johan1
-
Compteur de contenus
205 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par johan1
-
bonjour en ce debut de semaine. donc cela marche bien avec skype. il faut le parametrer en reponse automatique et appel video et cela marche ce que j ai fait . j ai cree un nouveau compte que moi seul connait. "comme cela on decroche pas a tout le monde lol" je laisse bien sur mon pc allumé avec skype " nouveau compte ouvert " et quand je suis sur un pc qui possedes skype je tape ma nouvelle adresse et skype mon pc ficxe cela marche parfaitement..; vs devez bien sur couper les hauts parleurs avant de partir et eteindre votre ecran. et hop vs avez le son et la vue de votre webcam en live.
-
un ami viens de me donné la solution via skype c possible en donnant ordre aux pc d accepter les appel video en automatique. et voila je peux me connecté sur mon compte skype quand je le desire. je vais testé cela ce dimanche et je vs dis quoi.. Merci pour votre aide toujours au top de l info
-
aie !!!! je ne peux me diviser en 2 et accepter le demande sur le pc maison ( voila donc le probleme ) donc comment faire .?
-
je vais donc testé cela je rentre demain a la maison et chargé ce programme le faire avec mon portable et d ici mardi je le ferais sous mon autre fixe et de la je donnerai la reponse Merci a vous de vos reponses johan
-
me voila reconnecté Désolé si j ai bien suivit il faut que je quitte la maison avec le portable et la manipulation effectuée mais j aimerais pouvoir me connecté aussi d un ordinateur fixe a plus de 500 km de la maison et pas possible pour moi de deplacé les fixes celui de la maison peut resté allumé mais le pc du bureau sont toujours fermé en fin de journée . par moi ou des collegues pas tres futé en informatique je suis mais les conseils sont toujours bien venu
-
bonjour, j ai fait un scan en ligne avec panda il m a detecté un virus le scan + de 3heure je l ai donc arreté et effectué un scan avec zp diag , pas possible de faire un scan avec bitdefender et kapersky le prmier reste bloqué le second n a pas l air detre actif. j espere que vs pourriez m aidez le hiq c que je serai en congé a partir de mercredi . et demain le pc uniquemet en soirée donc si les reponses sont tardive cela sera normal voici les rapports. ANALYSIS: 2011-07-31 23:06:07 PROTECTIONS: 1 MALWARE: 10 SUSPECTS: 0 ;*********************************************************************************************************************************************************************************** PROTECTIONS Description Version Active Updated ;=================================================================================================================================================================================== AntiVir Desktop 10.0.1.58 No Yes ;=================================================================================================================================================================================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=================================================================================================================================================================================== 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No c:\documents and settings\joannes\cookies\joannes@doubleclick[1].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No c:\documents and settings\joannes\cookies\joannes@doubleclick[3].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No c:\documents and settings\joannes\cookies\joannes@atdmt[3].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No c:\documents and settings\joannes\cookies\joannes@atdmt[2].txt 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No c:\documents and settings\joannes\cookies\joannes@mediaplex[1].txt 00167704 Cookie/Xiti TrackingCookie No 0 Yes No c:\documents and settings\joannes\cookies\joannes@xiti[1].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\documents and settings\joannes\cookies\joannes@serving-sys[2].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\documents and settings\joannes\cookies\joannes@serving-sys[1].txt 00168109 Cookie/Adtech TrackingCookie No 0 Yes No c:\documents and settings\joannes\cookies\joannes@adtech[1].txt 00172449 Cookie/MetriWeb TrackingCookie No 0 Yes No c:\documents and settings\joannes\cookies\joannes@metriweb[1].txt 00172449 Cookie/MetriWeb TrackingCookie No 0 Yes No c:\documents and settings\joannes\cookies\joannes@metriweb[2].txt 00207936 Cookie/Adviva TrackingCookie No 0 Yes No c:\documents and settings\joannes\cookies\joannes@adviva[1].txt 00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No c:\documents and settings\joannes\cookies\joannes@smartadserver[2].txt 03074964 Trj/CI.A Virus/Trojan No 0 Yes No c:\sy5tw21.bin\a031758195c.exe ;=================================================================================================================================================================================== SUSPECTS Sent Location ;=================================================================================================================================================================================== ;=================================================================================================================================================================================== VULNERABILITIES Id Severity Description ;=================================================================================================================================================================================== ;=================================================================================================================================================================================== zhp diad Rapport de ZHPDiag v1.28.07 par Nicolas Coolman, Update du 31/07/2011 Run by joannes at 31/07/2011 22:46:45 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 (Defaut) ---\\ System Information Windows XP Home Edition Service Pack 3 (Build 2600) ~ Processor: x86 Family 15 Model 1 Stepping 2, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 511 MB (28% free) System Restore: Désactivé (Disabled) System drive C: has 13 GB (35%) free of 37 GB ---\\ Logged in mode ~ Computer Name: J-IJOGVL4Z00ZF8 ~ User Name: joannes ~ All Users Names: UpdatusUser, SUPPORT_388945a0, joannes, HelpAssistant, ASPNET, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables ~ %AppData%=C:\Documents and Settings\joannes\Application Data\ ~ %Desktop%=C:\Documents and Settings\joannes\Bureau\ ~ %Favorites%=C:\Documents and Settings\joannes\Favoris\ ~ %LocalAppData%=C:\Documents and Settings\joannes\Local Settings\Application Data\ ~ %StartMenu%=C:\Documents and Settings\joannes\Menu Démarrer\ ---\\ DOS/Devices A:\ Floppy drive, Flash card reader, USB Key (Not Inserted) C:\ Hard drive, Flash drive, Thumb drive (Free 13 Go of 37 Go) F:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.31/07/2011 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824] [MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.31/07/2011 - 03:34:20.) -- C:\WINDOWS\system32\rundll32.exe [33792] [MD5.42F5E14E33D79C236680468B1E4999F4] - (.Microsoft Corporation - Internet Extensions for Win32.) (.31/07/2011 - 17:06:11.) -- C:\WINDOWS\system32\wininet.dll [916480] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.31/07/2011 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.31/07/2011 - 19:40:30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.31/07/2011 - 20:15:53.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976] ~ Scan Generic Processes in 00mn 01s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/3 ~ Mes musiques (My Musics) : 2/11 ~ Mes Favoris (My Favorites) : 2/64 ~ Mes Documents (My Documents) : 172/1896 ~ Mon Bureau (My Desktop) : 0/3 ~ Menu demarrer (Programs) : 6/38 ~ Scan Hidden Files in 00mn 05s ---\\ Processus lancés [MD5.8B802B483CBDE06F62DBC04DC7AFAF8E] - (.Logitech Inc. - Logitech User mode UMVPF service.) -- C:\Program Files\Fichiers communs\logishrd\LVMVFM\UMVPFSrv.exe [428640] [MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360] [MD5.62F7FD637CE42ADDA3748E1B6E8780D2] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480] [MD5.CDE000884FD7BAF0C1FDFE029B0891DE] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968] [MD5.5FD5865DC1A2100F8D4CF000EE5409A3] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [152984] [MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [322120] [MD5.32F7DEC3729B3BAE66EEBCAB7B03B18F] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 275.3.) -- C:\WINDOWS\system32\nvsvc32.exe [154728] [MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768] [MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816] [MD5.20A098A4D12E49342228D3AFE98EAFDF] - (.Microsoft Corporation - Windows Live Toolbar User Elevation Helper.) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe [223584] [MD5.4A8C4D864C04C4E5ED12970FCB251247] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [662016] ~ Scan Processes Running in 00mn 01s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@pandasecurity.com/activescan] - (.Panda Security, S.L. - Panda ActiveScan 2.0 Plugin for Firefox.) -- C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Skynet.be - LE portail belge – DE Belgische portaalsite! R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Skynet.be - LE portail belge – DE Belgische portaalsite! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Bing R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)) -- C:\WINDOWS\system32\ieframe.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Scan Hosts File in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll ~ Scan BHO in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} . (.Pas de propriétaire - Toolbar Module.) -- C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ~ Scan Toolbar in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Run: [bCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe O4 - HKUS\S-1-5-21-2025429265-1580436667-854245398-1009-2025429265-1580436667-854245398-1004\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\joannes\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe O4 - Global Startup: C:\Documents And Settings\joannes\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Documents And Settings\joannes\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe O4 - Global Startup: C:\Documents And Settings\joannes\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe ~ Scan Global Startup in 00mn 00s ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: &Envoyer à OneNote . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Excel.) -- C:\PROGRA~1\MICROS~2\Office14\EXCEL.exe ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office14\ONBTTN~1.dll O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office14\ONBTTN~1.dll O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ~ Scan Winsock in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://www.ma-config.com/plugins/MaConfig_5_1_3_0.cab O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} (ExtraFilm Uploader Control) - http://belgacom.extrafilm.be/ExtraFilmUploader6.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab ~ Scan Objets ActiveX in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{65181728-2D1F-45F5-BB43-55DB52743019}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{65181728-2D1F-45F5-BB43-55DB52743019}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{65181728-2D1F-45F5-BB43-55DB52743019}: DhcpNameServer = 192.168.1.1 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\System32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\System32\msvidctl.dll O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\System32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\System32\itss.dll O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} . (.Microsoft Corporation - Microsoft Office XP Web Components.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\10\OWC10.DLL O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\System32\mshtml.dll O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\System32\wiascr.dll O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE14\MSOXMLMF.DLL ~ Scan Protocole Additionnel in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\Windows\System32\WgaLogon.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll ~ Scan Winlogon in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\System32\stobject.dll O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} . (.Microsoft Corporation - Moniteur et dossier UPNP Tray.) -- C:\WINDOWS\system32\upnpui.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ~ Scan SSODL in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll ~ Scan STS/SSO in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 275.3.) - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: SupportSoft RemoteAssist (SupportSoft RemoteAssist) . (.SupportSoft, Inc. - ssrc Module.) - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe O23 - Service: (UMVPFSrv) . (.Logitech Inc. - Logitech User mode UMVPF service.) - C:\Program Files\Fichiers communs\logishrd\LVMVFM\UMVPFSrv.exe ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - C:\Program Files\Microsoft Office\Office10\WINWORD.exe (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GlaryInitialize.job ~ Scan Scheduled Task in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\WINDOWS\System32\DRIVERS\avipbb.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\System32\DRIVERS\imapi.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\System32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\System32\DRIVERS\mouclass.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\System32\DRIVERS\processr.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\System32\DRIVERS\rasacd.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\System32\DRIVERS\redbook.sys O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\System32\DRIVERS\serial.sys O41 - Driver: (SiSkp) . (.Silicon Integrated Systems Corporation - SiS VGA Driver Manager.) - C:\WINDOWS\System32\drivers\srvkp.sys O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\System32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys ~ Scan Drivers in 00mn 01s ---\\ Logiciels installés (O42) O42 - Logiciel: ASUS USB-G31 - (.ASUS.) [HKLM] -- {E91E8912-769D-42F0-8408-0E329443BABC} O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Caesar IV - (.Tilted Mill Entertainment.) [HKLM] -- {B7666229-351B-47D9-AA6F-DF777CF04BBF} O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite O42 - Logiciel: DAEMON Tools Toolbar - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Toolbar O42 - Logiciel: Definition update for Microsoft Office 2010 (KB982726) - (.Microsoft.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2FD3FD50-4D6B-433B-9AB8-83F04675DA44} O42 - Logiciel: Empire Earth - (.Pas de propriétaire.) [HKLM] -- {2447500B-22D7-47BD-9B13-1A927F43A267} O42 - Logiciel: Empire Earth - The Art of Conquest - (.Pas de propriétaire.) [HKLM] -- {B49C924C-A651-4378-94F6-5D9BF44A959F} O42 - Logiciel: Empire Earth Patch 1.0.4.0 - (.Pas de propriétaire.) [HKLM] -- Empire Earth Patch 1.0.4.0 O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM] -- GOM Player O42 - Logiciel: Glary Utilities 2.35.0.1216 - (.Glarysoft Ltd.) [HKLM] -- Glary Utilities_is1 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399 O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3 O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player O42 - Logiciel: Logitech Vid HD - (.Logitech Inc...) [HKLM] -- Logitech Vid O42 - Logiciel: Logitech Webcam Software - (.Logitech Inc. Inc..) [HKLM] -- {D40EB009-0499-459c-A8AF-C9C110766215} O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.0.1200 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Messenger Plus! 5 - (.Yuna Software.) [HKLM] -- Messenger Plus! O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033) O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447 O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1 O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0015-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB} O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0016-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB} O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0018-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB} O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0019-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB} O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001A-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB} O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001B-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB} O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001F-0401-0000-0000000FF1CE}_Office14.PROPLUSR_{1A43C155-3DDA-43C9-92C5-0E7D0B2B156D} O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA} O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279} O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6} O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001F-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{5072FEA2-862C-4BF0-9654-CB0DCBE2BE28} O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998} O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-002C-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C8E4AA87-3E5A-4C70-8CB7-43FE25C99B74} O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0044-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB} O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-006E-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{7C5C7E8C-F6D2-43AC-93A4-89E4FF7367E6} O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-00A1-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB} O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-00BA-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB} O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE} O42 - Logiciel: Microsoft Office Professionnel Plus 2010 - (.Microsoft Corporation.) [HKLM] -- Office14.PROPLUSR O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000 O42 - Logiciel: Mises à jour NVIDIA 1.3.5 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update O42 - Logiciel: MoD ImperiaL v4.1 - (.TeaM ImperiaL.) [HKLM] -- {C85B6A70-2ABB-4A31-8FD1-E183553A94F9} O42 - Logiciel: MoD Imperial v2.1 - (.MoD-ProyecT.) [HKLM] -- MoD Imperial_is1 O42 - Logiciel: Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.0 French Language Pack O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: NVIDIA Pilote graphique 275.33 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver O42 - Logiciel: NVIDIA nView 135.85 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView O42 - Logiciel: NVIDIA nView Desktop Manager - (.NVIDIA Corporation.) [HKLM] -- NVIDIA nView Desktop Manager O42 - Logiciel: Panda ActiveScan 2.0 - (.Panda Security.) [HKLM] -- ActiveScan 2.0 O42 - Logiciel: Praetorians - (.Pyro Studios.) [HKLM] -- {AAC8AF92-DAEC-45D2-B77D-36699E3751A9} O42 - Logiciel: Realtek AC'97 Audio - (.Realtek Semiconductor Corp..) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E} O42 - Logiciel: Revo Uninstaller 1.91 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller O42 - Logiciel: Rome - Total War - (.Activision.) [HKLM] -- InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834} O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870 O42 - Logiciel: SiS 650 - (.Pas de propriétaire.) [HKLM] -- SiS VGA Driver O42 - Logiciel: SiS 650_651_M650_M652_740 - (.Pas de propriétaire.) [HKLM] -- SiS 650_651_M650_M652_740 O42 - Logiciel: SiSAGP driver - (.Pas de propriétaire.) [HKLM] -- {DC226AC9-0314-496C-BE6A-B6A132628466} O42 - Logiciel: USB Flash Disk - (.Pas de propriétaire.) [HKLM] -- {EDFEDAEF-95AA-11D7-A949-5254AB1235E1} O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: WebTarot 1.30 - (.AtoutWeb.) [HKLM] -- WebTarot_is1 O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130 O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] -- ie7 O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Media Connect - (.Microsoft Corporation.) [HKLM] -- WMCSetup O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11 O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Windows Media Format SDK Hotfix - KB891122 - (.Microsoft Corporation.) [HKLM] -- KB891122 O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11 O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XpsEPSC ---\\ HKCU & HKLM Software Keys [HKCU\Software\Adobe] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Aurigma] [HKCU\Software\Avance] [HKCU\Software\Avira] [HKCU\Software\BitTorrent] [HKCU\Software\CDDB] [HKCU\Software\Classes] [HKCU\Software\DT Soft] [HKCU\Software\EasyBits] [HKCU\Software\GRETECH] [HKCU\Software\GameSpy] [HKCU\Software\GlarySoft] [HKCU\Software\Grand Virtual] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\Kazaa] [HKCU\Software\Leadertech] [HKCU\Software\LogiShrd] [HKCU\Software\Logitech] [HKCU\Software\LowRegistry] [HKCU\Software\Macromedia] [HKCU\Software\Mad Doc Software] [HKCU\Software\MainConcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MozillaPlugins] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\ORL] [HKCU\Software\Patchou] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Pyro Studios] [HKCU\Software\SOCID] [HKCU\Software\SSSI] [HKCU\Software\SecuROM] [HKCU\Software\Skype] [HKCU\Software\Support.com] [HKCU\Software\SupportSoft] [HKCU\Software\Sysinternals] [HKCU\Software\TheCreativeAssembly] [HKCU\Software\Trolltech] [HKCU\Software\TuneUp] [HKCU\Software\Ulead Systems] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VHLD] [HKCU\Software\VSRevoGroup] [HKCU\Software\WebTarot] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Yuna Software] [HKCU\Software\cybelsoft] [HKCU\Software\pacificpoker] [HKCU\Software\pokerinstaller] [HKCU\Software\tioga] [HKLM\Software\2B9EC021-C823-4f3d-9752-C18522DB7D98] [HKLM\Software\ASUS] [HKLM\Software\ATI Technologies] [HKLM\Software\Adobe] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Avira] [HKLM\Software\BrowserChoice] [HKLM\Software\C07ft5Y] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Common Toolkit Suite] [HKLM\Software\DT Soft] [HKLM\Software\GRETECH] [HKLM\Software\Gemplus] [HKLM\Software\GlarySoft] [HKLM\Software\Google] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\Khronos] [HKLM\Software\Logitech] [HKLM\Software\MDC] [HKLM\Software\MSI] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MidasHeurScanner] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\MySQL AB] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\PLTmp] [HKLM\Software\Panda Software] [HKLM\Software\PixArt] [HKLM\Software\Policies] [HKLM\Software\Praetorians] [HKLM\Software\Program Groups] [HKLM\Software\Pyro Studios] [HKLM\Software\RALINK] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Schlumberger] [HKLM\Software\Sierra OnLine] [HKLM\Software\Sierra] [HKLM\Software\Skype] [HKLM\Software\Software] [HKLM\Software\SupportSoft] [HKLM\Software\Symantec] [HKLM\Software\The Creative Assembly] [HKLM\Software\TuneUp] [HKLM\Software\Ulead Systems] [HKLM\Software\Via4in1Driver] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\X-AVCSD] [HKLM\Software\Yuna Software] [HKLM\Software\cybelsoft] [HKLM\Software\logishrd] [HKLM\Software\sis] [HKLM\Software\support.com] ~ Scan Softwares in 00mn 01s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 16/01/2006 - 22:07:06 - [2419499206] ----D- C:\Program Files\Activision O43 - CFD: 09/07/2011 - 19:09:42 - [129284879] ----D- C:\Program Files\Adobe O43 - CFD: 08/07/2011 - 18:17:58 - [36001791] ----D- C:\Program Files\ASUS O43 - CFD: 02/12/2010 - 22:02:52 - [136480928] ----D- C:\Program Files\Avira O43 - CFD: 28/07/2010 - 19:13:10 - [1115304] ----D- C:\Program Files\BitDefender O43 - CFD: 31/01/2010 - 17:01:14 - [2871496] ----D- C:\Program Files\CCleaner O43 - CFD: 15/03/2011 - 20:15:18 - [5531752] ----D- C:\Program Files\Common Files O43 - CFD: 22/05/2011 - 13:23:12 - [17268545] ----D- C:\Program Files\DAEMON Tools Lite O43 - CFD: 22/05/2011 - 13:23:04 - [2467939] ----D- C:\Program Files\DAEMON Tools Toolbar O43 - CFD: 28/03/2006 - 21:56:08 - [0] ----D- C:\Program Files\directx O43 - CFD: 17/03/2005 - 18:04:00 - [564173287] ----D- C:\Program Files\Eidos Interactive O43 - CFD: 09/07/2011 - 22:33:12 - [837282393] ----D- C:\Program Files\Fichiers communs O43 - CFD: 27/07/2011 - 21:59:16 - [23343286] ----D- C:\Program Files\Glary Utilities O43 - CFD: 08/02/2011 - 22:43:20 - [20783971] ----D- C:\Program Files\GRETECH O43 - CFD: 03/07/2011 - 15:19:38 - [16671851] ----D- C:\Program Files\Help O43 - CFD: 17/03/2005 - 17:13:36 - [2251111] ----D- C:\Program Files\HighMAT CD Writing Wizard O43 - CFD: 08/07/2011 - 18:17:56 - [136721720] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 16/06/2011 - 09:26:50 - [8336248] ----D- C:\Program Files\Internet Explorer O43 - CFD: 24/11/2008 - 19:28:44 - [687395156] ----D- C:\Program Files\Java O43 - CFD: 15/03/2011 - 20:40:56 - [132898303] ----D- C:\Program Files\Logitech O43 - CFD: 03/07/2011 - 14:54:58 - [6508117] ----D- C:\Program Files\ma-config.com O43 - CFD: 19/06/2011 - 11:58:26 - [7648680] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 27/08/2008 - 19:39:28 - [2147758] ----D- C:\Program Files\Messenger O43 - CFD: 01/11/2010 - 16:50:52 - [15830082] ----D- C:\Program Files\Messenger Plus! Live O43 - CFD: 19/03/2009 - 21:29:10 - [1544075] ----D- C:\Program Files\Microsoft O43 - CFD: 08/02/2011 - 23:26:38 - [39848379] ----D- C:\Program Files\Microsoft Analysis Services O43 - CFD: 11/05/2007 - 19:01:10 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 17/03/2005 - 15:24:22 - [0] ----D- C:\Program Files\microsoft frontpage O43 - CFD: 08/02/2011 - 23:36:06 - [1085753699] ----D- C:\Program Files\Microsoft Office O43 - CFD: 16/06/2011 - 18:14:32 - [38411899] ----D- C:\Program Files\Microsoft Silverlight O43 - CFD: 08/02/2011 - 23:36:00 - [3635637] ----D- C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 19/03/2009 - 21:27:30 - [2304341] ----D- C:\Program Files\Microsoft Sync Framework O43 - CFD: 08/02/2011 - 23:37:56 - [326800] ----D- C:\Program Files\Microsoft Synchronization Services O43 - CFD: 17/03/2005 - 16:01:44 - [14904] ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD: 08/02/2011 - 23:30:10 - [1378033] ----D- C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 23/05/2011 - 20:20:30 - [8167779] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 30/08/2010 - 09:22:52 - [11350841] ----D- C:\Program Files\Movie Maker O43 - CFD: 08/02/2011 - 23:40:48 - [26521] ----D- C:\Program Files\MSBuild O43 - CFD: 13/06/2010 - 17:29:00 - [6223658] ----D- C:\Program Files\MSI O43 - CFD: 24/06/2008 - 20:44:32 - [19278399] ----D- C:\Program Files\msn O43 - CFD: 17/03/2005 - 15:20:16 - [8745735] ----D- C:\Program Files\MSN Gaming Zone O43 - CFD: 04/01/2008 - 20:12:36 - [6849] ----D- C:\Program Files\MSXML 6.0 O43 - CFD: 24/06/2008 - 20:41:04 - [3285523] ----D- C:\Program Files\NetMeeting O43 - CFD: 03/07/2011 - 15:05:10 - [440565618] ----D- C:\Program Files\NVIDIA Corporation O43 - CFD: 17/03/2005 - 17:04:46 - [475659] ----D- C:\Program Files\OfficeUpdate11 O43 - CFD: 16/12/2010 - 10:28:26 - [4379321] ----D- C:\Program Files\Outlook Express O43 - CFD: 31/07/2011 - 19:39:16 - [156388043] ----D- C:\Program Files\Panda Security O43 - CFD: 25/06/2011 - 19:19:26 - [43563540] ----D- C:\Program Files\Realtek AC97 O43 - CFD: 03/01/2008 - 23:41:42 - [37949185] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 15/06/2006 - 21:27:06 - [1395229] ----D- C:\Program Files\RegClean O43 - CFD: 13/06/2010 - 17:31:48 - [4425900] ----D- C:\Program Files\Setup Files O43 - CFD: 22/05/2011 - 13:48:08 - [1322397204] ----D- C:\Program Files\Sierra O43 - CFD: 03/07/2011 - 14:58:30 - [7168] ----D- C:\Program Files\sisagp O43 - CFD: 09/07/2011 - 22:33:22 - [15141852] R---D- C:\Program Files\Skype O43 - CFD: 31/05/2006 - 20:16:28 - [3391488] ----D- C:\Program Files\support.com O43 - CFD: 15/06/2006 - 21:20:30 - [2272606] ----D- C:\Program Files\ToniArts O43 - CFD: 17/03/2005 - 15:28:50 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 26/12/2006 - 21:11:44 - [3907652] ----D- C:\Program Files\USBDisk O43 - CFD: 13/06/2010 - 16:55:16 - [6770777] ----D- C:\Program Files\VS Revo Group O43 - CFD: 19/05/2011 - 22:29:04 - [14720271] ----D- C:\Program Files\Webtarot O43 - CFD: 27/07/2010 - 08:51:50 - [141953811] ----D- C:\Program Files\Windows Live O43 - CFD: 19/03/2009 - 21:22:22 - [245112] ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD: 08/02/2011 - 22:22:46 - [3581070] ----D- C:\Program Files\Windows Media Connect 2 O43 - CFD: 08/02/2011 - 22:22:56 - [12044276] ----D- C:\Program Files\Windows Media Player O43 - CFD: 24/06/2008 - 20:41:00 - [3942655] ----D- C:\Program Files\Windows NT O43 - CFD: 17/03/2005 - 16:29:44 - [0] --H-D- C:\Program Files\WindowsUpdate O43 - CFD: 16/01/2006 - 21:48:12 - [3619777] ----D- C:\Program Files\WinRAR O43 - CFD: 17/03/2005 - 15:24:22 - [0] ----D- C:\Program Files\xerox O43 - CFD: 18/04/2011 - 20:01:12 - [20111946] ----D- C:\Program Files\Yuna Software O43 - CFD: 31/07/2011 - 22:47:04 - [4104512] ----D- C:\Program Files\ZHPDiag O43 - CFD: 15/03/2011 - 20:15:18 - [1953552] ----D- C:\Program Files\Common Files\LogiShrd O43 - CFD: 31/01/2010 - 15:19:56 - [3578200] ----D- C:\Program Files\Common Files\SupportSoft O43 - CFD: 09/07/2011 - 19:10:20 - [12534995] ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD: 29/11/2010 - 23:06:06 - [103333] ----D- C:\Program Files\Fichiers Communs\BitDefender O43 - CFD: 08/02/2011 - 23:37:52 - [99136] ----D- C:\Program Files\Fichiers Communs\DESIGNER O43 - CFD: 10/01/2006 - 22:29:48 - [16386683] ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD: 11/06/2006 - 20:23:50 - [85166853] ----D- C:\Program Files\Fichiers Communs\Java O43 - CFD: 03/07/2011 - 15:21:00 - [61071745] ----D- C:\Program Files\Fichiers Communs\LogiShrd O43 - CFD: 15/03/2011 - 20:15:30 - [5241923] ----D- C:\Program Files\Fichiers Communs\LWS O43 - CFD: 09/02/2011 - 00:00:40 - [354250882] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD: 17/03/2005 - 15:21:38 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD: 17/03/2005 - 15:13:44 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD: 17/03/2005 - 15:21:44 - [8106] ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD: 17/03/2005 - 15:13:42 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD: 31/01/2010 - 15:51:34 - [14103576] ----D- C:\Program Files\Fichiers Communs\SupportSoft O43 - CFD: 29/07/2010 - 22:29:48 - [518810] ----D- C:\Program Files\Fichiers Communs\Symantec Shared O43 - CFD: 03/07/2011 - 14:24:00 - [13899034] ----D- C:\Program Files\Fichiers Communs\System O43 - CFD: 19/03/2009 - 21:13:58 - [232205857] ----D- C:\Program Files\Fichiers Communs\Windows Live O43 - CFD: 03/03/2008 - 19:21:24 - [37620071] -SH-D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller O43 - CFD: 30/06/2008 - 18:48:10 - [4368098] ----D- C:\Documents and Settings\joannes\Application Data\Adobe O43 - CFD: 11/03/2007 - 15:34:12 - [152420] ----D- C:\Documents and Settings\joannes\Application Data\Apple Computer O43 - CFD: 07/12/2010 - 22:47:22 - [0] ----D- C:\Documents and Settings\joannes\Application Data\Avira O43 - CFD: 29/10/2006 - 11:46:20 - [173778] ----D- C:\Documents and Settings\joannes\Application Data\BitTorrent O43 - CFD: 22/05/2011 - 13:43:34 - [2380] ----D- C:\Documents and Settings\joannes\Application Data\DAEMON Tools Lite O43 - CFD: 29/07/2010 - 22:15:32 - [22520] ----D- C:\Documents and Settings\joannes\Application Data\GlarySoft O43 - CFD: 08/02/2011 - 22:44:10 - [785] ----D- C:\Documents and Settings\joannes\Application Data\GRETECH O43 - CFD: 15/06/2006 - 21:32:14 - [0] ----D- C:\Documents and Settings\joannes\Application Data\Help O43 - CFD: 17/03/2005 - 15:28:56 - [0] ----D- C:\Documents and Settings\joannes\Application Data\Identities O43 - CFD: 22/05/2011 - 13:44:06 - [0] ----D- C:\Documents and Settings\joannes\Application Data\InstallShield O43 - CFD: 31/01/2010 - 16:10:04 - [0] ----D- C:\Documents and Settings\joannes\Application Data\Lavasoft O43 - CFD: 15/03/2011 - 20:20:22 - [224] ----D- C:\Documents and Settings\joannes\Application Data\Leadertech O43 - CFD: 16/12/2010 - 22:13:22 - [1056] ----D- C:\Documents and Settings\joannes\Application Data\Macromedia O43 - CFD: 27/01/2010 - 23:43:50 - [17502] ----D- C:\Documents and Settings\joannes\Application Data\Malwarebytes O43 - CFD: 15/03/2011 - 20:20:22 - [23769717] -S--D- C:\Documents and Settings\joannes\Application Data\Microsoft O43 - CFD: 29/03/2007 - 19:44:46 - [0] ----D- C:\Documents and Settings\joannes\Application Data\Screenshot Sender O43 - CFD: 31/07/2011 - 19:13:46 - [2753445] ----D- C:\Documents and Settings\joannes\Application Data\Skype O43 - CFD: 09/07/2011 - 22:32:38 - [25928] ----D- C:\Documents and Settings\joannes\Application Data\skypePM O43 - CFD: 11/06/2006 - 20:30:24 - [313125] ----D- C:\Documents and Settings\joannes\Application Data\Sun O43 - CFD: 06/02/2008 - 20:19:28 - [14730] ----D- C:\Documents and Settings\joannes\Application Data\Symantec O43 - CFD: 11/10/2006 - 18:55:18 - [2858] ----D- C:\Documents and Settings\joannes\Application Data\TuneUp Software O43 - CFD: 11/07/2009 - 19:16:34 - [3461120] ----D- C:\Documents and Settings\joannes\Application Data\U3 O43 - CFD: 20/03/2007 - 21:43:28 - [28] ----D- C:\Documents and Settings\joannes\Application Data\Ulead Systems O43 - CFD: 25/06/2011 - 21:25:16 - [0] ----D- C:\Documents and Settings\joannes\Application Data\Windows Live Writer O43 - CFD: 09/07/2011 - 19:04:12 - [177152] ----D- C:\Documents and Settings\joannes\Local Settings\Application Data\Adobe O43 - CFD: 04/01/2008 - 20:36:14 - [0] ----D- C:\Documents and Settings\joannes\Local Settings\Application Data\Apple O43 - CFD: 06/08/2006 - 13:51:30 - [85293] ----D- C:\Documents and Settings\joannes\Local Settings\Application Data\Apple Computer O43 - CFD: 11/06/2006 - 10:30:34 - [9592] ----D- C:\Documents and Settings\joannes\Local Settings\Application Data\ApplicationHistory O43 - CFD: 15/06/2006 - 21:32:14 - [0] ----D- C:\Documents and Settings\joannes\Local Settings\Application Data\Help O43 - CFD: 16/06/2006 - 18:53:14 - [71305016] ----D- C:\Documents and Settings\joannes\Local Settings\Application Data\Identities O43 - CFD: 15/03/2011 - 20:25:26 - [1391404] ----D- C:\Documents and Settings\joannes\Local Settings\Application Data\LogiShrd O43 - CFD: 26/02/2011 - 10:07:32 - [560531148] ----D- C:\Documents and Settings\joannes\Local Settings\Application Data\Microsoft O43 - CFD: 08/02/2011 - 23:26:20 - [0] ----D- C:\Documents and Settings\joannes\Local Settings\Application Data\Microsoft Help O43 - CFD: 31/07/2011 - 19:29:42 - [7208757] ----D- C:\Documents and Settings\joannes\Local Settings\Application Data\NPE O43 - CFD: 25/06/2011 - 20:02:16 - [83835] ----D- C:\Documents and Settings\joannes\Local Settings\Application Data\SupportSoft O43 - CFD: 25/06/2011 - 21:25:20 - [373617] ----D- C:\Documents and Settings\joannes\Local Settings\Application Data\Windows Live Writer ~ Scan Program Folder in 01mn 05s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.4F9209CFE8BFA029ED89184F98A8A0D4] - 31/07/2011 - 21:44:27 ---A- . (...) -- C:\WINDOWS\ntbtlog.txt [824] O44 - LFC:[MD5.3ADB8BD6154A3EF87496E8FCE9C22493] - 31/07/2011 - 18:39:20 ---A- . (.Panda Security, S.L. - Panda Boot Driver.) -- C:\WINDOWS\System32\drivers\pavboot.sys [28552] O44 - LFC:[MD5.27C5641D9C58F1A5E46245E6009B3C94] - 31/07/2011 - 18:39:17 ---A- . (...) -- C:\WINDOWS\setupapi.log [61310] O44 - LFC:[MD5.2DD45D0879992D420BB2F86E5B72AE5F] - 31/07/2011 - 18:26:41 RSHA- . (...) -- C:\boot.ini [216] O44 - LFC:[MD5.AE8EA50C8D8ACF080C7CF7F2622D8DC1] - 31/07/2011 - 18:20:37 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1991448] O44 - LFC:[MD5.2A41FB7605E7AF4F401C6907B3447E86] - 31/07/2011 - 18:20:00 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [12618] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 31/07/2011 - 18:19:14 ---A- . (...) