABB1BAF}

O42 - Logiciel: Adobe Encore CS4 Codecs - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {FB2A5FCC-B81B-48C2-A009-7804694D83E9}

O42 - Logiciel: Adobe ExtendScript Toolkit CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {F8EF2B3F-C345-4F20-8FE4-791A20333CD5}

O42 - Logiciel: Adobe Extension Manager CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {054EFA56-2AC1-48F4-A883-0AB89874B972}

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Fonts All - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}

O42 - Logiciel: Adobe Media Encoder CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}

O42 - Logiciel: Adobe Media Encoder CS4 Additional Exporter - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {BE9CEAAA-F069-4331-BF2F-8D350F6504F4}

O42 - Logiciel: Adobe Media Encoder CS4 Dolby - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {EE353798-E875-42E0-B58D-7E6696182EA8}

O42 - Logiciel: Adobe Media Encoder CS4 Exporter - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {561968FD-56A1-49FD-9ED0-F55482C7C5BC}

O42 - Logiciel: Adobe Media Encoder CS4 Importer - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {8186FF34-D389-4B7E-9A2F-C197585BCFBD}

O42 - Logiciel: Adobe OnLocation CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {7406DF60-016D-476B-A2C7-55D997592047}

O42 - Logiciel: Adobe Output Module - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {BB4E33EC-8181-4685-96F7-8554293DEC6A}

O42 - Logiciel: Adobe PDF Library Files CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {F93C84A6-0DC6-42AF-89FA-776F7C377353}

O42 - Logiciel: Adobe Photoshop Elements 7.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Photoshop Elements 7

O42 - Logiciel: Adobe Photoshop Elements 7.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {5511C07D-A83C-45AD-92B6-42DF99729A3C}

O42 - Logiciel: Adobe Photoshop Elements 7.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {CB6075D9-F912-40AE-BEA6-E590DA24F16B}

O42 - Logiciel: Adobe Premiere Pro CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe_26b63376f4efc354dae41af6b5e3343

O42 - Logiciel: Adobe Premiere Pro CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {D499F8DE-3F31-4900-9157-61061613704B}

O42 - Logiciel: Adobe Premiere Pro CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {DE3BB35E-C0CE-4CA1-9CB4-CD9E69364BD9}

O42 - Logiciel: Adobe Premiere Pro CS4 Functional Content - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}

O42 - Logiciel: Adobe Premiere Pro CS4 Third Party Content - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {C938BE91-3BB5-4B84-9EF6-88F0505D0038}

O42 - Logiciel: Adobe Reader 9.1 MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-A91000000001}

O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {566BB41D-F006-4956-A5D3-94D8DFFA7F51}

O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player

O42 - Logiciel: Adobe Type Support CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {820D3F45-F6EE-4AAF-81EF-CE21FF21D230}

O42 - Logiciel: Adobe Update Manager CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {05308C4E-7285-4066-BAE3-6B50DA6ED755}

O42 - Logiciel: Adobe XMP Panels CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {3A4E8896-C2E7-4084-A4A4-B8FD1894E739}

O42 - Logiciel: AdobeColorCommonSetRGB - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {16E6D2C1-7C90-4309-8EC4-D2212690AAA4}

O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM][64Bits] -- {b2ec4a38-b545-4a00-8214-13fe0e915e6d}

O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {853A4763-6643-4604-8D64-28BDD8925F4C}

O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {8F473675-D702-45F9-8EBC-342B40C17BF5}

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}

O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {0E543634-7E25-4B8F-8D5B-97880E5E5088}

O42 - Logiciel: CANON iMAGE GATEWAY Task for ZoomBrowser EX - (.Pas de propriétaire.) [HKLM][64Bits] -- CANON iMAGE GATEWAY Task

O42 - Logiciel: Canon Camera Access Library - (.Pas de propriétaire.) [HKLM][64Bits] -- CAL

O42 - Logiciel: Canon Camera Window DC_DV 6 for ZoomBrowser EX - (.Pas de propriétaire.) [HKLM][64Bits] -- CameraWindowDVC6

O42 - Logiciel: Canon Camera Window MC 6 for ZoomBrowser EX - (.Pas de propriétaire.) [HKLM][64Bits] -- CameraWindowMC

O42 - Logiciel: Canon G.726 WMP-Decoder - (.Pas de propriétaire.) [HKLM][64Bits] -- Canon G.726 WMP-Decoder

O42 - Logiciel: Canon Internet Library for ZoomBrowser EX - (.Pas de propriétaire.) [HKLM][64Bits] -- Canon Internet Library for ZoomBrowser EX

O42 - Logiciel: Canon MovieEdit Task for ZoomBrowser EX - (.Pas de propriétaire.) [HKLM][64Bits] -- MovieEditTask

O42 - Logiciel: Canon RAW Image Task for ZoomBrowser EX - (.Pas de propriétaire.) [HKLM][64Bits] -- RAW Image Task

O42 - Logiciel: Canon RemoteCapture Task for ZoomBrowser EX - (.Pas de propriétaire.) [HKLM][64Bits] -- RemoteCaptureTask

O42 - Logiciel: Canon Utilities EOS Utility - (.Pas de propriétaire.) [HKLM][64Bits] -- EOS Utility

O42 - Logiciel: Canon Utilities PhotoStitch - (.Pas de propriétaire.) [HKLM][64Bits] -- PhotoStitch

O42 - Logiciel: Canon Utilities ZoomBrowser EX - (.Pas de propriétaire.) [HKLM][64Bits] -- ZoomBrowser EX

O42 - Logiciel: Catalogue Agricole Würth France - (.Wurth France SA.) [HKLM][64Bits] -- {418C76C2-74E1-4211-9C90-4038D01984F8}

O42 - Logiciel: Catalogue Bâtiment Würth France - (.Wurth France SA.) [HKLM][64Bits] -- {BF53A1E0-12E6-4A2D-893C-3EECCCD0E1C8}

O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {488F0347-C4A7-4374-91A7-30818BEDA710}

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Identity Card - (.Packard Bell.) [HKLM][64Bits] -- Identity Card

O42 - Logiciel: Java 6 Update 22 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216022FF}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{E64BA721-2310-4B55-BE5A-2925F9706192}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-040C-1000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0015-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0044-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Office 64-bit Components 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- PROPLUS

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0019-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {B6E3757B-5E77-3915-866A-CCFC4B8D194C}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {071c9b48-7c32-4621-a0ac-3f809523288f}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {7299052b-02a4-4627-81f2-1818da5d550d}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {4B6C7001-C7D6-3710-913E-5BC23FCE91E6}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM][64Bits] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673}

O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0020-040C-0000-0000000FF1CE}

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack

O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers

O42 - Logiciel: Nero 9 Essentials - (.Nero AG.) [HKLM][64Bits] -- {47208028-9ae2-4f5b-a898-655e0dee96b0}

O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}

O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {f4041dce-3fe1-4e18-8a9e-9de65231ee36}

O42 - Logiciel: Nero DiscSpeed - (.Nero AG.) [HKLM][64Bits] -- {869200db-287a-4dc0-b02b-2b6787fbcd4c}

O42 - Logiciel: Nero DiscSpeed Help - (.Nero AG.) [HKLM][64Bits] -- {cc019e3f-59d2-4486-8d4b-878105b62a71}

O42 - Logiciel: Nero DriveSpeed - (.Nero AG.) [HKLM][64Bits] -- {33cf58f5-48d8-4575-83d6-96f574e4d83a}

O42 - Logiciel: Nero DriveSpeed Help - (.Nero AG.) [HKLM][64Bits] -- {e5c7d048-f9b4-4219-b323-8bdb01a2563d}

O42 - Logiciel: Nero Express Help - (.Nero AG.) [HKLM][64Bits] -- {83202942-84b3-4c50-8622-b8c0aa2d2885}

O42 - Logiciel: Nero InfoTool - (.Nero AG.) [HKLM][64Bits] -- {fbcdfd61-7dcf-4e71-9226-873ba0053139}

O42 - Logiciel: Nero InfoTool Help - (.Nero AG.) [HKLM][64Bits] -- {20400dbd-e6db-45b8-9b6b-1dd7033818ec}

O42 - Logiciel: Nero Installer - (.Nero AG.) [HKLM][64Bits] -- {e8a80433-302b-4ff1-815d-fcc8eac482ff}

