Sujet Précédent Sujet Suivant

Probleme je suis rediredtionné ver gomeo

Fermé
muscor Messages postés 7 Date d'inscription dimanche 10 octobre 2010 Statut Membre Dernière intervention 11 octobre 2010 - 10 oct. 2010 à 19:28
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 11 oct. 2010 à 15:00
Bonjour,

je suis toujour redirectionner vers la page gomeo, alors j'ai vu plusieur reponse sur le forum mais je ne sais pas si sa marchera pour moi, j'ai telecharger mbam et toujour pareil rien n'a changé,
donc si quelqu'un pourrait me donné une solution merci



12 réponses

Réponse 1 / 12
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
10 oct. 2010 à 20:34
j'ai écris en polonais ?
2
Réponse 2 / 12
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
10 oct. 2010 à 19:45
slt



Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):

- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.


télécharge combofix (par sUBs) ici :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

et enregistre le sur le bureau.

déconnecte toi d'internet et ferme toutes tes applications.

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)


double-clique sur combofix.exe et suis les instructions

à la fin, il va produire un rapport C:\ComboFix.txt

réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
0
Réponse 3 / 12
muscor Messages postés 7 Date d'inscription dimanche 10 octobre 2010 Statut Membre Dernière intervention 11 octobre 2010
10 oct. 2010 à 20:29
salut et merci voilà le rapport

Rapport de ZHPDiag v1.26.6871 par Nicolas Coolman, Update du 04/10/2010
Run by leclerc at 10/10/2010 20:15:09
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr

---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18943
MFIE: Mozilla Firefox (3.6.10)

---\\ System Information
Platform : Windows Vista (TM) Home Basic (6.0.6002) Service Pack 2
Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2037 MB (51% free)
System drive C: has 58 GB (61%) free of 95 GB

---\\ Logged in mode
Computer Name: PC-DE-LECLERC
User Name: leclerc
All Users Names: leclerc, Administrateur,
Unselected Option: O1,O45,O61,O62,O65,O82
Logged in as Administrator

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 58 Go of 95 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ Hard drive, Flash drive, Thumb drive (Free 214 Go of 298 Go)


---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK


---\\ Processus lancés
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184]
[MD5.B3E0C20A53D6A55590468B33AA9BC525] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [178712]
[MD5.9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F] - (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192]
[MD5.5C33844FE593165193086033F4FCB096] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe [159744]
[MD5.2B76545CD2572B92E89AC62C076F4699] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6111232]
[MD5.5F529FBB095CBC9F14BB1E97A7A6B547] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [166424]
[MD5.D8A33AF26E4143F7A892009890BB6F64] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [133656]
[MD5.4AB05041D5C922B9A7A5D9059F5538CD] - (.Microsoft Corporation - User session Windows Mobile device handler.) -- C:\Windows\WindowsMobile\wmdSync.exe [215552]
[MD5.FBAF93425D4B5A6C48ABB5B7F81088CD] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE [201128]
[MD5.0282F454BF380AF26EFC3913C6D435FF] - (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [1983816]
[MD5.4B555106290BD117334E9A08761C035A] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\rundll32.exe [44544]
[MD5.734006A2DB2404138F2C1A2CB86D32EF] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536]
[MD5.42370C1DE2B83844B253478DB8A907D5] - (.Alps Electric Co., Ltd. - ApMsgFwd.) -- C:\Program Files\Apoint2K\ApMsgFwd.exe [50736]
[MD5.A26898623D61508C2FA3F5672C11FA5D] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [910296]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120]
[MD5.60C2351F03211CEC72E076E9E6931A72] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [1651712]


---\\ Programmes d'extension pour Mozilla Firefox (M2)
M2 - MFEP: prefs.js [leclerc - ty96py3x.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant 1.2.1 (.Microsoft.)
M2 - MFEP: prefs.js [leclerc - ty96py3x.default\{3112ca9c-de6d-4884-a869-9855de68056c}] [] Google Toolbar for Firefox 7.1.20100830W (.Google Inc..)
M2 - MFEP: prefs.js [leclerc - ty96py3x.default\{62a699cd-138f-437c-ac3b-42469cb2a741}] [xul] XUL Cache 1.0 (.Canonical Ltd..)
M2 - MFEP: prefs.js [leclerc - ty96py3x.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar 2.1.1.20091029021655 (.Yahoo!.)


---\\ Plugins de navigateurs Opera/Firefox(P1/P2)
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 8.2.5.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@canon.com/EPPEX] - (.CANON INC. - CANON iMAGE GATEWAY Album Plugin Utility Module.) -- C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50917.0.) -- C:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@veetle.com/vbp;version=0.9.17] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (.not file.)


---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"


---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home


---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=&Br=EM&Loc=FRN_FR&Sys=PTB&M=eMachines E510
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm


---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll


---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} . (.CANON INC. - Easy-WebPrint EX.) -- C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} . (.F-Secure Corporation - Litmus.) -- C:\Program Files\SFR\Pack Sécurité\NRS\iescript\baselitmus.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} . (.Gateway Inc. - BAE.dll.) -- c:\windows\system32\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll


---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} . (.F-Secure Corporation - Litmus.) -- C:\Program Files\SFR\Pack Sécurité\NRS\iescript\baselitmus.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} . (.CANON INC. - Easy-WebPrint EX.) -- C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll


---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [Google Desktop Search] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [eRecoveryService] Clé orpheline
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [WarReg_PopUp] . (.eMachines - WR_PopUp.) -- C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe (.not file.)
O4 - HKLM\..\Run: [Windows Mobile-based device management] . (.Microsoft Corporation - User session Windows Mobile device handler.) -- C:\Windows\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [F-Secure Manager] . (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files\SFR\Pack Sécurité\Common\FSM32.exe
O4 - HKLM\..\Run: [F-Secure TNB] . (.F-Secure Corporation - TNBUtil.) -- C:\Program Files\SFR\Pack Sécurité\FSGUI\TNBUtil.exe
O4 - HKLM\..\Run: [CanonMyPrinter] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] . (.CANON INC. - CNSLMAIN.) -- C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [Creative SB Monitoring Utility] Rundll32 sbavmon.dll
O4 - HKLM\..\Run: [NBKeyScan] C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll


---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\leclerc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\leclerc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\leclerc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\leclerc\Desktop\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\leclerc\Desktop\Solitaire.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
O4 - Global Startup: C:\Users\leclerc\Desktop\Transférer des fichiers et des paramètres - Raccourci.lnk - Clé orpheline
O4 - Global Startup: C:\Users\leclerc\Desktop\Window Switcher.lnk - Clé orpheline
O4 - Global Startup: C:\Users\leclerc\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\leclerc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\leclerc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\leclerc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.fr.lnk . (.PokerStars.) -- C:\Program Files\PokerStars.FR\PokerStarsUpdate.exe
O4 - Global Startup: C:\Users\leclerc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline
O4 - Global Startup: C:\Users\leclerc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe


---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} . (.not file.) - C:\Program Files\PokerStars.FR\main.ico
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO


---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll


---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{59E98FBF-8D3A-4DA4-8AA4-ADF175110CD9}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\..\{7E9B8738-BC02-444F-B516-576BE958E98C}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{59E98FBF-8D3A-4DA4-8AA4-ADF175110CD9}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{7E9B8738-BC02-444F-B516-576BE958E98C}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{59E98FBF-8D3A-4DA4-8AA4-ADF175110CD9}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{7E9B8738-BC02-444F-B516-576BE958E98C}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240


---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll


---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\SYSTEM32\D3D10_1CORE32.dll (.not file.)