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.FD8708C487A1D23A436775065051AD36] - 31/07/2011 - 18:18:09 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.219F6AE3CDAC936E7D22B110489F6155] - 31/07/2011 - 18:18:08 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 31/07/2011 - 18:17:44 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.B76EE6A477D9A383C23C006C896B4A63] - 31/07/2011 - 18:16:26 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32532] O44 - LFC:[MD5.718A5F664BD78CF727F5D662EBA4B2DA] - 31/07/2011 - 18:14:09 ---A- . (.Symantec Corporation - SMR.) -- C:\WINDOWS\System32\drivers\SMR200.SYS [83064] O44 - LFC:[MD5.3FD2FABCA0E3A86426E947DDF0FAB4DA] - 14/07/2011 - 07:13:34 ---A- . (...) -- C:\WINDOWS\System32\FNTCACHE.DAT [272576] O44 - LFC:[MD5.023867B6606FBABCDD52E089C4A507DA] - 08/07/2011 - 17:18:14 ---A- . (.Cisco Systems, Inc. - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\System32\drivers\AegisP.sys [21361] O44 - LFC:[MD5.F97005A87E6A71E293A8B6C7CA39AF25] - 03/07/2011 - 14:21:13 ---A- . (...) -- C:\WINDOWS\System32\lvcoinst.log [22939] O44 - LFC:[MD5.262A515CFE8CA823D805C7A092E552F1] - 03/07/2011 - 14:04:12 ---A- . (...) -- C:\WINDOWS\System32\nvdrsdb0.bin [273344] O44 - LFC:[MD5.93B885ADFE0DA089CDF634904FD59F71] - 03/07/2011 - 14:04:12 ---A- . (...) -- C:\WINDOWS\System32\nvdrssel.bin [1] O44 - LFC:[MD5.0AFC2228F8E8C6A10CD9BD634BAE5ADC] - 03/07/2011 - 14:04:07 ---A- . (...) -- C:\WINDOWS\System32\nvdrsdb1.bin [273344] O44 - LFC:[MD5.3FB0300920B08DA69E3DED4FD7BA5AE1] - 03/07/2011 - 14:01:56 ---A- . (.NVIDIA Corporation - Display Driver Coinstaller.) -- C:\WINDOWS\System32\nvdispco3220150.dll [899688] O44 - LFC:[MD5.F71C6CFDAE7AD4D59F12CF55AE83BAF6] - 03/07/2011 - 14:01:56 ---A- . (.NVIDIA Corporation - Generic Coinstaller.) -- C:\WINDOWS\System32\nvgenco322090.dll [865896] O44 - LFC:[MD5.33CFB8BAA7F109BC800A843A8F370408] - 03/07/2011 - 13:23:59 ---A- . (...) -- C:\WINDOWS\win.ini [1493] O44 - LFC:[MD5.BDE19FEAA67DA200EFCF557FBC14E549] - 25/05/2011 - 08:25:57 ---A- . (...) -- C:\WINDOWS\System32\nvdata.data [2123582] O44 - LFC:[MD5.8663014233AC899B26A996C7CC014F0C] - 25/05/2011 - 08:25:57 ---A- . (...) -- C:\WINDOWS\System32\nvinfo.pb [3249] O44 - LFC:[MD5.BD733372AE21A010BF8A5511D7711C2D] - 30/11/2005 - 10:33:08 ---A- . (...) -- C:\WINDOWS\System32\rt73.bin [2048] ~ Scan Files in 00mn 14s ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe" [Enabled] .(...) -- C:\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe O47 - AAKE:Key Export SP - "C:\Sierra\Empire Earth\Empire Earth.exe" [Enabled] .(...) -- C:\Sierra\Empire Earth\Empire Earth.exe O47 - AAKE:Key Export SP - "C:\Program Files\BitTorrent\bittorrent.exe" [Enabled] .(...) -- C:\Program Files\BitTorrent\bittorrent.exe (.not file.) O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "C:\Program Files\Internet Explorer\iexplore.exe" [Enabled] .(.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe" [Enabled] .(...) -- C:\Program Files\eMule\emule.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Total War\Medieval - Total War\Medieval_TW.exe" [Enabled] .(...) -- C:\Program Files\Total War\Medieval - Total War\Medieval_TW.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\GameSpy Arcade\Aphex.exe" [Enabled] .(...) -- C:\Program Files\GameSpy Arcade\Aphex.exe (.not file.) O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dplaysvr.exe" [Enabled] .(.Microsoft Corporation - Microsoft DirectPlay Helper.) -- C:\WINDOWS\system32\dplaysvr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Eidos Interactive\Pyro Studios\Praetorians\praetorians.exe" [Enabled] .(...) -- C:\Program Files\Eidos Interactive\Pyro Studios\Praetorians\praetorians.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe O47 - AAKE:Key Export SP - "C:\Program Files\Java\jre6\bin\java.exe" [Enabled] .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\java.exe O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" [Enabled] .(.Microsoft Corporation - Microsoft SharePoint Workspace.) -- C:\Program Files\Microsoft Office\Office14\GROOVE.exe O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" [Enabled] .(.Microsoft Corporation - Microsoft OneNote.) -- C:\Program Files\Microsoft Office\Office14\ONENOTE.exe O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Outlook.) -- C:\Program Files\Microsoft Office\Office14\OUTLOOK.exe O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Plugin Manager\skypePM.exe" [Enabled] .(...) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Logitech\Vid HD\Vid.exe" [Enabled] .(.Logitech Inc. - Logitech Vid HD.) -- C:\Program Files\Logitech\Vid HD\Vid.exe O47 - AAKE:Key Export SP - "C:\Documents and Settings\joannes\Local Settings\Temp\Update_c2c8.exe" [Enabled] .(...) -- C:\Documents and Settings\joannes\Local Settings\Temp\Update_c2c8.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\ma-config.com\maconfservice.exe" [Enabled] .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe O47 - AAKE:Key Export SP - "C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" [Enabled] .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe ~ Scan Keys in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\System32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\System32\Drivers\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\System32\Drivers\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\System32\Drivers\rdpdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\System32\Drivers\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\System32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.) ~ Scan CSB in 00mn 00s ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ~ Scan IFEO in 00mn 00s ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{74615220-ab5a-11de-b205-0015f29952f1}\AutoRun\command - Clé orpheline O51 - MPSK:{8ba42c90-6e3e-11de-b193-0015f29952f1}\AutoRun\command. (...) -- E:\LaunchU3.exe (.not file.) O51 - MPSK:{9f8b9460-b408-11dd-8d3c-0015f29952f1}\AutoRun\command. (...) -- E:\LaunchU3.exe (.not file.) ~ Scan Keys in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"VIDC.I420"="lvcodec2.dll" . (.Logitech Inc. - Video Codec.) -- C:\WINDOWS\System32\lvcodec2.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\System32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\System32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\System32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm ~ Scan Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.023867B6606FBABCDD52E089C4A507DA] - 31/07/2011 - 17:18:14 ---A- . (.Cisco Systems, Inc. - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\drivers\AegisP.sys [21361] O58 - SDL:[MD5.A4124165BF701536AC4D2AFBF8B4E452] - 31/07/2011 - 10:40:56 ---A- . (.Alcatel Bell - Helps WDM drivers locate other system components.) -- C:\WINDOWS\system32\drivers\alcacr.sys [4000] O58 - SDL:[MD5.318D6DBC291FD2BB7DC891CF59341E04] - 31/07/2011 - 10:41:30 ---A- . (.Alcatel Bell - Alcatel USB ADSL NDIS 5 WAN Miniport driver.) -- C:\WINDOWS\system32\drivers\alcan5wn.sys [54256] O58 - SDL:[MD5.E3A564DDE82B7FDC92A3128D80418B24] - 31/07/2011 - 10:41:04 ---A- . (.Alcatel Bell - Alcatel USB WDM xDSL Class Driver.) -- C:\WINDOWS\system32\drivers\alcaudsl.sys [735568] O58 - SDL:[MD5.55188AD43D73247CFF83E07ABA1DC007] - 31/07/2011 - 10:40:46 ---A- . (.Alcatel Bell - System-specific functions for Alcatel WDM drivers.) -- C:\WINDOWS\system32\drivers\alcawh.sys [5440] O58 - SDL:[MD5.DD8520280304B6145A6BE31008748C7C] - 31/07/2011 - 09:40:22 R--A- . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\WINDOWS\system32\drivers\alcxwdm.sys [4122368] O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 31/07/2011 - 15:28:03 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys [45416] O58 - SDL:[MD5.47B879406246FFDCED59E18D331A0E7D] - 31/07/2011 - 20:24:26 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys [61960] O58 - SDL:[MD5.87451AA7CC6B6A590EBCEA05E755075A] - 31/07/2011 - 15:28:03 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys [22360] O58 - SDL:[MD5.5FEDEF54757B34FB611B9EC8FB399364] - 31/07/2011 - 18:25:50 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\WINDOWS\system32\drivers\avipbb.sys [137656] O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 31/07/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528] O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 31/07/2011 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776] O58 - SDL:[MD5.555E54AC2F601A8821CEF58961653991] - 31/07/2011 - 12:32:51 ---A- . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys [218688] O58 - SDL:[MD5.AF280405C10F0D20F37670B7432E5C2F] - 31/07/2011 - 23:02:14 ---A- . (.Logitech Inc. - Logitech AudioProcessing Filter Driver.) -- C:\WINDOWS\system32\drivers\lvpopflt.sys [114784] O58 - SDL:[MD5.B6E1CCD6572984ADCAE68439AFD07011] - 31/07/2011 - 06:09:48 ---A- . (.Logitech Inc. - Logitech Kernel Audio Improvement Filter Driver.) -- C:\WINDOWS\system32\drivers\lvrs.sys [291424] O58 - SDL:[MD5.6C42815DD57E397F0CD988304B5EB4B3] - 31/07/2011 - 06:11:10 ---A- . (.Logitech Inc. - Logitech USB Video Class Driver.) -- C:\WINDOWS\system32\drivers\lvuvc.sys [4333280] O58 - SDL:[MD5.20FE03294AC1429AE88A64C2F754B0D4] - 31/07/2011 - 23:04:20 ---A- . (.Logitech Inc. - Logitech USB Video Class Filter Driver.) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys [23904] O58 - SDL:[MD5.3D2C13377763EEAC0CA6FB46F57217ED] - 31/07/2011 - 08:11:20 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22712] O58 - SDL:[MD5.B309912717C29FC67E1BA4730A82B6DD] - 31/07/2011 - 08:11:30 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [39984] O58 - SDL:[MD5.D7010580BF4E45D5E793A1FE75758C69] - 31/07/2011 - 20:27:21 ---A- . (.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\drivers\mdc8021x.sys [15781] O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 31/07/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032] O58 - SDL:[MD5.8B2C874897EA498DA012284E12F9DB2B] - 31/07/2011 - 08:25:56 ---A- . (.NVIDIA Corporation - NVIDIA Windows XP Miniport Driver, Version 275.33.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys [12753664] O58 - SDL:[MD5.3ADB8BD6154A3EF87496E8FCE9C22493] - 31/07/2011 - 09:37:16 ---A- . (.Panda Security, S.L. - Panda Boot Driver.) -- C:\WINDOWS\system32\drivers\pavboot.sys [28552] O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 31/07/2011 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792] O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 31/07/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032] O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 31/07/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032] O58 - SDL:[MD5.723281EFD3FC5A3C95AB55236474E2A1] - 31/07/2011 - 13:45:26 ---A- . (.Ralink Technology Inc. - Sample Driver for Ralink 802.11g Wireless USB Adapters.) -- C:\WINDOWS\system32\drivers\rt2500usb.sys [240384] O58 - SDL:[MD5.D507C1400284176573224903819FFDA3] - 31/07/2011 - 22:31:34 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139 NDIS 5.0 Driver.) -- C:\WINDOWS\system32\drivers\rtl8139.sys [20992] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 31/07/2011 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.9E7DEE11FD5A4355941A45F13C0ED59A] - 31/07/2011 - 13:22:14 ---A- . (.Protection Technology (StarForce) - FrontLine Environment Driver.) -- C:\WINDOWS\system32\drivers\sfdrv01.sys [51200] O58 - SDL:[MD5.ECEFB59D2206D281E6D317AF0EA0D8BD] - 31/07/2011 - 10:38:23 ---A- . (.Protection Technology (StarForce) - FrontLine Helper Driver.) -- C:\WINDOWS\system32\drivers\sfhlp02.sys [6656] O58 - SDL:[MD5.6B33D0EBD30DB32E27D1D78FE946A754] - 31/07/2011 - 19:36:39 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\sisagp.sys [40960] O58 - SDL:[MD5.61CA562DEF09A782D26B3E7EDEC5369A] - 31/07/2011 - 08:58:20 ---A- . (.Silicon Integrated Systems Corporation - SiS AGPv3.5 Filter.) -- C:\WINDOWS\system32\drivers\SISAGPX.SYS [36992] O58 - SDL:[MD5.32F29CDCAB5B20D62BB84810662FBDBC] - 31/07/2011 - 15:58:14 ---A- . (.Silicon Integrated Systems Corporation - SiS Compatible Super VGA Driver.) -- C:\WINDOWS\system32\drivers\sisgrp.sys [220672] O58 - SDL:[MD5.B4485881BD8AED9B157A2E6CF43C2D51] - 31/07/2011 - 16:50:46 ---A- . (.Silicon Integrated Systems Corp. - SiS PCI Mini IDE Driver.) -- C:\WINDOWS\system32\drivers\siside.sys [4096] O58 - SDL:[MD5.6225224B8E846AC230F8D9B343635910] - 31/07/2011 - 15:14:46 R--A- . (.Windows ® 2000 DDK provider - SISIDEX Driver.) -- C:\WINDOWS\system32\drivers\sisidex.sys [49024] O58 - SDL:[MD5.596D4A7052002D2BD344D8937DA6F66D] - 31/07/2011 - 16:19:08 ---A- . (.Silicon Integrated Systems Corp. - SiS Filter Driver.) -- C:\WINDOWS\system32\drivers\sisperf.sys [9472] O58 - SDL:[MD5.718A5F664BD78CF727F5D662EBA4B2DA] - 31/07/2011 - 18:14:09 ---A- . (.Symantec Corporation - SMR.) -- C:\WINDOWS\system32\drivers\SMR200.SYS [83064] O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 31/07/2011 - 00:00:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\sptd.sys [431672] O58 - SDL:[MD5.15DA420E7314941AAAE4B199D9CF342B] - 31/07/2011 - 15:57:56 ---A- . (.Silicon Integrated Systems Corporation - SiS VGA Driver Manager.) -- C:\WINDOWS\system32\drivers\srvkp.sys [12416] O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 31/07/2011 - 15:28:02 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys [28520] O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 31/07/2011 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376] O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 31/07/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112] O58 - SDL:[MD5.F76EA9AE8D32EC50159795D29674465E] - 31/07/2011 - 04:30:00 ---A- . (.VIA Technologies, Inc. - VIA NT AGP Filter.) -- C:\WINDOWS\system32\drivers\viaagp1.sys [32128] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 31/07/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:[MD5.05A56C3156E1B6CC7BBD8E1D54D491F2] - 31/07/2011 - 18:54:06 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) -- C:\WINDOWS\system32\ASNDIS5.sys [16269] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 31/07/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097] O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 31/07/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912] O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 31/07/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 31/07/2011 - 22:46:56 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 31/07/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 31/07/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 31/07/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 31/07/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 31/07/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 31/07/2011 - 22:45:26 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 31/07/2011 - 22:45:16 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 31/07/2011 - 22:45:12 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 31/07/2011 - 22:45:16 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 31/07/2011 - 22:45:14 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560] ~ Scan Drivers in 00mn 26s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 08/07/2011 - C:\WINDOWS\System32\DRIVERS\AegisP.sys - AEGIS Protocol (IEEE 802.1x) v3.7.5.0(AegisP) .(.Cisco Systems, Inc. - IEEE 802.1X Protocol Driver.) - LEGACY_AEGISP O64 - Services: CurCS - 27/04/2011 - C:\Program Files\Avira\AntiVir Desktop\sched.exe - Avira AntiVir Planificateur(AntiVirSchedulerService) .(.Avira GmbH - Antivirus Scheduler.) - LEGACY_ANTIVIRSCHEDULERSERVICE O64 - Services: CurCS - 31/03/2011 - C:\Program Files\Avira\AntiVir Desktop\avguard.exe - Avira AntiVir Guard(AntiVirService) .(.Avira GmbH - Antivirus On-Access Service.) - LEGACY_ANTIVIRSERVICE O64 - Services: CurCS - 09/09/2002 - C:\WINDOWS\system32\ASNDIS5.sys - ASNDIS5 Protocol Driver(ASNDIS5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) - LEGACY_ASNDIS5 O64 - Services: CurCS - 17/06/2010 - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio(avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO O64 - Services: CurCS - 15/12/2010 - C:\WINDOWS\System32\DRIVERS\avgntflt.sys - avgntflt(avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - 31/03/2011 - C:\WINDOWS\System32\DRIVERS\avipbb.sys - avipbb(avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique(dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - 28/08/2001 - C:\WINDOWS\System32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - 02/07/2011 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys - driverhardwarev2(driverhardwarev2) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2 O64 - Services: CurCS - ??/??/???? - C:\Program Files\MSI\Live Update 4\LU4\FLASHsys.sys (.not file.) - FLASHSYS (FLASHSYS) .(...) - LEGACY_FLASHSYS O64 - Services: CurCS - 03/04/2005 - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe - InstallDriver Table Manager(IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT O64 - Services: CurCS - 24/11/2008 - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - 03/07/2011 - C:\Program Files\ma-config.com\maconfservice.exe - Ma-Config Service(maconfservice) .(.CybelSoft - Service de détection matériel.) - LEGACY_MACONFSERVICE O64 - Services: CurCS - 09/06/2006 - C:\WINDOWS\System32\DRIVERS\mdc8021x.sys - AEGIS Protocol (IEEE 802.1x) v2.3.1.9(MDC8021X) .(.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) - LEGACY_MDC8021X O64 - Services: CurCS - 25/05/2011 - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Driver Helper Service(NVSvc) .(.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 275.3.) - LEGACY_NVSVC O64 - Services: CurCS - 25/05/2011 - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe - NVIDIA Update Service Daemon(nvUpdatusService) .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) - LEGACY_NVUPDATUSSERVICE O64 - Services: CurCS - 13/11/2007 - C:\WINDOWS\System32\DRIVERS\secdrv.sys - Secdrv(Secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 26/03/2006 - C:\WINDOWS\System32\drivers\sfdrv01.sys - StarForce Protection Environment Driver (version 1.x)(sfdrv01) .(.Protection Technology (StarForce) - FrontLine Environment Driver.) - LEGACY_SFDRV01 O64 - Services: CurCS - 13/03/2006 - C:\WINDOWS\System32\drivers\sfhlp02.sys - StarForce Protection Helper Driver (version 2.x)(sfhlp02) .(.Protection Technology (StarForce) - FrontLine Helper Driver.) - LEGACY_SFHLP02 O64 - Services: CurCS - 17/10/2002 - C:\WINDOWS\System32\drivers\sisidex.sys - sisidex(sisidex) .(.Windows ® 2000 DDK provider - SISIDEX Driver.) - LEGACY_SISIDEX O64 - Services: CurCS - 31/07/2011 - C:\WINDOWS\System32\drivers\SMR200.sys - Symantec SMR Utility Service 2.0.0(SMR200) .(.Symantec Corporation - SMR.) - LEGACY_SMR200 O64 - Services: CurCS - ??/??/???? - C:\WINDOWS\system32\Drivers\sptd.sys - sptd (sptd) .(...) - LEGACY_SPTD O64 - Services: CurCS - 17/06/2010 - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys - ssmdrv(ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - 01/04/2011 - C:\Program Files\Fichiers communs\logishrd\LVMVFM\UMVPFSrv.exe - UMVPFSrv(UMVPFSrv) .(.Logitech Inc. - Logitech User mode UMVPF service.) - LEGACY_UMVPFSRV ~ Scan Services in 00mn 04s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {05EEC121-5BEB-4A00-8B2A-AEC38B987241} - (Wikipedia (en)) - Wikipedia, the free encyclopedia O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {3D60FDCD-0B78-48BD-88C8-EDEDA746855C} - (Google) - Google O69 - SBI: SearchScopes [HKCU] {570E00E6-B32E-414B-9B4D-188248677B1F} - (Youtube) - http://www.youtube.com O69 - SBI: SearchScopes [HKCU] {8ABC3C14-2C17-4B68-BE60-185185FBD1C0} [DefaultScope] - (Google Skynet) - Skynet.be - LE portail belge – DE Belgische portaalsite! O69 - SBI: SearchScopes [HKCU] {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} - (DAEMON Search) - DAEMON-Search.com :: EXPLORE O69 - SBI: SearchScopes [HKCU] {DDFB46EA-5894-4C6D-A44E-980690A900FB} - (Blogs) - Skynet.be - LE portail belge – DE Belgische portaalsite! ~ Scan Keys in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.EF937D90E300FCEFDE70067C422E06D7] [sPRF][04/08/2009] (.Panda Security - Panda ActiveScan 2.0 Stub Library.) -- C:\WINDOWS\Downloaded Program Files\as2stubie.dll [132352] [MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][05/01/2009] (...) -- C:\WINDOWS\Downloaded Program Files\bdcore.dll [32] [MD5.2B1C4C87EB20ADDBA59DCA975E28DFFB] [sPRF][05/01/2009] (...) -- C:\WINDOWS\Downloaded Program Files\ipsupd.dll [741376] [MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][05/01/2009] (...) -- C:\WINDOWS\Downloaded Program Files\libfn.dll [32] [MD5.842B2C495E82BBD698C92A87170EEBC5] [sPRF][19/08/2009] (.Microsoft® Corporation - Windows Live Photo Upload Tool.) -- C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll [829288] [MD5.03F57E8A00774D831926DAC89B21BB2D] [sPRF][20/11/2006] (.Microsoft® Corporation - MSN Photo Upload Tool.) -- C:\WINDOWS\Downloaded Program Files\PURen-us.dll [117088] [MD5.732CACA8E848F6E721B093E51FC50B1D] [sPRF][09/01/2007] (.Microsoft® Corporation - Outil MSN Téléchargement de photos.) -- C:\WINDOWS\Downloaded Program Files\PURfr-be.dll [110592] ~ Scan Files in 00mn 00s ---\\ Scan Additionnel (O88) Database Version : 8592 - (31/07/2011) Clés trouvées (Keys found) : 8 Valeurs trouvées (Values found) : 2 Dossiers trouvés (Folders found) : 1 Fichiers trouvés (Files found) : 0 [HKLM\Software\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}] =>PUP.BearShare [HKLM\Software\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}] =>PUP.BearShare [HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] =>Toolbar.AskSBar [HKLM\Software\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}] =>PUP.BearShare [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\everest casino] =>Adware.Casino [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\everest poker] =>Adware.Casino [HKCU\Software\Grand Virtual] =>Spyware.AgenceExclusive [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar] =>Toolbar.Agent [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{32099aac-c132-4136-9e9a-4e364a424e17} =>Toolbar.Agent [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{32099aac-c132-4136-9e9a-4e364a424e17} =>Toolbar.Agent C:\Program Files\DAEMON Tools Toolbar =>Toolbar.Agent ~ Scan Additionnel in 00mn 34s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 31/07/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe SR - | Auto 31/07/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe SS - | Demand 31/07/2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe SS - | Demand 31/07/2011 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe SR - | Auto 31/07/2011 152984 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe SS - | Demand 31/07/2011 311416 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe SR - | Auto 31/07/2011 154728 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe SR - | Auto 31/07/2011 2214504 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe SS - | Auto 31/07/2011 382320 | (SupportSoft RemoteAssist) . (.SupportSoft, Inc..) - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe SR - | Auto 31/07/2011 428640 | (UMVPFSrv) . (.Logitech Inc..) - C:\Program Files\Fichiers communs\logishrd\LVMVFM\UMVPFSrv.exe ~ Scan Services in 00mn 00s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by joannes at 31/07/2011 22:49:43 device: opened successfully user: MBR read successfully Disk trace: called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys siside.sys PCIIDEX.SYS >>UNKNOWN [0x82FCEAB8]<< C:\WINDOWS\system32\drivers\sptd.sys C:\WINDOWS\system32\drivers\siside.sys Silicon Integrated Systems Corp. SiS PCI Mini IDE Driver 1 nt!IofCallDriver[0x804E37D5] -> \Device\Harddisk0\DR0[0x82ED4AB8] 3 CLASSPNP[0xF8776FD7] -> nt!IofCallDriver[0x804E37D5] -> \Device\00000061[0x82EF8F18] 5 ACPI[0xF858D620] -> nt!IofCallDriver[0x804E37D5] -> \Device\Ide\IdeDeviceP0T0L0-3[0x82EF5940] kernel: MBR read successfully user & kernel MBR OK ~ Scan MBR in 00mn 03s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by joannes at 31/07/2011 22:49:45 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 05s End of the scan (1067 lines in 03mn 00s)(0) Merci de votre aide
-
connexion internet saute RESOLU MERCI
johan1 a répondu à un(e) sujet de johan1 dans Analyses et éradication malwares
mbr effectué a trouvé un truc la connection est redevenu stable sans faire la 3 eme manipulation cause a effet je ne sais pas mais voici le rapport et Merci encore une fois Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5863 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 24/02/2011 13:19:24 mbam-log-2011-02-24 (13-19-24).txt Type d'examen: Examen complet (C:\|F:\|G:\|) Elément(s) analysé(s): 283456 Temps écoulé: 1 heure(s), 52 minute(s), 51 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): g:\ZHPDiag\catchme.exe (Trojan.Agent) -> Quarantined and deleted successfully. -
connexion internet saute RESOLU MERCI
johan1 a répondu à un(e) sujet de johan1 dans Analyses et éradication malwares
voici le 1 er des raports je fais maintenant mbr. Rapport de ZHPFix 1.12.3255 par Nicolas Coolman, Update du 19/02/2011 Fichier d'export Registre : G:\ZHPExportRegistry-24-02-2011-10-15-37.txt Run by JOANNES at 24/02/2011 10:15:37 Windows XP Home Edition Service Pack 3 (Build 2600) Web site : ZHPFix Fix de rapport Contact : nicolascoolman@yahoo.fr ========== Clé(s) du Registre ========== HKLM\Software\Freeze.com => Clé supprimée avec succès O51 - MPSK:{21b885f8-ac2f-11de-99e5-0010a72c43b5}\AutoRun\command - Clé orpheline => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 018f0d6f (018f0d6f) .(...) - LEGACY_018F0D6F => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 02e10b9c (02e10b9c) .(...) - LEGACY_02E10B9C => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 043f4e97 (043f4e97) .(...) - LEGACY_043F4E97 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 05b1f6fe (05b1f6fe) .(...) - LEGACY_05B1F6FE => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 076d162a (076d162a) .(...) - LEGACY_076D162A => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 07c0e51b (07c0e51b) .(...) - LEGACY_07C0E51B => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 0afb2dee (0afb2dee) .(...) - LEGACY_0AFB2DEE => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 0c85adf6 (0c85adf6) .(...) - LEGACY_0C85ADF6 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 0f14722d (0f14722d) .(...) - LEGACY_0F14722D => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 128dfa30 (128dfa30) .(...) - LEGACY_128DFA30 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 15b8f1ed (15b8f1ed) .(...) - LEGACY_15B8F1ED => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 162907fa (162907fa) .(...) - LEGACY_162907FA => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 177925c4 (177925c4) .(...) - LEGACY_177925C4 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 1779c477 (1779c477) .(...) - LEGACY_1779C477 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 179909ec (179909ec) .(...) - LEGACY_179909EC => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 17fc5c5f (17fc5c5f) .(...) - LEGACY_17FC5C5F => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 194d4a5e (194d4a5e) .(...) - LEGACY_194D4A5E => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 1a77ee66 (1a77ee66) .(...) - LEGACY_1A77EE66 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 2152d1c2 (2152d1c2) .(...) - LEGACY_2152D1C2 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 2158bfaa (2158bfaa) .(...) - LEGACY_2158BFAA => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 22387777 (22387777) .(...) - LEGACY_22387777 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 22ad250c (22ad250c) .(...) - LEGACY_22AD250C => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 236497ca (236497ca) .(...) - LEGACY_236497CA => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 2558efc4 (2558efc4) .(...) - LEGACY_2558EFC4 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 25844303 (25844303) .(...) - LEGACY_25844303 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 29fb3cc6 (29fb3cc6) .(...) - LEGACY_29FB3CC6 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 2dac414f (2dac414f) .(...) - LEGACY_2DAC414F => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 30adf2b4 (30adf2b4) .(...) - LEGACY_30ADF2B4 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 30c1618c (30c1618c) .(...) - LEGACY_30C1618C => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 32b902e1 (32b902e1) .(...) - LEGACY_32B902E1 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 377cdefb (377cdefb) .(...) - LEGACY_377CDEFB => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 38be3096 (38be3096) .(...) - LEGACY_38BE3096 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 3d0d5424 (3d0d5424) .(...) - LEGACY_3D0D5424 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 3d7f6879 (3d7f6879) .(...) - LEGACY_3D7F6879 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 3f5dbc3d (3f5dbc3d) .(...) - LEGACY_3F5DBC3D => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 40f8b112 (40f8b112) .(...) - LEGACY_40F8B112 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 414f1b7f (414f1b7f) .(...) - LEGACY_414F1B7F => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 417f056a (417f056a) .(...) - LEGACY_417F056A => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 42144367 (42144367) .(...) - LEGACY_42144367 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 431f24d8 (431f24d8) .(...) - LEGACY_431F24D8 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 45066f19 (45066f19) .(...) - LEGACY_45066F19 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 45757b77 (45757b77) .(...) - LEGACY_45757B77 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 466b0bb6 (466b0bb6) .(...) - LEGACY_466B0BB6 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 51e03c58 (51e03c58) .(...) - LEGACY_51E03C58 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 51f2039c (51f2039c) .(...) - LEGACY_51F2039C => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 5350bcc2 (5350bcc2) .(...) - LEGACY_5350BCC2 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 591fe6f8 (591fe6f8) .(...) - LEGACY_591FE6F8 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 5bfb0a9c (5bfb0a9c) .(...) - LEGACY_5BFB0A9C => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 67c97e76 (67c97e76) .(...) - LEGACY_67C97E76 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 68255893 (68255893) .(...) - LEGACY_68255893 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 6a8d942e (6a8d942e) .(...) - LEGACY_6A8D942E => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 6b0bac53 (6b0bac53) .(...) - LEGACY_6B0BAC53 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 6e0b85ad (6e0b85ad) .(...) - LEGACY_6E0B85AD => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 6efc1d03 (6efc1d03) .(...) - LEGACY_6EFC1D03 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 6f16900e (6f16900e) .(...) - LEGACY_6F16900E => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 6f1b843a (6f1b843a) .(...) - LEGACY_6F1B843A => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 739193c2 (739193c2) .(...) - LEGACY_739193C2 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 754778c4 (754778c4) .(...) - LEGACY_754778C4 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 77ac0b85 (77ac0b85) .(...) - LEGACY_77AC0B85 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 780bf89c (780bf89c) .(...) - LEGACY_780BF89C => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 78abe0e2 (78abe0e2) .(...) - LEGACY_78ABE0E2 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 78fb0a9c (78fb0a9c) .(...) - LEGACY_78FB0A9C => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 7ae2bc1c (7ae2bc1c) .(...) - LEGACY_7AE2BC1C => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 7be02229 (7be02229) .(...) - LEGACY_7BE02229 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 7bef6aad (7bef6aad) .(...) - LEGACY_7BEF6AAD => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 7f00ba7b (7f00ba7b) .(...) - LEGACY_7F00BA7B => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 7f85ad0c (7f85ad0c) .(...) - LEGACY_7F85AD0C => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 80385db3 (80385db3) .(...) - LEGACY_80385DB3 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 80525d01 (80525d01) .(...) - LEGACY_80525D01 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 80b3c7c6 (80b3c7c6) .(...) - LEGACY_80B3C7C6 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 813a9a75 (813a9a75) .(...) - LEGACY_813A9A75 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 85079c5a (85079c5a) .(...) - LEGACY_85079C5A => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 862a329f (862a329f) .(...) - LEGACY_862A329F => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 869358bf (869358bf) .(...) - LEGACY_869358BF => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 874214c4 (874214c4) .(...) - LEGACY_874214C4 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 8793c530 (8793c530) .(...) - LEGACY_8793C530 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 8bb88e4f (8bb88e4f) .(...) - LEGACY_8BB88E4F => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 8c288ca8 (8c288ca8) .(...) - LEGACY_8C288CA8 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 8d96fd06 (8d96fd06) .(...) - LEGACY_8D96FD06 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 8dafe407 (8dafe407) .(...) - LEGACY_8DAFE407 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 8ff188cd (8ff188cd) .(...) - LEGACY_8FF188CD => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 93128dfb (93128dfb) .(...) - LEGACY_93128DFB => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 932ca95f (932ca95f) .(...) - LEGACY_932CA95F => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 94c7ac6e (94c7ac6e) .(...) - LEGACY_94C7AC6E => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - 9c03b178 (9c03b178) .(...) - LEGACY_9C03B178 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - aa1b3440 (aa1b3440) .(...) - LEGACY_AA1B3440 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - aac7d26f (aac7d26f) .(...) - LEGACY_AAC7D26F => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - adf22f30 (adf22f30) .(...) - LEGACY_ADF22F30 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - b11b507f (b11b507f) .(...) - LEGACY_B11B507F => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - b350084a (b350084a) .(...) - LEGACY_B350084A => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - b352c85a (b352c85a) .(...) - LEGACY_B352C85A => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - b6216408 (b6216408) .(...) - LEGACY_B6216408 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - bbde43d9 (bbde43d9) .(...) - LEGACY_BBDE43D9 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - be45d622 (be45d622) .(...) - LEGACY_BE45D622 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - be55cd5c (be55cd5c) .(...) - LEGACY_BE55CD5C => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - becc1a45 (becc1a45) .(...) - LEGACY_BECC1A45 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - bfaafb0b (bfaafb0b) .(...) - LEGACY_BFAAFB0B => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - c22c78c3 (c22c78c3) .(...) - LEGACY_C22C78C3 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - c53096fd (c53096fd) .(...) - LEGACY_C53096FD => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - c624da6d (c624da6d) .(...) - LEGACY_C624DA6D => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - cc36255c (cc36255c) .(...) - LEGACY_CC36255C => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - cdc4427f (cdc4427f) .(...) - LEGACY_CDC4427F => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - cec13385 (cec13385) .(...) - LEGACY_CEC13385 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - d311a582 (d311a582) .(...) - LEGACY_D311A582 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - d44a7f09 (d44a7f09) .(...) - LEGACY_D44A7F09 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - d936b902 (d936b902) .(...) - LEGACY_D936B902 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - de4355fc (de4355fc) .(...) - LEGACY_DE4355FC => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - de5bcebd (de5bcebd) .(...) - LEGACY_DE5BCEBD => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - defba954 (defba954) .(...) - LEGACY_DEFBA954 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - df0d5043 (df0d5043) .(...) - LEGACY_DF0D5043 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - e6f99737 (e6f99737) .(...) - LEGACY_E6F99737 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - edefc40b (edefc40b) .(...) - LEGACY_EDEFC40B => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - efd6226d (efd6226d) .(...) - LEGACY_EFD6226D => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - f14eac90 (f14eac90) .(...) - LEGACY_F14EAC90 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - f2e85caf (f2e85caf) .(...) - LEGACY_F2E85CAF => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - fae88768 (fae88768) .(...) - LEGACY_FAE88768 => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - fb2dee5c (fb2dee5c) .(...) - LEGACY_FB2DEE5C => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - fd06fb0b (fd06fb0b) .(...) - LEGACY_FD06FB0B => Clé supprimée avec succès O64 - Services: CurCS - (.not file.) - fd84b02d (fd84b02d) .(...) - LEGACY_FD84B02D => Clé supprimée avec succès ========== Valeur(s) du Registre ========== FirewallRaz : Aucune valeur présente dans la clé d'exception du registre . ========== Elément(s) de donnée du Registre ========== [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: Modified => Donnée supprimée avec succès ========== Dossier(s) ========== Dossiers temporaires Windows supprimés: 23 ========== Fichier(s) ========== Fichiers temporaires Windows supprimés : 32 ========== Récapitulatif ========== 121 : Clé(s) du Registre 1 : Valeur(s) du Registre 1 : Elément(s) de donnée du Registre 1 : Dossier(s) 1 : Fichier(s) End of the scan -