O42 - Logiciel: Nero Online Upgrade - (.Nero AG.) [HKLM][64Bits] -- {dba84796-8503-4ff0-af57-1747dd9a166d}

O42 - Logiciel: Nero StartSmart - (.Nero AG.) [HKLM][64Bits] -- {7748ac8c-18e3-43bb-959b-088faea16fb2}

O42 - Logiciel: Nero StartSmart Help - (.Nero AG.) [HKLM][64Bits] -- {2348b586-c9ae-46ce-936c-a68e9426e214}

O42 - Logiciel: Nero StartSmart OEM - (.Nero AG.) [HKLM][64Bits] -- {4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}

O42 - Logiciel: NeroExpress - (.Nero AG.) [HKLM][64Bits] -- {595a3116-40bb-4e0f-a2e8-d7951da56270}

O42 - Logiciel: Neuf - Kit de connexion - (.Neuf.) [HKLM][64Bits] -- Neuf_Kit

O42 - Logiciel: Norton Security Scan - (.Symantec Corporation.) [HKLM][64Bits] -- NSS

O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM][64Bits] -- {05653DE1-6567-40C6-B930-39D399B64369}

O42 - Logiciel: Pack Sécurité SFR - (.Pas de propriétaire.) [HKLM][64Bits] -- F-Secure Product 444

O42 - Logiciel: Packard Bell InfoCentre - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell InfoCentre

O42 - Logiciel: Packard Bell Recovery Management - (.Packard Bell.) [HKLM][64Bits] -- {7F811A54-5A09-4579-90E1-C93498E230D9}

O42 - Logiciel: Packard Bell Registration - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell Registration

O42 - Logiciel: Packard Bell ScreenSaver - (.Packard Bell Incorporated.) [HKLM][64Bits] -- Packard Bell Screensaver

O42 - Logiciel: Packard Bell Software Suite SE - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell Software Suite SE

O42 - Logiciel: Packard Bell Updater - (.Packard Bell.) [HKLM][64Bits] -- {EE171732-BEB4-4576-887D-CB62727F01CA}

O42 - Logiciel: Photoshop Camera Raw - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {CC75AB5C-2110-4A7F-AF52-708680D22FE8}

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2466156) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CEF209AB-F96D-404F-B5CC-44057C057CA3}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{AD0DE453-0804-4495-9C91-33D0F9AA5463}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2464583) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{151E2FEA-C3A6-4CB6-BE6B-16651FDF04BE}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2464594) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E6B7C11E-21E9-4BA0-9677-29AD603B953C}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}

O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: SmartSound Quicktracks Plugin - (.SmartSound Software Inc.) [HKLM][64Bits] -- InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}

O42 - Logiciel: Sony Picture Utility - (.Sony Corporation.) [HKLM][64Bits] -- {D5068583-D569-468B-9755-5FBF5848F46F}

O42 - Logiciel: Suite Shared Configuration CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {842B4B72-9E8F-4962-B3C1-1C422A5C4434}

O42 - Logiciel: TomTom HOME 2.7.6.2056 - (.TomTom.) [HKLM][64Bits] -- TomTom HOME

O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM][64Bits] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}

O42 - Logiciel: Trojan Killer 2.0 - (.GridinSoft, Inc..) [HKLM][64Bits] -- {8686D4FE-62EF-46FB-B9FD-00679EB381FF}_is1

O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{EE6BBE8B-DCC9-4A46-BF00-455F3C8ECE69}

O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2522999) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CC8A81F7-5A36-4DE9-ABB3-5499132062C5}

O42 - Logiciel: Usine à Préparations v1.04 - (.Pas de propriétaire.) [HKLM][64Bits] -- Usine à Préparations v1.04

O42 - Logiciel: Welcome Center - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell Welcome Center

O42 - Logiciel: WinRAR archiver - (.Pas de propriétaire.) [HKLM][64Bits] -- WinRAR archiver

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- WinLiveSuite

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM][64Bits] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}

O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {1B8ABA62-74F0-47ED-B18C-A43128E591B8}

O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM][64Bits] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}

O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM] -- {5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}

O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {DA54F80E-261C-41A2-A855-549A144F2F59}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9D56775A-93F3-44A3-8092-840E3826DE30}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {92EA4134-10D1-418A-91E1-5A0453131A38}

O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}

O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM][64Bits] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}

O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM][64Bits] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}

O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM][64Bits] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}

O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {09F56A49-A7B1-4AAB-95B9-D13094254AD1}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B9A92DA-6374-4872-B646-253F18624D5F}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM][64Bits] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}

O42 - Logiciel: Windows Movie Maker 2.6 - (.Microsoft Corporation.) [HKLM][64Bits] -- {B3DAF54F-DB25-4586-9EF1-96D24BB14088}

O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {16DDB3D1-5C27-4599-9C63-E583287191CC}

O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\AVS4YOU]

[HKCU\Software\Acer]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Software\Adobe]

[HKCU\Software\AppDataLow\Software\Google]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Apple Inc.]

[HKCU\Software\Canon]

[HKCU\Software\Classes]

[HKCU\Software\Google]

[HKCU\Software\GridinSoft]

[HKCU\Software\IM Providers]

[HKCU\Software\JavaSoft]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\Macromedia]

[HKCU\Software\MainConcept (Adobe2)]

[HKCU\Software\MainConcept]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\Nero]

[HKCU\Software\Netscape]

[HKCU\Software\Northcode Inc]

[HKCU\Software\Norton]

[HKCU\Software\ODBC]

[HKCU\Software\Oberon Media]

[HKCU\Software\OpenOffice.org]

[HKCU\Software\PhotoFiltre Studio X]

[HKCU\Software\Policies]

[HKCU\Software\Realtek]

[HKCU\Software\Sony Corporation]

[HKCU\Software\TomTom]

[HKCU\Software\Trolltech]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\Wow6432Node]

[HKLM\Software\<company>]

[HKLM\Software\ATI Technologies]

[HKLM\Software\AVS4YOU]

[HKLM\Software\AcerUtil]

[HKLM\Software\Acer]

[HKLM\Software\Adobe]

[HKLM\Software\AppDataLow]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\Audible]

[HKLM\Software\BrowserChoice]

[HKLM\Software\Canon]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Data Fellows]

[HKLM\Software\GEAR Software]

[HKLM\Software\Google]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\Macromedia]

[HKLM\Software\Macrovision]

[HKLM\Software\Minnetonka Audio Software]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\Nero]

[HKLM\Software\Neuf]

[HKLM\Software\Norton]

[HKLM\Software\ODBC]

[HKLM\Software\OEM]

[HKLM\Software\Oberon Media]

[HKLM\Software\OemSetup]

[HKLM\Software\OpenOffice.org]

[HKLM\Software\Packard Bell]

[HKLM\Software\Policies]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Roxio]

[HKLM\Software\SRS Labs]

[HKLM\Software\SmartSound Software]

[HKLM\Software\Sonic]

[HKLM\Software\Sony Corporation]

[HKLM\Software\Symantec]

[HKLM\Software\TomTom]

[HKLM\Software\Waves Audio]

[HKLM\Software\WinRAR]

[HKLM\Software\Wow6432Node]

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 27/04/2011 - 10:59:30 - [195932] ----D- C:\Program Files\Bonjour

O43 - CFD: 27/04/2011 - 10:59:42 - [85244036] ----D- C:\Program Files\Common Files

O43 - CFD: 23/01/2010 - 20:59:52 - [90257428] ----D- C:\Program Files\DVD Maker

O43 - CFD: 15/04/2010 - 15:48:58 - [0] -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 28/10/2009 - 22:02:16 - [1931968] ----D- C:\Program Files\Google

O43 - CFD: 14/04/2011 - 22:06:16 - [5174813] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 27/04/2011 - 11:03:36 - [1939563] ----D- C:\Program Files\iPod

O43 - CFD: 27/04/2011 - 11:04:04 - [2345448] ----D- C:\Program Files\iTunes

O43 - CFD: 14/07/2009 - 09:45:56 - [148930098] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 18/04/2010 - 11:03:06 - [594846] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files\MSBuild

O43 - CFD: 28/10/2009 - 22:13:02 - [17444662] ----D- C:\Program Files\Packard Bell

O43 - CFD: 15/04/2010 - 15:49:28 - [245637] ----D- C:\Program Files\PB Accessory Store