---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll


---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll


---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Empowering Technology Service (ETService) . (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) . (.F-Secure Corporation - F-Secure Anti-Virus Scanning Service.) - C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Management Agent (FSMA) . (.F-Secure Corporation - F-Secure Management Agent.) - C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Canon Inkjet Printer\Scanner\Fax Extended Survey Program (IJPLMSVC) . (.Pas de propriétaire - Inkjet Printer/Scanner/Fax Extended Servey.) - C:\Program Files\Canon\IJPLM\IJPLMSVC.exe
O23 - Service: IviRegMgr (IviRegMgr) . (.InterVideo - RegMgr Module.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe


---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe


---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Adobe Flash Player 9 ActiveX - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r32.) -- C:\Windows\system32\Macromed\Flash\Flash10c.ocx


---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Dritek General Port I\O (DritekPortIO) . (.Pas de propriétaire - Pas de description.) - C:\PROGRA~1\LAUNCH~1\DPortIO.sys
O41 - Driver: F-Secure HIPS Driver (F-Secure HIPS) . (.F-Secure Corporation - HIPS 32-bit kernel module.) - C:\Program Files\SFR\Pack Sécurité\HIPS\drivers\fshs.sys
O41 - Driver: F-Secure Email Scanning Driver (FSES) . (.F-Secure Corporation - F-Secure Email Interceptor.) - C:\Windows\system32\drivers\fses.sys
O41 - Driver: F-Secure Firewall Driver (FSFW) . (.F-Secure Corporation - F-Secure Internet Shield Driver.) - C:\Windows\system32\drivers\fsdfw.sys
O41 - Driver: F-Secure Vista Support Driver (fsvista) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\SFR\Pack Sécurité\Anti-Virus\minifilter\fsvista.sys


---\\ Logiciels installés (O42)
O42 - Logiciel: ALPS Touch Pad Driver - (.Alps Electric.) [HKLM] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}
O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites - (.Microsoft Corporation.) [HKLM] -- Activation Assistant for the 2007 Microsoft Office suites
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Flash Player 9 ActiveX - (.Adobe Systems.) [HKLM] -- ShockwaveFlash
O42 - Logiciel: Adobe Reader 8.2.5 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-A82000000003}
O42 - Logiciel: Assistant de connexion Windows Live ID - (.Microsoft Corporation.) [HKLM] -- {0840B4D6-7DD1-4187-8523-E6FC0007EFB7}
O42 - Logiciel: Browser Address Error Redirector - (.Pas de propriétaire.) [HKLM] -- {3EE33958-7381-4E7B-A4F3-6E43098E9E9C}
O42 - Logiciel: Canon Easy-WebPrint EX - (.Pas de propriétaire.) [HKLM] -- Easy-WebPrint EX
O42 - Logiciel: Canon Inkjet Printer/Scanner/Fax Extended Survey Program - (.Pas de propriétaire.) [HKLM] -- CANONIJPLM100
O42 - Logiciel: Canon MP Navigator EX 3.0 - (.Pas de propriétaire.) [HKLM] -- MP Navigator EX 3.0
O42 - Logiciel: Canon MP250 series MP Drivers - (.Pas de propriétaire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series
O42 - Logiciel: Canon Utilities Easy-PhotoPrint EX - (.Pas de propriétaire.) [HKLM] -- Easy-PhotoPrint EX
O42 - Logiciel: Canon Utilities My Printer - (.Pas de propriétaire.) [HKLM] -- CanonMyPrinter
O42 - Logiciel: Canon Utilities Solution Menu - (.Pas de propriétaire.) [HKLM] -- CanonSolutionMenu
O42 - Logiciel: Enregistrement utilisateur de Canon MP250 series - (.Pas de propriétaire.) [HKLM] -- Enregistrement utilisateur de Canon MP250 series
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {B131E59D-202C-43C6-84C9-68F0C37541F1}
O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Pas de propriétaire.) [HKLM] -- HDMI
O42 - Logiciel: Intel(R) Matrix Storage Manager - (.Pas de propriétaire.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: InterVideo WinDVD 8 - (.InterVideo Inc..) [HKLM] -- InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}
O42 - Logiciel: Java(TM) 6 Update 20 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216020FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}
O42 - Logiciel: K-Lite Codec Pack 5.4.4 (Full) - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Live Add-in 1.5 - (.Microsoft Corporation.) [HKLM] -- {F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {A49F249F-0C91-497F-86DF-B2585E8E76B7}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox (3.6.10) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.10)
O42 - Logiciel: OpenOffice.org 3.0 - (.OpenOffice.org.) [HKLM] -- {6860B340-530D-46B3-91F8-1AE1F70F7C33}
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: Pack Sécurité SFR - (.Pas de propriétaire.) [HKLM] -- F-Secure Product 444
O42 - Logiciel: PokerStars.fr - (.PokerStars.fr.) [HKLM] -- PokerStars.fr
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {E7004147-2CCA-431C-AA05-2AB166B9785D}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2277947) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5857EE21-03D0-482E-9620-5A30B314A2AE}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982312) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982331) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E8766951-2B6C-4022-86E8-80D2D1762B76}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB982308) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2251419) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7E9103DA-253F-41FF-9E83-7C83806C77DA}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {53B20C18-D8D4-4588-8737-9BBFE303C354}
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {F7D27C70-90F5-49B9-B188-0A133C0CE353}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}
O42 - Logiciel: eMachines Recovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\Alps]
[HKCU\Software\AppDataLow\Software\Canon]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Orange]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\BAE]
[HKCU\Software\Big Fish Games]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Compal]
[HKCU\Software\CoreVorbis]
[HKCU\Software\Creative Tech]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EEE]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\HipSoft]
[HKCU\Software\IM Providers]
[HKCU\Software\ImageViewer]
[HKCU\Software\Intel]
[HKCU\Software\InterVideo]
[HKCU\Software\JavaSoft]
[HKCU\Software\JollyBear]
[HKCU\Software\Lake]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MONOGRAM]
[HKCU\Software\Macromedia]
[HKCU\Software\MagicDisc]
[HKCU\Software\Magix]
[HKCU\Software\Magnet]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MediaInfo]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\NewTech Infosystems]
[HKCU\Software\ODBC]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Orange]
[HKCU\Software\Peaqbtzvyi]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\SFR]
[HKCU\Software\Sysinternals]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yahoo]
[HKCU\Software\madFlac]
[HKLM\Software\ALWIL Software]
[HKLM\Software\Acer Incorporated]
[HKLM\Software\Acer]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\Alps]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CDDB]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Codec Tweak Tool]
[HKLM\Software\Compal]
[HKLM\Software\Creative Tech]
[HKLM\Software\Data Fellows]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\Gateway]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KLCodecPack]
[HKLM\Software\LightScribe]
[HKLM\Software\Macromedia]
[HKLM\Software\Magix]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\NewTech Infosystems]
[HKLM\Software\ODBC]
[HKLM\Software\OldTimer Tools]
[HKLM\Software\OpenAL]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Orange]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SFR]
[HKLM\Software\SRS Labs]
[HKLM\Software\Sun Microsystems]
[HKLM\Software\Swearware]
[HKLM\Software\SymDebug]
[HKLM\Software\Symantec]
[HKLM\Software\Veetle]
[HKLM\Software\VideoLAN]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Waves Audio]
[HKLM\Software\WholeSecurity]
[HKLM\Software\Windows]
[HKLM\Software\Xara]
[HKLM\Software\Yahoo]
[HKLM\Software\mozilla.org]
[HKLM\Software\muvee Technologies]