Bonjour, Pouvez vous me dire si il n y a pas de petit probleme sur mon pc Ma connexion saute souvent. Merci d avance de votre aide Rapport de ZHPDiag v1.27.162 par Nicolas Coolman, Update du 20/02/2011 Run by JOANNES at 23/02/2011 11:49:11 Web site : ZHPDiag Outil de diagnostic Contact : nicolascoolman@yahoo.fr ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 (Defaut) ---\\ System Information Windows XP Home Edition Service Pack 3 (Build 2600) Processor: x86 Family 15 Model 3 Stepping 4, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 1535 MB (67% free) System Restore: Activé (Enable) System drive C: has 108 GB (80%) free of 135 GB ---\\ Logged in mode Computer Name: J-IDUMKXMZPCFO0 User Name: JOANNES All Users Names: SUPPORT_388945a0, JOANNES, HelpAssistant, ASPNET, Administrateur, Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables %AppData%=C:\Documents and Settings\JOANNES\Application Data %LocalAppData%=C:\Documents and Settings\JOANNES\Local Settings\Application Data %StartMenu%=C:\Documents and Settings\JOANNES\Menu Démarrer ---\\ DOS/Devices A:\ Floppy drive, Flash card reader, USB Key (Not Inserted) C:\ Hard drive, Flash drive, Thumb drive (Free 108 Go of 135 Go) D:\ Floppy drive, Flash card reader, USB Key (Free 0 Go of 0 Go) E:\ CD-ROM drive (Not Inserted) F:\ Hard drive, Flash drive, Thumb drive (Free 44 Go of 49 Go) G:\ Hard drive, Flash drive, Thumb drive (Free 46 Go of 49 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: Modified [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 3:34:03.) -- C:\Windows\Explorer.exe [1037824] [MD5.AF4EAA3B35A2D206E1902D7CA61B958A] - (.Microsoft Corporation - Internet Extensions for Win32.) (.21/12/2010 0:53:04.) -- C:\Windows\System32\wininet.dll [916480] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 3:34:28.) -- C:\Windows\System32\Winlogon.exe [512000] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 19:40:30.) -- C:\Windows\System32\drivers\atapi.sys [96512] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 20:15:53.) -- C:\Windows\System32\drivers\ntfs.sys [574976] ---\\ Processus lancés [MD5.A2EAEB497CA29ECAEAF0DF66AD85C57D] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [413696] [MD5.655D4DA7A440FFCF1ADFF2EB9D3072B4] - (.BitDefender S.R.L. - BitDefender Update Service.) -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe [308552] [MD5.B715ABF90831A37918EB4CAD2CF9DF69] - (.BitDefender S.R.L. - BitDefender Security Service.) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe [1615688] [MD5.ED5411A69C5BAC78D245C893AF64352A] - (.CobianSoft, Luis Cobian - Cobian Backup Boletus VSC service.) -- C:\Program Files\Cobian Backup 10\cbVSCService.exe [67584] [MD5.06302EA7EDA9DCDD7F82CEC2A03D2015] - (.Luis Cobian, CobianSoft - Cobian Backup Boletus Service.) -- C:\Program Files\Cobian Backup 10\cbService.exe [1125376] [MD5.CC64BB2D200031B11A16FF69DF3E3907] - (.BitDefender S.R.L. - BitDefender Agent.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe [1123360] [MD5.9E2944289377456DDC4FE3B50F39B5A0] - (.Luis Cobian, CobianSoft - Cobian Backup 10 Boletus.) -- C:\Program Files\Cobian Backup 10\cbInterface.exe [3154432] [MD5.E0B31733CFBB95CFE19A5232CA42DDDA] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Miele\InstallerService\MieleInstallerService.exe [28672] [MD5.C51A8F65835FC53DCEF6D9C0F1D61210] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Miele\InstallerServiceStartStopper\MieleInstallerServiceStartStopper.exe [28672] [MD5.837608240884733792DDAE81E50B802A] - (.Microsoft Corporation - SQL Server Windows NT.) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408] [MD5.837608240884733792DDAE81E50B802A] - (.Microsoft Corporation - SQL Server Windows NT.) -- C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29293408] [MD5.1C9F0AE9BA757239A6F9B0D652DBCEC2] - (.Oki Data Corporation - OPHCLDCS.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHCLDCS.EXE [24576] [MD5.5FAF80080E1F0E7244E373D48C1F09F9] - (.Ralink Technology, Corp. - RalinkRegistryWriter.) -- C:\Program Files\RALINK\Common\RalinkRegistryWriter.exe [69632] [MD5.3978F082274F723AD5A0A8058C2417DD] - (.Analog Devices, Inc. - SoundMAX service agent component.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056] [MD5.D89083C4EB02DACA8F944B0E05E57F9D] - (.Microsoft Corporation - SQL Server VSS Writer.) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [86880] [MD5.166B6630CE180A861BD7C9110FF339D1] - (.BitDefender S.R.L. - BitDefender Security Center.) -- C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe [1091984] [MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816] [MD5.5BD349A76D79F8E8F94EEBCB1F12224C] - (.Nicolas Coolman - Diagnostic Tool.) -- G:\ZHPDiag\ZHPDiag.exe [631296] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX, LLC - DivX Web Player version 2.1.0.900.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll P2 - FPN: [HKLM] [@divx.com/DivX Content Upload Plugin,version=1.0.0] - (.DivX,Inc. - DivX® Content Upload Plugin.) -- G:\DivX\DivX Content Uploader\npUpload.dll P2 - FPN: [HKLM] [@divx.com/DivX OVS Helper,version=1.0.0] - (.DivX, LLC. - DivX OVS Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.DivX, Inc - npdivxplayerplugin.) -- F:\DivX\DivX Player\npDivxPlayerPlugin.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60129.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) G1 - GCS: Preference [user Data\Default] Bing ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Skynet.be - LE portail belge – DE Belgische portaalsite! R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Duxet.com R0 - HKUS\S-1-5-21-1614895754-602162358-725345543-1004\Software\Microsoft\Internet Explorer\Main,Start Page = Skynet.be - LE portail belge – DE Belgische portaalsite! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Bing R1 - HKUS\S-1-5-21-1614895754-602162358-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19019 (longhorn_ie8_gdr.101217-1700)) -- C:\WINDOWS\system32\ieframe.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} . (.DivX, LLC - DivX Web Player version 2.1.0.900.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} . (.DivX, LLC - DivX Web Player version 2.1.0.900.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} . (.BitDefender S.R.L. - BitDefender Antiphishing Toolbar.) -- C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [bDAgent] . (.BitDefender S.R.L. - BitDefender Agent.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] . (.BitDefender S.R.L. - IEShow Application.) -- C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe O4 - HKLM\..\Run: [Cobian Backup 10 Interface] . (.Luis Cobian, CobianSoft - Cobian Backup 10 Boletus.) -- C:\Program Files\Cobian Backup 10\cbInterface.exe ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\JOANNES\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe O4 - Global Startup: C:\Documents And Settings\JOANNES\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Documents And Settings\JOANNES\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/distribution/alternatiff-ax-w32-2.0.0.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{B989F08A-DA75-4E67-ADAF-CA1DED7E2A46}: DhcpNameServer = 10.0.0.138 O17 - HKLM\System\CS1\Services\Tcpip\..\{B989F08A-DA75-4E67-ADAF-CA1DED7E2A46}: DhcpNameServer = 10.0.0.138 O17 - HKLM\System\CS2\Services\Tcpip\..\{B989F08A-DA75-4E67-ADAF-CA1DED7E2A46}: DhcpNameServer = 10.0.0.138 O17 - HKLM\System\CCS\Services\Tcpip\..\{B989F08A-DA75-4E67-ADAF-CA1DED7E2A46}: DhcpDomain = lan O17 - HKLM\System\CS1\Services\Tcpip\..\{B989F08A-DA75-4E67-ADAF-CA1DED7E2A46}: DhcpDomain = lan O17 - HKLM\System\CS2\Services\Tcpip\..\{B989F08A-DA75-4E67-ADAF-CA1DED7E2A46}: DhcpDomain = lan O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\Windows\System32\Ati2evxx.dll O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\System32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} . (.Microsoft Corporation - Moniteur et dossier UPNP Tray.) -- C:\WINDOWS\system32\upnpui.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (Arrakis3) . (.BitDefender S.R.L. http://www.bitdefender.c - Arrakis Web Server.) - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: (ATI Smart) . (.Pas de propriétaire - ATI Smart.) - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: (cbVSCService) . (.CobianSoft, Luis Cobian - Cobian Backup Boletus VSC service.) - C:\Program Files\Cobian Backup 10\cbVSCService.exe O23 - Service: (CobianBackup10) . (.Luis Cobian, CobianSoft - Cobian Backup Boletus Service.) - C:\Program Files\Cobian Backup 10\cbService.exe O23 - Service: (dmadmin) . (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - C:\WINDOWS\System32\dmadmin.exe O23 - Service: (gupdate1caf362c3eb72d4) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: (LIVESRV) . (.BitDefender S.R.L. - BitDefender Update Service.) - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: (maconfservice) . (.CybelSoft - Service de détection matériel.) - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: (MieleInstallerService) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Miele\InstallerService\MieleInstallerService.exe O23 - Service: (MieleInstallerServiceStartStopper) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Miele\InstallerServiceStartStopper\MieleInstallerServiceStartStopper.exe O23 - Service: (OKI OPHC DCS Loader) . (.Oki Data Corporation - OPHCLDCS.) - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHCLDCS.exe O23 - Service: (RalinkRegistryWriter) . (.Ralink Technology, Corp. - RalinkRegistryWriter.) - C:\Program Files\RALINK\Common\RalinkRegistryWriter.exe O23 - Service: (SoundMAX Agent Service (default)) . (.Analog Devices, Inc. - SoundMAX service agent component.) - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: (Symantec Core LC) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - G:\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: (VSSERV) . (.BitDefender S.R.L. - BitDefender Security Service.) - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - C:\Program Files\Microsoft Office\Office10\WINWORD.exe (.not file.) ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Final Media Player Update Checker.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GlaryInitialize.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (bdftdif) . (.BitDefender LLC - BitDefender Firewall TDI Filter Driver.) - C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\intelppm.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\processr.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys ---\\ Logiciels installés (O42) O42 - Logiciel: ATI - Software Uninstall Utility - (.Pas de propriétaire.) [HKLM] -- All ATI Software O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] -- ATI Display Driver O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Reader X (10.0.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA0000000001} O42 - Logiciel: Belgium e-ID middleware 3.5.3 (build 6193) - (.Belgian Government.) [HKLM] -- {824563DE-75AD-4166-9DC0-B6482F206193} O42 - Logiciel: BitDefender Internet Security 2010 - (.BitDefender.) [HKLM] -- {8227074F-0438-4DCE-886F-3E55FB86B79D} O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: CPH_Offline - (.Pas de propriétaire.) [HKLM] -- ST6UNST #1 O42 - Logiciel: Cobian Backup 10 - (.Pas de propriétaire.) [HKLM] -- CobBackup10 O42 - Logiciel: Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00B2-040C-0000-0000000FF1CE} O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM] -- DivX Setup.divx.com O42 - Logiciel: DYMO Label Software - (.Pas de propriétaire.) [HKLM] -- DYMO Label Software O42 - Logiciel: DivX Converter - (.DivX, Inc..) [HKLM] -- {B13A7C41581B411290FBC0395694E2A9} O42 - Logiciel: DivX Plus DirectShow Filters - (.DivX, Inc..) [HKLM] -- DivX Plus DirectShow Filters O42 - Logiciel: Final Media Player 2010 - (.Bitberry Software.) [HKLM] -- FinalMediaPlayer_is1 O42 - Logiciel: Glary Utilities 2.31.0.1098 - (.Glarysoft Ltd.) [HKLM] -- Glary Utilities_is1 O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4286E640-B5FB-11DF-AC4B-005056C00008} O42 - Logiciel: HP Imaging Device Functions 13.0 - (.HP.) [HKLM] -- HP Imaging Device Functions O42 - Logiciel: HP Photosmart Essential 3.5 - (.HP.) [HKLM] -- HP Photosmart Essential O42 - Logiciel: HP Photosmart Premier Software 6.5 - (.HP.) [HKLM] -- HP Photo & Imaging O42 - Logiciel: HP Scanjet 3800 - (.HP.) [HKLM] -- {1A1A9F0B-2C77-40EE-9052-42B2EBBDD52B} O42 - Logiciel: HP Scanjet 3800 series 7.0 - (.HP.) [HKLM] -- {A6E22793-168D-4680-81E5-E66DD3CFF583} O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {74DC0593-6BC6-4001-AD5F-D810AFB68D86} O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.0 (KB932471) - (.Microsoft Corporation.) [HKLM] -- KB932471.T301_380ToU433_380 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399 O42 - Logiciel: Hotfix for Windows XP (KB915800-v4) - (.Microsoft Corporation.) [HKLM] -- KB915800-v4 O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5 O42 - Logiciel: IZArc 4.1 - (.Ivan Zahariev.) [HKLM] -- {97C82B44-D408-4F14-9252-47FC1636D23E}_is1 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8} O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} O42 - Logiciel: MSXML 6.0 Parser - (.Microsoft Corporation.) [HKLM] -- {A43BF6A5-D5F0-4AAA-BF41-65995063EC44} O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {14E3D14B-7852-477D-ACE2-895AF4322804} O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Marvell Miniport Driver - (.Marvell.) [HKLM] -- Marvell Miniport Driver O42 - Logiciel: Messenger Plus! Live - (.Yuna Software.) [HKLM] -- Messenger Plus! Live O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033) O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700} O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447 O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906 O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA - (.Microsoft Corporation.) [HKLM] -- {72AD53CC-CCC0-3757-8480-9EE176866A7C} O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA - (.Microsoft Corporation.) [HKLM] -- {0BD83598-C2EF-3343-847B-7D2E84599128} O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E} O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702} O42 - Logiciel: Microsoft .NET Framework 4 Extended FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {043F86B7-EE12-3399-B2CA-D0B603D87963} O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1 O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping O42 - Logiciel: Microsoft Office 2003 Web Components - (.Microsoft Corporation.) [HKLM] -- {90A4040C-6000-11D3-8CFE-0150048383C9} O42 - Logiciel: Microsoft Office 2007 Primary Interop Assemblies - (.Microsoft Corporation.) [HKLM] -- {50120000-1105-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Professional 2007 - (.Microsoft Corporation.) [HKLM] -- PROR O42 - Logiciel: Microsoft Office Professional 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Small Business Connectivity Components - (.Microsoft Corporation.) [HKLM] -- {A939D341-5A04-4E0A-BB55-3E65B386432D} O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft SQL Server 2005 - (.Microsoft Corporation.) [HKLM] -- Microsoft SQL Server 2005 O42 - Logiciel: Microsoft SQL Server 2005 Express Edition (MIELE_ETD) - (.Microsoft Corporation.) [HKLM] -- {2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F} O42 - Logiciel: Microsoft SQL Server 2005 Express Edition (MIELE_WDA) - (.Microsoft Corporation.) [HKLM] -- {6DEF11C0-35FF-4160-A543-FDD336C4DAE5} O42 - Logiciel: Microsoft SQL Server Native Client - (.Microsoft Corporation.) [HKLM] -- {7670D32F-DAE6-4E49-8C8B-B3F08B5B1686} O42 - Logiciel: Microsoft SQL Server Setup Support Files (English) - (.Microsoft Corporation.) [HKLM] -- {53F5C3EE-05ED-4830-994B-50B2F0D50FCE} O42 - Logiciel: Microsoft SQL Server VSS Writer - (.Microsoft Corporation.) [HKLM] -- {E7084B89-69E0-46B3-A118-8F99D06988CD} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000 O42 - Logiciel: Miele Offline-ETD - (.Miele & Cie. KG.) [HKLM] -- {8B0E4583-58BA-46D2-9FAC-F3185B18A240} O42 - Logiciel: Miele Offline-WDA - (.Miele & Cie. KG.) [HKLM] -- {2903672A-7522-44DC-8940-221AF125E506} O42 - Logiciel: Miele eBTD - (.Pas de propriétaire.) [HKLM] -- {B88C0D02-4A3C-4ABD-B13E-4E79B725D623} O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE} O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Extended FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended FRA Language Pack O42 - Logiciel: Navman NavDesk 2008 - (.Navman Technologies NZ Ltd.) [HKLM] -- {9C8732C3-32DE-4569-9E90-30040D76DABC} O42 - Logiciel: OCR Software by I.R.I.S. 13.0 - (.HP.) [HKLM] -- HPOCR O42 - Logiciel: OGA Notifier 1.7.0105.35.0 - (.Microsoft Corporation.) [HKLM] -- {25E98ECB-5727-408E-B30A-2CAF86F5B310} O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238} O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} O42 - Logiciel: Package de base Microsoft de service de chiffrement pour cartes à puce - (.Microsoft Corporation.) [HKLM] -- KB909520 O42 - Logiciel: Popsy 3.0 - (.Systemat sa.) [HKLM] -- {1381C2A2-B9B7-4A18-B112-7F1F8C7B05BB} O42 - Logiciel: Popsy 3.0 SE - (.Systemat sa.) [HKLM] -- {7276E684-5267-492B-BFE9-109802E23CB5} O42 - Logiciel: PowerQuest PartitionMagic 8.0 - (.PowerQuest.) [HKLM] -- InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804} O42 - Logiciel: Ralink Wireless LAN - (.RaLink.) [HKLM] -- {FAB1F336-1B7C-4057-A7BC-2922CD82A781} O42 - Logiciel: RedistCRXI - (.Systemat s.a..) [HKLM] -- {BB53E02E-8AB2-4AA5-8F2D-C0A56D1A8B94} O42 - Logiciel: Revo Uninstaller 1.91 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller O42 - Logiciel: Sauvegarde des Dossiers personnels Microsoft Outlook - (.Microsoft Corporation.) [HKLM] -- {C63E7C60-25EB-11D3-8EDA-00A0C911E8E5} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{5C497F0B-2061-4CC9-A61C-6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{CD769337-C8AC-46DB-A7DC-643E50089263} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2289158) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{210B16C0-CEBD-4DE9-B474-04A7E8735E16} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{536FB502-775F-4494-BACE-C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2416472) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2416472 O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{5A4E43D5-858F-49BD-BA72-8F30E1793060} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{B23002DD-34EC-4988-B810-A5E2A0BF04F1} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46} O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer (KB2413381) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{3DED0A62-44C8-4E00-A785-5212F297A9D9} O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{3A4CDE54-2403-483D-8D9A-15E3264410DF} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} O42 - Logiciel: SoundMAX - (.Analog Devices.) [HKLM] -- {F0A37341-D692-11D4-A984-009027EC0A9C} O42 - Logiciel: Speccy - (.Piriform.) [HKLM] -- Speccy O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5464-3428-900000000004} O42 - Logiciel: TomTom HOME 2.7.6.2056 - (.TomTom.) [HKLM] -- TomTom HOME O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533} O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2412171) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{752A0B7C-BD24-4362-AC86-AB63FEE6F46F} O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2492475) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{AB9C3240-8F97-4998-8911-3D40044124FC} O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053 - (.DivX, Inc.) [HKLM] -- {5EE7D259-D137-4438-9A5F-42F432EC0421} O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729) - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27} O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01 O42 - Logiciel: WebTarot 1.29 - (.AtoutWeb.) [HKLM] -- WebTarot_is1 O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B} O42 - Logiciel: Windows Management Framework Core - (.Microsoft Corporation.) [HKLM] -- KB968930 O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11 O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Windows Media Format SDK Hotfix - KB891122 - (.Microsoft Corporation.) [HKLM] -- KB891122 O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11 O42 - Logiciel: Windows Presentation Foundation - (.Microsoft Corporation.) [HKLM] -- {BAF78226-3200-4DB4-BE33-4D922A799840} O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XpsEPSC ---\\ HKCU & HKLM Software Keys [HKCU\Software\ATI] [HKCU\Software\Adobe] [HKCU\Software\Analog Devices] [HKCU\Software\AppDataLow\Software\Adobe] [HKCU\Software\AppDataLow\Software\MIE] [HKCU\Software\AppDataLow\Software\Macromedia] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\BEID] [HKCU\Software\BitDefender] [HKCU\Software\Bitberry] [HKCU\Software\Borland] [HKCU\Software\Business Objects] [HKCU\Software\Classes] [HKCU\Software\CpuIdle Extreme] [HKCU\Software\DPOC] [HKCU\Software\DYMO] [HKCU\Software\DivXNetworks] [HKCU\Software\DivX] [HKCU\Software\Foxit Software] [HKCU\Software\GlarySoft] [HKCU\Software\Google] [HKCU\Software\HP] [HKCU\Software\Hewlett-Packard] [HKCU\Software\I.R.I.S.] [HKCU\Software\IM Providers] [HKCU\Software\IZSoftware] [HKCU\Software\Intel] [HKCU\Software\Iris] [HKCU\Software\Licenses] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\LowRegistry] [HKCU\Software\MIE] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MozillaPlugins] [HKCU\Software\Navman] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\PDFCreator] [HKCU\Software\Patchou] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\PowerQuest] [HKCU\Software\SXP] [HKCU\Software\Seagate Software] [HKCU\Software\Smax4] [HKCU\Software\SpeedTouch] [HKCU\Software\Systemat] [HKCU\Software\T.Aragon] [HKCU\Software\TomTom] [HKCU\Software\Trolltech] [HKCU\Software\VSRevoGroup] [HKCU\Software\WebTarot] [HKCU\Software\cybelsoft] [HKCU\Software\hp Install Update] [HKCU\Software\rb9Z52; ?] [HKLM\Software\ASUS] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Adobe] [HKLM\Software\Analog Devices] [HKLM\Software\Andrea Electronics] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\BEID] [HKLM\Software\BitDefender] [HKLM\Software\Borland] [HKLM\Software\BrowserChoice] [HKLM\Software\Business Objects] [HKLM\Software\C07ft5Y] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CobianSoft] [HKLM\Software\Corel] [HKLM\Software\DYMO] [HKLM\Software\DivXNetworks] [HKLM\Software\DivX] [HKLM\Software\Freeze.com] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\HP] [HKLM\Software\Hewlett-Packard] [HKLM\Software\INTEL] [HKLM\Software\IZSoftware] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\LEAD Technologies, Inc.] [HKLM\Software\MDC] [HKLM\Software\MIE] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MapInfo] [HKLM\Software\Marvell] [HKLM\Software\MidasHeurScanner] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NOS] [HKLM\Software\Navman] [HKLM\Software\ODBC] [HKLM\Software\Okidata] [HKLM\Software\Patchou] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\PowerQuest] [HKLM\Software\Program Groups] [HKLM\Software\RALINK] [HKLM\Software\RegisteredApplications] [HKLM\Software\S3R521] [HKLM\Software\SXP] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Schlumberger] [HKLM\Software\Sensaura] [HKLM\Software\Softwin] [HKLM\Software\Staccato] [HKLM\Software\SymDebug] [HKLM\Software\SymNRT] [HKLM\Software\Systemat] [HKLM\Software\TomTom] [HKLM\Software\W3i] [HKLM\Software\WholeSecurity] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\cybelsoft] ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 17/02/2011 - 13:11:20 ----D- C:\Program Files\Adobe O43 - CFD: 6/09/2007 - 10:39:56 ----D- C:\Program Files\Analog Devices O43 - CFD: 12/09/2007 - 15:08:30 ----D- C:\Program Files\ATI Technologies O43 - CFD: 17/02/2010 - 12:54:24 ----D- C:\Program Files\Belgium Identity Card O43 - CFD: 15/09/2009 - 12:46:14 ----D- C:\Program Files\BitDefender O43 - CFD: 16/04/2008 - 10:13:46 ----D- C:\Program Files\Business Objects O43 - CFD: 4/10/2010 - 9:39:54 ----D- C:\Program Files\Cobian Backup 10 O43 - CFD: 12/09/2007 - 9:31:12 ----D- C:\Program Files\CPH_Offline O43 - CFD: 10/06/2009 - 15:10:14 ----D- C:\Program Files\DIFX O43 - CFD: 8/01/2011 - 10:34:30 ----D- C:\Program Files\DivX O43 - CFD: 15/02/2011 - 16:42:32 ----D- C:\Program Files\DYMO Label O43 - CFD: 3/10/2009 - 13:20:30 ----D- C:\Program Files\Fichiers communs O43 - CFD: 4/01/2011 - 9:44:32 ----D- C:\Program Files\FinalMediaPlayer O43 - CFD: 18/02/2011 - 9:41:20 ----D- C:\Program Files\Google O43 - CFD: 8/06/2009 - 10:18:18 ----D- C:\Program Files\GV Everest Pokernet O43 - CFD: 19/05/2010 - 14:07:52 ----D- C:\Program Files\HP O43 - CFD: 15/04/2010 - 9:20:00 ----D- C:\Program Files\Inlite O43 - CFD: 10/10/2009 - 14:09:04 --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 6/09/2007 - 10:37:28 ----D- C:\Program Files\Intel O43 - CFD: 9/02/2011 - 9:44:40 ----D- C:\Program Files\Internet Explorer O43 - CFD: 21/06/2010 - 15:31:30 ----D- C:\Program Files\ma-config.com O43 - CFD: 5/02/2009 - 11:34:34 ----D- C:\Program Files\Marvell O43 - CFD: 16/06/2009 - 16:50:50 ----D- C:\Program Files\Messenger O43 - CFD: 3/01/2011 - 16:42:24 ----D- C:\Program Files\Messenger Plus! Live O43 - CFD: 25/09/2009 - 12:51:20 ----D- C:\Program Files\Microsoft O43 - CFD: 12/09/2007 - 16:45:02 ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 6/09/2007 - 10:26:28 ----D- C:\Program Files\microsoft frontpage O43 - CFD: 7/04/2009 - 14:31:26 ----D- C:\Program Files\Microsoft Office O43 - CFD: 19/02/2011 - 14:35:46 ----D- C:\Program Files\Microsoft Silverlight O43 - CFD: 7/04/2009 - 14:43:08 ----D- C:\Program Files\Microsoft Small Business O43 - CFD: 28/01/2011 - 16:44:08 ----D- C:\Program Files\Microsoft SQL Server O43 - CFD: 27/03/2009 - 13:41:32 ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD: 15/05/2009 - 12:15:38 ----D- C:\Program Files\Microsoft Works O43 - CFD: 19/10/2010 - 12:45:08 ----D- C:\Program Files\Microsoft.NET O43 - CFD: 8/11/2010 - 11:38:12 ----D- C:\Program Files\Miele O43 - CFD: 8/11/2010 - 12:33:58 ----D- C:\Program Files\Miele Offline-ETD O43 - CFD: 8/11/2010 - 13:59:54 ----D- C:\Program Files\Miele Offline-WDA O43 - CFD: 14/01/2011 - 11:25:28 ----D- C:\Program Files\Miele-eBTD O43 - CFD: 12/08/2010 - 7:49:30 ----D- C:\Program Files\Movie Maker O43 - CFD: 17/02/2010 - 12:54:22 ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 6/09/2007 - 16:37:02 ----D- C:\Program Files\MSBuild O43 - CFD: 22/06/2009 - 14:34:06 ----D- C:\Program Files\MSECache O43 - CFD: 16/06/2009 - 16:27:26 ----D- C:\Program Files\msn O43 - CFD: 6/09/2007 - 10:23:36 ----D- C:\Program Files\MSN Gaming Zone O43 - CFD: 12/11/2008 - 9:42:10 ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 6/09/2007 - 17:10:40 ----D- C:\Program Files\MSXML 6.0 O43 - CFD: 1/07/2008 - 11:37:46 ----D- C:\Program Files\NetMeeting O43 - CFD: 6/09/2007 - 15:52:12 ----D- C:\Program Files\OLITEC O43 - CFD: 15/12/2010 - 9:04:02 ----D- C:\Program Files\Outlook Express O43 - CFD: 5/10/2009 - 16:35:40 ----D- C:\Program Files\PDFCreator O43 - CFD: 15/09/2007 - 9:42:10 ----D- C:\Program Files\PowerQuest O43 - CFD: 10/10/2009 - 14:09:06 ----D- C:\Program Files\RALINK O43 - CFD: 6/09/2007 - 16:33:18 ----D- C:\Program Files\Reference Assemblies O43 - CFD: 20/06/2008 - 9:47:36 --H-D- C:\Program Files\Uninstall Information O43 - CFD: 19/09/2008 - 14:43:56 ----D- C:\Program Files\Webtarot O43 - CFD: 6/06/2009 - 12:54:20 ----D- C:\Program Files\Windows Live O43 - CFD: 6/06/2009 - 12:55:00 ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD: 6/09/2007 - 16:31:44 ----D- C:\Program Files\Windows Media Connect 2 O43 - CFD: 1/07/2008 - 11:37:40 ----D- C:\Program Files\Windows Media Player O43 - CFD: 1/07/2008 - 11:37:38 ----D- C:\Program Files\Windows NT O43 - CFD: 6/09/2007 - 10:43:06 --H-D- C:\Program Files\WindowsUpdate O43 - CFD: 6/09/2007 - 10:26:28 ----D- C:\Program Files\xerox O43 - CFD: 17/02/2011 - 13:11:32 ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD: 15/09/2009 - 12:46:26 ----D- C:\Program Files\Fichiers Communs\BitDefender O43 - CFD: 15/04/2010 - 9:20:00 ----D- C:\Program Files\Fichiers Communs\ClearImage O43 - CFD: 31/03/2009 - 9:43:10 ----D- C:\Program Files\Fichiers Communs\Designer O43 - CFD: 14/09/2010 - 16:10:42 ----D- C:\Program Files\Fichiers Communs\DivX Shared O43 - CFD: 10/09/2007 - 12:00:12 ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard O43 - CFD: 10/09/2007 - 12:06:04 ----D- C:\Program Files\Fichiers Communs\HP O43 - CFD: 6/09/2007 - 10:39:44 ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD: 29/10/2009 - 11:33:08 ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD: 6/09/2007 - 10:24:30 ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD: 6/09/2007 - 11:19:36 ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD: 6/09/2007 - 10:24:38 ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD: 16/06/2009 - 14:11:38 ----D- C:\Program Files\Fichiers Communs\Sonic Shared O43 - CFD: 6/09/2007 - 11:19:34 ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD: 24/04/2008 - 14:15:30 ----D- C:\Program Files\Fichiers Communs\Symantec Shared O43 - CFD: 27/03/2009 - 13:37:04 ----D- C:\Program Files\Fichiers Communs\System O43 - CFD: 9/01/2009 - 17:31:48 ----D- C:\Program Files\Fichiers Communs\Windows Live O43 - CFD: 25/02/2008 - 16:21:14 -SH-D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller O43 - CFD: 15/04/2010 - 9:13:42 ----D- C:\Program Files\Fichiers Communs\Wise Installation Wizard O43 - CFD: 17/02/2011 - 13:20:52 ----D- C:\Documents and Settings\JOANNES\Application Data\Adobe O43 - CFD: 12/09/2007 - 15:10:38 ----D- C:\Documents and Settings\JOANNES\Application Data\ATI O43 - CFD: 15/09/2009 - 12:40:14 ----D- C:\Documents and Settings\JOANNES\Application Data\BitDefender O43 - CFD: 14/09/2010 - 16:12:38 ----D- C:\Documents and Settings\JOANNES\Application Data\DivX O43 - CFD: 5/01/2011 - 8:37:34 ----D- C:\Documents and Settings\JOANNES\Application Data\FinalMediaPlayer O43 - CFD: 20/09/2010 - 15:03:48 ----D- C:\Documents and Settings\JOANNES\Application Data\GlarySoft O43 - CFD: 14/05/2010 - 13:43:56 ----D- C:\Documents and Settings\JOANNES\Application Data\Google O43 - CFD: 26/11/2007 - 14:51:46 ----D- C:\Documents and Settings\JOANNES\Application Data\Help O43 - CFD: 19/05/2010 - 14:32:56 ----D- C:\Documents and Settings\JOANNES\Application Data\HP O43 - CFD: 22/12/2009 - 15:02:48 ----D- C:\Documents and Settings\JOANNES\Application Data\HpUpdate O43 - CFD: 6/09/2007 - 10:29:54 ----D- C:\Documents and Settings\JOANNES\Application Data\Identities O43 - CFD: 10/10/2009 - 14:08:38 ----D- C:\Documents and Settings\JOANNES\Application Data\InstallShield O43 - CFD: 8/01/2011 - 10:34:36 ----D- C:\Documents and Settings\JOANNES\Application Data\Local O43 - CFD: 16/06/2009 - 9:26:00 ----D- C:\Documents and Settings\JOANNES\Application Data\Macromedia O43 - CFD: 15/01/2010 - 10:05:20 ----D- C:\Documents and Settings\JOANNES\Application Data\Malwarebytes O43 - CFD: 17/02/2011 - 13:20:52 -S--D- C:\Documents and Settings\JOANNES\Application Data\Microsoft O43 - CFD: 26/04/2008 - 9:17:24 ----D- C:\Documents and Settings\JOANNES\Application Data\Mozilla O43 - CFD: 6/09/2007 - 15:22:16 ----D- C:\Documents and Settings\JOANNES\Application Data\OfficeUpdate12 O43 - CFD: 6/09/2007 - 15:51:46 ----D- C:\Documents and Settings\JOANNES\Application Data\TMP O43 - CFD: 26/04/2008 - 9:17:20 ----D- C:\Documents and Settings\JOANNES\Application Data\TomTom O43 - CFD: 5/05/2010 - 13:36:06 ----D- C:\Documents and Settings\JOANNES\Application Data\U3 ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.58C4D4AF93D4550020218F0C3147F1AF] - 11/02/2011 - 9:36:02 ---A- . (...) -- C:\WINDOWS\System32\FNTCACHE.DAT [383224] O44 - LFC:[MD5.0E4E6D01D9F0F3FFD85BD125D7530C03] - 21/02/2011 - 9:38:40 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [13002] O44 - LFC:[MD5.BCED1200F915817C00FCFD7F90EE1200] - 23/02/2011 - 9:04:02 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32530] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 23/02/2011 - 9:05:59 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.BCED1200F915817C00FCFD7F90EE1200] - 23/02/2011 - 9:06:14 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.BCED1200F915817C00FCFD7F90EE1200] - 23/02/2011 - 9:06:15 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 23/02/2011 - 9:06:24 ---A- . (...) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.92F5D30F83D287E6C8F47CB3B27E3C71] - 9/02/2011 - 9:43:14 ---A- . (...) -- C:\WINDOWS\KB2393802.log [9968] O44 - LFC:[MD5.3E66FEEA529A4096FA65FA4FAF67B07D] - 9/02/2011 - 9:43:24 ---A- . (...) -- C:\WINDOWS\KB2478960.log [12543] O44 - LFC:[MD5.17FEA70419DD072EA7565C17AB4A6A4F] - 9/02/2011 - 9:44:15 ---A- . (...) -- C:\WINDOWS\KB2476687.log [12855] O44 - LFC:[MD5.A375C70CD0CE14D0051245A94DD54FC3] - 9/02/2011 - 9:44:47 ---A- . (...) -- C:\WINDOWS\KB2482017-IE8.log [15955] O44 - LFC:[MD5.F20A07B007EFB5859D045834DFEE9167] - 9/02/2011 - 9:47:29 ---A- . (...) -- C:\WINDOWS\KB2483185.log [17483] O44 - LFC:[MD5.09C66A732945BDF9074F0CB8114322A5] - 9/02/2011 - 9:47:42 ---A- . (...) -- C:\WINDOWS\KB2479628.log [18309] O44 - LFC:[MD5.F896E54C1BDADBC6B5C54B347B31C159] - 9/02/2011 - 9:48:06 ---A- . (...) -- C:\WINDOWS\KB2485376.log [17962] O44 - LFC:[MD5.34033C838B3B68BB07AD5C02C74A3EA5] - 9/02/2011 - 9:48:20 ---A- . (...) -- C:\WINDOWS\KB2478971.log [18659] O44 - LFC:[MD5.9DF52351EC1E29F2D54F3D0A850202F4] - 9/02/2011 - 9:48:20 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1355] O44 - LFC:[MD5.BCED1200F915817C00FCFD7F90EE1200] - 23/02/2011 - 11:17:14 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [2044129] O44 - LFC:[MD5.5DA89CAEAE2F24DA9F4E091135A94CC9] - 23/02/2011 - 10:14:23 ---A- . (...) -- C:\WINDOWS\ODBC.INI [624] O44 - LFC:[MD5.1BBCE93AB613FD93E0998E87B6B70FD4] - 19/02/2011 - 14:33:23 ---A- . (...) -- C:\WINDOWS\KB971029.log [12295] O44 - LFC:[MD5.8EBC06FACD57F7055254007DA2FCDB59] - 19/02/2011 - 14:33:23 ---A- . (...) -- C:\WINDOWS\comsetup.log [41098] O44 - LFC:[MD5.4E2285BFC653CBCA3E06EA995FAE0C14] - 19/02/2011 - 14:33:23 ---A- . (...) -- C:\WINDOWS\iis6.log [19486] O44 - LFC:[MD5.1C5C53083C0099225D79B5B03B15149C] - 19/02/2011 - 14:33:23 ---A- . (...) -- C:\WINDOWS\imsins.log [1374] O44 - LFC:[MD5.C29448220A14C3E2DC49E9DB4E3B0048] - 19/02/2011 - 14:33:23 ---A- . (...) -- C:\WINDOWS\msgsocm.log [6301] O44 - LFC:[MD5.10D36F05D3C2A6258AA208A4BB49AAFB] - 19/02/2011 - 14:33:23 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [25099] O44 - LFC:[MD5.64D2774AF458B87AF74B41408507BE57] - 19/02/2011 - 14:33:23 ---A- . (...) -- C:\WINDOWS\ocgen.log [61889] O44 - LFC:[MD5.79B4EC1D6059FACF731CCADBA537C93F] - 19/02/2011 - 14:33:23 ---A- . (...) -- C:\WINDOWS\ocmsn.log [6923] O44 - LFC:[MD5.CC36502BB1CEE97ED32E92F6AFA1C29D] - 19/02/2011 - 14:33:23 ---A- . (...) -- C:\WINDOWS\tsoc.log [48745] O44 - LFC:[MD5.DE56274D23C62E79D056F93F53625D39] - 19/02/2011 - 14:33:22 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [124259] O44 - LFC:[MD5.F802E9F2CE824936E15BCE5934CFB209] - 19/02/2011 - 14:33:22 ---A- . (...) -- C:\WINDOWS\setupapi.log [75411] O44 - LFC:[MD5.978D0B7836EA316AFE03D248FC913454] - 19/02/2011 - 14:33:18 ---A- . (...) -- C:\WINDOWS\updspapi.log [12331] O44 - LFC:[MD5.EDB98905A97720982611F8F4DA404973] - 18/02/2011 - 17:54:43 ---A- . (...) -- C:\WINDOWS\System32\ashttpstats.csv [52] O44 - LFC:[MD5.1E5B8C26CFAFA55BAD92A284701B05A2] - 17/02/2011 - 11:50:18 ---A- . (...) -- C:\WINDOWS\setupact.log [540] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 17/02/2011 - 11:50:18 ---A- . (...) -- C:\WINDOWS\setuperr.log [0] O44 - LFC:[MD5.6B399282B3140F4CF123F9109547E0CF] - 15/02/2011 - 17:31:44 ---A- . (...) -- C:\WINDOWS\tarot.cfg [10] O44 - LFC:[MD5.9407256E46D3609EA53ADEBC6A893DE4] - 15/02/2011 - 16:42:31 ---A- . (...) -- C:\WINDOWS\iltwain.ini [36] O44 - LFC:[MD5.371279BF63C3D519ED33A181E3469FAC] - 10/02/2011 - 11:38:08 ---A- . (...) -- C:\WINDOWS\win.ini [1069] O44 - LFC:[MD5.F5790C63D40117EF0F681B33E77A5C26] - 28/01/2011 - 16:45:16 ---A- . (...) -- C:\WINDOWS\System32\perfc009.dat [278234] O44 - LFC:[MD5.F26A967DBF476492266608E400614736] - 28/01/2011 - 16:45:16 ---A- . (...) -- C:\WINDOWS\System32\perfc00C.dat [295202] O44 - LFC:[MD5.83C2A5C0C68CA324FDBDDDC220882056] - 28/01/2011 - 16:45:16 ---A- . (...) -- C:\WINDOWS\System32\perfh009.dat [995870] O44 - LFC:[MD5.3683F6AD1F4979D68ED42011EE25946B] - 28/01/2011 - 16:45:16 ---A- . (...) -- C:\WINDOWS\System32\perfh00C.dat [1069076] O44 - LFC:[MD5.412E4E6E66CB8F46D5CAD4FE77E30422] - 28/01/2011 - 16:45:15 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.INI [2551612] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" [Enabled] .