O43 - CFD: 28/10/2009 - 21:38:22 - [12164256] ----D- C:\Program Files\Realtek

O43 - CFD: 14/07/2009 - 07:32:40 - [36253865] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 14/07/2009 - 07:09:28 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 23/01/2010 - 20:59:52 - [4039168] ----D- C:\Program Files\Windows Defender

O43 - CFD: 23/01/2010 - 20:59:52 - [9224824] ----D- C:\Program Files\Windows Journal

O43 - CFD: 07/12/2010 - 22:23:14 - [43896] ----D- C:\Program Files\Windows Live

O43 - CFD: 16/12/2010 - 09:38:30 - [6667264] ----D- C:\Program Files\Windows Mail

O43 - CFD: 14/10/2010 - 17:01:18 - [7687085] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 15/04/2010 - 15:48:58 - [12627124] ----D- C:\Program Files\Windows NT

O43 - CFD: 23/01/2010 - 20:59:52 - [5516568] ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 14/07/2009 - 07:32:40 - [235008] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 23/01/2010 - 20:59:52 - [7159495] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 28/05/2010 - 12:54:12 - [0] ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 27/04/2011 - 10:59:42 - [6246981] ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 23/03/2011 - 16:51:08 - [66375614] ----D- C:\Program Files\Common Files\Microsoft Shared

O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 14/07/2009 - 05:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 23/01/2010 - 20:59:52 - [12009971] ----D- C:\Program Files\Common Files\System

O43 - CFD: 09/05/2011 - 14:06:10 - [405152846] --H-D- C:\ProgramData\Adobe

O43 - CFD: 09/05/2011 - 14:06:12 - [47300133] --H-D- C:\ProgramData\Apple

O43 - CFD: 09/05/2011 - 14:06:12 - [67464773] --H-D- C:\ProgramData\Apple Computer

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 01/06/2010 - 17:35:40 - [0] --H-D- C:\ProgramData\AVS4YOU

O43 - CFD: 15/04/2010 - 15:48:58 - [0] -SH-D- C:\ProgramData\Bureau

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 29/05/2010 - 17:38:04 - [360580] --H-D- C:\ProgramData\eSellerate

O43 - CFD: 09/05/2011 - 14:38:42 - [1557879] --H-D- C:\ProgramData\f-secure

O43 - CFD: 15/04/2010 - 15:48:58 - [0] -SH-D- C:\ProgramData\Favoris

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 09/05/2011 - 14:07:16 - [34894] --H-D- C:\ProgramData\FLEXnet

O43 - CFD: 09/05/2011 - 14:37:38 - [111938] --H-D- C:\ProgramData\fssg

O43 - CFD: 09/05/2011 - 14:06:12 - [522259] --H-D- C:\ProgramData\Google

O43 - CFD: 29/05/2010 - 17:40:44 - [0] --H-D- C:\ProgramData\InstallShield

O43 - CFD: 15/04/2010 - 15:48:58 - [0] -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 09/05/2011 - 14:07:16 - [179605999] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 14/04/2011 - 21:21:00 - [123674] ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 15/04/2010 - 15:48:58 - [0] -SH-D- C:\ProgramData\Modèles

O43 - CFD: 09/05/2011 - 14:06:12 - [11378166] --H-D- C:\ProgramData\Nero

O43 - CFD: 09/05/2011 - 14:06:12 - [3482] --H-D- C:\ProgramData\Norton

O43 - CFD: 28/10/2009 - 22:09:46 - [10109050] --H-D- C:\ProgramData\NortonInstaller

O43 - CFD: 23/01/2010 - 12:15:34 - [253500] --H-D- C:\ProgramData\NVIDIA

O43 - CFD: 09/05/2011 - 14:06:12 - [5047] --H-D- C:\ProgramData\OEM

O43 - CFD: 09/05/2011 - 14:06:12 - [725058] --H-D- C:\ProgramData\Packard Bell

O43 - CFD: 06/05/2010 - 19:00:18 - [1675] --H-D- C:\ProgramData\Partner

O43 - CFD: 15/04/2010 - 21:06:24 - [0] --H-D- C:\ProgramData\PlayFirst

O43 - CFD: 29/05/2010 - 17:50:48 - [19649] --H-D- C:\ProgramData\Roxio

O43 - CFD: 25/05/2010 - 13:54:32 - [520708839] --H-D- C:\ProgramData\SmartSound Software Inc

O43 - CFD: 29/05/2010 - 17:42:38 - [62714] --H-D- C:\ProgramData\Sonic

O43 - CFD: 01/06/2010 - 12:50:24 - [192] --H-D- C:\ProgramData\Sony Corporation

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 23/03/2011 - 16:54:12 - [119] --H-D- C:\ProgramData\Sun

O43 - CFD: 09/05/2011 - 14:06:12 - [278896009] --H-D- C:\ProgramData\Symantec

O43 - CFD: 15/04/2010 - 21:38:52 - [0] --HAD- C:\ProgramData\TEMP

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 30/08/2010 - 10:28:36 - [36664] --H-D- C:\ProgramData\TomTom

O43 - CFD: 09/05/2011 - 14:06:12 - [5331440] --H-D- C:\ProgramData\Uninstall

O43 - CFD: 01/06/2010 - 17:55:08 - [0] --H-D- C:\ProgramData\ZoomBrowser

O43 - CFD: 16/04/2010 - 22:06:50 - [0] -SH-D- C:\Users\Christelle Frantxua\AppData\Roaming\.#

O43 - CFD: 09/05/2011 - 14:06:28 - [404374823] --H-D- C:\Users\Christelle Frantxua\AppData\Roaming\Adobe

O43 - CFD: 27/04/2011 - 11:05:06 - [5934254] --H-D- C:\Users\Christelle Frantxua\AppData\Roaming\Apple Computer

O43 - CFD: 01/06/2010 - 17:35:38 - [0] --H-D- C:\Users\Christelle Frantxua\AppData\Roaming\AVS4YOU

O43 - CFD: 15/04/2010 - 15:52:10 - [102] --H-D- C:\Users\Christelle Frantxua\AppData\Roaming\Google

O43 - CFD: 01/06/2010 - 20:04:46 - [45] --H-D- C:\Users\Christelle Frantxua\AppData\Roaming\Identities

O43 - CFD: 01/06/2010 - 12:49:56 - [0] --H-D- C:\Users\Christelle Frantxua\AppData\Roaming\InstallShield

O43 - CFD: 09/05/2011 - 14:06:28 - [136681] --H-D- C:\Users\Christelle Frantxua\AppData\Roaming\Macromedia

O43 - CFD: 14/07/2009 - 09:44:40 - [0] --H-D- C:\Users\Christelle Frantxua\AppData\Roaming\Media Center Programs

O43 - CFD: 09/05/2011 - 14:07:20 - [24377662] -S--D- C:\Users\Christelle Frantxua\AppData\Roaming\Microsoft

O43 - CFD: 30/08/2010 - 10:28:22 - [0] --H-D- C:\Users\Christelle Frantxua\AppData\Roaming\Mozilla

O43 - CFD: 15/04/2010 - 16:35:04 - [79208] --H-D- C:\Users\Christelle Frantxua\AppData\Roaming\Nero

O43 - CFD: 25/05/2010 - 13:58:48 - [62] --H-D- C:\Users\Christelle Frantxua\AppData\Roaming\No Company Name

O43 - CFD: 09/05/2011 - 14:06:28 - [1536529] --H-D- C:\Users\Christelle Frantxua\AppData\Roaming\OpenOffice.org

O43 - CFD: 09/05/2011 - 14:07:20 - [422] --H-D- C:\Users\Christelle Frantxua\AppData\Roaming\PhotoFiltre Studio X

O43 - CFD: 15/04/2010 - 21:06:24 - [2392] --H-D- C:\Users\Christelle Frantxua\AppData\Roaming\PlayFirst

O43 - CFD: 01/06/2010 - 13:00:06 - [29783] --H-D- C:\Users\Christelle Frantxua\AppData\Roaming\Sony Corporation

O43 - CFD: 09/05/2011 - 14:06:30 - [8223132] --H-D- C:\Users\Christelle Frantxua\AppData\Roaming\TomTom

O43 - CFD: 09/12/2010 - 22:17:48 - [0] --H-D- C:\Users\Christelle Frantxua\AppData\Roaming\Windows Live Writer