---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Apoint2K
O43 - CFD:Common File Directory ----D- C:\Program Files\Ask.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Canon
O43 - CFD:Common File Directory --H-D- C:\Program Files\CanonBJ
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\EMACHINES
O43 - CFD:Common File Directory ----D- C:\Program Files\eMachines GameZone
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\InterVideo
O43 - CFD:Common File Directory ----D- C:\Program Files\InterVideo Information Service
O43 - CFD:Common File Directory ----D- C:\Program Files\InterVideo(66)
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\JRE
O43 - CFD:Common File Directory ----D- C:\Program Files\K-Lite Codec Pack
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0
O43 - CFD:Common File Directory ----D- C:\Program Files\NewTech Infosystems
O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD:Common File Directory ----D- C:\Program Files\PokerStars.FR
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime(67)
O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files\SFR
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Collaboration
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\CANON
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\France Telecom
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InterVideo
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LightScribe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Oberon Media
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\xara
O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe
O43 - CFD:Common File Directory ----D- C:\ProgramData\Ahead
O43 - CFD:Common File Directory ----D- C:\ProgramData\Apple
O43 - CFD:Common File Directory ----D- C:\ProgramData\Apple Computer
O43 - CFD:Common File Directory ----D- C:\ProgramData\Apple Computer(68)
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Application Data
O43 - CFD:Common File Directory ----D- C:\ProgramData\Arcade Lab
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Bureau
O43 - CFD:Common File Directory --H-D- C:\ProgramData\CanonBJ
O43 - CFD:Common File Directory ----D- C:\ProgramData\CanonIJ
O43 - CFD:Common File Directory --H-D- C:\ProgramData\CanonIJEGV
O43 - CFD:Common File Directory --H-D- C:\ProgramData\CanonIJMyPrinter
O43 - CFD:Common File Directory ----D- C:\ProgramData\CanonIJPLM
O43 - CFD:Common File Directory --H-D- C:\ProgramData\CanonIJScan
O43 - CFD:Common File Directory --H-D- C:\ProgramData\CanonIJSolutionMenu
O43 - CFD:Common File Directory ----D- C:\ProgramData\Creative
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Desktop
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Documents
O43 - CFD:Common File Directory ----D- C:\ProgramData\eMule
O43 - CFD:Common File Directory ----D- C:\ProgramData\f-secure
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favoris
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favorites
O43 - CFD:Common File Directory ----D- C:\ProgramData\FloodLightGames
O43 - CFD:Common File Directory ----D- C:\ProgramData\fssg
O43 - CFD:Common File Directory ----D- C:\ProgramData\Google
O43 - CFD:Common File Directory ----D- C:\ProgramData\HipSoft
O43 - CFD:Common File Directory ----D- C:\ProgramData\JollyBear
O43 - CFD:Common File Directory ----D- C:\ProgramData\MAGIX
O43 - CFD:Common File Directory ----D- C:\ProgramData\Malwarebytes
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD:Common File Directory -S--D- C:\ProgramData\Microsoft
O43 - CFD:Common File Directory ----D- C:\ProgramData\Microsoft Help
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Modèles
O43 - CFD:Common File Directory ----D- C:\ProgramData\NtiDvdCopy
O43 - CFD:Common File Directory ----D- C:\ProgramData\Oberon Games
O43 - CFD:Common File Directory ----D- C:\ProgramData\Oberonv1005
O43 - CFD:Common File Directory ----D- C:\ProgramData\Sandlot Games
O43 - CFD:Common File Directory ----D- C:\ProgramData\SpinTop Games
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Start Menu
O43 - CFD:Common File Directory ----D- C:\ProgramData\Sun
O43 - CFD:Common File Directory ----D- C:\ProgramData\Symantec
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\SysWoW32
O43 - CFD:Common File Directory ---AD- C:\ProgramData\TEMP
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Templates
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\CANON
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\France Telecom
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InterVideo
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LightScribe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Oberon Media
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\xara