(.Hewlett-Packard - HP CUE-Scanning Flow Component.) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" [Enabled] .(.Pas de propriétaire - HP CUE-Print Component.) -- C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" [Enabled] .(.Hewlett-Packard - HP Scan Application.) -- C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - hpqsudi.) -- C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - HP Photosmart Essential.) -- C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - HP Photosmart Essential Software.) -- C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" [Enabled] .(.Hewlett-Packard Co. - HP Guided Solutions.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" [Enabled] .(.Hewlett-Packard - GPCore COM object.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\HP Software Update\hpwucli.exe" [Enabled] .(.Hewlett-Packard - HP Update Client.) -- C:\Program Files\HP\HP Software Update\hpwucli.exe O47 - AAKE:Key Export SP - "C:\Program Files\ma-config.com\maconfservice.exe" [Enabled] .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe" [Enabled] .(.Bitberry Software - Bitberry Software Update Checker.) -- C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" [Enabled] .(.Hewlett-Packard - HP CUE-Scanning Flow Component.) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" [Enabled] .(.Pas de propriétaire - HP CUE-Print Component.) -- C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" [Enabled] .(.Hewlett-Packard - HP Scan Application.) -- C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - hpqsudi.) -- C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - HP Photosmart Essential.) -- C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" [Enabled] .(.Hewlett-Packard Development Co. L.P. - HP Photosmart Essential Software.) -- C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" [Enabled] .(.Hewlett-Packard Co. - HP Guided Solutions.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe O47 - AAKE:Key Export DP - "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" [Enabled] .(.Hewlett-Packard - GPCore COM object.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe O47 - AAKE:Key Export DP - "C:\Program Files\HP\HP Software Update\hpwucli.exe" [Enabled] .(.Hewlett-Packard - HP Update Client.) -- C:\Program Files\HP\HP Software Update\hpwucli.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Pas de propriétaire - Pas de description.) -- :\WINDOWS\system32\srr O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{01efb338-1365-11dd-907b-0010a72c43b5}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- I:\InstallTomTomHOME.exe (.not file.) O51 - MPSK:{21b885f8-ac2f-11de-99e5-0010a72c43b5}\AutoRun\command - Clé orpheline ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\System32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\System32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\System32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"LCODCCMP.DLL"="LEAD MCMP/MJPEG Codec (VFW)" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.9.2 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.) ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1 ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.75BEE80A25FC7F690DCD57570DC159C1] - 7/04/2004 - 0:41:38 ---A- . (.Andrea Electronics Corporation - Andrea Audio Noise Cancellation Driver.) -- C:\WINDOWS\system32\drivers\aeaudio.sys [116176] O58 - SDL:[MD5.023867B6606FBABCDD52E089C4A507DA] - 10/10/2009 - 14:09:13 ---A- . (.Cisco Systems, Inc. - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\drivers\AegisP.sys [21361] O58 - SDL:[MD5.D48659BB24C48345D926ECB45C1EBDF5] - 13/08/2004 - 3:56:20 R--A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\WINDOWS\system32\drivers\ASACPI.sys [5810] O58 - SDL:[MD5.DE91D0D73C3E61E6826D98FAC2FAC729] - 29/03/2000 - 7:17:42 ---A- . (...) -- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS [5824] O58 - SDL:[MD5.492BD2A5F65F218D4EDE5764A3BB67E9] - 3/05/2006 - 17:50:42 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys [1540608] O58 - SDL:[MD5.67C2A47DB7190673350A3F9F5A1507CB] - 10/02/2010 - 15:15:55 ---A- . (.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender Active Virus Control Filter Driver.) -- C:\WINDOWS\system32\drivers\bdfm.sys [153448] O58 - SDL:[MD5.D981965D8D6578D663CF53D70A03F95A] - 20/09/2010 - 14:33:02 ---A- . (.BitDefender LLC - BitDefender Firewall NDIS Filter Driver.) -- C:\WINDOWS\system32\drivers\bdfndisf.sys [111312] O58 - SDL:[MD5.A21A4A0E6BDF0C2BE0FABFA16D8C8F76] - 2/04/2010 - 8:25:19 ---A- . (.BitDefender - BitDefender AntiVirus FS filter driver.) -- C:\WINDOWS\system32\drivers\bdfsfltr.sys [291352] O58 - SDL:[MD5.CA54223D5A5B6A7E3559CB100A0B5E57] - 20/09/2010 - 14:33:44 ---A- . (.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender AntiVirus Hypervisor driver.) -- C:\WINDOWS\system32\drivers\bdhv.sys [106464] O58 - SDL:[MD5.BC79B27BC351436B07F57D80BEC76036] - 1/04/2009 - 10:25:42 ---A- . (.BitDefender S.R.L. - FileVault Disk Driver.) -- C:\WINDOWS\system32\drivers\BDVEDISK.sys [82696] O58 - SDL:[MD5.BF79E659C506674C0497CC9C61F1A165] - 19/08/2005 - 2:00:00 ---A- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) -- C:\WINDOWS\system32\drivers\cdr4_xp.sys [2432] O58 - SDL:[MD5.2C41CD49D82D5FD85C72D57B6CA25471] - 19/08/2005 - 2:00:00 ---A- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\WINDOWS\system32\drivers\cdralw2k.sys [2560] O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 28/08/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528] O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 28/08/2001 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776] O58 - SDL:[MD5.3A1DC7C08AE1AF450FFD753A0FD82F9D] - 25/05/2009 - 15:00:01 ---A- . (...) -- C:\WINDOWS\system32\drivers\cpuidlep.sys [4484] O58 - SDL:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 20/12/2010 - 18:08:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [20952] O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 20/12/2010 - 18:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [38224] O58 - SDL:[MD5.63C34814492AA65FC517B002DE77B191] - 20/09/2002 - 3:53:34 ---A- . (.Analog Devices Inc - Analog Devices Kernel DLS Synthesizer.) -- C:\WINDOWS\system32\drivers\MidiSyn.sys [235100] O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032] O58 - SDL:[MD5.4228630829C0E521C43D882A00533374] - 16/09/2002 - 16:14:32 ---A- . (.PowerQuest Corporation - PowerQuest Boot Mode Driver..) -- C:\WINDOWS\system32\drivers\PQNTDRV.sys [4228] O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 28/08/2001 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792] O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032] O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032] O58 - SDL:[MD5.5C2552357BF48F223F637374B098B45B] - 9/02/2009 - 9:52:00 ---A- . (.Ralink Technology Inc. - RT2500 802.11g Wireless Adapter Driver.) -- C:\WINDOWS\system32\drivers\RT2500.sys [238208] O58 - SDL:[MD5.60AB2853A89E7DB562B2A56E8DE2D0E7] - 25/10/2009 - 4:44:34 ---A- . (.SCM Microsystems Inc. - PC-SC CCID Driver for SCR3xx USB Smart Card Reader.) -- C:\WINDOWS\system32\drivers\SCR3XX2K.sys [57600] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.9A4C4A4B191200F12085D188BE70E4E3] - 26/04/2004 - 2:49:56 ---A- . (.Sensaura - Sensaura WDM 3D Audio Driver.) -- C:\WINDOWS\system32\drivers\senfilt.sys [381056] O58 - SDL:[MD5.93560891704BBF5FF11E8D16C41698E5] - 7/06/2004 - 16:26:56 ---A- . (.Analog Devices, Inc. - SoundMAX Integrated Digital Audio.) -- C:\WINDOWS\system32\drivers\smwdm.sys [266880] O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 28/08/2001 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376] O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 28/08/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112] O58 - SDL:[MD5.89F8C4875E19C7081CF9C37539242AE3] - 9/12/2008 - 10:06:00 ---A- . (.Marvell - Miniport Driver for Marvell Yukon Ethernet Controller..) -- C:\WINDOWS\system32\drivers\yk51x86.sys [296448] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28/08/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 28/08/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097] O58 - SDL:[MD5.77EBF3E9386DAA51551AF429052D88D0] - 3/04/1996 - 20:33:26 ---A- . (...) -- C:\WINDOWS\system32\giveio.sys [5248] O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 28/08/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912] O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 28/08/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 4/08/2004 - 6:46:54 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 28/08/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 28/08/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 28/08/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 28/08/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 28/08/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 4/08/2004 - 6:45:25 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 4/08/2004 - 6:45:14 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 4/08/2004 - 6:45:10 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 4/08/2004 - 6:45:15 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 4/08/2004 - 6:45:12 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560] O58 - SDL:[MD5.5D6401DB90EC81B71F8E2C5C8F0FEF23] - 24/09/2006 - 14:28:46 ---A- . (.Windows ® 2000 DDK provider - SpeedFan Device Driver.) -- C:\WINDOWS\system32\speedfan.sys [5248] ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - (.not file.) - 018f0d6f (018f0d6f) .(...) - LEGACY_018F0D6F O64 - Services: CurCS - (.not file.) - 02e10b9c (02e10b9c) .(...) - LEGACY_02E10B9C O64 - Services: CurCS - (.not file.) - 043f4e97 (043f4e97) .(...) - LEGACY_043F4E97 O64 - Services: CurCS - (.not file.) - 05b1f6fe (05b1f6fe) .(...) - LEGACY_05B1F6FE O64 - Services: CurCS - (.not file.) - 076d162a (076d162a) .(...) - LEGACY_076D162A O64 - Services: CurCS - (.not file.) - 07c0e51b (07c0e51b) .(...) - LEGACY_07C0E51B O64 - Services: CurCS - (.not file.) - 0afb2dee (0afb2dee) .(...) - LEGACY_0AFB2DEE O64 - Services: CurCS - (.not file.) - 0c85adf6 (0c85adf6) .(...) - LEGACY_0C85ADF6 O64 - Services: CurCS - (.not file.) - 0f14722d (0f14722d) .(...) - LEGACY_0F14722D O64 - Services: CurCS - (.not file.) - 128dfa30 (128dfa30) .(...) - LEGACY_128DFA30 O64 - Services: CurCS - (.not file.) - 15b8f1ed (15b8f1ed) .(...) - LEGACY_15B8F1ED O64 - Services: CurCS - (.not file.) - 162907fa (162907fa) .(...) - LEGACY_162907FA O64 - Services: CurCS - (.not file.) - 177925c4 (177925c4) .(...) - LEGACY_177925C4 O64 - Services: CurCS - (.not file.) - 1779c477 (1779c477) .(...) - LEGACY_1779C477 O64 - Services: CurCS - (.not file.) - 179909ec (179909ec) .(...) - LEGACY_179909EC O64 - Services: CurCS - (.not file.) - 17fc5c5f (17fc5c5f) .(...) - LEGACY_17FC5C5F O64 - Services: CurCS - (.not file.) - 194d4a5e (194d4a5e) .(...) - LEGACY_194D4A5E O64 - Services: CurCS - (.not file.) - 1a77ee66 (1a77ee66) .(...) - LEGACY_1A77EE66 O64 - Services: CurCS - (.not file.) - 2152d1c2 (2152d1c2) .(...) - LEGACY_2152D1C2 O64 - Services: CurCS - (.not file.) - 2158bfaa (2158bfaa) .(...) - LEGACY_2158BFAA O64 - Services: CurCS - (.not file.) - 22387777 (22387777) .(...) - LEGACY_22387777 O64 - Services: CurCS - (.not file.) - 22ad250c (22ad250c) .(...) - LEGACY_22AD250C O64 - Services: CurCS - (.not file.) - 236497ca (236497ca) .(...) - LEGACY_236497CA O64 - Services: CurCS - (.not file.) - 2558efc4 (2558efc4) .(...) - LEGACY_2558EFC4 O64 - Services: CurCS - (.not file.) - 25844303 (25844303) .(...) - LEGACY_25844303 O64 - Services: CurCS - (.not file.) - 29fb3cc6 (29fb3cc6) .(...) - LEGACY_29FB3CC6 O64 - Services: CurCS - (.not file.) - 2dac414f (2dac414f) .(...) - LEGACY_2DAC414F O64 - Services: CurCS - (.not file.) - 30adf2b4 (30adf2b4) .(...) - LEGACY_30ADF2B4 O64 - Services: CurCS - (.not file.) - 30c1618c (30c1618c) .(...) - LEGACY_30C1618C O64 - Services: CurCS - (.not file.) - 32b902e1 (32b902e1) .(...) - LEGACY_32B902E1 O64 - Services: CurCS - (.not file.) - 377cdefb (377cdefb) .(...) - LEGACY_377CDEFB O64 - Services: CurCS - (.not file.) - 38be3096 (38be3096) .(...) - LEGACY_38BE3096 O64 - Services: CurCS - (.not file.) - 3d0d5424 (3d0d5424) .(...) - LEGACY_3D0D5424 O64 - Services: CurCS - (.not file.) - 3d7f6879 (3d7f6879) .(...) - LEGACY_3D7F6879 O64 - Services: CurCS - (.not file.) - 3f5dbc3d (3f5dbc3d) .(...) - LEGACY_3F5DBC3D O64 - Services: CurCS - (.not file.) - 40f8b112 (40f8b112) .(...) - LEGACY_40F8B112 O64 - Services: CurCS - (.not file.) - 414f1b7f (414f1b7f) .(...) - LEGACY_414F1B7F O64 - Services: CurCS - (.not file.) - 417f056a (417f056a) .(...) - LEGACY_417F056A O64 - Services: CurCS - (.not file.) - 42144367 (42144367) .(...) - LEGACY_42144367 O64 - Services: CurCS - (.not file.) - 431f24d8 (431f24d8) .(...) - LEGACY_431F24D8 O64 - Services: CurCS - (.not file.) - 45066f19 (45066f19) .(...) - LEGACY_45066F19 O64 - Services: CurCS - (.not file.) - 45757b77 (45757b77) .(...) - LEGACY_45757B77 O64 - Services: CurCS - (.not file.) - 466b0bb6 (466b0bb6) .(...) - LEGACY_466B0BB6 O64 - Services: CurCS - (.not file.) - 51e03c58 (51e03c58) .(...) - LEGACY_51E03C58 O64 - Services: CurCS - (.not file.) - 51f2039c (51f2039c) .(...) - LEGACY_51F2039C O64 - Services: CurCS - (.not file.) - 5350bcc2 (5350bcc2) .(...) - LEGACY_5350BCC2 O64 - Services: CurCS - (.not file.) - 591fe6f8 (591fe6f8) .(...) - LEGACY_591FE6F8 O64 - Services: CurCS - (.not file.) - 5bfb0a9c (5bfb0a9c) .(...) - LEGACY_5BFB0A9C O64 - Services: CurCS - (.not file.) - 67c97e76 (67c97e76) .(...) - LEGACY_67C97E76 O64 - Services: CurCS - (.not file.) - 68255893 (68255893) .(...) - LEGACY_68255893 O64 - Services: CurCS - (.not file.) - 6a8d942e (6a8d942e) .(...) - LEGACY_6A8D942E O64 - Services: CurCS - (.not file.) - 6b0bac53 (6b0bac53) .(...) - LEGACY_6B0BAC53 O64 - Services: CurCS - (.not file.) - 6e0b85ad (6e0b85ad) .(...) - LEGACY_6E0B85AD O64 - Services: CurCS - (.not file.) - 6efc1d03 (6efc1d03) .(...) - LEGACY_6EFC1D03 O64 - Services: CurCS - (.not file.) - 6f16900e (6f16900e) .(...) - LEGACY_6F16900E O64 - Services: CurCS - (.not file.) - 6f1b843a (6f1b843a) .(...) - LEGACY_6F1B843A O64 - Services: CurCS - (.not file.) - 739193c2 (739193c2) .(...) - LEGACY_739193C2 O64 - Services: CurCS - (.not file.) - 754778c4 (754778c4) .(...) - LEGACY_754778C4 O64 - Services: CurCS - (.not file.) - 77ac0b85 (77ac0b85) .(...) - LEGACY_77AC0B85 O64 - Services: CurCS - (.not file.) - 780bf89c (780bf89c) .(...) - LEGACY_780BF89C O64 - Services: CurCS - (.not file.) - 78abe0e2 (78abe0e2) .(...) - LEGACY_78ABE0E2 O64 - Services: CurCS - (.not file.) - 78fb0a9c (78fb0a9c) .(...) - LEGACY_78FB0A9C O64 - Services: CurCS - (.not file.) - 7ae2bc1c (7ae2bc1c) .(...) - LEGACY_7AE2BC1C O64 - Services: CurCS - (.not file.) - 7be02229 (7be02229) .(...) - LEGACY_7BE02229 O64 - Services: CurCS - (.not file.) - 7bef6aad (7bef6aad) .(...) - LEGACY_7BEF6AAD O64 - Services: CurCS - (.not file.) - 7f00ba7b (7f00ba7b) .(...) - LEGACY_7F00BA7B O64 - Services: CurCS - (.not file.) - 7f85ad0c (7f85ad0c) .(...) - LEGACY_7F85AD0C O64 - Services: CurCS - (.not file.) - 80385db3 (80385db3) .(...) - LEGACY_80385DB3 O64 - Services: CurCS - (.not file.) - 80525d01 (80525d01) .(...) - LEGACY_80525D01 O64 - Services: CurCS - (.not file.) - 80b3c7c6 (80b3c7c6) .(...) - LEGACY_80B3C7C6 O64 - Services: CurCS - (.not file.) - 813a9a75 (813a9a75) .(...) - LEGACY_813A9A75 O64 - Services: CurCS - (.not file.) - 85079c5a (85079c5a) .(...) - LEGACY_85079C5A O64 - Services: CurCS - (.not file.) - 862a329f (862a329f) .(...) - LEGACY_862A329F O64 - Services: CurCS - (.not file.) - 869358bf (869358bf) .(...) - LEGACY_869358BF O64 - Services: CurCS - (.not file.) - 874214c4 (874214c4) .(...) - LEGACY_874214C4 O64 - Services: CurCS - (.not file.) - 8793c530 (8793c530) .(...) - LEGACY_8793C530 O64 - Services: CurCS - (.not file.) - 8bb88e4f (8bb88e4f) .(...) - LEGACY_8BB88E4F O64 - Services: CurCS - (.not file.) - 8c288ca8 (8c288ca8) .(...) - LEGACY_8C288CA8 O64 - Services: CurCS - (.not file.) - 8d96fd06 (8d96fd06) .(...) - LEGACY_8D96FD06 O64 - Services: CurCS - (.not file.) - 8dafe407 (8dafe407) .(...) - LEGACY_8DAFE407 O64 - Services: CurCS - (.not file.) - 8ff188cd (8ff188cd) .(...) - LEGACY_8FF188CD O64 - Services: CurCS - (.not file.) - 93128dfb (93128dfb) .(...) - LEGACY_93128DFB O64 - Services: CurCS - (.not file.) - 932ca95f (932ca95f) .(...) - LEGACY_932CA95F O64 - Services: CurCS - (.not file.) - 94c7ac6e (94c7ac6e) .(...) - LEGACY_94C7AC6E O64 - Services: CurCS - (.not file.) - 9c03b178 (9c03b178) .(...) - LEGACY_9C03B178 O64 - Services: CurCS - (.not file.) - aa1b3440 (aa1b3440) .(...) - LEGACY_AA1B3440 O64 - Services: CurCS - (.not file.) - aac7d26f (aac7d26f) .(...) - LEGACY_AAC7D26F O64 - Services: CurCS - (.not file.) - adf22f30 (adf22f30) .(...) - LEGACY_ADF22F30 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\AegisP.sys - AEGIS Protocol (IEEE 802.1x) v3.7.5.0 (AegisP) .(.Cisco Systems, Inc. - IEEE 802.1X Protocol Driver.) - LEGACY_AEGISP O64 - Services: CurCS - C:\WINDOWS\system32\drivers\afd.sys - Environnement de prise en charge de réseau AFD (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Avertissement (Alerter) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_ALERTER O64 - Services: CurCS - C:\WINDOWS\System32\alg.exe - Service de la passerelle de la couche Application (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestion d'applications (AppMgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_APPMGMT O64 - Services: CurCS - C:\WINDOWS\system32\Ati2evxx.exe - Ati HotKey Poller (Ati HotKey Poller) .(.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - LEGACY_ATI_HOTKEY_POLLER O64 - Services: CurCS - C:\WINDOWS\system32\ati2sgag.exe - ATI Smart (ATI Smart) .(.Pas de propriétaire - ATI Smart.) - LEGACY_ATI_SMART O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Audio Windows (AudioSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_AUDIOSRV O64 - Services: CurCS - (.not file.) - b11b507f (b11b507f) .(...) - LEGACY_B11B507F O64 - Services: CurCS - (.not file.) - b350084a (b350084a) .(...) - LEGACY_B350084A O64 - Services: CurCS - (.not file.) - b352c85a (b352c85a) .(...) - LEGACY_B352C85A O64 - Services: CurCS - (.not file.) - b6216408 (b6216408) .(...) - LEGACY_B6216408 O64 - Services: CurCS - (.not file.) - bbde43d9 (bbde43d9) .(...) - LEGACY_BBDE43D9 O64 - Services: CurCS - C:\Windows\System32\drivers\bdfm.sys - BDFM (bdfm) .(.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender Active Virus Control Filter Dri.) - LEGACY_BDFM O64 - Services: CurCS - C:\Windows\System32\drivers\bdfsfltr.sys - bdfsfltr (bdfsfltr) .(.BitDefender - BitDefender AntiVirus FS filter driver.) - LEGACY_BDFSFLTR O64 - Services: CurCS - C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys - bdftdif (bdftdif) .(.BitDefender LLC - BitDefender Firewall TDI Filter Driver.) - LEGACY_BDFTDIF O64 - Services: CurCS - C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys - BDSelfPr (BDSelfPr) .(.BitDefender - BitDefender Self Protection Driver.) - LEGACY_BDSELFPR O64 - Services: CurCS - C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys - BDVEDISK (BDVEDISK) .(.BitDefender - FileVault Disk Driver.) - LEGACY_BDVEDISK O64 - Services: CurCS - (.not file.) - be45d622 (be45d622) .(...) - LEGACY_BE45D622 O64 - Services: CurCS - (.not file.) - be55cd5c (be55cd5c) .(...) - LEGACY_BE55CD5C O64 - Services: CurCS - (.not file.) - becc1a45 (becc1a45) .(...) - LEGACY_BECC1A45 O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\BEEP.sys - Beep (Beep) .(...) - LEGACY_BEEP O64 - Services: CurCS - (.not file.) - bfaafb0b (bfaafb0b) .(...) - LEGACY_BFAAFB0B O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Service de transfert intelligent en arrière-plan (BITS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BITS O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Explorateur d'ordinateur (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BROWSER O64 - Services: CurCS - (.not file.) - c22c78c3 (c22c78c3) .(...) - LEGACY_C22C78C3 O64 - Services: CurCS - (.not file.) - c53096fd (c53096fd) .(...) - LEGACY_C53096FD O64 - Services: CurCS - (.not file.) - c624da6d (c624da6d) .(...) - LEGACY_C624DA6D O64 - Services: CurCS - C:\Program Files\Cobian Backup 10\cbVSCService.exe - Cobian Backup 10 Volume Shadow Copy service (cbVSCService) .(.CobianSoft, Luis Cobian - Cobian Backup Boletus VSC service.) - LEGACY_CBVSCSERVICE O64 - Services: CurCS - (.not file.) - cc36255c (cc36255c) .(...) - LEGACY_CC36255C O64 - Services: CurCS - (.not file.) - cdc4427f (cdc4427f) .(...) - LEGACY_CDC4427F O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\CDFS.sys - cdfs (cdfs) .(...) - LEGACY_CDFS O64 - Services: CurCS - (.not file.) - cec13385 (cec13385) .(...) - LEGACY_CEC13385 O64 - Services: CurCS - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe - .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) .(.Microsoft Corporation - .NET Runtime Optimization Service.) - LEGACY_CLR_OPTIMIZATION_V2.0.50727_32 O64 - Services: CurCS - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - Microsoft .NET Framework NGEN v4.0.30319_X86 (clr_optimization_v4.0.30319_32) .(.Microsoft Corporation - .NET Runtime Optimization Service.) - LEGACY_CLR_OPTIMIZATION_V4.0.30319_32 O64 - Services: CurCS - C:\Program Files\Cobian Backup 10\cbService.exe - Cobian Backup 10 (CobianBackup10) .(.Luis Cobian, CobianSoft - Cobian Backup Boletus Service.) - LEGACY_COBIANBACKUP10 O64 - Services: CurCS - (.not file.) - (.not file.) - Application système COM+ (COMSysApp) .(...) - LEGACY_COMSYSAPP O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\CPUIDLEP.sys - (.not file.) - CpuIdle Pro System Driver (cpuidlep) .(...) - LEGACY_CPUIDLEP O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Services de cryptographie (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC O64 - Services: CurCS - (.not file.) - d311a582 (d311a582) .(...) - LEGACY_D311A582 O64 - Services: CurCS - (.not file.) - d44a7f09 (d44a7f09) .(...) - LEGACY_D44A7F09 O64 - Services: CurCS - (.not file.) - d936b902 (d936b902) .(...) - LEGACY_D936B902 O64 - Services: CurCS - (.not file.) - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(...) - LEGACY_DCOMLAUNCH O64 - Services: CurCS - (.not file.) - de4355fc (de4355fc) .(...) - LEGACY_DE4355FC O64 - Services: CurCS - (.not file.) - de5bcebd (de5bcebd) .(...) - LEGACY_DE5BCEBD O64 - Services: CurCS - (.not file.) - defba954 (defba954) .(...) - LEGACY_DEFBA954 O64 - Services: CurCS - (.not file.) - df0d5043 (df0d5043) .(...) - LEGACY_DF0D5043 O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Client DHCP (Dhcp) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DHCP O64 - Services: CurCS - C:\Windows\System32\drivers\dmboot.sys - dmboot (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - C:\Windows\System32\drivers\dmload.sys - dmload (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Client DNS (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE O64 - Services: CurCS - C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys - driverhardwarev2 (driverhardwarev2) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2 O64 - Services: CurCS - (.not file.) - e6f99737 (e6f99737) .(...) - LEGACY_E6F99737 O64 - Services: CurCS - (.not file.) - edefc40b (edefc40b) .(...) - LEGACY_EDEFC40B O64 - Services: CurCS - (.not file.) - efd6226d (efd6226d) .(...) - LEGACY_EFD6226D O64 - Services: CurCS - (.not file.) - EraserUtilDrv10741 (EraserUtilDrv10741) .(...) - LEGACY_ERASERUTILDRV10741 O64 - Services: CurCS - C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (.not file.) - EraserUtilRebootDrv (EraserUtilRebootDrv) .(...) - LEGACY_ERASERUTILREBOOTDRV O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Service de rapport d'erreurs (ERSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_ERSVC O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Système d'événements de COM+ (EventSystem) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_EVENTSYSTEM O64 - Services: CurCS - (.not file.) - f14eac90 (f14eac90) .(...) - LEGACY_F14EAC90 O64 - Services: CurCS - (.not file.) - f2e85caf (f2e85caf) .(...) - LEGACY_F2E85CAF O64 - Services: CurCS - (.not file.) - fae88768 (fae88768) .(...) - LEGACY_FAE88768 O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FASTFAT.sys - fastfat (fastfat) .(...) - LEGACY_FASTFAT O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Compatibilité avec le Changement rapide d'utilisateur (FastUserSwitchingCompatibility) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY O64 - Services: CurCS - (.not file.) - fb2dee5c (fb2dee5c) .(...) - LEGACY_FB2DEE5C O64 - Services: CurCS - (.not file.) - fd06fb0b (fd06fb0b) .(...) - LEGACY_FD06FB0B O64 - Services: CurCS - (.not file.) - fd84b02d (fd84b02d) .(...) - LEGACY_FD84B02D O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FIPS.sys - Fips (Fips) .(...) - LEGACY_FIPS O64 - Services: CurCS - C:\Windows\System32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR O64 - Services: CurCS - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe - Windows Presentation Foundation Font Cache 3.0.0.0 (FontCache3.0.0.0) .(.Microsoft Corporation - PresentationFontCache.exe.) - LEGACY_FONTCACHE3.0.0.0 O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC O64 - Services: CurCS - C:\Windows\System32\DRIVERS\msgpc.sys - Classificateur de paquets générique (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC O64 - Services: CurCS - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate1caf362c3eb72d4) (gupdate1caf362c3eb72d4) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE1CAF362C3EB72D4 O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Aide et support (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HELPSVC O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - hpqcxs08 (hpqcxs08) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HPQCXS08 O64 - Services: CurCS - C:\Windows\System32\Drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - HTTP SSL (HTTPFilter) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HTTPFILTER O64 - Services: CurCS - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe - InstallDriver Table Manager (IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT O64 - Services: CurCS - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe - Windows CardSpace (idsvc) .(.Microsoft Corporation - Windows CardSpace.) - LEGACY_IDSVC O64 - Services: CurCS - C:\WINDOWS\System32\imapi.exe - Service COM de gravage de CD IMAPI (ImapiService) .(.Microsoft Corporation - API Image Mastering.) - LEGACY_IMAPISERVICE O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ipnat.sys - Traducteur d'adresses réseau IP (IpNat) .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ipsec.sys - Pilote IPSEC (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\KSECDD.sys - ksecdd (ksecdd) .(...) - LEGACY_KSECDD O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Serveur (lanmanserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANSERVER O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Station de travail (LanmanWorkstation) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANWORKSTATION O64 - Services: CurCS - (.not file.) - Lavasoft Ad-Aware Service (Lavasoft Ad-Aware Service) .(...) - LEGACY_LAVASOFT_AD-AWARE_SERVICE O64 - Services: CurCS - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe - BitDefender Desktop Update Service (LIVESRV) .(.BitDefender S.R.L. - BitDefender Update Service.) - LEGACY_LIVESRV O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Assistance TCP/IP NetBIOS (LmHosts) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LMHOSTS O64 - Services: CurCS - C:\Program Files\ma-config.com\maconfservice.exe - Ma-Config Service (maconfservice) .(.CybelSoft - Service de détection matériel.) - LEGACY_MACONFSERVICE O64 - Services: CurCS - C:\DOCUME~1\JOANNES\LOCALS~1\Temp\mbr.sys (.not file.) - mbr (mbr) .(...) - LEGACY_MBR O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Affichage des messages (Messenger) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_MESSENGER O64 - Services: CurCS - C:\Program Files\Miele\InstallerService\MieleInstallerService.exe - MieleInstallerService (MieleInstallerService) .(...) - LEGACY_MIELEINSTALLERSERVICE O64 - Services: CurCS - C:\Program Files\Miele\InstallerServiceStartStopper\MieleInstallerServiceStartStopper.exe - MieleInstallerServiceStartStopper (MieleInstallerServiceStartStopper) .(...) - LEGACY_MIELEINSTALLERSERVICESTARTSTOPPER O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MNMDD.sys - mnmdd (mnmdd) .(...) - LEGACY_MNMDD O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MOUNTMGR.sys - (.not file.) - mountmgr (mountmgr) .(...) - LEGACY_MOUNTMGR O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxdav.sys - Redirecteur client WebDav (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb.sys - MRXSMB (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB O64 - Services: CurCS - C:\WINDOWS\System32\msdtc.exe - Distributed Transaction Coordinator (MSDTC) .(.Microsoft Corporation - MS DTC console program.) - LEGACY_MSDTC O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS O64 - Services: CurCS - C:\WINDOWS\system32\msiexec.exe - Windows Installer (MSIServer) .(.Microsoft Corporation - Windows® installer.) - LEGACY_MSISERVER O64 - Services: CurCS - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe - SQL Server (MIELE_ETD) (MSSQL$MIELE_ETD) .(.Microsoft Corporation - SQL Server Windows NT.) - LEGACY_MSSQL$MIELE_ETD O64 - Services: CurCS - C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe - SQL Server (MIELE_WDA) (MSSQL$MIELE_WDA) .(.Microsoft Corporation - SQL Server Windows NT.) - LEGACY_MSSQL$MIELE_WDA O64 - Services: CurCS - (.not file.) - SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) .(...) - LEGACY_MSSQL$SQLEXPRESS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MUP.sys - (.not file.) - Mup (Mup) .(...) - LEGACY_MUP O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDIS.sys - (.not file.) - Pilote système NDIS (NDIS) .(...) - LEGACY_NDIS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndistapi.sys - Pilote TAPI NDIS d'accès distant (NdisTapi) .(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) - LEGACY_NDISTAPI O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndisuio.sys - NDIS mode utilisateur E/S Protocole (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O Driver.) - LEGACY_NDISUIO O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - Interface NetBIOS (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbt.sys - NetBIOS sur TCP/IP (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexions réseau (Netman) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NETMAN O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - NLA (Network Location Awareness) (Nla) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NLA O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS O64 - Services: CurCS - (.not file.) - NSNDIS5 NDIS Protocol Driver (NSNDIS5) .(...) - LEGACY_NSNDIS5 O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NTFS.sys - ntfs (ntfs) .(...) - LEGACY_NTFS O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Stockage amovible (NtmsSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NTMSSVC O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL O64 - Services: CurCS - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.exe - Microsoft Office Diagnostics Service (odserv) .(.Microsoft Corporation - Microsoft Office Diagnostics.) - LEGACY_ODSERV O64 - Services: CurCS - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHCLDCS.exe - OKI OPHC DCS Loader (OKI OPHC DCS Loader) .(.Oki Data Corporation - OPHCLDCS.) - LEGACY_OKI_OPHC_DCS_LOADER O64 - Services: CurCS - C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.exe - Office Source Engine (ose) .(.Microsoft Corporation - Office Source Engine.) - LEGACY_OSE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARTMGR.sys - (.not file.) - PartMgr (PartMgr) .(...) - LEGACY_PARTMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARVDM.sys - ParVdm (ParVdm) .(...) - LEGACY_PARVDM O64 - Services: CurCS - C:\WINDOWS\System32\lsass.exe - Services IPSEC (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PQNTDRV.sys - PQNTDrv (PQNTDrv) .(...) - LEGACY_PQNTDRV O64 - Services: CurCS - C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys - Profos (Profos) .(.BitDefender S.R.L. - Profos Kernel Module.) - LEGACY_PROFOS O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Emplacement protégé (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE O64 - Services: CurCS - C:\Program Files\RALINK\Common\RalinkRegistryWriter.exe - Ralink Registry Writer (RalinkRegistryWriter) .(.Ralink Technology, Corp. - RalinkRegistryWriter.) - LEGACY_RALINKREGISTRYWRITER O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rasacd.sys - Pilote de connexion automatique d'accès distant (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Gestionnaire de connexion automatique d'accès distant (RasAuto) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASAUTO O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Gestionnaire de connexions d'accès distant (RasMan) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASMAN O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rdbss.sys - Rdbss (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(...) - LEGACY_RDPNP O64 - Services: CurCS - (.not file.) - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(...) - LEGACY_RPCSS O64 - Services: CurCS - C:\WINDOWS\System32\rsvp.exe - QoS RSVP (RSVP) .(.Microsoft Corporation - Microsoft RSVP.) - LEGACY_RSVP O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Gestionnaire de comptes de sécurité (SamSs) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_SAMSS O64 - Services: CurCS - C:\WINDOWS\System32\SCardSvr.exe - Carte à puce (SCardSvr) .(.Microsoft Corporation - Serveur de gestion de ressources des cartes.) - LEGACY_SCARDSVR O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Planificateur de tâches (Schedule) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SCHEDULE O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexion secondaire (seclogon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SECLOGON O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Notification d'événement système (SENS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SENS O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Pare-feu Windows / Partage de connexion Internet (SharedAccess) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHAREDACCESS O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Détection matériel noyau (ShellHWDetection) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHELLHWDETECTION O64 - Services: CurCS - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe - SoundMAX Agent Service (SoundMAX Agent Service (default)) .