O43 - CFD: 27/05/2010 - 17:55:50 - [12] --H-D- C:\Users\Christelle Frantxua\AppData\Roaming\WinRAR

O43 - CFD: 01/06/2010 - 18:00:02 - [0] --H-D- C:\Users\Christelle Frantxua\AppData\Roaming\ZoomBrowser EX

O43 - CFD: 09/05/2011 - 14:06:12 - [308143329] --H-D- C:\Users\Christelle Frantxua\Appdata\Local\Adobe

O43 - CFD: 15/06/2010 - 20:50:24 - [0] --H-D- C:\Users\Christelle Frantxua\Appdata\Local\Apple

O43 - CFD: 27/04/2011 - 11:04:18 - [7372779] --H-D- C:\Users\Christelle Frantxua\Appdata\Local\Apple Computer

O43 - CFD: 15/04/2010 - 15:49:10 - [0] -SH-D- C:\Users\Christelle Frantxua\Appdata\Local\Application Data

O43 - CFD: 04/03/2011 - 18:36:14 - [490031] --H-D- C:\Users\Christelle Frantxua\Appdata\Local\Diagnostics

O43 - CFD: 25/05/2010 - 12:59:20 - [0] ----D- C:\Users\Christelle Frantxua\Appdata\Local\ElevatedDiagnostics

O43 - CFD: 15/04/2010 - 16:07:52 - [163804] --H-D- C:\Users\Christelle Frantxua\Appdata\Local\Google

O43 - CFD: 15/04/2010 - 15:49:10 - [0] -SH-D- C:\Users\Christelle Frantxua\Appdata\Local\Historique

O43 - CFD: 09/05/2011 - 14:06:14 - [714019673] --H-D- C:\Users\Christelle Frantxua\Appdata\Local\Microsoft

O43 - CFD: 09/05/2011 - 14:06:14 - [1759438] --H-D- C:\Users\Christelle Frantxua\Appdata\Local\Microsoft Games

O43 - CFD: 09/05/2011 - 14:07:16 - [407176] --H-D- C:\Users\Christelle Frantxua\Appdata\Local\Microsoft Help

O43 - CFD: 09/05/2011 - 16:17:30 - [72072685] --H-D- C:\Users\Christelle Frantxua\Appdata\Local\Temp

O43 - CFD: 15/04/2010 - 15:49:10 - [0] -SH-D- C:\Users\Christelle Frantxua\Appdata\Local\Temporary Internet Files

O43 - CFD: 09/05/2011 - 14:06:26 - [2066461] --H-D- C:\Users\Christelle Frantxua\Appdata\Local\TomTom

O43 - CFD: 16/07/2010 - 11:02:26 - [423632820] --H-D- C:\Users\Christelle Frantxua\Appdata\Local\VirtualStore

O43 - CFD: 24/03/2011 - 22:50:08 - [65536] --H-D- C:\Users\Christelle Frantxua\Appdata\Local\Windows Live

O43 - CFD: 09/12/2010 - 22:17:56 - [372494] --H-D- C:\Users\Christelle Frantxua\Appdata\Local\Windows Live Writer

O43 - CFD: 30/12/2010 - 00:02:12 - [0] --H-D- C:\Users\Christelle Frantxua\Appdata\Local\WMTools Downloaded Files

O43 - CFD: 28/05/2010 - 12:57:00 - [2989914865] ----D- C:\Program Files (x86)\Adobe

O43 - CFD: 27/04/2011 - 11:00:34 - [2306366] ----D- C:\Program Files (x86)\Apple Software Update

O43 - CFD: 01/06/2010 - 17:47:04 - [0] ----D- C:\Program Files (x86)\AVS4YOU

O43 - CFD: 27/04/2011 - 10:59:30 - [621252] ----D- C:\Program Files (x86)\Bonjour

O43 - CFD: 01/06/2010 - 17:55:24 - [120136183] ----D- C:\Program Files (x86)\Canon

O43 - CFD: 23/03/2011 - 16:54:12 - [1534544979] ----D- C:\Program Files (x86)\Common Files

O43 - CFD: 15/04/2010 - 15:56:56 - [22120566] ----D- C:\Program Files (x86)\Google

O43 - CFD: 09/05/2011 - 15:32:44 - [28502362] ----D- C:\Program Files (x86)\GridinSoft Trojan Killer

O43 - CFD: 01/06/2010 - 12:58:22 - [45523462] --H-D- C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 14/04/2011 - 22:06:18 - [5600827] ----D- C:\Program Files (x86)\Internet Explorer

O43 - CFD: 27/04/2011 - 11:04:04 - [126362384] ----D- C:\Program Files (x86)\iTunes

O43 - CFD: 23/03/2011 - 16:53:50 - [91618219] ----D- C:\Program Files (x86)\Java

O43 - CFD: 18/04/2010 - 11:05:14 - [580333674] ----D- C:\Program Files (x86)\Microsoft Office

O43 - CFD: 21/04/2011 - 17:15:22 - [38388859] ----D- C:\Program Files (x86)\Microsoft Silverlight

O43 - CFD: 23/01/2010 - 12:23:20 - [1829877] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

O43 - CFD: 18/04/2010 - 11:05:14 - [14904] ----D- C:\Program Files (x86)\Microsoft Visual Studio

O43 - CFD: 18/04/2010 - 11:03:02 - [1387249] ----D- C:\Program Files (x86)\Microsoft Visual Studio 8

O43 - CFD: 16/12/2010 - 01:20:30 - [146453974] ----D- C:\Program Files (x86)\Microsoft Works

O43 - CFD: 07/12/2010 - 22:36:32 - [8167779] ----D- C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 22/04/2010 - 11:09:00 - [7455100] ----D- C:\Program Files (x86)\Movie Maker

O43 - CFD: 06/05/2010 - 17:30:50 - [9338826] ----D- C:\Program Files (x86)\Movie Maker 2.6

O43 - CFD: 18/04/2010 - 11:05:18 - [26521] ----D- C:\Program Files (x86)\MSBuild

O43 - CFD: 17/04/2010 - 14:42:04 - [0] ----D- C:\Program Files (x86)\MSXML 4.0

O43 - CFD: 28/10/2009 - 22:04:54 - [420637109] ----D- C:\Program Files (x86)\Nero

O43 - CFD: 15/04/2010 - 16:04:14 - [13032265] ----D- C:\Program Files (x86)\Neuf

O43 - CFD: 07/05/2010 - 22:04:18 - [12505304] ----D- C:\Program Files (x86)\Norton Security Scan

O43 - CFD: 07/05/2010 - 22:04:16 - [8446147] ----D- C:\Program Files (x86)\NortonInstaller

O43 - CFD: 23/03/2011 - 16:54:42 - [370627138] ----D- C:\Program Files (x86)\OpenOffice.org 3

O43 - CFD: 18/04/2010 - 10:55:24 - [70598093] ----D- C:\Program Files (x86)\Packard Bell

O43 - CFD: 27/04/2011 - 11:02:54 - [76322555] ----D- C:\Program Files (x86)\QuickTime

O43 - CFD: 28/10/2009 - 21:38:14 - [3357289] ----D- C:\Program Files (x86)\Realtek

O43 - CFD: 14/07/2009 - 07:32:40 - [38597377] ----D- C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 29/05/2010 - 17:51:12 - [10257] ----D- C:\Program Files (x86)\Roxio Creator 2009

O43 - CFD: 09/05/2011 - 14:38:08 - [824917040] ----D- C:\Program Files (x86)\SFR

O43 - CFD: 29/05/2010 - 17:38:04 - [7483174] ----D- C:\Program Files (x86)\SmartSound Software

O43 - CFD: 01/06/2010 - 12:50:56 - [90803198] ----D- C:\Program Files (x86)\Sony

O43 - CFD: 28/10/2009 - 21:38:26 - [0] --H-D- C:\Program Files (x86)\Temp

O43 - CFD: 30/08/2010 - 10:27:04 - [0] ----D- C:\Program Files (x86)\TomTom DesktopSuite

O43 - CFD: 30/08/2010 - 10:28:04 - [50448426] ----D- C:\Program Files (x86)\TomTom HOME 2

O43 - CFD: 30/08/2010 - 10:28:18 - [22486] ----D- C:\Program Files (x86)\TomTom International B.V