---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.00000000000000000000000000000000] - 27/11/2129 - 13:31:45 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [3216]
O44 - LFC:[MD5.00000000000000000000000000000000] - 27/11/2129 - 13:31:45 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [3216]
O44 - LFC:[MD5.148A7F4DE0F59FAF1522467EDB66B19F] - 10/10/2010 - 19:08:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI [1517696]
O44 - LFC:[MD5.F7A8C39F67B6A336A22A6AB65890E37D] - 10/10/2010 - 19:08:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc009.dat [107314]
O44 - LFC:[MD5.83331E7C4E74194B19B0F9C9BE5F5E72] - 10/10/2010 - 19:08:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc00C.dat [129870]
O44 - LFC:[MD5.E1C214C2F18D0AFD35B7C823A9AB385F] - 10/10/2010 - 19:08:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh009.dat [603124]
O44 - LFC:[MD5.94D3DC81735E89CB0695A2B842A31984] - 10/10/2010 - 19:08:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh00C.dat [686170]
O44 - LFC:[MD5.00000000000000000000000000000000] - 10/10/2010 - 19:04:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1510105]
O44 - LFC:[MD5.00000000000000000000000000000000] - 10/10/2010 - 19:01:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\LogConfigTemp.xml [0]
O44 - LFC:[MD5.5B2CBDCB95FDEDEE6D4DB4C3ACCDDF4F] - 10/10/2010 - 19:00:31 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.2C434A939D89FC0B6E56AC10AC2FE437] - 10/10/2010 - 16:00:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\TDSSKiller.2.4.4.0_10.10.2010_16.30.44_log.txt [59896]
O44 - LFC:[MD5.0976C28CE23882056140D73CAFBFF699] - 10/10/2010 - 14:15:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [169464]
O44 - LFC:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 04/10/2010 - 19:03:43 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [38224]
O44 - LFC:[MD5.67B48A903430C6D4FB58CBACA1866601] - 04/10/2010 - 19:03:36 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [20952]
O44 - LFC:[MD5.B2EDF82825D979928AE07CBE9C7A2160] - 02/10/2010 - 13:20:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\WsmTxt.xsl [2426]
O44 - LFC:[MD5.F6D48AE1F578493D2E19DD644B153976] - 02/10/2010 - 13:20:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\winrm.vbs [201184]
O44 - LFC:[MD5.3C436603213561E2E7DD3D4459DBB7D4] - 02/10/2010 - 13:20:09 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\wsmanconfig_schema.xml [4675]
O44 - LFC:[MD5.43F7CA0473BB0FC9DD44ECF328B8D1FA] - 01/10/2010 - 17:06:26 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\System32\java.exe [145184]
O44 - LFC:[MD5.4E8CC8BDEBED5AD93539612D4D316FDF] - 01/10/2010 - 17:06:26 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\System32\javaw.exe [145184]
O44 - LFC:[MD5.9D452D6B1ED99F88C327349A644EB3A2] - 01/10/2010 - 17:06:26 ---A- . (.Sun Microsystems, Inc. - Java(TM) Web Start Launcher.) -- C:\Windows\System32\javaws.exe [153376]
O44 - LFC:[MD5.B8F7C6CA5F8E97249853DBE1DADD1FBC] - 01/10/2010 - 17:06:24 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\System32\deployJava1.dll [411368]
O44 - LFC:[MD5.4FCC9354A705A29593BDD06B280EFA70] - 01/10/2010 - 16:31:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\agent.log [261]
O44 - LFC:[MD5.C6C5F8144F37B4A3F24D5040A18CF6F4] - 01/10/2010 - 16:31:03 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\NTIWVEDT.INI [783]
O44 - LFC:[MD5.08F0229615EC6E8E0EFC6F84A0A60C45] - 28/09/2010 - 18:56:08 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\MusicEditor.INI [91]
O44 - LFC:[MD5.034A1A2DD6BE82F46949BE8B7FC77FEC] - 28/09/2010 - 15:31:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\FNTCACHE.DAT [350440]
O44 - LFC:[MD5.D5967D586B7E7C722DF85F276F410785] - 28/09/2010 - 14:07:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\mgxoschk.ini [7023]
O44 - LFC:[MD5.9BB05A7814162EC03011D83ED77C528B] - 28/09/2010 - 14:03:58 ---A- . (.MAGIX AG - MAGIX Restore.) -- C:\Windows\System32\MXRestore.exe [913408]
O44 - LFC:[MD5.1F552EC27C24A82850A568107E376E7A] - 28/09/2010 - 14:03:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\mgxcdr.txt [27807]
O44 - LFC:[MD5.5D7D97DF6AA504CC3C7DD92021B58D33] - 28/09/2010 - 14:03:58 ---A- . (.PoINT Software & Systems GmbH - PoINT Shared DLL.) -- C:\Windows\System32\STRING32.dll [38176]
O44 - LFC:[MD5.1DA32728F808D41F380193B6B21B14C2] - 28/09/2010 - 14:03:58 ---A- . (.PoINT Software & Systems GmbH - PoINT Shared DLL.) -- C:\Windows\System32\TTI32.dll [24576]
O44 - LFC:[MD5.AB024EFED92D5A91DDCC9577FD5A3A9C] - 28/09/2010 - 14:03:58 ---A- . (.PoINT Software & Systems GmbH - PoINT Shared DLL.) -- C:\Windows\System32\TTIC32.dll [24576]
O44 - LFC:[MD5.8EF0C1253D47A158D3023F1292A5E293] - 28/09/2010 - 14:03:57 ---A- . (.PoINT Software & Systems GmbH - PoINT CDread API.) -- C:\Windows\System32\DLLRD32.dll [40960]
O44 - LFC:[MD5.D41CD97D3A7B3DAF632C9335710162A0] - 28/09/2010 - 14:03:57 ---A- . (.PoINT Software & Systems GmbH - PoINT Shared DLL.) -- C:\Windows\System32\DLLISO32.dll [32768]
O44 - LFC:[MD5.82D1CAC671A80EB542B4428F072D7548] - 28/09/2010 - 14:03:57 ---A- . (.PoINT Software & Systems GmbH - PoINT Shared DLL.) -- C:\Windows\System32\DLLIX.dll [24576]
O44 - LFC:[MD5.69C3A42D62622DC14200D2F0531B7171] - 28/09/2010 - 14:03:57 ---A- . (.PoINT Software & Systems GmbH - PoINT Shared DLL.) -- C:\Windows\System32\DLLMSC32.dll [32768]
O44 - LFC:[MD5.FC726371307828FFA96E97F613BEA391] - 28/09/2010 - 14:03:57 ---A- . (.PoINT Software & Systems GmbH - PoINT Shared DLL.) -- C:\Windows\System32\DLLPNT32.dll [42272]
O44 - LFC:[MD5.F43884C4558E91F68C72CE404AD43D18] - 28/09/2010 - 14:03:57 ---A- . (.PoINT Software & Systems GmbH - PoINT Shared DLL.) -- C:\Windows\System32\DLLPRF32.dll [54560]
O44 - LFC:[MD5.B4455EF6F773C790ECBAAD93F719C1FE] - 28/09/2010 - 14:03:57 ---A- . (.PoINT Software & Systems GmbH - PoINT Shared DLL.) -- C:\Windows\System32\DLLPRJ32.dll [53248]
O44 - LFC:[MD5.BE5E9E3646D1EC21B9CD75895FE90B36] - 28/09/2010 - 14:03:57 ---A- . (.PoINT Software & Systems GmbH - PoINT Shared DLL.) -- C:\Windows\System32\DLLPTL32.dll [65536]
O44 - LFC:[MD5.BBACF0E0B1896ACE72AD125D67B2FB96] - 28/09/2010 - 14:03:57 ---A- . (.PoINT Software & Systems GmbH - PoINT Shared DLL.) -- C:\Windows\System32\DLLRES32.dll [202016]
O44 - LFC:[MD5.B2BCA1AAACFD7C7656F58ECF5C6569AC] - 28/09/2010 - 14:03:57 ---A- . (.PoINT Software & Systems GmbH - PoINT Shared DLL.) -- C:\Windows\System32\DLLTPO32.dll [57344]
O44 - LFC:[MD5.BE6B52608DA58CAE398B1CBF7D2380E4] - 28/09/2010 - 14:03:56 ---A- . (.PoINT Software & Systems GmbH - PoINT Shared DLL.) -- C:\Windows\System32\DLLCPY32.dll [111904]
O44 - LFC:[MD5.C8EE8C3455817D2CC88F33FAF588D382] - 28/09/2010 - 14:03:56 ---A- . (.PoINT Software & Systems GmbH - PoINT Shared DLL.) -- C:\Windows\System32\DLLDEV32.dll [173344]
O44 - LFC:[MD5.9B108B6A630027763CD9EB28AB06992B] - 28/09/2010 - 14:03:56 ---A- . (.PoINT Software & Systems GmbH - PoINT Shared DLL.) -- C:\Windows\System32\DLLDIR32.dll [32768]
O44 - LFC:[MD5.59594E0F16F45828E9DD97B2664087F2] - 28/09/2010 - 14:03:56 ---A- . (.PoINT Software & Systems GmbH - PoINT Shared DLL.) -- C:\Windows\System32\DLLDRV32.dll [161056]
O44 - LFC:[MD5.1903B46D93ED6E1ED5A41954FA21870F] - 28/09/2010 - 14:03:56 ---A- . (.PoINT Software & Systems GmbH - PoINT Shared DLL.) -- C:\Windows\System32\DLLIMG32.dll [45056]
O44 - LFC:[MD5.A8BF76E829A919AC4006098E9A43BAC3] - 28/09/2010 - 14:03:56 ---A- . (.PoINT Software & Systems GmbH - PoINT Shared DLL.) -- C:\Windows\System32\DLLIO32.dll [58656]
O44 - LFC:[MD5.B542E1BBB193304986A2782E96919D3C] - 28/09/2010 - 14:03:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\DLLAV32.lib [14182]
O44 - LFC:[MD5.180EDFE630904668A866A7A8D7518AB6] - 28/09/2010 - 14:03:55 ---A- . (.PoINT Software & Systems GmbH - API of PoINT CD/DVD Audio/Video SDK.) -- C:\Windows\System32\DLLAV32.dll [644384]
O44 - LFC:[MD5.3CF5D6F462D385BF3A26BA60A0459F67] - 28/09/2010 - 14:03:55 ---A- . (.PoINT Software & Systems GmbH - API of PoINT CDarchive.) -- C:\Windows\System32\DLLCDA32.dll [114688]
O44 - LFC:[MD5.435EBFA51632D4ACC7368F751597A86C] - 28/09/2010 - 14:03:55 ---A- . (.PoINT Software & Systems GmbH - PoINT Shared DLL.) -- C:\Windows\System32\DLLCDF32.dll [61440]
O44 - LFC:[MD5.CA84D9EE9DDF01D77452EE58E2C8FD59] - 28/09/2010 - 14:02:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\DLLDEV32i.dll [120200]
O44 - LFC:[MD5.125B839D3F35E9CFAE39E2A8DE39B2BD] - 28/09/2010 - 14:02:06 ---A- . (.MAGIX AG - mgxoschk.) -- C:\Windows\System32\mgxoschk.dll [700416]
O44 - LFC:[MD5.6458EF7DBF8BE4A027ABCF4C3C111BF5] - 26/09/2010 - 22:02:25 R-HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\ctfile.rfc [285]
O44 - LFC:[MD5.6DED3E81D8524F8D466A6A8C5273D0DE] - 26/09/2010 - 22:01:30 ---A- . (.Creative Labs - OpenAL32.) -- C:\Windows\System32\wrap_oal.dll [409600]
O44 - LFC:[MD5.F961A671738EE369C96ABCF8BDE9A613] - 26/09/2010 - 22:01:30 ---A- . (.Portions (C) Creative Labs Inc. and NVIDIA - Standard OpenAL(TM) Implementation.) -- C:\Windows\System32\OpenAL32.dll [114688]
O44 - LFC:[MD5.EBCA6851384564B55E3718999B87F457] - 26/09/2010 - 19:02:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\W
0
Réponse 4 / 12
muscor Messages postés 7 Date d'inscription dimanche 10 octobre 2010 Statut Membre Dernière intervention 11 octobre 2010
10 oct. 2010 à 20:45
c'est pas sa que tu voulait car le rapport qu'il me donne a la fin c'est bien se que je t'ai mit a moin que je me suis trompé, j'ai tous fait a la lettre
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 12
muscor Messages postés 7 Date d'inscription dimanche 10 octobre 2010 Statut Membre Dernière intervention 11 octobre 2010
10 oct. 2010 à 22:02
re alor desolé c'est moi qui n'a rien comprit donc la je te met le rapport et c'est le bon vu que je l'ai fait avec combi