(.Analog Devices, Inc. - SoundMAX service agent component.) - LEGACY_SOUNDMAX_AGENT_SERVICE_(DEFAULT) O64 - Services: CurCS - (.not file.) - SPBBCDrv (SPBBCDrv) .(...) - LEGACY_SPBBCDRV O64 - Services: CurCS - C:\WINDOWS\system32\spoolsv.exe - Spouleur d'impression (Spooler) .(.Microsoft Corporation - Spooler SubSystem App.) - LEGACY_SPOOLER O64 - Services: CurCS - C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe - SQL Server Browser (SQLBrowser) .(.Microsoft Corporation - SQL Browser Service EXE.) - LEGACY_SQLBROWSER O64 - Services: CurCS - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe - SQL Server VSS Writer (SQLWriter) .(.Microsoft Corporation - SQL Server VSS Writer.) - LEGACY_SQLWRITER O64 - Services: CurCS - C:\Windows\System32\DRIVERS\sr.sys - Pilote de filtre de restauration système (sr) .(.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) - LEGACY_SR O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Service de restauration système (srservice) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SRSERVICE O64 - Services: CurCS - (.not file.) - SRTSPX (SRTSPX) .(...) - LEGACY_SRTSPX O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv.sys - Srv (Srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Service de découvertes SSDP (SSDPSRV) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SSDPSRV O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Acquisition d'image Windows (WIA) (stisvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_STISVC O64 - Services: CurCS - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe - Symantec Core LC (Symantec Core LC) .(...) - LEGACY_SYMANTEC_CORE_LC O64 - Services: CurCS - (.not file.) - SYMDNS (SYMDNS) .(...) - LEGACY_SYMDNS O64 - Services: CurCS - (.not file.) - SymEvent (SymEvent) .(...) - LEGACY_SYMEVENT O64 - Services: CurCS - (.not file.) - SYMFW (SYMFW) .(...) - LEGACY_SYMFW O64 - Services: CurCS - (.not file.) - SYMIDS (SYMIDS) .(...) - LEGACY_SYMIDS O64 - Services: CurCS - (.not file.) - SYMIDSCO (SYMIDSCO) .(...) - LEGACY_SYMIDSCO O64 - Services: CurCS - (.not file.) - SYMNDIS (SYMNDIS) .(...) - LEGACY_SYMNDIS O64 - Services: CurCS - (.not file.) - SYMREDRV (SYMREDRV) .(...) - LEGACY_SYMREDRV O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(...) - LEGACY_SYMTDI O64 - Services: CurCS - C:\WINDOWS\system32\smlogsvc.exe - Journaux et alertes de performance (SysmonLog) .(.Microsoft Corporation - Service des alertes et des journaux de perf.) - LEGACY_SYSMONLOG O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Téléphonie (TapiSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TAPISRV O64 - Services: CurCS - C:\Windows\System32\DRIVERS\tcpip.sys - Pilote du protocole TCP/IP (Tcpip) .(.Microsoft Corporation - TCP/IP Protocol Driver.) - LEGACY_TCPIP O64 - Services: CurCS - (.not file.) - (.not file.) - Services Terminal Server (TermService) .(...) - LEGACY_TERMSERVICE O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Thèmes (Themes) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_THEMES O64 - Services: CurCS - G:\TomTom HOME 2\TomTomHOMEService.exe - TomTomHOMEService (TomTomHOMEService) .(.TomTom - Windows Service for TomTom HOME.) - LEGACY_TOMTOMHOMESERVICE O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client de suivi de lien distribué (TrkWks) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TRKWKS O64 - Services: CurCS - C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys - Trufos (Trufos) .(.BitDefender S.R.L. - Trufos Kernel Module.) - LEGACY_TRUFOS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\UDFS.sys - Udfs (Udfs) .(...) - LEGACY_UDFS O64 - Services: CurCS - (.not file.) - Gestionnaire de téléchargement (uploadmgr) .(...) - LEGACY_UPLOADMGR O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Hôte de périphérique universel Plug-and-Play (upnphost) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_UPNPHOST O64 - Services: CurCS - C:\Program Files\Windows Live\Messenger\usnsvc.exe - Service Messenger Sharing Folders USN Journal Reader (usnjsvc) .(.Microsoft Corporation - Messenger Sharing USN Journal Reader Servic.) - LEGACY_USNJSVC O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VGA.sys - vga (vga) .(...) - LEGACY_VGA O64 - Services: CurCS - C:\WINDOWS\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VOLSNAP.sys - VolSnap (VolSnap) .(...) - LEGACY_VOLSNAP O64 - Services: CurCS - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe - BitDefender Virus Shield (VSSERV) .(.BitDefender S.R.L. - BitDefender Security Service.) - LEGACY_VSSERV O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Horloge Windows (W32Time) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_W32TIME O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wanarp.sys - Pilote ARP IP d'accès distant (Wanarp) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARP O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - WebClient (WebClient) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WEBCLIENT O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Infrastructure de gestion Windows (winmgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WINMGMT O64 - Services: CurCS - C:\WINDOWS\System32\wbem\wmiapsrv.exe - Carte de performance WMI (WmiApSrv) .(.Microsoft Corporation - Service de la carte de performance WMI.) - LEGACY_WMIAPSRV O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Centre de sécurité (wscsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WSCSVC O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Mises à jour automatiques (wuauserv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUAUSERV O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Configuration automatique sans fil (WZCSVC) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WZCSVC O64 - Services: CurCS - (.not file.) - BitDefender Communicator (XCOMM) .(...) - LEGACY_XCOMM ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - Google ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 20/09/2010 183880 | (Arrakis3) . (.BitDefender S.R.L. http://www.bitdefender.c.) - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe SR - | Auto 3/05/2006 413696 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe SS - | Auto 3/05/2006 520192 | (ATI Smart) . (.Pas de propriétaire.) - C:\WINDOWS\system32\ati2sgag.exe SR - | Auto 23/09/2010 67584 | (cbVSCService) . (.CobianSoft, Luis Cobian.) - C:\Program Files\Cobian Backup 10\cbVSCService.exe SR - | Auto 23/09/2010 1125376 | (CobianBackup10) . (.Luis Cobian, CobianSoft.) - C:\Program Files\Cobian Backup 10\cbService.exe SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe SS - | Auto 14/05/2010 133104 | (gupdate1caf362c3eb72d4) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 3/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe SR - | Auto 20/09/2010 308552 | (LIVESRV) . (.BitDefender S.R.L..) - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe SS - | Demand 11/05/2010 271728 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe SR - | Auto 18/12/2009 28672 | (MieleInstallerService) . (.Pas de propriétaire.) - C:\Program Files\Miele\InstallerService\MieleInstallerService.exe SR - | Auto 18/12/2009 28672 | (MieleInstallerServiceStartStopper) . (.Pas de propriétaire.) - C:\Program Files\Miele\InstallerServiceStartStopper\MieleInstallerServiceStartStopper.exe SR - | Auto 6/01/2005 24576 | (OKI OPHC DCS Loader) . (.Oki Data Corporation.) - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHCLDCS.exe SR - | Auto 23/04/2008 69632 | (RalinkRegistryWriter) . (.Ralink Technology, Corp..) - C:\Program Files\RALINK\Common\RalinkRegistryWriter.exe SR - | Auto 20/09/2002 45056 | (SoundMAX Agent Service (default)) . (.Analog Devices, Inc..) - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe SS - | Demand 1/02/2008 1251720 | (Symantec Core LC) . (.Pas de propriétaire.) - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe SS - | Demand 24/08/2010 92008 | (TomTomHOMEService) . (.TomTom.) - G:\TomTom HOME 2\TomTomHOMEService.exe SR - | Auto 20/09/2010 1615688 | (VSSERV) . (.BitDefender S.R.L..) - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover Run by JOANNES at 23/02/2011 11:49:30 device: opened successfully user: MBR read successfully Disk trace: called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS 1 nt!IofCallDriver[0x804E13B9] -> \Device\Harddisk0\DR0[0x898ADAB8] 3 CLASSPNP[0xF7637FD7] -> nt!IofCallDriver[0x804E13B9] -> \Device\00000064[0x898A8E50] 5 ACPI[0xF75AD620] -> nt!IofCallDriver[0x804E13B9] -> \Device\Ide\IdeDeviceP0T0L0-4[0x8985DD98] kernel: MBR read successfully user & kernel MBR OK ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by JOANNES at 23/02/2011 11:49:30 Use the desktop link 'MBRCheck' to have full report End of the scan (1201 lines in 00mn 19s)(0)
-
oui je l utilise avec un autre programme dont j ai le cd original avec lequel j ai deja desinstallé le tout et reinstallé le tout mais toujours cette foutue mise a jour critique je cherche donc de l aide pour nettoyer le pc de residu sql serveur... car j ai lu que cet mise a jour ne ce fait pas causse fichier corompu si vs pouviez m aidera nettoyer moln pc pour que je puisse reinstallé mon programme j ai installé mon cd sur un autre pc et tout est ok sur celui la c donc un probleme de fichier corompu sur le mien merci de votre lecture
-
Bonjour, j ai un programmme sql serveur2005 une mise a jour de securité ne ce fait pas apres beaucoup d installation et de desinstallation toujours le meme probleme je pense qu il faudrait faire un bon nettoyage et remtre cela a zero pour bien repartir car la je suis bloqué.. pouvez vous m aider ou me dire la marche a suivre Merci merci aux bonne ames qui m aiderons je suis sur xp sp3
-
ralentisement enorme lol suivant falkra
johan1 a répondu à un(e) sujet de johan1 dans Analyses et éradication malwares
Avira AntiVir Personal Date de création du fichier de rapport : samedi 4 septembre 2010 12:37 La recherche porte sur 2777015 souches de virus. Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus Numéro de série : 0000149996-ADJIE-0000001 Plateforme : Windows XP Version de Windows : (Service Pack 3) [5.1.2600] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur : ACER-4F6EC417F4 Informations de version : BUILD.DAT : 9.0.0.77 21698 Bytes 9/06/2010 12:01:00 AVSCAN.EXE : 9.0.3.10 466689 Bytes 13/10/2009 10:25:46 AVSCAN.DLL : 9.0.3.0 49409 Bytes 3/03/2009 09:21:02 LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:11 LUKERES.DLL : 9.0.2.0 13569 Bytes 3/03/2009 09:21:31 VBASE000.VDF : 7.10.0.0 19875328 Bytes 6/11/2009 06:35:52 VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 10:34:51 VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 10:34:58 VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 10:35:00 VBASE004.VDF : 7.10.4.203 1579008 Bytes 5/03/2010 10:35:03 VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 10:35:09 VBASE006.VDF : 7.10.7.218 2294784 Bytes 2/06/2010 10:35:14 VBASE007.VDF : 7.10.9.165 4840960 Bytes 23/07/2010 10:35:24 VBASE008.VDF : 7.10.9.166 2048 Bytes 23/07/2010 10:35:25 VBASE009.VDF : 7.10.9.167 2048 Bytes 23/07/2010 10:35:25 VBASE010.VDF : 7.10.9.168 2048 Bytes 23/07/2010 10:35:25 VBASE011.VDF : 7.10.9.169 2048 Bytes 23/07/2010 10:35:25 VBASE012.VDF : 7.10.9.170 2048 Bytes 23/07/2010 10:35:25 VBASE013.VDF : 7.10.9.198 157696 Bytes 26/07/2010 10:35:25 VBASE014.VDF : 7.10.9.255 997888 Bytes 29/07/2010 10:35:27 VBASE015.VDF : 7.10.10.28 139264 Bytes 2/08/2010 10:35:28 VBASE016.VDF : 7.10.10.52 127488 Bytes 3/08/2010 10:35:28 VBASE017.VDF : 7.10.10.84 137728 Bytes 6/08/2010 10:35:28 VBASE018.VDF : 7.10.10.107 176640 Bytes 9/08/2010 10:35:29 VBASE019.VDF : 7.10.10.130 132608 Bytes 10/08/2010 10:35:29 VBASE020.VDF : 7.10.10.158 131072 Bytes 12/08/2010 10:35:30 VBASE021.VDF : 7.10.10.190 136704 Bytes 16/08/2010 10:35:30 VBASE022.VDF : 7.10.10.217 118272 Bytes 19/08/2010 10:35:30 VBASE023.VDF : 7.10.10.246 130048 Bytes 23/08/2010 10:35:30 VBASE024.VDF : 7.10.11.11 144896 Bytes 25/08/2010 10:35:31 VBASE025.VDF : 7.10.11.33 135168 Bytes 27/08/2010 10:35:31 VBASE026.VDF : 7.10.11.52 148992 Bytes 31/08/2010 10:35:31 VBASE027.VDF : 7.10.11.75 124928 Bytes 3/09/2010 10:35:32 VBASE028.VDF : 7.10.11.76 2048 Bytes 3/09/2010 10:35:32 VBASE029.VDF : 7.10.11.77 2048 Bytes 3/09/2010 10:35:32 VBASE030.VDF : 7.10.11.78 2048 Bytes 3/09/2010 10:35:32 VBASE031.VDF : 7.10.11.86 54784 Bytes 3/09/2010 10:35:32 Version du moteur : 8.2.4.50 AEVDF.DLL : 8.1.2.1 106868 Bytes 4/09/2010 10:35:39 AESCRIPT.DLL : 8.1.3.44 1364346 Bytes 4/09/2010 10:35:39 AESCN.DLL : 8.1.6.1 127347 Bytes 4/09/2010 10:35:38 AESBX.DLL : 8.1.3.1 254324 Bytes 4/09/2010 10:35:40 AERDL.DLL : 8.1.8.2 614772 Bytes 4/09/2010 10:35:38 AEPACK.DLL : 8.2.3.5 471412 Bytes 4/09/2010 10:35:37 AEOFFICE.DLL : 8.1.1.8 201081 Bytes 4/09/2010 10:35:37 AEHEUR.DLL : 8.1.2.21 2883958 Bytes 4/09/2010 10:35:36 AEHELP.DLL : 8.1.13.3 242038 Bytes 4/09/2010 10:35:34 AEGEN.DLL : 8.1.3.20 397684 Bytes 4/09/2010 10:35:33 AEEMU.DLL : 8.1.2.0 393588 Bytes 4/09/2010 10:35:33 AECORE.DLL : 8.1.16.2 192887 Bytes 4/09/2010 10:35:33 AEBB.DLL : 8.1.1.0 53618 Bytes 4/09/2010 10:35:32 AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:30 AVPREF.DLL : 9.0.3.0 44289 Bytes 26/08/2009 14:13:31 AVREP.DLL : 8.0.0.7 159784 Bytes 4/09/2010 10:35:40 AVREG.DLL : 9.0.0.0 36609 Bytes 7/11/2008 14:24:42 AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:22 AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:36:37 SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49 SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/02/2009 07:20:57 NETNT.DLL : 9.0.0.0 11521 Bytes 7/11/2008 14:40:59 RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 17/06/2009 12:44:26 RCTEXT.DLL : 9.0.73.0 88321 Bytes 2/11/2009 15:58:32 Configuration pour la recherche actuelle : Nom de la tâche...............................: Contrôle intégral du système Fichier de configuration......................: c:\program files\avira\antivir desktop\sysscan.avp Documentation.................................: bas Action principale.............................: interactif Action secondaire.............................: ignorer Recherche sur les secteurs d'amorçage maître..: marche Recherche sur les secteurs d'amorçage.........: marche Secteurs d'amorçage...........................: C:, D:, Recherche dans les programmes actifs..........: marche Recherche en cours sur l'enregistrement.......: marche Recherche de Rootkits.........................: marche Contrôle d'intégrité de fichiers système......: arrêt Fichier mode de recherche.....................: Tous les fichiers Recherche sur les archives....................: marche Limiter la profondeur de récursivité..........: 20 Archive Smart Extensions......................: marche Heuristique de macrovirus.....................: marche Heuristique fichier...........................: moyen Début de la recherche : samedi 4 septembre 2010 12:37 La recherche d'objets cachés commence. '49809' objets ont été contrôlés, '0' objets cachés ont été trouvés. La recherche sur les processus démarrés commence : Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'msiexec.exe' - '1' module(s) sont contrôlés Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés Processus de recherche 'tbs.exe' - '1' module(s) sont contrôlés Processus de recherche 'thpassiveclientsvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'sqlwriter.exe' - '1' module(s) sont contrôlés Processus de recherche 'sqlbrowser.exe' - '1' module(s) sont contrôlés Processus de recherche 'sqlservr.exe' - '1' module(s) sont contrôlés Processus de recherche 'sqlservr.exe' - '1' module(s) sont contrôlés Processus de recherche 'MieleInstallerServiceStartStopper.exe' - '1' module(s) sont contrôlés Processus de recherche 'MieleInstallerService.exe' - '1' module(s) sont contrôlés Processus de recherche 'mdm.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'wmpnscfg.exe' - '1' module(s) sont contrôlés Processus de recherche 'rundll32.exe' - '1' module(s) sont contrôlés Processus de recherche 'thtrayagent.exe' - '1' module(s) sont contrôlés Processus de recherche 'LManager.exe' - '1' module(s) sont contrôlés Processus de recherche 'PCMService.exe' - '1' module(s) sont contrôlés Processus de recherche 'SynTPEnh.exe' - '1' module(s) sont contrôlés Processus de recherche 'SynTPLpr.exe' - '1' module(s) sont contrôlés Processus de recherche 'AGRSMMSG.exe' - '1' module(s) sont contrôlés Processus de recherche 'SOUNDMAN.EXE' - '1' module(s) sont contrôlés Processus de recherche 'anbmServ.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés Processus de recherche 'ati2evxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'ati2evxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés '42' processus ont été contrôlés avec '42' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD1 [iNFO] Aucun virus trouvé ! La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'D:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence : Le registre a été contrôlé ( '58' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' <ACER> C:\hiberfil.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! [REMARQUE] Ce fichier est un fichier système Windows. [REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche. C:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! [REMARQUE] Ce fichier est un fichier système Windows. [REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche. Recherche débutant dans 'D:\' <ACERDATA> D:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! [REMARQUE] Ce fichier est un fichier système Windows. [REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche. D:\KD\KD_app.EXE [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen Début de la désinfection : D:\KD\KD_app.EXE [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4ce12db3.qua' ! Fin de la recherche : samedi 4 septembre 2010 13:28 Temps nécessaire: 50:58 Minute(s) La recherche a été effectuée intégralement 5612 Les répertoires ont été contrôlés 261334 Des fichiers ont été contrôlés 1 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 1 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 3 Impossible de contrôler des fichiers 261330 Fichiers non infectés 7997 Les archives ont été contrôlées 3 Avertissements 4 Consignes 49809 Des objets ont été contrôlés lors du Rootkitscan 0 Des objets cachés ont été trouvés -
ralentisement enorme lol suivant falkra
johan1 a répondu à un(e) sujet de johan1 dans Analyses et éradication malwares
je ferai apres l annalyse mais voici une reponse de yann de bitdefender """"Ensuite suivez la manipulation ci-dessous pour lancer une vérification de l'intégrité des fichiers de Windows (vous aurez besoin du cd Windows XP si vous en disposez): - cliquez sur Démarrer puis sur Exécuter - tapez la commande suivante : sfc /scannow - validez par Entrée et suivez les instructions à l'écran """" je l ai fait et il me demande de chargé le cd rom car des fichier dll sont manquante mais voila c un portable avec xp d origine sans cd y a t il moyen de cree un cd de l original ? -
ralentisement enorme lol suivant falkra
johan1 a répondu à un(e) sujet de johan1 dans Analyses et éradication malwares
Merci appolo G totalement fait fait ce que as demandé et g deja installé antivir. mais c un ordi de bureau pas perso donc on peut logiquement pas mais en attendant je l ai fait c un ordi qui ne sert " taravail word exel acces " avec bitdefender 2010 tout etait ok jusque +/- debut aout2010 apres c devenu de plus en plus lent... d ou les rapport posté plus haut que g lu sur votre forum et comment les posté. le hic c que je ne vois plus comment faire pour remetre bt2010 puisque j avais acheté la version 2009 boite et si je dois retelechargé c toujours la version2011 je me suis aussi inscrit sur leur forum mais en attende de reponse mais quand l antivirus est enleve c ok la version c bitdefender internet securité Merci -
bonjour, pas de suivit pour le moment Merci http://forum.zebulon.fr/ralentisement-enorme-lol-suivant-falkra-t179120.html
-
ralentisement enorme lol suivant falkra
johan1 a répondu à un(e) sujet de johan1 dans Analyses et éradication malwares
coucou, si vs pouviez ne pas m oublier lol merci d avance de vos reponses et le la prise en charge de mon probleme johan -
ralentisement enorme lol suivant falkra
johan1 a répondu à un(e) sujet de johan1 dans Analyses et éradication malwares
encore une info je viens de retirer bitdefender2011 et il rame un peu moin conseils Merci sans antivirus c un peu bete surtout que g encore 604 jours de licence -
ralentisement enorme lol suivant falkra
johan1 a répondu à un(e) sujet de johan1 dans Analyses et éradication malwares
Logfile of random's system information tool 1.08 (written by random/random) Run by JOANNES at 2010-08-31 16:30:24 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 20 GB (51%) free of 39 GB Total RAM: 510 MB (55% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:30:29, on 31/08/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Acer\eManager\anbmServ.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Aspire Arcade\PCMService.exe C:\PROGRA~1\LAUNCH~1\LManager.exe C:\Program Files\Astase\UltraBackup\4.9\bin\thtrayagent.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Miele\InstallerService\MieleInstallerService.exe C:\Program Files\Miele\InstallerServiceStartStopper\MieleInstallerServiceStartStopper.exe C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files\Astase\UltraBackup\4.9\bin\thpassiveclientsvc.exe C:\Program Files\Astase\UltraBackup\4.9\bin\tbs.exe C:\WINDOWS\system32\wscntfy.exe D:\RSIT.exe C:\Program Files\trend micro\JOANNES.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Skynet.be - LE portail belge – DE Belgische portaalsite! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Aspire Arcade\PCMService.exe" O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [_BackupService] "C:\Program Files\Astase\UltraBackup\4.9\bin\tbs.exe" -start O4 - HKLM\..\Run: [thnotify] "C:\Program Files\Astase\UltraBackup\4.9\bin\thtrayagent.exe" /start O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://dcode.support.microsoft.com/dcode/ActiveX/MSDcode.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1127465735703 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://config.zebulon.fr/plugins/MaConfig_4_1_0_2.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: MieleInstallerService - Unknown owner - C:\Program Files\Miele\InstallerService\MieleInstallerService.exe O23 - Service: MieleInstallerServiceStartStopper - Unknown owner - C:\Program Files\Miele\InstallerServiceStartStopper\MieleInstallerServiceStartStopper.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Astase ThalliumBackup Client Background Service (thpassivesvc) - Unknown owner - C:\Program Files\Astase\UltraBackup\4.9\bin\thpassiveclientsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe -- End of file - 8460 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GlaryInitialize.job C:\WINDOWS\tasks\User_Feed_Synchronization-{5E0DF136-D822-47BF-A8DC-CE407F5EAE98}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-07-27 68096] "AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-04-13 88363] "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-05-07 98304] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-05-07 536576] "PCMService"=C:\Program Files\Aspire Arcade\PCMService.exe [2004-09-04 81920] "LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2004-08-10 471040] "_BackupService"=C:\Program Files\Astase\UltraBackup\4.9\bin\tbs.exe [2008-02-08 1671168] "thnotify"=C:\Program Files\Astase\UltraBackup\4.9\bin\thtrayagent.exe [2008-02-08 1491456] "BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2005-08-03 90112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"= scecli scecli scecli scecli [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\WINDOWS\system32\fxsclnt.exe"="C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console" "C:\Program Files\NewTech Infosystems\NTI Backup NOW! 3\LiveUpdt.exe"="C:\Program Files\NewTech Infosystems\NTI Backup NOW! 3\LiveUpdt.exe:*:Enabled:LiveUpdate" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" ======List of files/folders created in the last 1 months====== 2010-08-31 14:18:42 ----ASH---- C:\hiberfil.sys 2010-08-31 14:11:29 ----D---- C:\Program Files\trend micro 2010-08-31 14:11:26 ----D---- C:\rsit 2010-08-31 14:04:39 ----D---- C:\WINDOWS\BDOSCAN8 2010-08-31 13:08:04 ----SHD---- C:\found.000 2010-08-31 12:01:56 ----A---- C:\WINDOWS\ntbtlog.txt 2010-08-31 10:12:52 ----SHD---- C:\Config.Msi 2010-08-30 17:50:31 ----A---- C:\bdlog.txt 2010-08-30 16:34:48 ----D---- C:\Documents and Settings\JOANNES\Application Data\QuickScan 2010-08-11 18:31:50 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$ 2010-08-11 18:31:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$ 2010-08-11 18:30:42 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$ 2010-08-11 18:25:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$ 2010-08-11 17:56:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$ 2010-08-11 17:52:44 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$ 2010-08-11 17:46:53 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$ 2010-08-11 17:46:04 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$ 2010-08-04 12:09:23 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2010-08-04 12:09:17 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 2010-08-04 12:09:09 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-08-03 12:33:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$ 2010-08-02 14:16:38 ----D---- C:\Program Files\ma-config.com 2010-08-02 14:16:38 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com ======List of files/folders modified in the last 1 months====== 2010-08-31 16:06:09 ----D---- C:\WINDOWS\Temp 2010-08-31 16:06:00 ----AD---- C:\WINDOWS 2010-08-31 16:05:48 ----A---- C:\WINDOWS\ModemLog_Agere Systems AC'97 Modem.txt 2010-08-31 16:05:19 ----D---- C:\Program Files\Fichiers communs 2010-08-31 16:05:19 ----D---- C:\Program Files 2010-08-31 15:57:59 ----AD---- C:\WINDOWS\system32\drivers 2010-08-31 15:57:24 ----SHD---- C:\WINDOWS\Installer 2010-08-31 14:55:15 ----AD---- C:\WINDOWS\system32 2010-08-31 14:49:35 ----D---- C:\WINDOWS\system32\CatRoot2 2010-08-31 14:38:17 ----D---- C:\WINDOWS\Prefetch 2010-08-31 14:04:41 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-08-31 14:04:38 ----HD---- C:\WINDOWS\inf 2010-08-31 13:03:50 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-08-31 12:02:34 ----D---- C:\Documents and Settings 2010-08-31 11:45:45 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2010-08-31 11:41:58 ----D---- C:\WINDOWS\SHELLNEW 2010-08-31 11:30:06 ----RSD---- C:\WINDOWS\Fonts 2010-08-31 10:31:30 ----A---- C:\WINDOWS\win.ini 2010-08-31 10:15:25 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2010-08-30 12:46:09 ----D---- C:\WINDOWS\system32\drivers\etc 2010-08-12 10:01:24 ----D---- C:\WINDOWS\Microsoft.NET 2010-08-12 10:01:09 ----RSD---- C:\WINDOWS\assembly 2010-08-11 18:31:58 ----RSHD---- C:\WINDOWS\system32\dllcache 2010-08-11 18:31:42 ----HD---- C:\WINDOWS\$hf_mig$ 2010-08-11 18:31:36 ----A---- C:\WINDOWS\imsins.BAK 2010-08-11 18:30:55 ----AD---- C:\i386 2010-08-11 18:03:54 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-08-11 18:03:12 ----D---- C:\WINDOWS\WinSxS 2010-08-11 17:58:12 ----D---- C:\Program Files\Internet Explorer 2010-08-11 17:57:55 ----D---- C:\WINDOWS\ie8updates 2010-08-11 17:47:02 ----D---- C:\Program Files\Movie Maker 2010-08-03 20:09:31 ----A---- C:\WINDOWS\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 ohci1394;Contrôleur hôte Texas Instruments IEEE 1394 compatible OHCI (Open Host Controller Interface); C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696] R1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\WINDOWS\system32\Drivers\eusk2par.sys [] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192] R2 osaio;osaio; C:\WINDOWS\system32\drivers\osaio.sys [2004-06-01 10594] R2 osanbm;osanbm; C:\WINDOWS\system32\drivers\osanbm.sys [2004-06-01 4054] R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-04-13 1266380] R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-08-02 635281] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-03 837120] R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2003-11-21 113152] R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2003-09-14 18838] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 IPN2220;INPROCOMM IPN2220 Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\i2220ntx.sys [2004-11-04 155392] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2004-09-27 6912] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368] R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 SMCIRDA;SMC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2002-04-23 35913] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-05-07 182688] R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024] S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120] S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768] S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\HardwareDetection\driverhardwarev2.sys [] S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [] S3 mbr;mbr; \??\C:\DOCUME~1\JOANNES\LOCALS~1\Temp\mbr.sys [] S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-08-16 1287168] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-03 409600] R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120] R2 MieleInstallerService;MieleInstallerService; C:\Program Files\Miele\InstallerService\MieleInstallerService.exe [2009-12-18 28672] R2 MieleInstallerServiceStartStopper;MieleInstallerServiceStartStopper; C:\Program Files\Miele\InstallerServiceStartStopper\MieleInstallerServiceStartStopper.exe [2009-12-18 28672] R2 MSSQL$MIELE_ETD;SQL Server (MIELE_ETD); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680] R2 MSSQL$MIELE_WDA;SQL Server (MIELE_WDA); C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680] R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968] R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904] R2 thpassivesvc;Astase ThalliumBackup Client Background Service; C:\Program Files\Astase\UltraBackup\4.9\bin\thpassiveclientsvc.exe [2008-02-08 646144] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800] S2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 getPlus® Helper;getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2010-05-11 271728] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408] S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 ThalliumServer;Astase ThalliumBackup Storage Service; C:\Program Files\Astase\UltraBackup\4.9\bin\tbsd.exe [2008-02-08 1952256] -----------------EOF----------------- encore un rapport en attente d une reponse -
ralentisement enorme lol suivant falkra
johan1 a répondu à un(e) sujet de johan1 dans Analyses et éradication malwares