O43 - CFD: 14/07/2009 - 06:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information

O43 - CFD: 23/01/2010 - 20:59:52 - [524800] ----D- C:\Program Files (x86)\Windows Defender

O43 - CFD: 30/03/2011 - 14:27:44 - [146221717] ----D- C:\Program Files (x86)\Windows Live

O43 - CFD: 16/12/2010 - 09:38:30 - [6180864] ----D- C:\Program Files (x86)\Windows Mail

O43 - CFD: 14/10/2010 - 17:01:18 - [5024017] ----D- C:\Program Files (x86)\Windows Media Player

O43 - CFD: 14/07/2009 - 07:32:40 - [12197556] ----D- C:\Program Files (x86)\Windows NT

O43 - CFD: 23/01/2010 - 20:59:52 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 14/07/2009 - 07:32:42 - [189440] ----D- C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 23/01/2010 - 20:59:52 - [5994114] ----D- C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 27/05/2010 - 17:54:54 - [3728162] ----D- C:\Program Files (x86)\WinRAR

O43 - CFD: 08/10/2010 - 10:01:22 - [844038038] ----D- C:\Program Files (x86)\Wurth

O43 - CFD: 09/05/2011 - 16:18:12 - [3807851] ----D- C:\Program Files (x86)\ZHPDiag

O43 - CFD: 28/05/2010 - 12:56:30 - [748142283] ----D- C:\Program Files (x86)\Common Files\Adobe

O43 - CFD: 28/05/2010 - 12:46:22 - [32158176] ----D- C:\Program Files (x86)\Common Files\Adobe AIR

O43 - CFD: 27/04/2011 - 11:03:36 - [86139244] ----D- C:\Program Files (x86)\Common Files\Apple

O43 - CFD: 01/06/2010 - 17:35:30 - [0] ----D- C:\Program Files (x86)\Common Files\AVSMedia

O43 - CFD: 01/06/2010 - 17:55:00 - [770048] ----D- C:\Program Files (x86)\Common Files\Canon

O43 - CFD: 18/04/2010 - 11:05:14 - [92976] ----D- C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 29/05/2010 - 17:39:20 - [6762452] ----D- C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 23/03/2011 - 16:54:12 - [1243079] ----D- C:\Program Files (x86)\Common Files\Java

O43 - CFD: 23/01/2010 - 12:20:36 - [867489] ----D- C:\Program Files (x86)\Common Files\Macrovision Shared

O43 - CFD: 07/12/2010 - 22:23:04 - [258134219] ----D- C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 28/10/2009 - 22:06:16 - [121568033] ----D- C:\Program Files (x86)\Common Files\Nero

O43 - CFD: 28/10/2009 - 21:44:50 - [354896] ----D- C:\Program Files (x86)\Common Files\Oberon Media

O43 - CFD: 29/05/2010 - 17:42:22 - [4325200] ----D- C:\Program Files (x86)\Common Files\PX Storage Engine

O43 - CFD: 29/05/2010 - 17:51:20 - [239317] ----D- C:\Program Files (x86)\Common Files\Roxio Shared

O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files (x86)\Common Files\Services

O43 - CFD: 29/05/2010 - 17:51:06 - [339523] ----D- C:\Program Files (x86)\Common Files\Sonic Shared

O43 - CFD: 14/07/2009 - 05:20:10 - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 07/12/2010 - 22:26:54 - [0] ----D- C:\Program Files (x86)\Common Files\Symantec Shared

O43 - CFD: 19/04/2010 - 10:11:06 - [44164583] ----D- C:\Program Files (x86)\Common Files\System

O43 - CFD: 23/01/2010 - 12:21:16 - [187360362] ----D- C:\Program Files (x86)\Common Files\Windows Live

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.366C456675477EA0D5B3197CFC36EDC5] - 09/05/2011 - 15:16:35 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [9920]

O44 - LFC:[MD5.366C456675477EA0D5B3197CFC36EDC5] - 09/05/2011 - 15:16:35 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [9920]

O44 - LFC:[MD5.DB5D51426FBE7679E668CD5749703A10] - 09/05/2011 - 15:12:39 ---A- . (...) -- C:\TDSSKiller.2.5.0.0_09.05.2011_16.11.47_log.txt [124730]

O44 - LFC:[MD5.3E0000000000000000000000A0EF1800] - 09/05/2011 - 15:12:38 --HA- . (...) -- C:\Windows\WindowsUpdate.log [1311053]

O44 - LFC:[MD5.D5205EBD5250BACB6C9C4BF1B019EDE4] - 09/05/2011 - 15:09:22 ---A- . (...) -- C:\Windows\setupact.log [87258]

O44 - LFC:[MD5.2E8DF85C8F4258B8C89BC6940CE8C04A] - 09/05/2011 - 15:09:19 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.FDD4EED1A1A3604E83277EA7DBEDFFC0] - 09/05/2011 - 14:34:31 ---A- . (...) -- C:\Windows\PFRO.log [314598]

O44 - LFC:[MD5.0EFA27633FD8364BF9D07403C13D5226] - 09/05/2011 - 14:15:26 --HA- . (...) -- C:\Windows\ih8.config.xml.log [102865]

O44 - LFC:[MD5.B5147EE5E3C623A147147178A64934FE] - 09/05/2011 - 14:12:56 --HA- . (...) -- C:\Windows\fshfcntl.log [49762]

O44 - LFC:[MD5.169A29443D64B47016CEE69E641121F7] - 09/05/2011 - 14:12:56 --HA- . (...) -- C:\Windows\ih8.hotfix.xml.log [17923]

O44 - LFC:[MD5.355B7BD28A7764D06B9CD62B35844A2C] - 09/05/2011 - 14:10:56 --HA- . (...) -- C:\Windows\fsiuupd.log [10695]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/05/2011 - 14:10:40 --HA- . (...) -- C:\Windows\fsiugeneric.log [0]

O44 - LFC:[MD5.3DD5080D68233CA3FAFCE84E09E2CBE1] - 09/05/2011 - 13:39:27 --HA- . (...) -- C:\Windows\fsinstaller.log [70594]

O44 - LFC:[MD5.127FEA2230916454DCA1B8F2D92017FE] - 09/05/2011 - 13:39:24 --HA- . (...) -- C:\Windows\FSISU.log [7199050]

O44 - LFC:[MD5.842713FD3B165EE9F8BEDD72CEB3BCC3] - 09/05/2011 - 13:39:24 --HA- . (...) -- C:\Windows\FSPROD.log [249612]

O44 - LFC:[MD5.E8842693407696A51872FE13AADF73CB] - 09/05/2011 - 13:39:24 --HA- . (...) -- C:\Windows\FSSETUP.log [1418544]

O44 - LFC:[MD5.0AC53955E709E4988C16E51E164E6BB6] - 09/05/2011 - 13:39:24 --HA- . (...) -- C:\Windows\FSSFM.log [2062783]

O44 - LFC:[MD5.A2077B7A96A305012ACE8AB244216DAC] - 09/05/2011 - 13:39:24 --HA- . (...) -- C:\Windows\RunSetup.log [216882]

O44 - LFC:[MD5.09E94878E7DD2A60C101AC3459316ECF] - 09/05/2011 - 13:39:23 --HA- . (...) -- C:\Windows\DAASINST.LOG [2336]

O44 - LFC:[MD5.12CEC0AE53ECE6EDF1DBB163204F1F62] - 09/05/2011 - 13:39:23 --HA- . (...) -- C:\Windows\FSASWINS.LOG [5647]

O44 - LFC:[MD5.4C79535C07F3330EED4EC5D757CAFA2A] - 09/05/2011 - 13:39:23 --HA- . (...) -- C:\Windows\FSAVCSIN.LOG [10253]

O44 - LFC:[MD5.A5DBD581F87041A6940200A9F9065243] - 09/05/2011 - 13:39:23 --HA- . (...) -- C:\Windows\FSGKIAIN.log [4377]

O44 - LFC:[MD5.873374576475213D6829146466B559CF] - 09/05/2011 - 13:39:23 --HA- . (...) -- C:\Windows\FSGUIINS.LOG [20713]

O44 - LFC:[MD5.95727D154EA1DC1938F86257D6BD6A17] - 09/05/2011 - 13:39:23 --HA- . (...) -- C:\Windows\FSGemini.LOG [3722]