ComboFix 10-10-09.06 - leclerc 10/10/2010 21:01:16.1.2 - x86
Microsoft® Windows Vista(TM) Édition Familiale Basique 6.0.6002.2.1252.33.1036.18.2037.857 [GMT 2:00]
Lancé depuis: c:\users\leclerc\Downloads\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\SysWoW32
c:\programdata\SysWoW32\_u538960018v0
c:\programdata\SysWoW32\_u538960018v1
c:\programdata\SysWoW32\_u538960018v2
c:\programdata\SysWoW32\_u538960018v3
c:\programdata\SysWoW32\_u538960018v4
c:\programdata\SysWoW32\_u538960018v5
c:\programdata\SysWoW32\_u538960018v6
c:\programdata\SysWoW32\_u538960018v7
c:\programdata\SysWoW32\mu538960018v4
c:\programdata\SysWoW32\mu538960018v4.kwd
c:\programdata\SysWoW32\mu538960018v5
c:\programdata\SysWoW32\mu538960018v5.kwd
c:\programdata\SysWoW32\mu538960018v6
c:\programdata\SysWoW32\mu538960018v6.kwd
c:\programdata\SysWoW32\mu538960018v7
c:\programdata\SysWoW32\mu538960018v7.kwd
c:\programdata\SysWoW32\wu538960018v0
c:\programdata\SysWoW32\wu538960018v0.kwd
c:\programdata\SysWoW32\wu538960018v1
c:\programdata\SysWoW32\wu538960018v1.kwd
c:\programdata\SysWoW32\wu538960018v2
c:\programdata\SysWoW32\wu538960018v2.kwd
c:\programdata\SysWoW32\wu538960018v3
c:\programdata\SysWoW32\wu538960018v3.kwd
c:\programdata\unrar.exe
c:\users\leclerc\AppData\Roaming\02000000e68b31bf1018C.manifest
c:\users\leclerc\AppData\Roaming\02000000e68b31bf1018O.manifest
c:\users\leclerc\AppData\Roaming\02000000e68b31bf1018P.manifest
c:\users\leclerc\AppData\Roaming\02000000e68b31bf1018S.manifest
c:\users\leclerc\AppData\Roaming\Mozilla\Firefox\Profiles\ty96py3x.default\extensions\{62a699cd-138f-437c-ac3b-42469cb2a741}
c:\users\leclerc\AppData\Roaming\Mozilla\Firefox\Profiles\ty96py3x.default\extensions\{62a699cd-138f-437c-ac3b-42469cb2a741}\chrome.manifest
c:\users\leclerc\AppData\Roaming\Mozilla\Firefox\Profiles\ty96py3x.default\extensions\{62a699cd-138f-437c-ac3b-42469cb2a741}\chrome\xulcache.jar
c:\users\leclerc\AppData\Roaming\Mozilla\Firefox\Profiles\ty96py3x.default\extensions\{62a699cd-138f-437c-ac3b-42469cb2a741}\defaults\preferences\xulcache.js
c:\users\leclerc\AppData\Roaming\Mozilla\Firefox\Profiles\ty96py3x.default\extensions\{62a699cd-138f-437c-ac3b-42469cb2a741}\install.rdf
c:\users\leclerc\AppData\Roaming\srsf.bat
c:\windows\system32\Data
c:\windows\system32\spool\prtprocs\w32x86\CNMPP9W.DLL

.
((((((((((((((((((((((((((((( Fichiers créés du 2010-09-10 au 2010-10-10 ))))))))))))))))))))))))))))))))))))
.