Rapport de ZHPDiag v1.26.56 par Nicolas Coolman, Update du 24/08/2010 Run by JOANNES at 31/08/2010 16:20:29 Web site : ZHPDiag Outil de diagnostic Contact : nicolascoolman@yahoo.fr ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 ---\\ System Information Platform : Microsoft Windows XP (5.1.2600) Service Pack 3 Processor: x86 Family 15 Model 4 Stepping 1, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 510 MB (49% free) System drive C: has 20 GB (51%) free of 38 GB ---\\ Logged in mode Computer Name: ACER-4F6EC417F4 User Name: JOANNES All Users Names: SUPPORT_388945a0, JOANNES, HelpAssistant, ASPNET, Administrateur, Unselected Option: O1,O45,O61,O65,O82 Logged in as Administrator ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 20 Go of 38 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 34 Go of 36 Go) E:\ CD-ROM drive (Not Inserted) F:\ Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK ---\\ Processus lancés [MD5.E91D68C481DA7685D082A3EB0BD21CC4] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [409600] [MD5.C10D0FAE427EA464EDEA2EE5DC40F056] - (.OSA Technologies Inc. - Service Program for Acer eManager.) -- C:\Acer\eManager\anbmServ.exe [1287168] [MD5.F0EEED52FC29BEC6E917CAB2788148B2] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.EXE [68096] [MD5.0FB9595345CCC1DA5975E29E23E11DC3] - (.Agere Systems - SoftModem Messaging Applet.) -- C:\WINDOWS\AGRSMMSG.exe [88363] [MD5.6C0F0C4B7F53194E3C765CD89C0F4F30] - (.Synaptics, Inc. - TouchPad Driver Helper Application.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [98304] [MD5.B5DEDA5D8FA66B09A94B0E34F91C9330] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [536576] [MD5.A17D171EA8EBC8D1B28DFB5A14A298AE] - (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- C:\Program Files\Aspire Arcade\PCMService.exe [81920] [MD5.A8DC9CBF16CBDE808C6326C8526283E1] - (.Dritek System Inc. - Acer Launch Manager Keyboard Application.) -- C:\PROGRA~1\LAUNCH~1\LManager.exe [471040] [MD5.CF21A64C2C725CB538350D5E290C2642] - (.Astase - ThalliumBackup Tray Agent.) -- C:\Program Files\Astase\UltraBackup\4.9\bin\thtrayagent.exe [1491456] [MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [322120] [MD5.E0B31733CFBB95CFE19A5232CA42DDDA] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Miele\InstallerService\MieleInstallerService.exe [28672] [MD5.C51A8F65835FC53DCEF6D9C0F1D61210] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Miele\InstallerServiceStartStopper\MieleInstallerServiceStartStopper.exe [28672] [MD5.00E36BEEA22C92D1030C6D8F80BC0F6A] - (.Microsoft Corporation - SQL Server Windows NT.) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29262680] [MD5.00E36BEEA22C92D1030C6D8F80BC0F6A] - (.Microsoft Corporation - SQL Server Windows NT.) -- C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29262680] [MD5.D2F4F32B59440011174B4F8137AF4E0C] - (.Microsoft Corporation - SQL Server VSS Writer.) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [87904] [MD5.16C70669B17E86490422AE7AB3A92659] - (.Astase - ThalliumBackup Passive Agent (service).) -- C:\Program Files\Astase\UltraBackup\4.9\bin\thpassiveclientsvc.exe [646144] [MD5.5310BCB9B75B8559265DAC07FCCE585C] - (.Astase - ThalliumBackup server.) -- C:\Program Files\Astase\UltraBackup\4.9\bin\tbs.exe [1671168] [MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816] [MD5.4395BCEC356126F2020B478BBB003ABD] - (.Nicolas Coolman - Diagnostic Tool.) -- d:\ZHPDiag\ZHPDiag.exe [547328] ---\\ Plugins de navigateurs Opera/Firefox(P1/P2) P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50524.0.) -- C:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Yahoo!\Common\npyaxmpb.dll (.not file.) ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Pages de recherche d'Internet Explorer (R1) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ---\\ Internet Explorer URLSearchHook (R3) R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18939 (longhorn_ie8_gdr.100616-1700)) -- C:\WINDOWS\system32\ieframe.dll R3 - URLSearchHook: Microsoft Url Search Hook - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Pas de propriétaire - Pas de description.) (No version) -- (.not file.) ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [soundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\Windows\SOUNDMAN.EXE O4 - HKLM\..\Run: [AGRSMMSG] . (.Agere Systems - SoftModem Messaging Applet.) -- C:\Windows\AGRSMMSG.exe O4 - HKLM\..\Run: [synTPLpr] . (.Synaptics, Inc. - TouchPad Driver Helper Application.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [PCMService] . (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- C:\Program Files\Aspire Arcade\PCMService.exe O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Acer Launch Manager Keyboard Application.) -- C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [_BackupService] . (.Astase - ThalliumBackup server.) -- C:\Program Files\Astase\UltraBackup\4.9\bin\tbs.exe O4 - HKLM\..\Run: [thnotify] . (.Astase - ThalliumBackup Tray Agent.) -- C:\Program Files\Astase\UltraBackup\4.9\bin\thtrayagent.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-21-2894784457-2651248796-1045684370-1005\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} . (.not file.) - (.not file.) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} . (.not file.) - (.not file.) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.not file.) - (.not file.) O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://dcode.support.microsoft.com/dcode/ActiveX/MSDcode.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1127465735703 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://config.zebulon.fr/plugins/MaConfig_4_1_0_2.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{0A55A8E1-DFB4-462D-A463-221178452BAB}: DhcpNameServer = 10.0.0.138 O17 - HKLM\System\CS1\Services\Tcpip\..\{0A55A8E1-DFB4-462D-A463-221178452BAB}: DhcpNameServer = 10.0.0.138 O17 - HKLM\System\CS2\Services\Tcpip\..\{0A55A8E1-DFB4-462D-A463-221178452BAB}: DhcpNameServer = 10.0.0.138 O17 - HKLM\System\CS3\Services\Tcpip\..\{0A55A8E1-DFB4-462D-A463-221178452BAB}: DhcpNameServer = 10.0.0.138 O17 - HKLM\System\CCS\Services\Tcpip\..\{0A55A8E1-DFB4-462D-A463-221178452BAB}: DhcpDomain = lan O17 - HKLM\System\CS1\Services\Tcpip\..\{0A55A8E1-DFB4-462D-A463-221178452BAB}: DhcpDomain = lan O17 - HKLM\System\CS2\Services\Tcpip\..\{0A55A8E1-DFB4-462D-A463-221178452BAB}: DhcpDomain = lan O17 - HKLM\System\CS3\Services\Tcpip\..\{0A55A8E1-DFB4-462D-A463-221178452BAB}: DhcpDomain = lan O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\System32\Ati2evxx.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\System32\WgaLogon.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Notebook Manager Service (anbmService) . (.OSA Technologies Inc. - Service Program for Acer eManager.) - C:\Acer\eManager\anbmServ.exe O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: (MieleInstallerService) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Miele\InstallerService\MieleInstallerService.exe O23 - Service: (MieleInstallerServiceStartStopper) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Miele\InstallerServiceStartStopper\MieleInstallerServiceStartStopper.exe O23 - Service: Astase ThalliumBackup Client Background Service (thpassivesvc) . (.Astase - ThalliumBackup Passive Agent (service).) - C:\Program Files\Astase\UltraBackup\4.9\bin\thpassiveclientsvc.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Desktop General: BackupWallPaper - .(.Pas de propriétaire - Pas de description.) - C:\WINDOWS\Vent de prairie.bmp O24 - Desktop General: WallPaper - .(.Pas de propriétaire - Pas de description.) - C:\WINDOWS\Vent de prairie.bmp O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - C:\Program Files\Microsoft Office\Office10\WINWORD.exe (.not file.) ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GlaryInitialize.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{5E0DF136-D822-47BF-A8DC-CE407F5EAE98}.job ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_05\bin\regutils.dll O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp11.inf O40 - ASIC: Fax - {8b15971b-5355-4c82-8c07-7e181ea07608} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\fxsocm.inf O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.1 r82.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10i.ocx ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: EUTRON SmartKey Parallel Driver (eusk2par) . (.Eutron - SmartKey Parallel Driver.) - C:\WINDOWS\system32\Drivers\eusk2par.sys ---\\ Logiciels installés (O42) O42 - Logiciel: ATI - Utilitaire de désinstallation du logiciel - (.Pas de propriétaire.) [HKLM] -- All ATI Software O42 - Logiciel: ATI Control Panel - (.Pas de propriétaire.) [HKLM] -- {0BEDBD4E-2D34-47B5-9973-57E62B29307C} O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] -- ATI Display Driver O42 - Logiciel: Acer GridVista - (.Acer Inc..) [HKLM] -- {18FF8DB9-922C-41C9-AA29-6DA648D6B071} O42 - Logiciel: Acer eManager for Notebook - (.Acer Inc..) [HKLM] -- InstallShield_{827289F5-B44F-4E49-9993-840741585A62} O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Reader 9.3.3 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A93000000001} O42 - Logiciel: Adobe® Photoshop® Album Edition Découverte 3.0 - (.Adobe Systems, Inc..) [HKLM] -- {4BDFD2CE-6329-42E4-9801-9B3D1F10D79B} O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: Aspire Arcade 3.0 - (.Pas de propriétaire.) [HKLM] -- {2637C347-9DAD-11D6-9EA2-00055D0CA761} O42 - Logiciel: Aspire Series - (.Pas de propriétaire.) [HKLM] -- Aspire Series O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} O42 - Logiciel: Astase UltraBackup 2007 - (.Astase.) [HKLM] -- Astase UltraBackup 2007 O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: CPH_Offline (C:\Program Files\CPH_Offline\) - (.Pas de propriétaire.) [HKLM] -- ST6UNST #2 O42 - Logiciel: CPH_Offline - (.Pas de propriétaire.) [HKLM] -- ST6UNST #1 O42 - Logiciel: Client Windows Rights Management avec Service Pack 2 - (.Microsoft.) [HKLM] -- {A5325565-D104-4A87-9301-B45AD0AFC697} O42 - Logiciel: Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP - (.Microsoft Corporation.) [HKLM] -- {FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F} O42 - Logiciel: GDR 4053 for SQL Server Database Services 2005 ENU (KB970892) - (.Microsoft Corporation.) [HKLM] -- KB970892_SQL9 O42 - Logiciel: Glary Utilities 2.26.0.956 - (.Glarysoft Ltd.) [HKLM] -- Glary Utilities O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.0 (KB932471) - (.Microsoft Corporation.) [HKLM] -- KB932471.T301_380ToU433_380 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399 O42 - Logiciel: Hotfix for Windows Media Format SDK (KB902344) - (.Microsoft Corporation.) [HKLM] -- KB902344 O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31} O42 - Logiciel: Java 6 Update 3 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160030} O42 - Logiciel: Java 6 Update 5 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160050} O42 - Logiciel: KitchenDraw 4.5 - (.Pas de propriétaire.) [HKLM] -- KitchenDraw 4.5 O42 - Logiciel: KitchenDraw 5.0 - (.Pas de propriétaire.) [HKLM] -- KitchenDraw 5.0 O42 - Logiciel: Launch Manager - (.Pas de propriétaire.) [HKLM] -- LManager O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} O42 - Logiciel: MSXML 6.0 Parser (KB933579) - (.Microsoft Corporation.) [HKLM] -- {0A869A65-8C94-4F7C-A5C7-972D3C8CED9E} O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {14E3D14B-7852-477D-ACE2-895AF4322804} O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033) O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700} O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906 O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA - (.Microsoft Corporation.) [HKLM] -- {72AD53CC-CCC0-3757-8480-9EE176866A7C} O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA - (.Microsoft Corporation.) [HKLM] -- {0BD83598-C2EF-3343-847B-7D2E84599128} O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1 O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Professional 2007 - (.Microsoft Corporation.) [HKLM] -- PROR O42 - Logiciel: Microsoft Office Professional 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft SQL Server 2005 - (.Microsoft Corporation.) [HKLM] -- Microsoft SQL Server 2005 O42 - Logiciel: Microsoft SQL Server 2005 Express Edition (MIELE_ETD) - (.Microsoft Corporation.) [HKLM] -- {2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F} O42 - Logiciel: Microsoft SQL Server 2005 Express Edition (MIELE_WDA) - (.Microsoft Corporation.) [HKLM] -- {6DEF11C0-35FF-4160-A543-FDD336C4DAE5} O42 - Logiciel: Microsoft SQL Server Native Client - (.Microsoft Corporation.) [HKLM] -- {BD68F46D-8A82-4664-8E68-F87C55BDEFD4} O42 - Logiciel: Microsoft SQL Server Setup Support Files (English) - (.Microsoft Corporation.) [HKLM] -- {53F5C3EE-05ED-4830-994B-50B2F0D50FCE} O42 - Logiciel: Microsoft SQL Server VSS Writer - (.Microsoft Corporation.) [HKLM] -- {56B4002F-671C-49F4-984C-C760FE3806B5} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000 O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d} O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Miele Offline-ETD - (.Miele & Cie. KG.) [HKLM] -- {36B8BEF1-3B1F-4E23-BA14-750B2D2265FE} O42 - Logiciel: Miele Offline-WDA - (.Miele & Cie. KG.) [HKLM] -- {BE3450E8-29E3-444D-9078-396057BD137A} O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: NTI Backup NOW! 3 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{4E68EAA3-775A-4542-A08A-47DB8E8E74A6} O42 - Logiciel: NTI CD & DVD-Maker Gold - (.NewTech Infosystems.) [HKLM] -- InstallShield_{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778} O42 - Logiciel: OGA Notifier 1.7.0105.35.0 - (.Microsoft Corporation.) [HKLM] -- {25E98ECB-5727-408E-B30A-2CAF86F5B310} O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238} O42 - Logiciel: Package de base Microsoft de service de chiffrement pour cartes à puce - (.Microsoft Corporation.) [HKLM] -- KB909520 O42 - Logiciel: PowerProducer - (.Pas de propriétaire.) [HKLM] -- {B7A0CE06-068E-11D6-97FD-0050BACBF861} O42 - Logiciel: Realtek AC'97 Audio - (.Pas de propriétaire.) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E} O42 - Logiciel: Revo Uninstaller 1.88 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller O42 - Logiciel: SP2 de compatibilité descendante du client Windows Rights Management - (.Microsoft.) [HKLM] -- {EC905264-BCFE-423B-9C42-C3A106266790} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2277947) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{5857EE21-03D0-482E-9620-5A30B314A2AE} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982312) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{B0EC5722-241F-4CDA-83B4-AA5846B6F9F4} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982331) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{E8766951-2B6C-4022-86E8-80D2D1762B76} O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{5A4E43D5-858F-49BD-BA72-8F30E1793060} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB982308) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office Outlook 2007 (KB980376) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{48113C06-9BA2-4D54-A731-D1D2C5B3144A} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46} O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB982124) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{289FA8BC-6A8E-4341-B194-EB26B49E9F5D} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2251419) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{7E9103DA-253F-41FF-9E83-7C83806C77DA} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} O42 - Logiciel: Speccy - (.Piriform.) [HKLM] -- Speccy O42 - Logiciel: Synaptics Pointing Device Driver - (.Pas de propriétaire.) [HKLM] -- SynTPDeinstKey O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb2279264) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{01D475AB-57B1-44CC-8A8F-3A6B0FA4989F} O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130 O42 - Logiciel: Windows Genuine Advantage v1.3.0254.0 - (.Microsoft.) [HKLM] -- {63569CE9-FA00-469C-AF5C-E5D4D93ACF91} O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1} O42 - Logiciel: Windows Media Connect - (.Microsoft Corporation.) [HKLM] -- WMCSetup O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11 O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Windows Media Format SDK Hotfix - KB891122 - (.Microsoft Corporation.) [HKLM] -- KB891122 O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11 O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XpsEPSC O42 - Logiciel: acer Wireless LAN - (.Pas de propriétaire.) [HKLM] -- {4820DD99-52D1-42BB-927E-B6B6DF231AF5} O42 - Logiciel: getPlus® for Adobe - (.NOS Microsystems Ltd..) [HKLM] -- {CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7} ---\\ HKCU & HKLM Software Keys [HKCU\Software\Addictive Software] [HKCU\Software\Adobe] [HKCU\Software\Astase] [HKCU\Software\BitDefender] [HKCU\Software\Classes] [HKCU\Software\Compal] [HKCU\Software\CyberLink] [HKCU\Software\DYMO] [HKCU\Software\GlarySoft] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\Lake] [HKCU\Software\Laudrin] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Netscape] [HKCU\Software\NewTech Infosystems] [HKCU\Software\ODBC] [HKCU\Software\PepiMK Software] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\SXP] [HKCU\Software\Synaptics] [HKCU\Software\TuneUp] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VSRevoGroup] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Yahoo] [HKCU\Software\cybelsoft] [HKLM\Software\ATI Technologies] [HKLM\Software\Acer] [HKLM\Software\Adobe] [HKLM\Software\Agere] [HKLM\Software\Astase] [HKLM\Software\Blum] [HKLM\Software\C07ft5Y] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Compal] [HKLM\Software\CyberLink] [HKLM\Software\Gemplus] [HKLM\Software\INTEL] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\JavaSoft] [HKLM\Software\Lucent] [HKLM\Software\Macromedia] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NOS] [HKLM\Software\NewTech Infosystems] [HKLM\Software\ODBC] [HKLM\Software\Okidata] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SXP] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Schlumberger] [HKLM\Software\Softwin] [HKLM\Software\SymDebug] [HKLM\Software\SymNRT] [HKLM\Software\Symantec] [HKLM\Software\Synaptics] [HKLM\Software\TuneUp] [HKLM\Software\WholeSecurity] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Yahoo] [HKLM\Software\cybelsoft] ---\\ Contenu des dossiers ProgramFiles/ProgramData (O43) O43 - CFD:Common File Directory ----D- C:\Program Files\acer O43 - CFD:Common File Directory ----D- C:\Program Files\Acer Inc O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Aspire Arcade O43 - CFD:Common File Directory ----D- C:\Program Files\Astase O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\AvRack O43 - CFD:Common File Directory ----D- C:\Program Files\Borland O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications O43 - CFD:Common File Directory ----D- C:\Program Files\CPH_Offline O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs O43 - CFD:Common File Directory ----D- C:\Program Files\HardwareDetection O43 - CFD:Common File Directory ----D- C:\Program Files\HighMAT CD Writing Wizard O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD:Common File Directory ----D- C:\Program Files\Intel O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer O43 - CFD:Common File Directory ----D- C:\Program Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\Launch Manager O43 - CFD:Common File Directory ----D- C:\Program Files\ltmoh O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET O43 - CFD:Common File Directory ----D- C:\Program Files\Miele O43 - CFD:Common File Directory ----D- C:\Program Files\Miele Offline-ETD O43 - CFD:Common File Directory ----D- C:\Program Files\Miele Offline-WDA O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild O43 - CFD:Common File Directory ----D- C:\Program Files\MSN O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Messenger O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 6.0 O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting O43 - CFD:Common File Directory ----D- C:\Program Files\NewTech Infosystems O43 - CFD:Common File Directory ----D- C:\Program Files\NOS O43 - CFD:Common File Directory ----D- C:\Program Files\OfficeUpdate11 O43 - CFD:Common File Directory ----D- C:\Program Files\Online Services O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek Sound Manager O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies O43 - CFD:Common File Directory ----D- C:\Program Files\Synaptics O43 - CFD:Common File Directory ----D- C:\Program Files\trend micro O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Connect O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Connect 2 O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR O43 - CFD:Common File Directory ----D- C:\Program Files\xerox O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Designer O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Java O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Symantec Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.FE18ABD4B3B9C6C4225DEBFD2F28DF71] - 3/08/2010 - 11:33:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2286198.log [14183] O44 - LFC:[MD5.1D3E64383055C684CB4AE85C7365869D] - 31/08/2010 - 9:31:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\win.ini [1217] O44 - LFC:[MD5.67B48A903430C6D4FB58CBACA1866601] - 4/08/2010 - 11:09:17 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [20952] O44 - LFC:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 4/08/2010 - 11:09:23 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [38224] O44 - LFC:[MD5.00000000000000000000000000000000] - 31/08/2010 - 15:10:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1823098] O44 - LFC:[MD5.3A85517F1AE5EB231CED5901542FA0A2] - 31/08/2010 - 15:06:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [1158] O44 - LFC:[MD5.333E2156865B4E802EF82D482C7770C5] - 31/08/2010 - 15:05:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ModemLog_Agere Systems AC'97 Modem.txt [4236] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 31/08/2010 - 15:05:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 31/08/2010 - 15:05:25 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.AC65EF1BA8CAAF4CF6845907E7C93044] - 31/08/2010 - 14:58:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupapi.log [229987] O44 - LFC:[MD5.074FBBAAAB17FE447E46DAF5190AA828] - 31/08/2010 - 12:37:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ntbtlog.txt [253932] O44 - LFC:[MD5.00000000000000000000000000000000] - 31/08/2010 - 12:03:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SchedLgU.Txt [32430] O44 - LFC:[MD5.1C7FAD74361AC165F02405856C53666C] - 31/08/2010 - 12:03:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\bdlog.txt [1855] O44 - LFC:[MD5.43B8AD94E866190B8C39B7E91D09790F] - 31/08/2010 - 10:45:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\FNTCACHE.DAT [336256] O44 - LFC:[MD5.EDB98905A97720982611F8F4DA404973] - 30/08/2010 - 12:01:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ashttpstats.csv [52] O44 - LFC:[MD5.F0507B898EF16947E49925E08B2D64B8] - 26/08/2010 - 10:25:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupact.log [1200] O44 - LFC:[MD5.C379478B162809458D1B6E6C307ABA70] - 21/08/2010 - 16:44:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\EventSystem.log [11884] O44 - LFC:[MD5.21EF406620BEE3C7908494574D0DF841] - 11/08/2010 - 17:32:05 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB982214.log [13483] O44 - LFC:[MD5.0782CD0A9A09B25925A24EAE747571B9] - 11/08/2010 - 17:32:05 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\comsetup.log [94890] O44 - LFC:[MD5.5DF055D73CABFF0138838B373F3E0D39] - 11/08/2010 - 17:32:05 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\iis6.log [45246] O44 - LFC:[MD5.E5B2C567000D4F94E4B6B3969B45233B] - 11/08/2010 - 17:32:05 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\imsins.log [1374] O44 - LFC:[MD5.06D02D3027E1AE8C0A2C3C970CC92041] - 11/08/2010 - 17:32:05 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ntdtcsetup.log [57362] O44 - LFC:[MD5.4E45A19E70365128BA619247A6CE377D] - 11/08/2010 - 17:32:05 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ocmsn.log [15732] O44 - LFC:[MD5.51FEF6919E91F0DEBC38C1D205B8182D] - 11/08/2010 - 17:32:05 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\tsoc.log [108521] O44 - LFC:[MD5.DB520D3A4E3D1BFCD61FDC763B83961B] - 11/08/2010 - 17:32:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\msgsocm.log [14214] O44 - LFC:[MD5.539EDE4AD993F3BA678D10B862DA36B7] - 11/08/2010 - 17:32:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ocgen.log [135976] O44 - LFC:[MD5.A7F44EE40ED826AE0C120E967404D6F4] - 11/08/2010 - 17:32:03 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\FaxSetup.log [283320] O44 - LFC:[MD5.D92B8DFDF99F7C489EE081CF8F4FA44A] - 11/08/2010 - 17:31:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2115168.log [19016] O44 - LFC:[MD5.80AB3308C5C1C5820958658C889CC5D4] - 11/08/2010 - 17:31:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\imsins.BAK [1374] O44 - LFC:[MD5.E7FCCF7193217C39BE49B7F64DF8D269] - 11/08/2010 - 17:31:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB981852.log [15267] O44 - LFC:[MD5.D865E63D7D92EECD57E3BBE4CCDC5DF9] - 11/08/2010 - 17:27:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2079403.log [19598] O44 - LFC:[MD5.D3D8BB44A2B13D6020638DB2CC5C307B] - 11/08/2010 - 17:25:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\updspapi.log [15423] O44 - LFC:[MD5.2259FA9B1344C5190A8BB45669234864] - 11/08/2010 - 17:03:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.INI [1545202] O44 - LFC:[MD5.090DC201D4CC95B2D653880B50E28C7C] - 11/08/2010 - 17:03:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc009.dat [135678] O44 - LFC:[MD5.ED3C797A4E23445037190E48CE59E901] - 11/08/2010 - 17:03:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [149444] O44 - LFC:[MD5.2A5714E849E32FA2B3968CE041E2D38F] - 11/08/2010 - 17:03:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh009.dat [606132] O44 - LFC:[MD5.9DEB00DF03DF999CD2F7E460E5774291] - 11/08/2010 - 17:03:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [675626] O44 - LFC:[MD5.E0487751BCF003BAF7A17B30FB5FA65D] - 11/08/2010 - 16:58:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2183461-IE8.log [16274] O44 - LFC:[MD5.49A553F5F244ACE2D3E4368898DBDD03] - 11/08/2010 - 16:57:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2160329.log [15617] O44 - LFC:[MD5.E9184FD3C80178496CB78F23E2B1B02F] - 11/08/2010 - 16:53:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB980436.log [14921] O44 - LFC:[MD5.A227C424B7932CA99D0ECC3161675DD9] - 11/08/2010 - 16:47:07 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB981997.log [7924] O44 - LFC:[MD5.F00D0CF7E2D7976C37160DF7366A73E3] - 11/08/2010 - 16:46:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB982665.log [13456] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll ---\\ Export de clé d'application autorisée (ECAA) (O47) O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\MSN Messenger\msncall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\MSN Messenger\msncall.exe O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\fxsclnt.exe" [Enabled] .(.Microsoft Corporation - Microsoft Fax Console.) (.not file.) -- C:\WINDOWS\system32\fxsclnt.exe O47 - AAKE:Key Export SP - "C:\Program Files\NewTech Infosystems\NTI Backup NOW! 3\LiveUpdt.exe" [Enabled] .(.Newtech Infosystems, Inc. - LiveUpdate.) (.not file.) -- C:\Program Files\NewTech Infosystems\NTI Backup NOW! 3\LiveUpdt.exe O47 - AAKE:Key Export SP - "C:\Program Files\MSN Messenger\livecall.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) (.not file.) -- C:\Program Files\MSN Messenger\livecall.exe O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Outlook.) (.not file.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) (.not file.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) (.not file.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\ma-config.com\maconfservice.exe" [Enabled] .(.CybelSoft - Service de détection matériel.) (.not file.) -- C:\Program Files\ma-config.com\maconfservice.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\msncall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\MSN Messenger\msncall.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\livecall.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) (.not file.) -- C:\Program Files\MSN Messenger\livecall.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) (.not file.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) (.not file.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe ---\\ Déni du service (Local Security Authority) (LSA) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ MountPoints2 Shell Key (MPSK) (O51) O51 - MPSK:{049b480e-034e-11da-be19-000fb07b7b81}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- G:\setupSNK.exe (.not file.) ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:[MD5.F1BEED4F73B9A37E6D30885A0851A1C1] - 13/04/2004 - 14:48:32 ---A- . (.Agere Systems - SoftModem Device Driver.) -- C:\WINDOWS\system32\drivers\AGRSM.sys O58 - SDL:[MD5.BA88534A3CEB6161E7432438B9EA4F54] - 24/02/2004 - 10:08:52 ---A- . (.Sensaura - Sensaura WDM 3D Audio Driver.) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS O58 - SDL:[MD5.4D4593C10F2C90D48DA9FD1B14ACE825] - 2/08/2004 - 20:09:18 ---A- . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS O58 - SDL:[MD5.9F84EAF8DAFE4AFB490B555AA7506D43] - 3/08/2005 - 13:50:53 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys O58 - SDL:[MD5.4D50B7A5AE8E67E68B7C9571769D5DDE] - 21/11/2003 - 14:20:10 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS5.1 Driver..) -- C:\WINDOWS\system32\drivers\b57xp32.sys O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 5/08/2004 - 4:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 5/08/2004 - 4:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys O58 - SDL:[MD5.75AD9BEB6D4B6BBCB39BFABA454EA05A] - 14/09/2003 - 14:27:50 ---A- . (.Dritek System Inc. - Dritek PS2 Keyboard Filter Driver.) -- C:\WINDOWS\system32\drivers\DKbFltr.SYS O58 - SDL:[MD5.38008FAAA9632C2EF8E98BF1614D0527] - 13/12/2006 - 11:10:18 ---A- . (.Eutron - SmartKey Parallel Driver.) -- C:\WINDOWS\system32\drivers\eusk2par.sys O58 - SDL:[MD5.315FE3219404A7B88E2D35DABC4A085E] - 22/08/2005 - 12:00:32 ---A- . (.Eutron - SmartKey USB Driver for Windows.) -- C:\WINDOWS\system32\drivers\eusk3usb.sys O58 - SDL:[MD5.3CCEAAF1D5D341BFB3E60E81E84E5611] - 4/11/2004 - 18:29:38 ---A- . (.Inprocomm, Inc. - NT 5 (NDIS 5.1/5.0) x86 Driver.) -- C:\WINDOWS\system32\drivers\i2220ntx.sys O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 5/08/2004 - 4:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys O58 - SDL:[MD5.15A72D5B8F0B6A718207F14BD5EBB8FF] - 27/09/2004 - 9:25:36 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\WINDOWS\system32\drivers\NTIDrvr.sys O58 - SDL:[MD5.E0A95C9849E07B483AB01A6408C41FB9] - 1/06/2004 - 10:50:50 ---A- . (.Windows ® 2000 DDK provider - Windows I/O Port Driver.) -- C:\WINDOWS\system32\drivers\osaio.sys O58 - SDL:[MD5.5483AFEBD0E99E4CA7D31185B716296A] - 1/06/2004 - 10:50:50 ---A- . (.Windows ® 2000 DDK provider - Windows int15 Driver.) -- C:\WINDOWS\system32\drivers\osanbm.sys O58 - SDL:[MD5.444F122E68DB44C0589227781F3C8B3F] - 5/12/2003 - 17:46:36 ---A- . (.Padus, Inc. - Padus® ASPI Shell.) -- C:\WINDOWS\system32\drivers\pfc.sys O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 5/08/2004 - 4:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 5/08/2004 - 4:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 5/08/2004 - 4:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys O58 - SDL:[MD5.707647A1AA0EDB6CBEF61B0C75C28ED3] - 23/04/2002 - 12:08:12 ---A- . (.SMC - SMC IrCC NDIS 5.0 IrDA FIR Device Driver.) -- C:\WINDOWS\system32\drivers\smcirda.sys O58 - SDL:[MD5.065D6EFC03486C2039B8C2B4C56E6EDB] - 7/05/2004 - 9:44:54 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\WINDOWS\system32\drivers\SynTP.sys O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 5/08/2004 - 4:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 5/08/2004 - 4:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys O58 - SDL:[MD5.2F9806B52CB3748B1E49222744B28E3C] - 2/05/2002 - 11:52:22 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) -- C:\WINDOWS\system32\PCANDIS5.SYS ---\\ Alternate Data Stream File (ADS) (O62) O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\atiiiexx.dll:Zone.Identifier ---\\ Liste des outils de nettoyage (LATC) (O63) O63 - Logiciel: ZHPDiag 1.26 - (.Nicolas Coolman.) O63 - Logiciel: RSIT - (.random/random.) ---\\ Liste des services Legacy (LALS) (O64) O64 - Services: CurCS - (.not file.) - 05402dee (05402dee) .(.Pas de propriétaire - Pas de description.) - LEGACY_05402DEE O64 - Services: CurCS - (.not file.) - 0922be03 (0922be03) .(.Pas de propriétaire - Pas de description.) - LEGACY_0922BE03 O64 - Services: CurCS - (.not file.) - 0bd611c0 (0bd611c0) .(.Pas de propriétaire - Pas de description.) - LEGACY_0BD611C0 O64 - Services: CurCS - (.not file.) - 114e07c0 (114e07c0) .(.Pas de propriétaire - Pas de description.) - LEGACY_114E07C0 O64 - Services: CurCS - (.not file.) - 1287937b (1287937b) .(.Pas de propriétaire - Pas de description.) - LEGACY_1287937B O64 - Services: CurCS - (.not file.) - 20414ff8 (20414ff8) .(.Pas de propriétaire - Pas de description.) - LEGACY_20414FF8 O64 - Services: CurCS - (.not file.) - 226dee5c (226dee5c) .(.Pas de propriétaire - Pas de description.) - LEGACY_226DEE5C O64 - Services: CurCS - (.not file.) - 2cfa3017 (2cfa3017) .(.Pas de propriétaire - Pas de description.) - LEGACY_2CFA3017 O64 - Services: CurCS - (.not file.) - 2f876b41 (2f876b41) .(.Pas de propriétaire - Pas de description.) - LEGACY_2F876B41 O64 - Services: CurCS - (.not file.) - 45d40b6a (45d40b6a) .(.Pas de propriétaire - Pas de description.) - LEGACY_45D40B6A O64 - Services: CurCS - (.not file.) - 4645cd82 (4645cd82) .(.Pas de propriétaire - Pas de description.) - LEGACY_4645CD82 O64 - Services: CurCS - (.not file.) - 51e03c58 (51e03c58) .(.Pas de propriétaire - Pas de description.) - LEGACY_51E03C58 O64 - Services: CurCS - (.not file.) - 58413096 (58413096) .(.Pas de propriétaire - Pas de description.) - LEGACY_58413096 O64 - Services: CurCS - (.not file.) - 5fec6deb (5fec6deb) .(.Pas de propriétaire - Pas de description.) - LEGACY_5FEC6DEB O64 - Services: CurCS - (.not file.) - 6b780bda (6b780bda) .(.Pas de propriétaire - Pas de description.) - LEGACY_6B780BDA O64 - Services: CurCS - (.not file.) - 6e6339ad (6e6339ad) .(.Pas de propriétaire - Pas de description.) - LEGACY_6E6339AD O64 - Services: CurCS - (.not file.) - 96d11b7f (96d11b7f) .(.Pas de propriétaire - Pas de description.) - LEGACY_96D11B7F O64 - Services: CurCS - (.not file.) - 985fbbde (985fbbde) .(.Pas de propriétaire - Pas de description.) - LEGACY_985FBBDE O64 - Services: CurCS - (.not file.) - acef6aad (acef6aad) .(.Pas de propriétaire - Pas de description.) - LEGACY_ACEF6AAD O64 - Services: CurCS - C:\WINDOWS\system32\drivers\afd.sys - AFD (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - C:\WINDOWS\System32\alg.exe - Service de la passerelle de la couche Application (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG O64 - Services: CurCS - C:\Acer\eManager\anbmServ.exe - Notebook Manager Service (anbmService) .(.OSA Technologies Inc. - Service Program for Acer eManager.) - LEGACY_ANBMSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestion d'applications (AppMgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_APPMGMT O64 - Services: CurCS - C:\Windows\system32\DRIVERS\arp1394.sys - Protocole client ARP 1394 (Arp1394) .(.Microsoft Corporation - IP/1394 Arp Client.) - LEGACY_ARP1394 O64 - Services: CurCS - C:\WINDOWS\system32\Ati2evxx.exe - Ati HotKey Poller (Ati HotKey Poller) .(.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - LEGACY_ATI_HOTKEY_POLLER O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Audio Windows (AudioSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_AUDIOSRV O64 - Services: CurCS - (.not file.) - b11d4a4f (b11d4a4f) .(.Pas de propriétaire - Pas de description.) - LEGACY_B11D4A4F O64 - Services: CurCS - (.not file.) - BDFM (bdfm) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDFM O64 - Services: CurCS - (.not file.) - bdfsfltr (bdfsfltr) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDFSFLTR O64 - Services: CurCS - (.not file.) - bdftdif (bdftdif) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDFTDIF O64 - Services: CurCS - (.not file.) - BdRawPr (BdRawPr) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDRAWPR O64 - Services: CurCS - (.not file.) - BDVEDISK (BDVEDISK) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDVEDISK O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\BEEP.sys - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de transfert intelligent en arrière-plan (BITS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BITS O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Explorateur d'ordinateur (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BROWSER O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Bluetooth Support Service (BthServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BTHSERV O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\CDFS.sys - cdfs (cdfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_CDFS O64 - Services: CurCS - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe - .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) .(.Microsoft Corporation - .NET Runtime Optimization Service.) - LEGACY_CLR_OPTIMIZATION_V2.0.50727_32 O64 - Services: CurCS - C:\WINDOWS\system32\dllhost.exe - Application système COM+ (COMSysApp) .(.Microsoft Corporation - COM Surrogate.) - LEGACY_COMSYSAPP O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Services de cryptographie (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC O64 - Services: CurCS - C:\WINDOWS\system32\svchost -k DcomLaunch (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DHCP (Dhcp) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DHCP O64 - Services: CurCS - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique (dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN O64 - Services: CurCS - C:\Windows\system32\drivers\dmboot.sys - dmboot (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - C:\Windows\system32\drivers\dmload.sys - dmload (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Gestionnaire de disque logique (dmserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DMSERVER O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DNS (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE O64 - Services: CurCS - C:\Program Files\HardwareDetection\driverhardwarev2.sys - driverhardwarev2 (driverhardwarev2) .(.Pas de propriétaire - Pas de description.) - LEGACY_DRIVERHARDWAREV2 O64 - Services: CurCS - (.not file.) - e0176e0b (e0176e0b) .(.Pas de propriétaire - Pas de description.) - LEGACY_E0176E0B O64 - Services: CurCS - (.not file.) - e032985f (e032985f) .(.Pas de propriétaire - Pas de description.) - LEGACY_E032985F O64 - Services: CurCS - (.not file.) - e0ac466b (e0ac466b) .(.Pas de propriétaire - Pas de description.) - LEGACY_E0AC466B O64 - Services: CurCS - (.not file.) - eb084a4f (eb084a4f) .(.Pas de propriétaire - Pas de description.) - LEGACY_EB084A4F O64 - Services: CurCS - (.not file.) - ecb93017 (ecb93017) .(.Pas de propriétaire - Pas de description.) - LEGACY_ECB93017 O64 - Services: CurCS - C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (.not file.) - EraserUtilRebootDrv (EraserUtilRebootDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILREBOOTDRV O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Service de rapport d'erreurs (ERSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_ERSVC O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\eusk2par.sys - EUTRON SmartKey Parallel Driver (eusk2par) .(.Eutron - SmartKey Parallel Driver.) - LEGACY_EUSK2PAR O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Système d'événements de COM+ (EventSystem) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_EVENTSYSTEM O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FASTFAT.sys - fastfat (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Compatibilité avec le Changement rapide d'utilisateur (FastUserSwitchingCompatibility) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY O64 - Services: CurCS - C:\WINDOWS\system32\fxssvc.exe - Fax (Fax) .(.Microsoft Corporation - Service de télécopie.) - LEGACY_FAX O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FIPS.sys - Fips (Fips) .(.Pas de propriétaire - Pas de description.) - LEGACY_FIPS O64 - Services: CurCS - C:\Windows\system32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR O64 - Services: CurCS - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe - Windows Presentation Foundation Font Cache 3.0.0.0 (FontCache3.0.0.0) .(.Microsoft Corporation - PresentationFontCache.exe.) - LEGACY_FONTCACHE3.0.0.0 O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC O64 - Services: CurCS - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe - getPlus® Helper (getPlus® Helper) .