O44 - LFC:[MD5.E5699192BEEEAA64A09E6F7521EF5720] - 09/05/2011 - 13:39:23 --HA- . (...) -- C:\Windows\FSLDIN.LOG [1869]

O44 - LFC:[MD5.851F7DA87DC73993DB3B3DF229FA992A] - 09/05/2011 - 13:39:23 --HA- . (...) -- C:\Windows\FSPSINST.LOG [6656]

O44 - LFC:[MD5.6CE6501D3F3E6D03BCCC79FC47755A4A] - 09/05/2011 - 13:39:23 --HA- . (...) -- C:\Windows\FSSCINST.log [6409]

O44 - LFC:[MD5.8700D85E71E0C37BAD035FF3F325F1C4] - 09/05/2011 - 13:39:23 --HA- . (...) -- C:\Windows\FSSSINST.log [18784]

O44 - LFC:[MD5.1BBC8C5BD1AC59D292EE8710107CEAB3] - 09/05/2011 - 13:39:23 --HA- . (...) -- C:\Windows\FSSYSUPD.LOG [9576]

O44 - LFC:[MD5.53146C1DFF8151BF2776393973768ED8] - 09/05/2011 - 13:39:23 --HA- . (...) -- C:\Windows\HELPINST.LOG [5786]

O44 - LFC:[MD5.1F1DE6CF94EB30D31025A93793D06081] - 09/05/2011 - 13:39:23 --HA- . (...) -- C:\Windows\fsauains.LOG [100450]

O44 - LFC:[MD5.F6541153596713D57206FE7F558C10FA] - 09/05/2011 - 13:39:23 --HA- . (...) -- C:\Windows\fsavunin.log [6540]

O44 - LFC:[MD5.607960C6DF477767168C707B0D4D3EBC] - 09/05/2011 - 13:39:23 --HA- . (...) -- C:\Windows\fsmainst.log [23574]

O44 - LFC:[MD5.C83072A6032C7D06283183B70C392672] - 09/05/2011 - 13:39:22 --HA- . (...) -- C:\Windows\fsdginst.log [2093]

O44 - LFC:[MD5.848B8FF7CCB677A4D6610B1A94B278F3] - 09/05/2011 - 13:39:22 --HA- . (...) -- C:\Windows\fsgadget.log [723]

O44 - LFC:[MD5.24758B1617D18EFECBD032958CCDB5C5] - 09/05/2011 - 13:39:21 --HA- . (...) -- C:\Windows\fsav_db_setup.log [631]

O44 - LFC:[MD5.3C43F2C263BEE7A68DA7FAB184E7E386] - 09/05/2011 - 13:39:17 --HA- . (...) -- C:\Windows\fwesinst.log [24108]

O44 - LFC:[MD5.F1FCD4053D0813CE9DB75ED10647F2FD] - 09/05/2011 - 13:39:14 --HA- . (...) -- C:\Windows\fstnbins.LOG [79518]

O44 - LFC:[MD5.8608D9AFE28D3B3A1858608DF1AE1DDF] - 09/05/2011 - 13:39:12 --HA- . (...) -- C:\Windows\FSAVINST.LOG [51461]

O44 - LFC:[MD5.EB0AF0BEFFD830567305C676C0121AB5] - 09/05/2011 - 13:39:12 --HA- . (...) -- C:\Windows\fwinst.log [16762]

O44 - LFC:[MD5.62A984BDD0F280143EA519D3E549271C] - 09/05/2011 - 13:38:56 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [111378]

O44 - LFC:[MD5.54E6DA6F94C763FBCD198FCCA2B8F397] - 09/05/2011 - 13:38:56 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [135872]

O44 - LFC:[MD5.8FA76D7C84526D510EB4A7C9DD394DBA] - 09/05/2011 - 13:38:56 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [627080]

O44 - LFC:[MD5.1EC927ABE630A3FA5B8D88CB9A64C0BC] - 09/05/2011 - 13:38:56 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [715742]

O44 - LFC:[MD5.58DA7863B6E3BC1B5425FA512064354E] - 09/05/2011 - 13:38:56 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1606322]

O44 - LFC:[MD5.1DFB6E48CCDC3814B66FC338880F84D8] - 09/05/2011 - 13:38:05 --HA- . (...) -- C:\Windows\FSDEPH.log [491343]

O44 - LFC:[MD5.C72F9C07C7EDC0406711686CA4F8790D] - 09/05/2011 - 13:37:45 --HA- . (...) -- C:\Windows\preconfig.log [28959]

O44 - LFC:[MD5.EB1A1D005B16BED5CD59D87D2FF591BF] - 09/05/2011 - 13:37:42 --HA- . (...) -- C:\Windows\FSPRODRM.LOG [5708]

O44 - LFC:[MD5.362A26CEB55BB95E23B5079715F241C5] - 09/05/2011 - 13:37:42 --HA- . (...) -- C:\Windows\fssgpex.LOG [3372473]

O44 - LFC:[MD5.4881E995CA6CC55C845AC4B2C325B9EF] - 09/05/2011 - 13:37:42 --HA- . (...) -- C:\Windows\ih8.fssg.xml.log [11513]

O44 - LFC:[MD5.323B3189DF4DF19E3C44002CD64AB200] - 09/05/2011 - 13:37:41 --HA- . (...) -- C:\Windows\FSAUASUB.LOG [458]

O44 - LFC:[MD5.5BCDC35988CA128F2D594918899FF136] - 09/05/2011 - 13:36:24 --HA- . (...) -- C:\Windows\CSCOZARM.LOG [421]

O44 - LFC:[MD5.3CC358E4279C2934A8C46F928E515A4E] - 09/05/2011 - 13:35:02 --HA- . (...) -- C:\Windows\fswil.log [1441]

O44 - LFC:[MD5.BF80060DCB1F3F85A82BED054A49AF1B] - 09/05/2011 - 13:34:50 --HA- . (...) -- C:\Windows\fsihcomptest.log [197]

O44 - LFC:[MD5.9378C8D49C1B74FFEE97522B2C2752CE] - 09/05/2011 - 13:34:48 --HA- . (...) -- C:\Windows\Q-Klez.log [1862]

O44 - LFC:[MD5.58DA7863B6E3BC1B5425FA512064354E] - 29/04/2011 - 16:55:35 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1562454]

O44 - LFC:[MD5.AC0612BEB517CACF463E1F5EE76E52FD] - 27/04/2011 - 10:04:04 ---A- . (.GEAR Software Inc. - GEARAspi (x64).) -- C:\Windows\SysNative\GEARAspi64.dll [126312]

O44 - LFC:[MD5.294929FC9D9BAABCFD6CBFFF73ECC09F] - 14/04/2011 - 21:08:07 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [3062128]

O44 - LFC:[MD5.8BD25A34DA5E53AE115977DD1E15AB3C] - 14/04/2011 - 15:58:58 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\SysNative\atmlib.dll [46080]

O44 - LFC:[MD5.8BD25A34DA5E53AE115977DD1E15AB3C] - 14/04/2011 - 15:58:58 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [34304]

O44 - LFC:[MD5.EFC5353E4F513DEF55ED7B7872363957] - 14/04/2011 - 15:58:58 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\SysNative\atmfd.dll [367104]

O44 - LFC:[MD5.EFC5353E4F513DEF55ED7B7872363957] - 14/04/2011 - 15:58:58 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [294912]

 

 

 

---\\ MountPoints2 Shell Key (O51)

O51 - MPSK:{acb53bc4-48bf-11df-be2b-4487fc469608}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- J:\LaunchU3.exe (.not file.)