2010-10-10 19:44 . 2010-10-10 19:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-10-09 00:38 . 2010-10-10 15:22 -------- d-----w- c:\users\leclerc\AppData\Roaming\vlc
2010-10-08 20:01 . 2010-09-09 22:52 6084944 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F78DCCDC-ACD0-49A4-B8EA-E457734AA2E1}\mpengine.dll
2010-10-04 18:03 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-04 18:03 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-04 18:03 . 2010-10-04 18:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-03 20:05 . 2010-09-18 11:01 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2010-10-03 20:05 . 2010-09-18 11:01 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2010-10-03 20:05 . 2010-09-18 11:01 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2010-10-03 20:05 . 2010-09-18 11:01 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2010-10-03 20:05 . 2010-09-18 11:01 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2010-10-03 20:05 . 2010-09-18 11:01 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2010-10-03 20:05 . 2010-09-18 11:01 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2010-10-03 20:02 . 2010-10-03 20:02 -------- d-----w- c:\program files\InterVideo Information Service
2010-10-03 19:57 . 2010-10-03 19:59 -------- d-----w- c:\program files\InterVideo(66)
2010-10-02 13:04 . 2010-10-02 13:04 -------- d-----w- c:\users\leclerc\AppData\Roaming\Malwarebytes
2010-10-02 13:03 . 2010-10-02 13:03 -------- d-----w- c:\programdata\Malwarebytes
2010-10-02 12:21 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2010-10-02 12:20 . 2009-10-09 21:56 12800 ----a-w- c:\windows\system32\wsmprovhost.exe
2010-10-02 12:20 . 2009-10-09 21:56 20480 ----a-w- c:\windows\system32\winrshost.exe
2010-10-02 12:20 . 2009-10-09 21:56 40448 ----a-w- c:\windows\system32\winrs.exe
2010-10-02 12:20 . 2009-10-09 21:56 10240 ----a-w- c:\windows\system32\wsmplpxy.dll
2010-10-02 12:20 . 2009-10-09 21:56 10240 ----a-w- c:\windows\system32\winrssrv.dll
2010-10-02 12:20 . 2009-10-09 21:55 79872 ----a-w- c:\windows\system32\wecutil.exe
2010-10-02 12:20 . 2009-10-09 21:55 146944 ----a-w- c:\windows\system32\wecsvc.dll
2010-10-02 12:20 . 2009-10-09 21:55 81408 ----a-w- c:\windows\system32\wevtfwd.dll
2010-10-02 12:20 . 2009-10-09 21:55 56320 ----a-w- c:\windows\system32\wecapi.dll
2010-10-02 12:20 . 2009-10-09 21:55 54272 ----a-w- c:\windows\system32\WsmRes.dll
2010-10-02 12:20 . 2009-10-09 21:56 41472 ----a-w- c:\windows\system32\pwrshplugin.dll
2010-10-02 12:20 . 2009-08-01 06:27 201184 ----a-w- c:\windows\system32\winrm.vbs
2010-10-02 12:19 . 2009-10-09 21:56 145408 ----a-w- c:\windows\system32\WsmAuto.dll
2010-10-02 12:19 . 2009-10-09 21:56 214016 ----a-w- c:\windows\system32\WsmWmiPl.dll
2010-10-02 12:19 . 2009-10-09 21:56 241152 ----a-w- c:\windows\system32\winrscmd.dll
2010-10-02 12:19 . 2009-10-09 21:56 246272 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2010-10-02 12:19 . 2009-10-09 21:55 252416 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2010-10-02 12:19 . 2009-10-09 21:56 1181696 ----a-w- c:\windows\system32\WsmSvc.dll
2010-10-01 16:06 . 2010-10-01 16:06 -------- d-----w- c:\program files\Java
2010-10-01 08:35 . 2010-10-01 08:35 -------- d-----w- c:\programdata\CanonIJ
2010-10-01 08:34 . 2010-10-01 08:34 -------- d-----w- c:\users\leclerc\AppData\Roaming\Canon
2010-09-29 08:56 . 2010-06-22 13:30 2048 ----a-w- c:\windows\system32\tzres.dll
2010-09-29 08:52 . 2010-08-26 04:23 13312 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-09-28 18:27 . 2010-09-28 18:27 -------- d-----w- c:\program files\VideoLAN
2010-09-28 13:04 . 2010-09-28 13:04 -------- d-----w- c:\program files\Common Files\xara
2010-09-28 13:02 . 2010-09-28 18:52 -------- d-----w- c:\programdata\MAGIX
2010-09-28 13:02 . 2007-04-27 07:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll
2010-09-28 13:02 . 2010-09-28 18:52 -------- d-----w- c:\windows\system32\MAGIX
2010-09-28 13:02 . 2008-04-15 13:14 700416 ----a-w- c:\windows\system32\mgxoschk.dll
2010-09-26 21:01 . 2010-09-26 21:01 409600 ----a-w- c:\windows\system32\wrap_oal.dll
2010-09-26 21:01 . 2010-09-26 21:01 114688 ----a-w- c:\windows\system32\OpenAL32.dll
2010-09-26 21:01 . 2007-03-22 14:57 1527808 ------w- c:\windows\system32\Sens_oal.dll
2010-09-26 18:05 . 2010-09-28 18:47 -------- d-----w- c:\programdata\Creative
2010-09-26 18:00 . 2007-05-28 09:28 69120 ----a-w- c:\windows\system32\CmdRtr.dll
2010-09-26 18:00 . 2007-05-08 09:46 106496 ----a-w- c:\windows\system32\APOMngr.dll
2010-09-25 07:18 . 2010-09-25 07:18 0 ----a-w- c:\users\leclerc\AppData\Roaming\B02B.tmp
2010-09-25 07:18 . 2010-09-25 07:18 0 ----a-w- c:\users\leclerc\AppData\Roaming\9E6E.tmp
2010-09-23 14:26 . 2003-11-10 16:12 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2010-09-23 14:26 . 2003-11-10 16:13 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2010-09-23 14:26 . 2003-11-10 16:12 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2010-09-23 14:26 . 2003-11-10 16:11 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2010-09-23 14:26 . 2003-11-10 16:14 729088 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2010-09-23 14:26 . 2010-09-23 14:26 188548 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2010-09-23 14:26 . 2010-09-23 14:26 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2010-09-22 19:07 . 2009-02-24 16:42 116736 ----a-w- c:\windows\system32\drivers\mcdbus.sys
2010-09-18 11:09 . 2010-09-22 15:54 -------- d-----w- c:\users\leclerc\AppData\Roaming\Apple Computer
2010-09-18 11:09 . 2010-09-18 11:25 -------- d-----w- c:\users\leclerc\AppData\Local\Apple Computer
2010-09-18 11:07 . 2010-09-18 11:08 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-09-18 11:00 . 2010-10-04 19:06 -------- d-----w- c:\program files\QuickTime
2010-09-18 11:00 . 2010-10-03 20:16 -------- d-----w- c:\programdata\Apple Computer
2010-09-16 18:57 . 2010-09-23 18:23 -------- d-----w- c:\program files\Ask.com
2010-09-16 13:00 . 2010-09-16 13:00 -------- d-----w- c:\program files\Common Files\CANON
2010-09-16 12:56 . 2010-09-16 12:56 -------- d--h--w- c:\programdata\CanonBJ
2010-09-16 12:55 . 2010-04-24 03:00 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPD9W.DLL
2010-09-16 12:54 . 2010-09-16 12:54 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2010-09-16 12:53 . 2009-03-11 09:34 303104 ----a-w- c:\windows\system32\CNC250L.dll
2010-09-16 12:53 . 2009-04-03 14:00 1310720 ----a-w- c:\windows\system32\CNC250C.dll
2010-09-16 12:53 . 2009-04-03 13:59 110592 ----a-w- c:\windows\system32\CNC250I.dll
2010-09-16 12:53 . 2009-04-03 13:57 106496 ----a-w- c:\windows\system32\CNC250U.dll
2010-09-16 12:53 . 2008-08-25 16:02 15872 ----a-w- c:\windows\system32\CNHMCA.dll
2010-09-16 12:51 . 2010-04-24 03:00 272384 ----a-w- c:\windows\system32\CNMLM9W.DLL
2010-09-16 12:51 . 2009-02-04 13:17 90112 ----a-w- c:\windows\system32\CNC250O.dll
2010-09-16 12:51 . 2009-03-18 09:09 178176 ----a-w- c:\windows\system32\CNMIU9W.DLL
2010-09-16 12:47 . 2010-09-16 13:07 -------- d-----w- c:\program files\Canon
2010-09-15 19:51 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll
2010-09-15 19:51 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-15 19:51 . 2010-04-05 17:02 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2010-09-15 19:51 . 2010-08-17 10:52 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2010-09-15 19:51 . 2010-05-27 20:08 739328 ----a-w- c:\windows\system32\inetcomm.dll
2010-09-15 19:18 . 2010-09-15 19:18 -------- d-----w- c:\users\leclerc\AppData\Local\Apple
2010-09-15 19:18 . 2010-09-15 19:18 -------- d-----w- c:\programdata\Apple
2010-09-15 16:57 . 2010-09-15 16:57 -------- d-----w- c:\users\leclerc\AppData\Local\Mozilla
2010-09-15 15:53 . 2010-10-06 20:49 -------- d-----w- c:\users\leclerc\AppData\Local\PokerStars.FR
2010-09-15 15:52 . 2010-09-15 15:53 -------- d-----w- c:\program files\PokerStars.FR
2010-09-15 15:00 . 2010-09-15 15:09 41624 ----a-w- c:\windows\system32\drivers\fsbts.sys
2010-09-15 15:00 . 2010-09-15 15:45 35792 ----a-w- c:\windows\system32\drivers\fses.sys
2010-09-15 15:00 . 2009-11-18 16:07 72904 ----a-w- c:\windows\system32\drivers\fsdfw.sys
2010-09-15 15:00 . 2009-11-18 16:08 574376 ----a-w- c:\windows\system32\msvcp50.dll
2010-09-15 14:57 . 2010-09-15 14:57 -------- d-----w- c:\programdata\fssg
2010-09-15 14:56 . 2010-09-15 14:59 -------- d-----w- c:\programdata\f-secure