(.NOS Microsystems Ltd. - getPlus® Helper.) - LEGACY_GETPLUS®_HELPER O64 - Services: CurCS - C:\Windows\system32\DRIVERS\msgpc.sys - Classificateur de paquets générique (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Aide et support (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HELPSVC O64 - Services: CurCS - C:\Windows\system32\Drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - HTTP SSL (HTTPFilter) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HTTPFILTER O64 - Services: CurCS - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe - InstallDriver Table Manager (IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT O64 - Services: CurCS - C:\WINDOWS\system32\imapi.exe - Service COM de gravage de CD IMAPI (ImapiService) .(.Microsoft Corporation - API Image Mastering.) - LEGACY_IMAPISERVICE O64 - Services: CurCS - C:\Windows\system32\DRIVERS\intelide.sys - IntelIde (IntelIde) .(.Microsoft Corporation - Pilote IDE Intel PCI.) - LEGACY_INTELIDE O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ipnat.sys - Traducteur d'adresses réseau IP (IpNat) .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ipsec.sys - Pilote IPSEC (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC O64 - Services: CurCS - C:\Windows\system32\DRIVERS\irda.sys - Protocole IrDA (irda) .(.Microsoft Corporation - IRDA Protocol Driver.) - LEGACY_IRDA O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Moniteur infrarouge (Irmon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_IRMON O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\KSECDD.sys - ksecdd (ksecdd) .(.Pas de propriétaire - Pas de description.) - LEGACY_KSECDD O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Serveur (lanmanserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANSERVER O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Station de travail (LanmanWorkstation) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANWORKSTATION O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Assistance TCP/IP NetBIOS (LmHosts) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LMHOSTS O64 - Services: CurCS - C:\Program Files\ma-config.com\maconfservice.exe - Ma-Config Service (maconfservice) .(.CybelSoft - Service de détection matériel.) - LEGACY_MACONFSERVICE O64 - Services: CurCS - C:\DOCUME~1\JOANNES\LOCALS~1\Temp\mbr.sys (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR O64 - Services: CurCS - C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe - Machine Debug Manager (MDM) .(.Microsoft Corporation - Machine Debug Manager.) - LEGACY_MDM O64 - Services: CurCS - C:\Program Files\Miele\InstallerService\MieleInstallerService.exe - MieleInstallerService (MieleInstallerService) .(.Pas de propriétaire - Pas de description.) - LEGACY_MIELEINSTALLERSERVICE O64 - Services: CurCS - C:\Program Files\Miele\InstallerServiceStartStopper\MieleInstallerServiceStartStopper.exe - MieleInstallerServiceStartStopper (MieleInstallerServiceStartStopper) .(.Pas de propriétaire - Pas de description.) - LEGACY_MIELEINSTALLERSERVICESTARTSTOPPER O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MNMDD.sys - mnmdd (mnmdd) .(.Pas de propriétaire - Pas de description.) - LEGACY_MNMDD O64 - Services: CurCS - (.not file.) - mountmgr (mountmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MOUNTMGR O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxdav.sys - Redirecteur client WebDav (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb.sys - MRXSMB (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB O64 - Services: CurCS - C:\WINDOWS\system32\msdtc.exe - Distributed Transaction Coordinator (MSDTC) .(.Microsoft Corporation - MS DTC console program.) - LEGACY_MSDTC O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS O64 - Services: CurCS - C:\WINDOWS\system32\msiexec.exe - Windows Installer (MSIServer) .(.Microsoft Corporation - Windows® installer.) - LEGACY_MSISERVER O64 - Services: CurCS - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe - SQL Server (MIELE_ETD) (MSSQL$MIELE_ETD) .(.Microsoft Corporation - SQL Server Windows NT.) - LEGACY_MSSQL$MIELE_ETD O64 - Services: CurCS - C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe - SQL Server (MIELE_WDA) (MSSQL$MIELE_WDA) .(.Microsoft Corporation - SQL Server Windows NT.) - LEGACY_MSSQL$MIELE_WDA O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ndistapi.sys - Pilote TAPI NDIS d'accès distant (NdisTapi) .(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) - LEGACY_NDISTAPI O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ndisuio.sys - NDIS mode utilisateur E/S Protocole (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O Driver.) - LEGACY_NDISUIO O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbios.sys - Interface NetBIOS (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbt.sys - NetBIOS sur TCP/IP (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexions réseau (Netman) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NETMAN O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - NLA (Network Location Awareness) (Nla) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NLA O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NTFS.sys - ntfs (ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL O64 - Services: CurCS - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.exe - Microsoft Office Diagnostics Service (odserv) .(.Microsoft Corporation - Microsoft Office Diagnostics.) - LEGACY_ODSERV O64 - Services: CurCS - C:\WINDOWS\system32\drivers\osaio.sys - osaio (osaio) .(.Windows ® 2000 DDK provider - Windows I/O Port Driver.) - LEGACY_OSAIO O64 - Services: CurCS - C:\WINDOWS\system32\drivers\osanbm.sys - osanbm (osanbm) .(.Windows ® 2000 DDK provider - Windows int15 Driver.) - LEGACY_OSANBM O64 - Services: CurCS - C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.exe - Office Source Engine (ose) .(.Microsoft Corporation - Office Source Engine.) - LEGACY_OSE O64 - Services: CurCS - (.not file.) - PartMgr (PartMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARTMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARVDM.sys - ParVdm (ParVdm) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARVDM O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Services IPSEC (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT O64 - Services: CurCS - (.not file.) - Profos (Profos) .(.Pas de propriétaire - Pas de description.) - LEGACY_PROFOS O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Emplacement protégé (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rasacd.sys - Pilote de connexion automatique d'accès distant (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestionnaire de connexion automatique d'accès distant (RasAuto) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASAUTO O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestionnaire de connexions d'accès distant (RasMan) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASMAN O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rdbss.sys - Rdbss (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\RDPWD.sys - RDPWD (RDPWD) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPWD O64 - Services: CurCS - C:\WINDOWS\system32\svchost -k rpcss (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS O64 - Services: CurCS - C:\WINDOWS\system32\rsvp.exe - QoS RSVP (RSVP) .(.Microsoft Corporation - Microsoft RSVP.) - LEGACY_RSVP O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Gestionnaire de comptes de sécurité (SamSs) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_SAMSS O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Planificateur de tâches (Schedule) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SCHEDULE O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexion secondaire (seclogon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SECLOGON O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Notification d'événement système (SENS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SENS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\SERIAL.sys - Serial (Serial) .(.Pas de propriétaire - Pas de description.) - LEGACY_SERIAL O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Pare-feu Windows / Partage de connexion Internet (SharedAccess) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHAREDACCESS O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Détection matériel noyau (ShellHWDetection) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHELLHWDETECTION O64 - Services: CurCS - (.not file.) - SPBBCDrv (SPBBCDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPBBCDRV O64 - Services: CurCS - C:\WINDOWS\system32\spoolsv.exe - Spouleur d'impression (Spooler) .(.Microsoft Corporation - Spooler SubSystem App.) - LEGACY_SPOOLER O64 - Services: CurCS - C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe - SQL Server Browser (SQLBrowser) .(.Microsoft Corporation - SQL Browser Service EXE.) - LEGACY_SQLBROWSER O64 - Services: CurCS - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe - SQL Server VSS Writer (SQLWriter) .(.Microsoft Corporation - SQL Server VSS Writer.) - LEGACY_SQLWRITER O64 - Services: CurCS - C:\Windows\system32\DRIVERS\sr.sys - Pilote de filtre de restauration système (sr) .(.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) - LEGACY_SR O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de restauration système (srservice) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SRSERVICE O64 - Services: CurCS - (.not file.) - SRTSPX (SRTSPX) .(.Pas de propriétaire - Pas de description.) - LEGACY_SRTSPX O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv.sys - Srv (Srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de découvertes SSDP (SSDPSRV) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SSDPSRV O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Acquisition d'image Windows (WIA) (stisvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_STISVC O64 - Services: CurCS - (.not file.) - Symantec Core LC (Symantec Core LC) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMANTEC_CORE_LC O64 - Services: CurCS - (.not file.) - SYMDNS (SYMDNS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMDNS O64 - Services: CurCS - (.not file.) - SymEvent (SymEvent) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMEVENT O64 - Services: CurCS - (.not file.) - SYMFW (SYMFW) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMFW O64 - Services: CurCS - (.not file.) - SYMIDS (SYMIDS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMIDS O64 - Services: CurCS - (.not file.) - SYMIDSCO (SYMIDSCO) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMIDSCO O64 - Services: CurCS - (.not file.) - SYMNDIS (SYMNDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMNDIS O64 - Services: CurCS - (.not file.) - SYMREDRV (SYMREDRV) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMREDRV O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMTDI O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Téléphonie (TapiSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TAPISRV O64 - Services: CurCS - C:\Windows\system32\DRIVERS\tcpip.sys - Pilote du protocole TCP/IP (Tcpip) .(.Microsoft Corporation - TCP/IP Protocol Driver.) - LEGACY_TCPIP O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\TDTCP.sys - TDTCP (TDTCP) .(.Pas de propriétaire - Pas de description.) - LEGACY_TDTCP O64 - Services: CurCS - C:\WINDOWS\System32\svchost -k DComLaunch (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE O64 - Services: CurCS - C:\Program Files\Astase\UltraBackup\4.9\bin\tbsd.exe - Astase ThalliumBackup Storage Service (ThalliumServer) .(.Astase - ThalliumBackup Server.) - LEGACY_THALLIUMSERVER O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Thèmes (Themes) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_THEMES O64 - Services: CurCS - C:\Program Files\Astase\UltraBackup\4.9\bin\thpassiveclientsvc.exe - Astase ThalliumBackup Client Background Service (thpassivesvc) .(.Astase - ThalliumBackup Passive Agent (service).) - LEGACY_THPASSIVESVC O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client de suivi de lien distribué (TrkWks) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TRKWKS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\UDFS.sys - Udfs (Udfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_UDFS O64 - Services: CurCS - (.not file.) - Gestionnaire de téléchargement (uploadmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_UPLOADMGR O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Hôte de périphérique universel Plug-and-Play (upnphost) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_UPNPHOST O64 - Services: CurCS - C:\Program Files\MSN Messenger\usnsvc.exe - Service Messenger Sharing Folders USN Journal Reader (usnjsvc) .(.Microsoft Corporation - Messenger Sharing USN Journal Reader Servic.) - LEGACY_USNJSVC O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VGA.sys - vga (vga) .(.Pas de propriétaire - Pas de description.) - LEGACY_VGA O64 - Services: CurCS - C:\WINDOWS\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VOLSNAP.sys - VolSnap (VolSnap) .(.Pas de propriétaire - Pas de description.) - LEGACY_VOLSNAP O64 - Services: CurCS - (.not file.) - BitDefender Virus Shield (VSSERV) .(.Pas de propriétaire - Pas de description.) - LEGACY_VSSERV O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Horloge Windows (W32Time) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_W32TIME O64 - Services: CurCS - C:\Windows\system32\DRIVERS\wanarp.sys - Pilote ARP IP d'accès distant (Wanarp) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARP O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - WebClient (WebClient) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WEBCLIENT O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Infrastructure de gestion Windows (winmgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WINMGMT O64 - Services: CurCS - C:\WINDOWS\system32\wbem\wmiapsrv.exe - Carte de performance WMI (WmiApSrv) .(.Microsoft Corporation - Service de la carte de performance WMI.) - LEGACY_WMIAPSRV O64 - Services: CurCS - C:\Program Files\Windows Media Player\WMPNetwk.exe - Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows M.) - LEGACY_WMPNETWORKSVC O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Centre de sécurité (wscsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WSCSVC O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Mises à jour automatiques (wuauserv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUAUSERV O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Configuration automatique sans fil (WZCSVC) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WZCSVC O64 - Services: CurCS - (.not file.) - BitDefender Communicator (XCOMM) .(.Pas de propriétaire - Pas de description.) - LEGACY_XCOMM ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - Bing ---\\ Search Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover Run by JOANNES at 31/08/2010 16:20:38 device: opened successfully user: MBR read successfully called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS kernel: MBR read successfully user & kernel MBR OK ---\\ Recherche des services démarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\appmgmts.dll [0] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\System32\audiosrv.dll [42496] O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\System32\browser.dll [77824] O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\System32\cryptsvc.dll [62464] O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\System32\dmserver.dll [24576] O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\System32\dhcpcsvc.dll [127488] O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\System32\ersvc.dll [23040] O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\es.dll [253952] O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680] O83 - Search Svchost Services: HidServ (HidServ) . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\hidserv.dll [0] O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Moniteur infrarouge.) -- C:\WINDOWS\System32\irmon.dll [29184] O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\System32\srvsvc.dll [96768] O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\System32\wkssvc.dll [132096] O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\System32\msgsvc.dll [33792] O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\System32\netman.dll [198144] O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\System32\mswsock.dll [247808] O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [88576] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [186368] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\System32\mprdim.dll [53248] O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [194560] O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\System32\seclogon.dll [18944] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\WINDOWS\System32\ipnathlp.dll [332800] O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll [171520] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\WINDOWS\System32\tapisrv.dll [249856] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680] O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112] O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\system32\w32time.dll [178176] O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\System32\wzcsvc.dll [483840] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [145408] O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [80896] O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\System32\xmlprov.dll [129024] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\WINDOWS\system32\qmgr.dll [409088] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680] O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS\system32\mspmsnsv.dll [27136] O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400] O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Exécution du service Agent de quarantaine.) -- C:\WINDOWS\System32\qagentrt.dll [293376] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\WINDOWS\System32\kmsvc.dll [61440] ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 16/08/2004 1287168 | Notebook Manager Service (anbmService) . (.OSA Technologies Inc..) - C:\Acer\eManager\anbmServ.exe SR - | Auto 3/08/2005 409600 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe SS - | Demand 29/08/2008 33752 | getPlus® Helper (getPlus® Helper) . (.NOS Microsystems Ltd..) - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe SS - | Demand 4/04/2005 69632 | InstallDriver Table Manager (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe SS - | Demand 11/05/2010 271728 | Ma-Config Service (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe SR - | Auto 18/12/2009 28672 | (MieleInstallerService) . (.Pas de propriétaire.) - C:\Program Files\Miele\InstallerService\MieleInstallerService.exe SR - | Auto 18/12/2009 28672 | (MieleInstallerServiceStartStopper) . (.Pas de propriétaire.) - C:\Program Files\Miele\InstallerServiceStartStopper\MieleInstallerServiceStartStopper.exe SS - | Disabled 8/02/2008 1952256 | Astase ThalliumBackup Storage Service (ThalliumServer) . (.Astase.) - C:\Program Files\Astase\UltraBackup\4.9\bin\tbsd.exe SR - | Auto 8/02/2008 646144 | Astase ThalliumBackup Client Background Service (thpassivesvc) . (.Astase.) - C:\Program Files\Astase\UltraBackup\4.9\bin\thpassiveclientsvc.exe End of the scan (943 lines in 00mn 08s)(0) voila ce que j ai pu faire merci -
ralentisement enorme lol suivant falkra
johan1 a posté un sujet dans Analyses et éradication malwares
bonjour, j aimerais votre aide je ne sais plus que faire mon pc portable est disons le devenu une limace quel sont les programme a telechagé pour que vs m aidier la je suis en mode sans echec car le normal c impossible et deja le mode sans echec est deja lent mon pc est un acer aspire1800wsmi - 2.93 1mb l2 cach 533 fsb et 512 mb ddr merci j avais comme antivirus bitdefender2010 et malawarbye qui ne trouve rien je viens de telecharger le bitdefender 2011 mais il plante a chaque fois on dirais que ma memoire est morte -
GMER 1.0.15.15281 - GMER - Rootkit Detector and Remover Rootkit scan 2010-08-02 09:02:54 Windows 5.1.2600 Service Pack 3 Running: 60tbf5ux.exe; Driver: C:\DOCUME~1\joannes\LOCALS~1\Temp\uwlirfoc.sys ---- Kernel code sections - GMER 1.0.15 ---- .text ntoskrnl.exe!_abnormal_termination + 40C 804E2A78 4 Bytes CALL 8C07DC98 .text ntoskrnl.exe!_abnormal_termination + 440 804E2AAC 12 Bytes [44, 19, B2, B9, A6, 18, B2, ...] {INC ESP; SBB [EDX-0x4de75947], ESI; MOV ECX, 0xb9b21dac} .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF7EBB380, 0x34C81F, 0xE8000020] ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Internet Explorer\iexplore.exe[1812] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 40D854C5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1812] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 40E5DB1C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1812] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 40F5480F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1812] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 40F54741 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1812] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 40F547AC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1812] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 40F54612 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1812] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 40F54674 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1812] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 40F54872 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1812] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 40F546D6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 40D854C5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 40E59AC9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!CallNextHookEx 7E3AB3C6 5 Bytes JMP 40E4D0ED C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 40E5DB1C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 40DC467C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 40F5480F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 40F54741 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 40F547AC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 40F54612 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 40F54674 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 40F54872 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 40F546D6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3152] ole32.dll!CoCreateInstance 774C057E 5 Bytes JMP 40E5DB78 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3152] ole32.dll!OleLoadFromStream 774E9C85 5 Bytes JMP 40F54B77 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3152] ws2_32.dll!getaddrinfo 719F2A6F 5 Bytes JMP 46CAE71D C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3152] ws2_32.dll!closesocket 719F3E2B 5 Bytes JMP 46CAEEE9 C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3152] ws2_32.dll!socket 719F4211 5 Bytes JMP 46CAE59E C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3152] ws2_32.dll!connect 719F4A07 5 Bytes JMP 46CAE62A C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3152] ws2_32.dll!send 719F4C27 5 Bytes JMP 46CAE9ED C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3152] ws2_32.dll!recv 719F676F 5 Bytes JMP 46CAF1C3 C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation) ---- EOF - GMER 1.0.15 ---- cccleanr ok easy je vais le faire
-
Rapport de ZHPDiag v1.26.39 par Nicolas Coolman, Update du 01/08/2010 Run by joannes at 01/08/2010 22:40:36 Web site : ZHPDiag Outil de diagnostic Contact : nicolascoolman@yahoo.fr ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 ---\\ System Information Platform : Microsoft Windows XP (5.1.2600) Service Pack 3 Processor: x86 Family 15 Model 1 Stepping 2, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 511 MB (38% free) System drive C: has 19 GB (50%) free of 37 GB ---\\ Logged in mode Computer Name: J-IJOGVL4Z00ZF8 User Name: joannes All Users Names: SUPPORT_388945a0, joannes, HelpAssistant, ASPNET, Administrateur, Unselected Option: O82 Logged in as Administrator ---\\ DOS/Devices A:\ Floppy drive, Flash card reader, USB Key (Not Inserted) C:\ Hard drive, Flash drive, Thumb drive (Free 19 Go of 37 Go) F:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK ---\\ Processus lancés [MD5.655D4DA7A440FFCF1ADFF2EB9D3072B4] - (.BitDefender S.R.L. - BitDefender Update Service.) -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe [308552] [MD5.B715ABF90831A37918EB4CAD2CF9DF69] - (.BitDefender S.R.L. - BitDefender Security Service.) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe [1615688] [MD5.CC64BB2D200031B11A16FF69DF3E3907] - (.BitDefender S.R.L. - BitDefender Agent.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe [1123360] [MD5.5FD5865DC1A2100F8D4CF000EE5409A3] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [152984] [MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [322120] [MD5.C501206816F35D20422B4C3F88D62860] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 182.5.) -- C:\WINDOWS\system32\nvsvc32.exe [163908] [MD5.166B6630CE180A861BD7C9110FF339D1] - (.BitDefender S.R.L. - BitDefender Security Center.) -- C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe [1091984] [MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816] [MD5.20A098A4D12E49342228D3AFE98EAFDF] - (.Microsoft Corporation - Windows Live Toolbar User Elevation Helper.) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe [223584] [MD5.EDD2A45C6D5885B050E428CE43810BBD] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [481792] ---\\ Plugins de navigateurs Opera/Firefox(P1/P2) P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50524.0.) -- c:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Pages de recherche d'Internet Explorer (R1) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ---\\ Internet Explorer URLSearchHook (R3) R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18928 (longhorn_ie8_gdr.100503-1700)) -- C:\WINDOWS\system32\ieframe.dll ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} . (.BitDefender S.R.L. - BitDefender Antiphishing Toolbar.) -- C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll ---\\ Applications démarrées par registre & par dossier(O4) O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll O4 - HKLM\..\Run: [bDAgent] . (.BitDefender S.R.L. - BitDefender Agent.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] . (.BitDefender S.R.L. - IEShow Application.) -- C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=1 O4 - HKCU\..\policies\Explorer: [NoDriveTypeAutoRun] Data=145 ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Excel.) -- C:\PROGRA~1\MICROS~2\Office10\EXCEL.exe ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} . (.not file.) - (.not file.) O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.not file.) - (.not file.) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.not file.) - (.not file.) O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ---\\ Internet Explorer Plugins (O12) O12 - Plugin for .UVR - C:\Program Files\Internet Explorer\Plugins\NPUPano.dll ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://belgacom.extrafilm.be/ImageUploader5.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} () - http://launch.gamespyarcade.com/software/launch/alaunch.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://config.zebulon.fr/plugins/MaConfig_3_5_3_0.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\System32\WgaLogon.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\System32\stobject.dll O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} . (.Microsoft Corporation - Moniteur et dossier UPNP Tray.) -- C:\WINDOWS\system32\upnpui.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) . (.BitDefender S.R.L. - BitDefender Update Service.) - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 182.5.) - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SupportSoft RemoteAssist (SupportSoft RemoteAssist) . (.SupportSoft, Inc. - ssrc Module.) - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe O23 - Service: BitDefender Virus Shield (VSSERV) . (.BitDefender S.R.L. - BitDefender Security Service.) - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GlaryInitialize.job ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Personnalisation du navigateur - >{F77E1997-3C95-4021-880B-4FDD8764C694} . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp11.inf O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r42.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: bdftdif (bdftdif) . (.BitDefender LLC - BitDefender Firewall TDI Filter Driver.) - C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys O41 - Driver: (SiSkp) . (.Silicon Integrated Systems Corporation - SiS VGA Driver Manager.) - C:\Windows\system32\drivers\srvkp.sys O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys ---\\ Logiciels installés (O42) O42 - Logiciel: ASUS WLAN Card Utilities/Driver - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Adobe Reader 8.2.3 - Français - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: BitDefender Internet Security 2010 - (.BitDefender.) [HKLM] O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] O42 - Logiciel: CIF USB CAMERA - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Empire Earth - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Empire Earth - The Art of Conquest - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Empire Earth Patch 1.0.4.0 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Everest Poker (Remove Only) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Glary Utilities 2.26.0.956 - (.Glarysoft Ltd.) [HKLM] O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: J2SE Runtime Environment 5.0 Update 10 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: J2SE Runtime Environment 5.0 Update 11 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: J2SE Runtime Environment 5.0 Update 7 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: J2SE Runtime Environment 5.0 Update 9 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: Java 6 Update 10 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: Java 6 Update 2 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: Java 6 Update 3 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: Java 6 Update 5 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: Java 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: Java SE Runtime Environment 6 Update 1 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Liveupdate4 - (.MSI, Inc..) [HKLM] O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] O42 - Logiciel: MSXML 6.0 Parser (KB933579) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] O42 - Logiciel: Messenger Plus! 3 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Messenger Plus! Live - (.Yuna Software.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 3.0 French Language Pack - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Live Add-in 1.3 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office XP Professional avec FrontPage - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MoD ImperiaL v4.1 - (.TeaM ImperiaL.) [HKLM] O42 - Logiciel: MoD Imperial v2.1 - (.MoD-ProyecT.) [HKLM] O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Praetorians - (.Pyro Studios.) [HKLM] O42 - Logiciel: Realtek AC'97 Audio - (.Realtek Semiconductor Corp..) [HKLM] O42 - Logiciel: Revo Uninstaller 1.89 - (.VS Revo Group.) [HKLM] O42 - Logiciel: Rome - Total War - (.Activision.) [HKLM] O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] O42 - Logiciel: SiS 650 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: SiS 650_651_M650_M652_740 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: SiSAGP driver - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: USB Flash Disk - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Ulead COOL 360 1.0 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Ulead Photo Explorer 8.0 SE Basic - (.Ulead Systems, Inc..) [HKLM] O42 - Logiciel: Ulead VideoStudio 7 SE Basic - (.Ulead Systems, Inc..) [HKLM] O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: WebTarot 1.30 - (.AtoutWeb.) [HKLM] O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Contrôle parental - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Connect - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Windows Media Format SDK Hotfix - KB891122 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Presentation Foundation - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Presentation Foundation Language Pack (FRA) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Workflow Foundation FR Language Pack - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0 - (.Microsoft Corporation.) [HKLM] ---\\ HKCU & HKLM Software Keys [HKCU\Software\ASUS] [HKCU\Software\Adobe] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Aurigma] [HKCU\Software\BitDefender] [HKCU\Software\BitTorrent] [HKCU\Software\CDDB] [HKCU\Software\Classes] [HKCU\Software\GameSpy] [HKCU\Software\GlarySoft] [HKCU\Software\Grand Virtual] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\Kazaa] [HKCU\Software\LowRegistry] [HKCU\Software\Macromedia] [HKCU\Software\Mad Doc Software] [HKCU\Software\MainConcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\ORL] [HKCU\Software\Patchou] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Pyro Studios] [HKCU\Software\SOCID] [HKCU\Software\SSSI] [HKCU\Software\SecuROM] [HKCU\Software\Support.com] [HKCU\Software\SupportSoft] [HKCU\Software\TheCreativeAssembly] [HKCU\Software\TuneUp] [HKCU\Software\Ulead Systems] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VHLD] [HKCU\Software\VSRevoGroup] [HKCU\Software\WebTarot] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\cybelsoft] [HKCU\Software\pacificpoker] [HKCU\Software\pokerinstaller] [HKCU\Software\tioga] [HKLM\Software\2B9EC021-C823-4f3d-9752-C18522DB7D98] [HKLM\Software\ASUS] [HKLM\Software\ATI Technologies] [HKLM\Software\Adobe] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\BitDefender] [HKLM\Software\BrowserChoice] [HKLM\Software\C07ft5Y] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Gemplus] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\MDC] [HKLM\Software\MSI] [HKLM\Software\Macromedia] [HKLM\Software\MidasHeurScanner] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\PLTmp] [HKLM\Software\Patchou] [HKLM\Software\PixArt] [HKLM\Software\Policies] [HKLM\Software\Praetorians] [HKLM\Software\Program Groups] [HKLM\Software\Pyro Studios] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Schlumberger] [HKLM\Software\Sierra OnLine] [HKLM\Software\Sierra] [HKLM\Software\Software] [HKLM\Software\Softwin] [HKLM\Software\SupportSoft] [HKLM\Software\Symantec] [HKLM\Software\The Creative Assembly] [HKLM\Software\TuneUp] [HKLM\Software\Ulead Systems] [HKLM\Software\Via4in1Driver] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\cybelsoft] [HKLM\Software\sis] [HKLM\Software\support.com] ---\\ Contenu des dossiers Program Files (O43) O43 - CFD:Common File Directory ----D- C:\Program Files\Activision O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update O43 - CFD:Common File Directory ----D- C:\Program Files\ASUS O43 - CFD:Common File Directory ----D- C:\Program Files\BitDefender O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner O43 - CFD:Common File Directory ----D- C:\Program Files\CIF USB CAMERA O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files O43 - CFD:Common File Directory ----D- C:\Program Files\directx O43 - CFD:Common File Directory ----D- C:\Program Files\Eidos Interactive O43 - CFD:Common File Directory ----D- C:\Program Files\Everest Poker O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs O43 - CFD:Common File Directory ----D- C:\Program Files\Glary Utilities O43 - CFD:Common File Directory ----D- C:\Program Files\HardwareDetection O43 - CFD:Common File Directory ----D- C:\Program Files\HighMAT CD Writing Wizard O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer O43 - CFD:Common File Directory ----D- C:\Program Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live O43 - CFD:Common File Directory ----D- C:\Program Files\MessengerPlus! 