 

 

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

 

 

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]

O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]

O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]

O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]

O58 - SDL:[MD5.EC7EBAB00A4D8448BAB68D1E49B4BEB9] - 11/03/2011 - 07:22:41 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904]

O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]

O58 - SDL:[MD5.DB27766102C7BF7E95140A2AA81D042E] - 11/03/2011 - 07:22:40 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008]

O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]

O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]

O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]

O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]

O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]

O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]

O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]

O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]

O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]

O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]

O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]

O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]

O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]

O58 - SDL:[MD5.F68D7041A3A6F4707237891D476DD412] - 18/11/2009 - 17:07:30 ---A- . (.F-Secure Corporation - F-Secure Internet Shield Driver.) -- C:\Windows\system32\drivers\fsdfw.sys [94024]

O58 - SDL:[MD5.06C487127857CA7DD0BB6051D454DD90] - 09/05/2011 - 14:10:06 ---A- . (.F-Secure Corporation - F-Secure Email Interceptor.) -- C:\Windows\system32\drivers\fses.sys [50384]

O58 - SDL:[MD5.E403AACF8C7BB11375122D2464560311] - 18/05/2009 - 12:17:08 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [34152]

O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]

O58 - SDL:[MD5.0886D440058F203EBA0E1825E4355914] - 14/07/2009 - 02:47:48 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [77888]

O58 - SDL:[MD5.B75E45C564E944A2657167D197AB29DA] - 11/03/2011 - 07:23:00 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496]

O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]

O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752]

O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560]

O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]

O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776]

O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]

O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]

O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]

O58 - SDL:[MD5.AD37248BD442D41C9A896E53EB8A85EE] - 21/08/2009 - 21:24:04 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\system32\drivers\nvhda64v.sys [84512]

O58 - SDL:[MD5.34B73206AFAFD49E9E8B98661CC92176] - 19/09/2009 - 11:01:36 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 191.03.) -- C:\Windows\system32\drivers\nvlddmkm.sys [11291880]

O58 - SDL:[MD5.A85B4F2EF3A7304A5399EF0526423040] - 10/06/2009 - 21:35:35 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\system32\drivers\nvm62x64.sys [408960]

O58 - SDL:[MD5.9C3024E48DB4C98E50AF7D8B72D0EF89] - 19/05/2009 - 09:19:38 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\system32\drivers\nvmf6264.sys [339360]

O58 - SDL:[MD5.A4D9C9A608A97F59307C2F2600EDC6A4] - 11/03/2011 - 07:23:06 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352]

O58 - SDL:[MD5.6C1D5F70E7A6A3FD1C90D840EDC048B9] - 11/03/2011 - 07:23:06 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272]

O58 - SDL:[MD5.21F5DEB068FB75F1B80044212914E3BB] - 07/10/2009 - 07:33:36 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor64.sys [241768]

O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]

O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]

O58 - SDL:[MD5.BC64B75E8E0A0B8982AB773483164E72] - 20/07/2009 - 11:52:38 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [1831968]

O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]

O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]

O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]

O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]

O58 - SDL:[MD5.54D4B48D443E7228BF64CF7CDC3118AC] - 18/02/2011 - 15:36:58 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl64.sys [51712]

O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]

O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]

O58 - SDL:[MD5.0E3E5D0486C4E2128B9F0E1C2FD410C4] - 09/05/2011 - 14:06:47 ---A- . (...) -- C:\Windows\SysWOW64\drivers\fsbts.sys [42664]

 

 

 

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM][64Bits] -- ZHPDiag_is1

 

 

 

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(...) - LEGACY_BEEP

O64 - Services: CurCS - (.not file.) - Symantec Eraser Control driver (eeCtrl) .(...) - LEGACY_EECTRL

O64 - Services: CurCS - C:\Program Files (x86)\SFR\Pack Sécurité\Anti-Virus\minifilter\fsgk.sys - F-Secure Gatekeeper (F-Secure Gatekeeper) .(...) - LEGACY_F-SECURE_GATEKEEPER

O64 - Services: CurCS - 18/11/2009 - C:\Program Files (x86)\SFR\Pack Sécurité\HIPS\drivers\fshs.sys - F-Secure HIPS Driver(F-Secure HIPS) .(.F-Secure Corporation - HIPS 64-bit kernel module.) - LEGACY_F-SECURE_HIPS

O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(...) - LEGACY_FASTFAT

O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\drivers\fses.sys - F-Secure Email Scanning Driver(FSES) .(.F-Secure Corporation - F-Secure Email Interceptor.) - LEGACY_FSES

O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\drivers\fsdfw.sys - F-Secure Firewall Driver(FSFW) .(.F-Secure Corporation - F-Secure Internet Shield Driver.) - LEGACY_FSFW

O64 - Services: CurCS - C:\Program Files (x86)\SFR\Pack Sécurité\Anti-Virus\minifilter\fsvista.sys - F-Secure Vista Support Driver (fsvista) .(...) - LEGACY_FSVISTA

O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC

O64 - Services: CurCS - (.not file.) - klmd25 (klmd25) .(...) - LEGACY_KLMD25

O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY

O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(...) - LEGACY_NTFS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL

O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(...) - LEGACY_SECDRV

O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR

 

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] {0633EE93-1111-472f-A0FF-E1416B8B2EAA} - (Search) - pucuy.com

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} [DefaultScope] - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - Google

 

 

 

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.1337034BD156A48839F4296D2C5AB917] [sPRF] (.ArcSoft Inc. - checkactivate.) -- C:\Users\Christelle Frantxua\AppData\Local\masqcsm0.dll [118784]

[MD5.B310EC0DB7A128C8A8E57296C7F99EE5] [sPRF] (.iT Systems - Protection Ware.) -- C:\Users\Christelle Frantxua\AppData\Local\Temp\Adobe_Flash_Player.exe [221184]

[MD5.ED9745E95419AD06F460A6D0A2DF1102] [sPRF] (.F-Secure Corporation - F-Secure Product Information DLL.) -- C:\Users\Christelle Frantxua\AppData\Local\Temp\fsprod.dll [192936]

[MD5.E183E76900263563E360CB31C4AB4022] [sPRF] (.F-Secure Corporation - F-Secure Setup File Management DLL.) -- C:\Users\Christelle Frantxua\AppData\Local\Temp\fssfm.dll [356776]

[MD5.5A432A042DAE460ABE7199B758E8606C] [sPRF] (.Microsoft Corporation - Office Source Engine.) -- C:\Users\Christelle Frantxua\AppData\Local\Temp\ose00002.exe [145184]

[MD5.ED4A75C4516A229EB6143E29018C1C6D] [sPRF] (.F-Secure Corporation - F-Secure Setup preconfigurator.) -- C:\Users\Christelle Frantxua\AppData\Local\Temp\preconfig.exe [184744]

[MD5.D3E007FBC92173642415D33A0CD83D18] [sPRF] (.Google Inc. - GoogleToolbarNotifier.) -- C:\Users\Christelle Frantxua\AppData\Local\Temp\SearchWithGoogleUpdate.exe [426552]

[MD5.1108B166160D6023AF76435B074052B6] [sPRF] (.Macrovision Corporation - Setup.exe.) -- C:\Users\Christelle Frantxua\AppData\Local\Temp\_is1083.exe [455600]

[MD5.1108B166160D6023AF76435B074052B6] [sPRF] (.Macrovision Corporation - Setup.exe.) -- C:\Users\Christelle Frantxua\AppData\Local\Temp\_isA9C6.exe [455600]

[MD5.1108B166160D6023AF76435B074052B6] [sPRF] (.Macrovision Corporation - Setup.exe.) -- C:\Users\Christelle Frantxua\AppData\Local\Temp\_isE56E.exe [455600]

 

 

 

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)

O87 - FAEL: "FPS-SpoolSvc-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)

O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" |Out - Domain - P6 - TRUE | .(...) -- C:\Windows\system32\lsass.exe (.not file.)

O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\services.exe (.not file.)

O87 - FAEL: "RemoteSvcAdmin-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\services.exe (.not file.)