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-24 30192]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-07-21 159744]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-24 6111232]
"WarReg_PopUp"="c:\program files\eMachines\WR_PopUp\WarReg_PopUp.exe" [2008-05-09 49152]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2008-01-21 215552]
"F-Secure Manager"="c:\program files\SFR\Pack Sécurité\Common\FSM32.EXE" [2009-11-18 201128]
"F-Secure TNB"="c:\program files\SFR\Pack Sécurité\FSGUI\TNBUtil.exe" [2009-11-18 1655208]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 1983816]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-09-24 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"Creative SB Monitoring Utility"="sbavmon.dll" [2007-06-28 93696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SYSTEM32\D3D10_1CORE32.DLL c:\progra~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 GDMSRV0;GDMSRV0;c:\windows\system32\GDMSRV.SYS [x]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-24 30192]
R3 ksaud;Creative USB Audio Driver;c:\windows\system32\drivers\ksaud.sys [2007-08-06 422144]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2008-10-29 7680]
R3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\PCAMp50.sys [2009-08-24 28224]
R3 uafilter;uafilter;c:\windows\system32\DRIVERS\uafilter.sys [x]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys [2008-10-13 110080]
R3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\DRIVERS\ZTEusbvoice.sys [2008-10-15 104960]
R4 F-Secure Filter;F-Secure File System Filter;c:\program files\SFR\Pack Sécurité\Anti-Virus\Win2K\FSfilter.sys [2009-11-18 41640]
R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\SFR\Pack Sécurité\Anti-Virus\Win2K\FSrec.sys [2009-11-18 27048]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2010-09-15 41624]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\SFR\Pack Sécurité\HIPS\drivers\fshs.sys [2009-11-18 69928]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2010-09-15 35792]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2009-11-18 72904]
S1 fsvista;F-Secure Vista Support Driver;c:\program files\SFR\Pack Sécurité\Anti-Virus\minifilter\fsvista.sys [2009-11-18 14248]
S2 ETService;Empowering Technology Service;c:\program files\EMACHINES\eMachines Recovery Management\Service\ETService.exe [2008-04-03 24576]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-07-22 180736]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\SFR\Pack Sécurité\Anti-Virus\minifilter\fsgk.sys [2010-09-15 124072]
S3 FSORSPClient;F-Secure ORSP Client;c:\program files\SFR\Pack Sécurité\ORSP Client\fsorsp.exe [2010-09-15 58024]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: {{90EAE591-7E7E-434a-8E28-ECFD00071806} - c:\program files\PokerStars.FR\PokerStarsUpdate.exe
LSP: c:\program files\SFR\Pack Se9,curite9,\FSPS\program\FSLSP.DLL
FF - ProfilePath - c:\users\leclerc\AppData\Roaming\Mozilla\Firefox\Profiles\ty96py3x.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - component: c:\program files\SFR\Pack Sécurité\NRS\litmus-ff@f-secure.com\components\litmus-ff.dll
FF - component: c:\users\leclerc\AppData\Roaming\Mozilla\Firefox\Profiles\ty96py3x.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHELINS SUPPRIMES - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-eRecoveryService - (no file)
HKLM-Run-ORAHSSSessionManager - c:\program files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe
HKLM-Run-NBKeyScan - c:\program files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe
AddRemove-MAGIX Speed 2 F - c:\program files\MAGIX\Speed2_burnR_mxcdr\unwise.exe