O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "{ABF9DB19-C9D8-425E-AFA6-4F312DEE0164}" | In - Public - P6 - FALSE | .(.Adobe Systems Incorporated - Adobe Photoshop Elements 7.0 (component).) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\AdobePhotoshopElementsMediaServer.exe

O87 - FAEL: "{274A8BFF-8905-4B53-93A2-B2DBC10498F3}" | In - Public - P17 - FALSE | .(.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\AdobePhotoshopElementsMediaServer.exe

O87 - FAEL: "{406C8C37-A244-401E-9678-A75D9BDB25DC}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

O87 - FAEL: "{225223BD-88B0-4097-BFEF-9879D29C7732}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)

O87 - FAEL: "TCP Query User{B43465DA-D68F-4ED4-9AA0-5FC9230A7D01}C:\program files (x86)\internet explorer\iexplore.exe" | In - Private - P6 - TRUE | .(.Microsoft Corporation.) -- C:\program files (x86)\internet explorer\iexplore.exe

O87 - FAEL: "UDP Query User{15C4A180-A548-44F0-BC1D-7C45AE699CC3}C:\program files (x86)\internet explorer\iexplore.exe" | In - Private - P17 - TRUE | .(.Microsoft Corporation.) -- C:\program files (x86)\internet explorer\iexplore.exe

O87 - FAEL: "{2FE2D373-EEA2-47EA-96C7-D8E1F20DE794}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O87 - FAEL: "{22F0FBEF-4111-46D1-8AA0-B68C4AE35B2F}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O87 - FAEL: "{06985EA3-7E2B-4ED4-92CB-AA904ABEE087}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe

 

 

 

---\\ Scan Additionnel (O88)

Database Version : 7042 - (08/05/2011)

Number of Keys Founds (Clés trouvées) : 2

Number of Directories Founds (Dossiers trouvés) : 1

 

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}] =>Spyware.BHO

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}] =>Spyware.BHO

C:\Users\Christelle Frantxua\Appdata\Local\Temp\Installer =>Adware.InstallPedia

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 08/12/2008 169312 | (AdobeActiveFileMonitor7.0) . (.Adobe Systems Incorporated.) - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

SR - | Auto 18/02/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

SR - | Auto 06/04/2011 349472 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

SR - | Auto 30/03/2006 96341 | (CCALib8) . (.Canon Inc..) - C:\Program Files (x86)\Canon\CAL\CALMAIN.exe

SR - | Auto 18/11/2009 221608 | (F-Secure Gatekeeper Handler Starter) . (.F-Secure Corporation.) - C:\Program Files (x86)\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe

SS - | Demand 25/05/2010 867080 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

SR - | Demand 18/11/2009 846248 | (FSDFWD) . (.F-Secure Corporation.) - C:\Program Files (x86)\SFR\Pack Sécurité\FWES\Program\fsdfwd.exe

SR - | Auto 18/11/2009 188840 | (FSMA) . (.F-Secure Corporation.) - C:\Program Files (x86)\SFR\Pack Sécurité\Common\FSMA32.exe

SR - | Demand 09/05/2011 63992 | (FSORSPClient) . (.F-Secure Corporation.) - C:\Program Files (x86)\SFR\Pack Sécurité\ORSP Client\fsorsp.exe

SR - | Auto 28/08/2009 1150496 | (Greg_Service) . (.Acer Incorporated.) - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe

SS - | Auto 15/04/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 15/04/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 28/10/2009 182768 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

SR - | Demand 14/04/2011 934176 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe

SS - | Demand 25/08/2009 935208 | Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

SR - | Auto 25/08/2009 0 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe

SS - | Demand 25/08/2009 0 | (Roxio UPnP Renderer 11) . (...) - C:\Program Files (x86)\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe

SR - | Auto 24/08/2010 92008 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

SR - | Auto 04/07/2009 240160 | (Updater Service) . (.Acer.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe

SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

 

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Run by Christelle Frantxua at 09/05/2011 16:20:04

 

device: opened successfully

user: error reading MBR

 

Disk trace:

error: Read Descripteur non valide

kernel: error reading MBR

 

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by Christelle Frantxua at 09/05/2011 16:20:06

 

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

 

 

 

End of the scan (1073 lines in 02mn 02s)(0)

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonsoir,

 

Mistral34, je suis désolé mais tu es sur le seul forum où tu ne peux pas intervenir puisque tu ne fais pas partie du groupe sécurité de Zébulon.

Mais tu peux aider partout ailleurs.

 

gizon,

 

Quels outils as-tu utilisé pour essayer de désinfecter cette peste?

 

Si tu as des rapports, poste-les stp.

 

@++

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Re,

 

Ce n'est pas moi qui fait les règles hein ;)

 

Merci de ta compréhension.

gizon Junior Member

gizon

Posté(e)
  • Auteur
Posté(e)

Bonjour et merci encore de m'aider. Je suis vraiment novice et ca doit se sentir...

J'ai utilisé le trojan killer grindin soft et je n'ai pas d'autre rapport que celui fournit dans mon premier message avec l'outil de diagnostic zhp diag

en esperant que cela vous soit utile

a+

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonjour,

 

Connais pas ton bidule moi ;)

Prends pas n'importe quoi, soumets ton souci sans utiliser le moindre outil.

 

Télécharge RogueKiller (par Tigzy) sur le bureau

(A partir d'une clé USB si le Rogue empêche l'accès au net) .

RogueKiller

Quitte tous les programmes en cours

Lance RogueKiller.exe.

 

Sous Vista/Seven, faire un clic droit et choisir Exécuter en tant qu'administrateur.

Si une détection apparait en haut de la fenêtre, tape 2 (mode REMOVE) et valide par la touche Entrer.

(Si le programme a été bloqué, renommer en RogueKiller.com et recommencer)

Envoie une copie du rapport RKreport[1].txt.

Si les raccourcis ont disparu, relance l'outil en mode 6.

Envoie une copie du rapport RKreport[2].txt.

 

@++

gizon Junior Member

gizon

Posté(e)
  • Auteur
Posté(e)

Salut,

Voila le rapport RKreport1, je vous ecoute pour la suite des operations (ça fait tres militaire ça...)

merci

 

RogueKiller V5.1.1 [05/05/2011] par Tigzy

contact sur Forum Sciences / Forum Informatique - Sur la Toile (SLT)

mail: tigzyRK<at>gmail<dot>com

Remontees: [RogueKiller] Remontées (1/22)

 

Systeme d'exploitation: Windows 7 (6.1.7600 ) 64 bits version

Demarrage : Mode normal

Utilisateur: Christelle Frantxua [Droits d'admin]

Mode: Recherche -- Date : 11/05/2011 16:42:30

 

Processus malicieux: 0

 

Entrees de registre: 1

[WallPP] HKCU\[...]\Desktop : Wallpaper () -> FOUND

 

Fichier HOSTS:

 

 

Termine : << RKreport[1].txt >>

RKreport[1].txt

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

avoranfix.

 

Télécharge TFC par OldTimer et enregistre-le sur le bureau.

 

  • Fais un double clic sur TFC.exe pour le lancer. (Note: Si tu es sous Vista/7, fais un clic droit sur le fichier et choisis Exécuter en tant qu'Administrateur).
  • L'outil va fermer tous les programmes lors de son exécution, donc vérifie que tu as sauvegardé tout ton travail en cours avant de commencer.
  • Clique sur le bouton Start pour lancer le processus. Selon la fréquence à laquelle tu supprimes tes fichiers temporaires, cela peut durer de quelques secondes à une minute ou deux. Laisse le programme s'exécuter sans l'interrompre.
  • Lorsqu'il a terminé, l'outil devrait faire redémarrer ton système. S'il ne le fait pas, fais redémarrer manuellement le PC pour parachever le nettoyage.

 

Télécharge Malwarebytes' Anti-Malware (MBAM).

 

Malwarebytes : Malwarebytes Anti-Malware is a free download that removes viruses and malware from your computer clique pour la version FREE et enregistre l'exécutable sur le bureau.

 

Si MBAM est déjà installé, aller directement à la mise à jour puis à l'analyse.

 

Ce logiciel est à garder.

 

Uniquement en cas de problème de mise à jour:

 

Télécharger mises à jour MBAM

 

Exécute le fichier après l'installation de MBAM

 

Connecter les supports amovibles (clés usb etc.) avant de lancer l'analyse.

 

  • Double clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
  • Sélectionne "Exécuter un examen complet"
  • Clique sur "Rechercher"
  • L'analyse démarre, le scan est relativement long, c'est normal.
  • A la fin de l'analyse, un message s'affiche :
    L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
    Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
    Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

Si MBAM demande à redémarrer le pc, fais-le.

 

Si au redémarrage Windows te dit qu'il a bloqué certains programmes de démarrage, clique sur la bulle puis sur Exécuter les programmes bloqués/Malwarebytes Anti-Malware.

 

@++

gizon Junior Member

gizon

Posté(e)
  • Auteur
Posté(e)

voilà, mbam a fonctionné et pas trouvé d'anomalie.

le rapport est le suivant:

 

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

 

Version de la base de données: 6555

 

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

 

11/05/2011 17:47:33

mbam-log-2011-05-11 (17-47-33).txt

 

Type d'examen: Examen complet (C:\|D:\|)

Elément(s) analysé(s): 289994

Temps écoulé: 37 minute(s), 7 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...