.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(4960)
c:\program files\SFR\Pack Sécurité\Spam Control\fsscoepl.dll
.
Heure de fin: 2010-10-10 21:49:33
ComboFix-quarantined-files.txt 2010-10-10 19:49

Avant-CF: 62 154 162 176 octets libres
Après-CF: 62 172 700 672 octets libres

- - End Of File - - ED237375AF71C9076F5B9922713C9CA1
0
Réponse 6 / 12
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
10 oct. 2010 à 22:07
ok

le souci persiste ?


si tu as le temps ce soir colle le rapport d'un antivirus en ligne '<= ici) comme bitdefender ou panda ou nod 32
0
Réponse 7 / 12
muscor Messages postés 7 Date d'inscription dimanche 10 octobre 2010 Statut Membre Dernière intervention 11 octobre 2010
11 oct. 2010 à 08:33
bonjour voila le rapport de l'antivirus, j'ai utilisé panda,

;***********************************************************************************************************************************************************************************
ANALYSIS: 2010-10-11 08:30:00
PROTECTIONS: 1
MALWARE: 14
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Pack S?curit? SFR 9.12 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00007432 Univ Virus No 0 Yes No c:\program files\sfr\pack sécurité\fsaua\content\aquawin32\1285294257\cran.cvd
00049258 Trj/Deldir.A Virus/Trojan No 1 Yes No c:\acer\patch\other1.cmd
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No c:\users\leclerc\appdata\roaming\microsoft\windows\cookies\low\leclerc@247realmedia[1].txt
00167647 Cookie/Yadro TrackingCookie No 0 Yes No c:\users\leclerc\appdata\roaming\microsoft\windows\cookies\low\leclerc@yadro[2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No c:\users\leclerc\appdata\roaming\microsoft\windows\cookies\low\leclerc@apmebf[2].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No c:\users\leclerc\appdata\roaming\microsoft\windows\cookies\low\leclerc@weborama[1].txt
00168116 Cookie/Comclick TrackingCookie No 0 Yes No c:\users\leclerc\appdata\roaming\microsoft\windows\cookies\low\leclerc@fl01.ct2.comclick[2].txt
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No c:\users\leclerc\appdata\roaming\microsoft\windows\cookies\low\leclerc@statse.webtrendslive[1].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No c:\users\leclerc\appdata\roaming\microsoft\windows\cookies\low\leclerc@zedo[1].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No c:\users\leclerc\appdata\roaming\microsoft\windows\cookies\low\leclerc@bluestreak[1].txt
00207936 Cookie/Adviva TrackingCookie No 0 Yes No c:\users\leclerc\appdata\roaming\microsoft\windows\cookies\low\leclerc@adviva[1].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No c:\users\leclerc\appdata\roaming\microsoft\windows\cookies\low\leclerc@smartadserver[1].txt
03074964 Trj/CI.A Virus/Trojan No 0 Yes No c:\qoobox\quarantine\c\programdata\syswow32\_u538960018v1.vir[patch.exe]
03074964 Trj/CI.A Virus/Trojan No 0 Yes No c:\qoobox\quarantine\c\programdata\syswow32\wu538960018v1.vir[patch.exe]
03074964 Trj/CI.A Virus/Trojan No 0 Yes No c:\qoobox\quarantine\c\programdata\syswow32\wu538960018v2.vir[patch.exe]
03074964 Trj/CI.A Virus/Trojan No 0 Yes No c:\qoobox\quarantine\c\programdata\syswow32\wu538960018v3.vir[patch.exe]
03074964 Trj/CI.A Virus/Trojan No 0 Yes No c:\qoobox\quarantine\c\programdata\syswow32\_u538960018v3.vir[patch.exe]
07391450 Generic Trojan Virus/Trojan No 0 Yes No c:\qoobox\quarantine\c\programdata\syswow32\_u538960018v2.vir[patch.exe]
;===================================================================================================================================================================================
SUSPECTS
Sent Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description
;===================================================================================================================================================================================
;===================================================================================================================================================================================
0
Réponse 8 / 12
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
11 oct. 2010 à 11:05
vire le fichier qoobox

c:\qoobox

_______________

les soucis persistent?
0
Réponse 9 / 12
muscor Messages postés 7 Date d'inscription dimanche 10 octobre 2010 Statut Membre Dernière intervention 11 octobre 2010
11 oct. 2010 à 11:24
ok le fichier est supprimé

donc j'ai navigé sur plusieur site et sa ma l'air tout bon, le probleme est resolu

merci merci merci sa fait vraiment plaisir
0
Réponse 10 / 12
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
11 oct. 2010 à 11:37
pour voir:
branche tes supports externes (clé usb ...) et colle un rapport de recherche avec usbfix http://nostools.pagesperso-orange.fr/usbfix.html
0
Réponse 11 / 12
muscor Messages postés 7 Date d'inscription dimanche 10 octobre 2010 Statut Membre Dernière intervention 11 octobre 2010
11 oct. 2010 à 12:35
ok donc j'ai fait sa aussi voila le rapport

############################## | UsbFix 7.030 | [Recherche]

Utilisateur: leclerc (Administrateur) # PC-DE-LECLERC [eMachines eMachines E510]
Mis à jour le 10/10/10 par El Desaparecido / C_XX
Lancé à 12:28:32 | 11/10/2010
Site Web: http://www.teamxscript.org
Contact: eldesaparecido@arx-services.com

CPU: Genuine Intel(R) CPU T1400 @ 1.73GHz
CPU 2: Genuine Intel(R) CPU T1400 @ 1.73GHz
Microsoft® Windows Vista(TM) Édition Familiale Basique (6.0.6002 32-Bit) # Service Pack 2
Internet Explorer 8.0.6001.18943

Pare-feu Windows: Désactivé /!\
RAM -> 2037 Mo
C:\ (%systemdrive%) -> Disque fixe # 95 Go (58 Go libre(s) - 61%) [OS] # NTFS
D:\ -> CD-ROM
E:\ -> Disque fixe # 298 Go (214 Go libre(s) - 72%) [VERBATIM] # FAT32

################## | Éléments infectieux |



################## | Registre |

Présent! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Présent! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives

################## | Mountpoints2 |


################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F |
0
Réponse 12 / 12
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
11 oct. 2010 à 15:00
ok colle un rapport de nettoyage
0

Discussions similaires

Problème avec Gomeo
charlot -
Utilisateur anonyme -

17 réponses
Problème avec Goméo
D.F. -
D.F. -

6 réponses
Goméo (comme beaucoup)
adoubeur -
jacques.gache -

1 réponse
Pilote 802.11n WLAN Adapter clé wifi
romain02310 -
glg29 -

1 réponse
Envoi mail impossible vers GMAIL via Outlook
Spoto31200 -
Utilisateur anonyme -

3 réponses