3 O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Sync Framework O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild O43 - CFD:Common File Directory ----D- C:\Program Files\MSI O43 - CFD:Common File Directory ----D- C:\Program Files\msn O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 6.0 O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting O43 - CFD:Common File Directory ----D- C:\Program Files\OfficeUpdate11 O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek AC97 O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies O43 - CFD:Common File Directory ----D- C:\Program Files\RegClean O43 - CFD:Common File Directory ----D- C:\Program Files\Setup Files O43 - CFD:Common File Directory ----D- C:\Program Files\sisagp O43 - CFD:Common File Directory ----D- C:\Program Files\support.com O43 - CFD:Common File Directory ----D- C:\Program Files\ToniArts O43 - CFD:Common File Directory ----D- C:\Program Files\Ulead Systems O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information O43 - CFD:Common File Directory ----D- C:\Program Files\USBDisk O43 - CFD:Common File Directory ----D- C:\Program Files\VS Revo Group O43 - CFD:Common File Directory ----D- C:\Program Files\Webtarot O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Connect 2 O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR O43 - CFD:Common File Directory ----D- C:\Program Files\xerox O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SupportSoft ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.00000000000000000000000000000000] - 01/08/2010 - 21:37:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1111584] O44 - LFC:[MD5.02035F360B32F57BB0490A4DDD76ACA0] - 01/08/2010 - 21:01:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [12618] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/08/2010 - 21:01:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.00000000000000000000000000000000] - 01/08/2010 - 21:01:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.00000000000000000000000000000000] - 01/08/2010 - 21:01:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.4DA0212084F0DBB2D9E2A1E9BAABC95D] - 01/08/2010 - 21:00:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\nvapps.xml [209540] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 01/08/2010 - 21:00:45 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.00000000000000000000000000000000] - 31/07/2010 - 12:04:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SchedLgU.Txt [32530] O44 - LFC:[MD5.A8F2ADD0E0BACD80DE1A12184A35D6DE] - 31/07/2010 - 11:59:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wmsetup.log [404] O44 - LFC:[MD5.7FA462A80E02178E0A8D87FED75CEF81] - 30/07/2010 - 21:24:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\win.ini [1497] O44 - LFC:[MD5.EDB98905A97720982611F8F4DA404973] - 30/07/2010 - 08:25:08 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ashttpstats.csv [52] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ph_fuzzy.sig [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ph_spoof.sig [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ph_summ.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\phar_histprot.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\phar_unmip.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wsbl.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_drugs.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_gambling.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_games.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_hate.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_illegal.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_im.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_news.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_onlinedating.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_onlinepay.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_onlineshop.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_pornography.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_regionaltlds.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_searchengines.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_sign.slf [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_socialnetworks.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_tabloids.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_video.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_webproxy.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pcwords.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pcwords2.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ph_black.dat [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ph_sign.slf [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ph_white.dat [0] O44 - LFC:[MD5.8D30BECFCF04AC89E20522F38CA2A198] - 28/07/2010 - 19:11:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\bdlog.txt [4420] O44 - LFC:[MD5.D981965D8D6578D663CF53D70A03F95A] - 28/07/2010 - 18:26:30 ---A- . (.BitDefender LLC - BitDefender Firewall NDIS Filter Driver.) -- C:\WINDOWS\System32\drivers\bdfndisf.sys [111312] O44 - LFC:[MD5.486F6D52CBC1E47B369133D9A1FAFA3F] - 28/07/2010 - 18:21:52 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\asdict.dat [16] O44 - LFC:[MD5.F1D3FF8443297732862DF21DC4E57262] - 28/07/2010 - 18:21:52 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\aspdict-en.dat [4] O44 - LFC:[MD5.17735036321477105ACA6A6CB5611563] - 14/07/2010 - 20:41:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.bak [12560] ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:02:14 ---A- C:\WINDOWS\Prefetch\BDMZINST.EXE-06A582C5.pf O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:02:14 ---A- C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:02:15 ---A- C:\WINDOWS\Prefetch\UISCAN.EXE-194144E5.pf O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:09:39 ---A- C:\WINDOWS\Prefetch\WLTUSER.EXE-05A5B196.pf O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:23:24 ---A- C:\WINDOWS\Prefetch\ZHPDIAG_1.26.EXE-21E06988.pf O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:23:25 ---A- C:\WINDOWS\Prefetch\ZHPDIAG_1.26.TMP-094610C6.pf O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:23:38 ---A- C:\WINDOWS\Prefetch\ZHPDIAG.EXE-021B7932.pf O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:23:53 ---A- C:\WINDOWS\Prefetch\BDWIZREG.EXE-29D833AF.pf O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:27:14 ---A- C:\WINDOWS\Prefetch\UPGREPL.EXE-24BD643C.pf O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:32:15 ---A- C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:34:21 ---A- C:\WINDOWS\Prefetch\LADS.EXE-06335087.pf O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:36:05 ---A- C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:37:22 ---A- C:\WINDOWS\Prefetch\SUBINACL.EXE-17974576.pf O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:37:25 ---A- C:\WINDOWS\Prefetch\SETACL.EXE-33B348AC.pf O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:37:47 ---A- C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:38:37 ---A- C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:38:37 ---A- C:\WINDOWS\Prefetch\MBR.EXE-313604BE.pf O45 - LFCP:Last File Created Prefetch 25/07/2010 - 19:39:33 ---A- C:\WINDOWS\Prefetch\UPDATE.EXE-2577D203.pf O45 - LFCP:Last File Created Prefetch 25/07/2010 - 19:39:40 ---A- C:\WINDOWS\Prefetch\AVNOTIFY.EXE-05ED5FD8.pf O45 - LFCP:Last File Created Prefetch 28/07/2010 - 17:51:34 ---A- C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf O45 - LFCP:Last File Created Prefetch 28/07/2010 - 17:51:34 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-1619A94E.pf O45 - LFCP:Last File Created Prefetch 28/07/2010 - 17:51:34 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-35A483DA.pf O45 - LFCP:Last File Created Prefetch 28/07/2010 - 18:03:54 ---A- C:\WINDOWS\Prefetch\REVOUNINSTALLER.EXE-38379543.pf O45 - LFCP:Last File Created Prefetch 28/07/2010 - 18:04:50 ---A- C:\WINDOWS\Prefetch\AVWSC.EXE-0283F9DD.pf O45 - LFCP:Last File Created Prefetch 28/07/2010 - 18:14:48 ---A- C:\WINDOWS\Prefetch\NETSH.EXE-085CFFDE.pf O45 - LFCP:Last File Created Prefetch 28/07/2010 - 18:20:05 ---A- C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf O45 - LFCP:Last File Created Prefetch 28/07/2010 - 20:37:38 ---A- C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf O45 - LFCP:Last File Created Prefetch 28/07/2010 - 21:00:47 ---A- C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf O45 - LFCP:Last File Created Prefetch 28/07/2010 - 21:06:09 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-385E89E5.pf O45 - LFCP:Last File Created Prefetch 28/07/2010 - 21:07:14 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-25CBA5A6.pf O45 - LFCP:Last File Created Prefetch 28/07/2010 - 21:12:10 ---A- C:\WINDOWS\Prefetch\MMC.EXE-39071BCC.pf O45 - LFCP:Last File Created Prefetch 28/07/2010 - 21:17:30 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-43D8C8B5.pf O45 - LFCP:Last File Created Prefetch 28/07/2010 - 21:22:33 ---A- C:\WINDOWS\Prefetch\RUNONCE.EXE-2803F297.pf O45 - LFCP:Last File Created Prefetch 28/07/2010 - 21:23:02 ---A- C:\WINDOWS\Prefetch\CCLEANER.EXE-0BCE437C.pf O45 - LFCP:Last File Created Prefetch 28/07/2010 - 21:50:24 ---A- C:\WINDOWS\Prefetch\MMC.EXE-1EF9AA05.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 07:22:20 ---A- C:\WINDOWS\Prefetch\IESHOW.EXE-06DE2DD9.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 07:22:20 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-415F88EC.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 07:22:21 ---A- C:\WINDOWS\Prefetch\BDAGENT.EXE-06E7676E.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 07:22:21 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-1340EF7F.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 07:22:26 ---A- C:\WINDOWS\Prefetch\SECCENTER.EXE-33C8281D.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 07:23:12 ---A- C:\WINDOWS\Prefetch\SIGNCHECK.EXE-205B42F0.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 08:25:59 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-22E35C38.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 19:21:42 ---A- C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 19:21:43 ---A- C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 20:08:06 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-268BFF96.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 20:16:05 ---A- C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:07:13 ---A- C:\WINDOWS\Prefetch\ASKINSTALLCHECKER.EXE-023CD4B9.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:07:16 ---A- C:\WINDOWS\Prefetch\GUSETUPNEW.EXE-2BD44592.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:07:17 ---A- C:\WINDOWS\Prefetch\IS-165VI.TMP-09E8A23F.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:07:52 ---A- C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:07:55 ---A- C:\WINDOWS\Prefetch\INITIALIZE.EXE-110970DF.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:07:59 ---A- C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:27:23 ---A- C:\WINDOWS\Prefetch\EFF.EXE-22F8D8E6.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:30:17 ---A- C:\WINDOWS\Prefetch\STARTUP.EXE-1B6B33B0.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:30:30 ---A- C:\WINDOWS\Prefetch\MEMDEFRAG.EXE-01F4C7A7.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:30:53 ---A- C:\WINDOWS\Prefetch\CMM.EXE-1E186ADA.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:31:05 ---A- C:\WINDOWS\Prefetch\REGDEFRAG.EXE-0F7CD524.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:33:08 ---A- C:\WINDOWS\Prefetch\REGREPAIR.EXE-0CD8A22A.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:35:03 ---A- C:\WINDOWS\Prefetch\WEBUPDATE.EXE-0E1736C3.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:57:29 ---A- C:\WINDOWS\Prefetch\INTEGRATOR.EXE-3A1D428D.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 22:00:10 ---A- C:\WINDOWS\Prefetch\MSNMSGR.EXE-030AB647.pf O45 - LFCP:Last File Created Prefetch 29/07/2010 - 22:00:41 ---A- C:\WINDOWS\Prefetch\WLCOMM.EXE-04AE9009.pf O45 - LFCP:Last File Created Prefetch 30/07/2010 - 07:54:23 ---A- C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf O45 - LFCP:Last File Created Prefetch 30/07/2010 - 17:17:17 ---A- C:\WINDOWS\Prefetch\WMIAPSRV.EXE-1E2270A5.pf O45 - LFCP:Last File Created Prefetch 30/07/2010 - 18:02:08 ---A- C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf O45 - LFCP:Last File Created Prefetch 30/07/2010 - 18:02:17 ---A- C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf O45 - LFCP:Last File Created Prefetch 30/07/2010 - 18:08:35 ---A- C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf O45 - LFCP:Last File Created Prefetch 30/07/2010 - 18:17:10 ---A- C:\WINDOWS\Prefetch\WGATRAY.EXE-0ED38BED.pf O45 - LFCP:Last File Created Prefetch 30/07/2010 - 18:36:35 ---A- C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf O45 - LFCP:Last File Created Prefetch 30/07/2010 - 18:38:15 ---A- C:\WINDOWS\Prefetch\Layout.ini O45 - LFCP:Last File Created Prefetch 30/07/2010 - 20:30:36 ---A- C:\WINDOWS\Prefetch\ACRORD32.EXE-356875A2.pf O45 - LFCP:Last File Created Prefetch 30/07/2010 - 20:31:23 ---A- C:\WINDOWS\Prefetch\ADOBEARM.EXE-1095AC0A.pf O45 - LFCP:Last File Created Prefetch 30/07/2010 - 21:24:34 ---A- C:\WINDOWS\Prefetch\CSTART.EXE-1EDA82DF.pf O45 - LFCP:Last File Created Prefetch 30/07/2010 - 21:24:40 ---A- C:\WINDOWS\Prefetch\EVEREST POKER.EXE-33F19199.pf O45 - LFCP:Last File Created Prefetch 31/07/2010 - 11:45:12 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf O45 - LFCP:Last File Created Prefetch 31/07/2010 - 11:55:17 ---A- C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEFA5.pf O45 - LFCP:Last File Created Prefetch 31/07/2010 - 11:56:26 ---A- C:\WINDOWS\Prefetch\SETUP_WM.EXE-3135CBD6.pf O45 - LFCP:Last File Created Prefetch 31/07/2010 - 11:59:48 ---A- C:\WINDOWS\Prefetch\MSIMN.EXE-38BA891D.pf O45 - LFCP:Last File Created Prefetch 31/07/2010 - 12:02:47 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-33CEEB8D.pf O45 - LFCP:Last File Created Prefetch 31/07/2010 - 12:04:26 ---A- C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll ---\\ Export de clé d'application autorisée (ECAA) (O47) O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe O47 - AAKE:Key Export SP - "C:\Sierra\Empire Earth\Empire Earth.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Sierra\Empire Earth\Empire Earth.exe O47 - AAKE:Key Export SP - "C:\Program Files\BitTorrent\bittorrent.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\BitTorrent\bittorrent.exe O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "C:\Program Files\Internet Explorer\iexplore.exe" [Enabled] .(.Microsoft Corporation - Internet Explorer.) (.not file.) -- C:\Program Files\Internet Explorer\iexplore.exe O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\eMule\emule.exe O47 - AAKE:Key Export SP - "C:\Program Files\Total War\Medieval - Total War\Medieval_TW.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\Total War\Medieval - Total War\Medieval_TW.exe O47 - AAKE:Key Export SP - "C:\Program Files\GameSpy Arcade\Aphex.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\GameSpy Arcade\Aphex.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dplaysvr.exe" [Enabled] .(.Microsoft Corporation - Microsoft DirectPlay Helper.) (.not file.) -- C:\WINDOWS\system32\dplaysvr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Eidos Interactive\Pyro Studios\Praetorians\praetorians.exe" [Enabled] .(.Pas de propriétaire - .) (.not file.) -- C:\Program Files\Eidos Interactive\Pyro Studios\Praetorians\praetorians.exe O47 - AAKE:Key Export SP - "C:\Program Files\ma-config.com\maconfservice.exe" [Enabled] .(.CybelSoft - Service de détection matériel.) (.not file.) -- C:\Program Files\ma-config.com\maconfservice.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) (.not file.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) (.not file.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe ---\\ Déni du service (Local Security Authority) (LSA) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ MountPoints2 Shell Key (MPSK) (O51) O51 - MPSK:{74615220-ab5a-11de-b205-0015f29952f1}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- WDSetup.exe (.not file.) O51 - MPSK:{8ba42c90-6e3e-11de-b193-0015f29952f1}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- E:\LaunchU3.exe -a (.not file.) O51 - MPSK:{9f8b9460-b408-11dd-8d3c-0015f29952f1}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- E:\LaunchU3.exe -a (.not file.) ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\System32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\System32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm O52 - TDSD: \Drivers32\"msacm.dvacm"="C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \Drivers32\"msacm.MPEGacm"="C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\MPEGacm.acm" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\System32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:[MD5.A4124165BF701536AC4D2AFBF8B4E452] - 03/05/2002 - 10:40:56 ---A- . (.Alcatel Bell - Helps WDM drivers locate other system components.) -- C:\WINDOWS\system32\drivers\alcacr.sys O58 - SDL:[MD5.318D6DBC291FD2BB7DC891CF59341E04] - 03/05/2002 - 10:41:30 ---A- . (.Alcatel Bell - Alcatel USB ADSL NDIS 5 WAN Miniport driver.) -- C:\WINDOWS\system32\drivers\alcan5wn.sys O58 - SDL:[MD5.E3A564DDE82B7FDC92A3128D80418B24] - 03/05/2002 - 10:41:04 ---A- . (.Alcatel Bell - Alcatel USB WDM xDSL Class Driver.) -- C:\WINDOWS\system32\drivers\alcaudsl.sys O58 - SDL:[MD5.55188AD43D73247CFF83E07ABA1DC007] - 03/05/2002 - 10:40:46 ---A- . (.Alcatel Bell - System-specific functions for Alcatel WDM drivers.) -- C:\WINDOWS\system32\drivers\alcawh.sys O58 - SDL:[MD5.5003D2E3F6B220ED3B0F1AC2816C2A18] - 19/05/2006 - 14:44:52 R--A- . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\WINDOWS\system32\drivers\alcxwdm.sys O58 - SDL:[MD5.67C2A47DB7190673350A3F9F5A1507CB] - 03/02/2010 - 12:57:36 ---A- . (.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender Active Virus Control Filter Driver.) -- C:\WINDOWS\system32\drivers\bdfm.sys O58 - SDL:[MD5.D981965D8D6578D663CF53D70A03F95A] - 28/07/2010 - 18:26:30 ---A- . (.BitDefender LLC - BitDefender Firewall NDIS Filter Driver.) -- C:\WINDOWS\system32\drivers\bdfndisf.sys O58 - SDL:[MD5.A21A4A0E6BDF0C2BE0FABFA16D8C8F76] - 22/02/2010 - 13:58:40 ---A- . (.BitDefender - BitDefender AntiVirus FS filter driver.) -- C:\WINDOWS\system32\drivers\bdfsfltr.sys O58 - SDL:[MD5.CA54223D5A5B6A7E3559CB100A0B5E57] - 03/02/2010 - 12:56:32 ---A- . (.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender AntiVirus Hypervisor driver.) -- C:\WINDOWS\system32\drivers\bdhv.sys O58 - SDL:[MD5.375CD0B9F433465EC6F50D4DF44E9448] - 19/01/2010 - 18:32:40 ---A- . (.BitDefender - FileVault Disk Driver.) -- C:\WINDOWS\system32\drivers\BDVEDISK.sys O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 28/08/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 28/08/2001 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys O58 - SDL:[MD5.D7010580BF4E45D5E793A1FE75758C69] - 09/06/2006 - 20:27:21 ---A- . (.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\drivers\mdc8021x.sys O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys O58 - SDL:[MD5.23B95A09677E62EC8D1641ECF39B9BFB] - 27/03/2009 - 09:03:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 182.50.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys O58 - SDL:[MD5.93F11CCEAB41A47A0A6317B640B3B807] - 10/02/2004 - 07:40:56 R--A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\pfc027.sys O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 28/08/2001 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys O58 - SDL:[MD5.70AEEC67E87A2002E6B2CC353D56E222] - 17/10/2005 - 19:50:06 ---A- . (.Ralink Technology Inc. - Sample Driver for Ralink 802.11g Wireless USB Adapters.) -- C:\WINDOWS\system32\drivers\rt2500usb.sys O58 - SDL:[MD5.D507C1400284176573224903819FFDA3] - 03/08/2004 - 22:31:34 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139 NDIS 5.0 Driver.) -- C:\WINDOWS\system32\drivers\rtl8139.sys O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys O58 - SDL:[MD5.9E7DEE11FD5A4355941A45F13C0ED59A] - 26/03/2006 - 13:22:14 ---A- . (.Protection Technology (StarForce) - FrontLine Environment Driver.) -- C:\WINDOWS\system32\drivers\sfdrv01.sys O58 - SDL:[MD5.ECEFB59D2206D281E6D317AF0EA0D8BD] - 13/03/2006 - 10:38:23 ---A- . (.Protection Technology (StarForce) - FrontLine Helper Driver.) -- C:\WINDOWS\system32\drivers\sfhlp02.sys O58 - SDL:[MD5.6B33D0EBD30DB32E27D1D78FE946A754] - 13/04/2008 - 19:36:39 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\sisagp.sys O58 - SDL:[MD5.61CA562DEF09A782D26B3E7EDEC5369A] - 18/07/2003 - 08:58:20 ---A- . (.Silicon Integrated Systems Corporation - SiS AGPv3.5 Filter.) -- C:\WINDOWS\system32\drivers\SISAGPX.SYS O58 - SDL:[MD5.32F29CDCAB5B20D62BB84810662FBDBC] - 05/08/2004 - 15:58:14 ---A- . (.Silicon Integrated Systems Corporation - SiS Compatible Super VGA Driver.) -- C:\WINDOWS\system32\drivers\sisgrp.sys O58 - SDL:[MD5.B4485881BD8AED9B157A2E6CF43C2D51] - 25/03/2003 - 16:50:46 ---A- . (.Silicon Integrated Systems Corp. - SiS PCI Mini IDE Driver.) -- C:\WINDOWS\system32\drivers\siside.sys O58 - SDL:[MD5.6225224B8E846AC230F8D9B343635910] - 17/10/2002 - 15:14:46 R--A- . (.Windows ® 2000 DDK provider - SISIDEX Driver.) -- C:\WINDOWS\system32\drivers\sisidex.sys O58 - SDL:[MD5.596D4A7052002D2BD344D8937DA6F66D] - 20/08/2002 - 16:19:08 ---A- . (.Silicon Integrated Systems Corp. - SiS Filter Driver.) -- C:\WINDOWS\system32\drivers\sisperf.sys O58 - SDL:[MD5.15DA420E7314941AAAE4B199D9CF342B] - 05/08/2004 - 15:57:56 ---A- . (.Silicon Integrated Systems Corporation - SiS VGA Driver Manager.) -- C:\WINDOWS\system32\drivers\srvkp.sys O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 11/05/2009 - 08:12:49 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 28/08/2001 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 28/08/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys O58 - SDL:[MD5.F76EA9AE8D32EC50159795D29674465E] - 24/07/2002 - 04:30:00 ---A- . (.VIA Technologies, Inc. - VIA NT AGP Filter.) -- C:\WINDOWS\system32\drivers\viaagp1.sys O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys O58 - SDL:[MD5.05A56C3156E1B6CC7BBD8E1D54D491F2] - 09/09/2002 - 18:54:06 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) -- C:\WINDOWS\system32\ASNDIS5.sys O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 03/08/2004 - 22:46:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 03/08/2004 - 22:45:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 03/08/2004 - 22:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 03/08/2004 - 22:45:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 03/08/2004 - 22:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 03/08/2004 - 22:45:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC:Last File Created 01/08/2010 - 21:00:46 -SHA- C:\Documents And Settings\NetworkService\Local Settings\desktop.ini [62] O61 - LFC:Last File Created 01/08/2010 - 21:00:47 ---A- C:\Documents And Settings\NetworkService\Cookies\index.dat [16384] O61 - LFC:Last File Created 01/08/2010 - 21:00:47 ---A- C:\Documents And Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat [16384] O61 - LFC:Last File Created 01/08/2010 - 21:00:49 -SHA- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-2025429265-1580436667-854245398-1004\Credentials [1514] O61 - LFC:Last File Created 01/08/2010 - 21:00:49 -SHA- C:\Documents And Settings\joannes\Local Settings\desktop.ini [62] O61 - LFC:Last File Created 01/08/2010 - 21:00:50 -SHA- C:\Documents And Settings\LocalService\Local Settings\desktop.ini [62] O61 - LFC:Last File Created 01/08/2010 - 21:00:53 ---A- C:\Documents And Settings\LocalService\Cookies\index.dat [16384] O61 - LFC:Last File Created 01/08/2010 - 21:00:53 ---A- C:\Documents And Settings\LocalService\Local Settings\Historique\History.IE5\index.dat [32768] O61 - LFC:Last File Created 01/08/2010 - 21:01:34 ---A- C:\Documents And Settings\joannes\Application Dataprivacy.xml [376] O61 - LFC:Last File Created 01/08/2010 - 21:09:57 ---A- C:\Documents And Settings\joannes\Cookies\joannes@bs.serving-sys[1].txt [130] O61 - LFC:Last File Created 01/08/2010 - 21:09:57 ---A- C:\Documents And Settings\joannes\Cookies\joannes@serving-sys[3].txt [708] O61 - LFC:Last File Created 01/08/2010 - 21:13:04 ---A- C:\Documents And Settings\joannes\Cookies\joannes@nibal.spartoo[2].txt [110] O61 - LFC:Last File Created 01/08/2010 - 21:13:31 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\#SharedObjects\XSM2BLAP\bpid.bigpoint.net\bpidverify.sol [46] O61 - LFC:Last File Created 01/08/2010 - 21:17:28 ---A- C:\Documents And Settings\joannes\Cookies\joannes@adin-www.bigpoint[1].txt [112] O61 - LFC:Last File Created 01/08/2010 - 21:17:30 ---A- C:\Documents And Settings\joannes\Cookies\joannes@fr.damoria[2].txt [462] O61 - LFC:Last File Created 01/08/2010 - 21:18:33 ---A- C:\Documents And Settings\joannes\Cookies\joannes@adviva[1].txt [99] O61 - LFC:Last File Created 01/08/2010 - 21:20:00 ---A- C:\Documents And Settings\joannes\Cookies\joannes@quantserve[2].txt [101] O61 - LFC:Last File Created 01/08/2010 - 21:21:15 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{1D397300-9DAA-11DF-8243-0015F29952F1}.dat [38912] O61 - LFC:Last File Created 01/08/2010 - 21:22:24 ---A- C:\Documents And Settings\joannes\Cookies\joannes@scorecardresearch[2].txt [114] O61 - LFC:Last File Created 01/08/2010 - 21:22:28 ---A- C:\Documents And Settings\joannes\Cookies\joannes@intellitxt[2].txt [124] O61 - LFC:Last File Created 01/08/2010 - 21:22:37 ---A- C:\Documents And Settings\joannes\Cookies\joannes@telechargement.zebulon[1].txt [503] O61 - LFC:Last File Created 01/08/2010 - 21:22:38 ---A- C:\Documents And Settings\joannes\Cookies\joannes@tradedoubler[2].txt [400] O61 - LFC:Last File Created 01/08/2010 - 21:22:55 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{7AD64490-9DAA-11DF-8243-0015F29952F1}.dat [41984] O61 - LFC:Last File Created 01/08/2010 - 21:22:56 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{3D4280D0-9DA9-11DF-8243-0015F29952F1}.dat [135680] O61 - LFC:Last File Created 01/08/2010 - 21:32:55 ---A- C:\Documents And Settings\joannes\Cookies\joannes@tagoria[2].txt [569] O61 - LFC:Last File Created 01/08/2010 - 21:36:04 -SHA- C:\Documents And Settings\joannes\Local Settings\Historique\History.IE5\MSHist012010080120100802\index.dat [49152] O61 - LFC:Last File Created 01/08/2010 - 21:36:04 -SHA- C:\Documents And Settings\joannes\PrivacIE\index.dat [16187392] O61 - LFC:Last File Created 01/08/2010 - 21:36:29 -SHA- C:\Documents And Settings\joannes\IECompatCache\index.dat [868352] O61 - LFC:Last File Created 01/08/2010 - 21:36:29 -SHA- C:\Documents And Settings\joannes\IETldCache\index.dat [245760] O61 - LFC:Last File Created 01/08/2010 - 21:36:29 -SHA- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat [32768] O61 - LFC:Last File Created 01/08/2010 - 21:36:30 -SHA- C:\Documents And Settings\joannes\Cookies\index.dat [49152] O61 - LFC:Last File Created 01/08/2010 - 21:36:30 -SHA- C:\Documents And Settings\joannes\Local Settings\Historique\History.IE5\index.dat [278528] O61 - LFC:Last File Created 01/08/2010 - 21:37:08 ---A- C:\Documents And Settings\joannes\Cookies\joannes@www.tagoria[2].txt [116] O61 - LFC:Last File Created 01/08/2010 - 21:37:09 ---A- C:\Documents And Settings\joannes\Cookies\joannes@live[1].txt [304] O61 - LFC:Last File Created 01/08/2010 - 21:37:09 ---A- C:\Documents And Settings\joannes\Cookies\joannes@msn[1].txt [301] O61 - LFC:Last File Created 01/08/2010 - 21:37:31 ---A- C:\Documents And Settings\joannes\Cookies\joannes@skynet[2].txt [884] O61 - LFC:Last File Created 01/08/2010 - 21:37:40 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{760D0330-9DAC-11DF-8243-0015F29952F1}.dat [3584] O61 - LFC:Last File Created 01/08/2010 - 21:37:40 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\RecoveryStore.{9D50B980-9BA6-11DF-823E-0015F29952F1}.dat [3584] O61 - LFC:Last File Created 01/08/2010 - 21:37:40 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\{9FD0F620-9DAC-11DF-8243-0015F29952F1}.dat [4608] O61 - LFC:Last File Created 01/08/2010 - 21:37:40 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\Windows Live Toolbar\wlto000.sqm [120] O61 - LFC:Last File Created 01/08/2010 - 21:39:01 ---A- C:\Documents And Settings\joannes\Cookies\joannes@forum.zebulon[1].txt [385] O61 - LFC:Last File Created 01/08/2010 - 21:39:04 ---A- C:\Documents And Settings\joannes\Cookies\joannes@specificclick[2].txt [1351] O61 - LFC:Last File Created 01/08/2010 - 21:39:04 ---A- C:\Documents And Settings\joannes\Cookies\joannes@www.zebulon[1].txt [101] O61 - LFC:Last File Created 01/08/2010 - 21:39:05 ---A- C:\Documents And Settings\joannes\Cookies\joannes@fr.a2dfp[1].txt [97] O61 - LFC:Last File Created 01/08/2010 - 21:39:05 ---A- C:\Documents And Settings\joannes\Cookies\joannes@zebulon[1].txt [827] O61 - LFC:Last File Created 29/07/2010 - 04:10:32 ----- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03342.JPG [1750445] O61 - LFC:Last File Created 29/07/2010 - 04:14:08 ----- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03346.JPG [1371546] O61 - LFC:Last File Created 29/07/2010 - 04:14:16 ---A- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03347.JPG [1561627] O61 - LFC:Last File Created 29/07/2010 - 04:14:20 ---A- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03348.JPG [1636573] O61 - LFC:Last File Created 29/07/2010 - 04:14:28 ---A- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03349.JPG [1456565] O61 - LFC:Last File Created 29/07/2010 - 04:14:50 ---A- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03350.JPG [1351412] O61 - LFC:Last File Created 29/07/2010 - 04:14:52 ---A- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03351.JPG [1483575] O61 - LFC:Last File Created 29/07/2010 - 04:15:38 ----- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03353.JPG [1713426] O61 - LFC:Last File Created 29/07/2010 - 04:15:54 ---A- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03354.JPG [1385108] O61 - LFC:Last File Created 29/07/2010 - 04:16:08 ---A- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03355.JPG [1402213] O61 - LFC:Last File Created 29/07/2010 - 04:16:30 ---A- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03356.JPG [1513882] O61 - LFC:Last File Created 29/07/2010 - 04:16:46 ----- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03357.JPG [1516401] O61 - LFC:Last File Created 29/07/2010 - 07:20:48 -SH-- C:\Documents And Settings\joannes\Local Settings\Temporary Internet Files\desktop.ini [67] O61 - LFC:Last File Created 29/07/2010 - 07:24:11 ---A- C:\Documents And Settings\joannes\Cookies\joannes@metriweb[2].txt [97] O61 - LFC:Last File Created 29/07/2010 - 07:25:04 ---A- C:\Documents And Settings\joannes\Cookies\joannes@doubleclick[3].txt [123] O61 - LFC:Last File Created 29/07/2010 - 07:29:03 ---A- C:\Documents And Settings\joannes\Favoris\jeux\Tanoth Online.url [196] O61 - LFC:Last File Created 29/07/2010 - 07:30:26 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#s1.tanoth.fr\settings.sol [82] O61 - LFC:Last File Created 29/07/2010 - 07:30:37 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\#SharedObjects\XSM2BLAP\s1.tanoth.fr\legendonline.sol [143] O61 - LFC:Last File Created 29/07/2010 - 07:35:31 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#s2.tanoth.fr\settings.sol [82] O61 - LFC:Last File Created 29/07/2010 - 07:35:41 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\#SharedObjects\XSM2BLAP\s2.tanoth.fr\legendonline.sol [143] O61 - LFC:Last File Created 29/07/2010 - 07:39:04 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\#SharedObjects\XSM2BLAP\www.bigpoint.com\bpid\bpid.swf\bpid.sol [68] O61 - LFC:Last File Created 29/07/2010 - 07:39:04 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.bigpoint.com\settings.sol [86] O61 - LFC:Last File Created 29/07/2010 - 07:59:23 ---A- C:\Documents And Settings\joannes\Cookies\joannes@www.googleadservices[1].txt [481] O61 - LFC:Last File Created 29/07/2010 - 08:08:04 ---A- C:\Documents And Settings\joannes\Favoris\divers johan\rencontre\Belswing.url [248] O61 - LFC:Last File Created 29/07/2010 - 20:04:41 ---A- C:\Documents And Settings\joannes\Application Data\Microsoft\Windows Live\Toolbar\Feeds\rss30.tmp [2392] O61 - LFC:Last File Created 29/07/2010 - 20:18:01 ---A- C:\Documents And Settings\joannes\Cookies\joannes@bpid.bigpoint[1].txt [103] O61 - LFC:Last File Created 29/07/2010 - 20:18:02 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\#SharedObjects\XSM2BLAP\bpid.bigpoint.net\bpid.sol [68] O61 - LFC:Last File Created 29/07/2010 - 20:18:02 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bpid.bigpoint.net\settings.sol [87] O61 - LFC:Last File Created 29/07/2010 - 20:26:52 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\WERddd6.dir00\msimn.exe.mdmp [50902] O61 - LFC:Last File Created 29/07/2010 - 20:29:20 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\WERddd6.dir00\msimn.exe.hdmp [6445855] O61 - LFC:Last File Created 29/07/2010 - 20:30:28 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{C0A4D494-9B44-11DF-823C-0015F29952F1}.dat [320000] O61 - LFC:Last File Created 29/07/2010 - 20:32:08 ---A- C:\Documents And Settings\joannes\Cookies\joannes@meetic-partners[1].txt [89] O61 - LFC:Last File Created 29/07/2010 - 20:50:27 ---A- C:\Documents And Settings\joannes\Cookies\joannes@xiti[1].txt [107] O61 - LFC:Last File Created 29/07/2010 - 20:50:32 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn5.specificclick.net\settings.sol [92] O61 - LFC:Last File Created 29/07/2010 - 20:50:32 ---A- C:\Documents And Settings\joannes\Favoris\divers johan\Zebulon.url [2331] O61 - LFC:Last File Created 29/07/2010 - 20:57:33 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\#SharedObjects\XSM2BLAP\cdn5.specificclick.net\img\gu.sol [69] O61 - LFC:Last File Created 29/07/2010 - 21:01:05 ---A- C:\Documents And Settings\joannes\Cookies\joannes@imageshack[1].txt [108] O61 - LFC:Last File Created 29/07/2010 - 21:04:36 ---A- C:\Documents And Settings\joannes\Cookies\joannes@a2dfp[2].txt [387] O61 - LFC:Last File Created 29/07/2010 - 21:05:07 ---A- C:\Documents And Settings\joannes\Cookies\joannes@cdn5.specificclick[1].txt [177] O61 - LFC:Last File Created 29/07/2010 - 21:05:16 ---A- C:\Documents And Settings\joannes\Cookies\joannes@adtech[1].txt [102] O61 - LFC:Last File Created 29/07/2010 - 21:05:22 ---A- C:\Documents And Settings\joannes\Cookies\joannes@boursoramabanque.solution.weborama[2].txt [429] O61 - LFC:Last File Created 29/07/2010 - 21:05:22 ---A- C:\Documents And Settings\joannes\Cookies\joannes@fl01.ct2.comclick[2].txt [480] O61 - LFC:Last File Created 29/07/2010 - 21:05:22 ---A- C:\Documents And Settings\joannes\Cookies\joannes@weborama[1].txt [91] O61 - LFC:Last File Created 29/07/2010 - 21:05:24 ---A- C:\Documents And Settings\joannes\Cookies\joannes@commentcamarche[1].txt [469] O61 - LFC:Last File Created 29/07/2010 - 21:05:24 ---A- C:\Documents And Settings\joannes\Cookies\joannes@smartadserver[1].txt [477] O61 - LFC:Last File Created 29/07/2010 - 21:07:50 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Glary Utilities\Désinstaller Glary Utilities.lnk [677] O61 - LFC:Last File Created 29/07/2010 - 21:07:50 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Glary Utilities\Glary Utilities.lnk [687] O61 - LFC:Last File Created 29/07/2010 - 21:07:50 ---A- C:\Documents And Settings\joannes\Bureau\Glary Utilities.lnk [675] O61 - LFC:Last File Created 29/07/2010 - 21:15:32 ---A- C:\Documents And Settings\joannes\Application Data\GlarySoft\Glary Utilities\Backups\40388,9274401968 [184375] O61 - LFC:Last File Created 29/07/2010 - 21:21:07 ---A- C:\Documents And Settings\joannes\Application Data\GlarySoft\Glary Utilities\Backups\40388,9313390856 [16094] O61 - LFC:Last File Created 29/07/2010 - 21:23:12 ---A- C:\Documents And Settings\joannes\Cookies\joannes@libellules[1].txt [264] O61 - LFC:Last File Created 29/07/2010 - 21:26:33 ---A- C:\Documents And Settings\joannes\Application Data\GlarySoft\Glary Utilities\Backups\40388,9351087384 [314] O61 - LFC:Last File Created 29/07/2010 - 21:29:47 ---A- C:\Documents And Settings\joannes\Application Data\GlarySoft\Glary Utilities\Backups\40388,9373553819 [2060] O61 - LFC:Last File Created 29/07/2010 - 21:31:09 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gSECU01.tmp [45056] O61 - LFC:Last File Created 29/07/2010 - 21:32:21 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gsoft02.tmp [27348992] O61 - LFC:Last File Created 29/07/2010 - 21:32:29 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gSAM05.tmp [24576] O61 - LFC:Last File Created 29/07/2010 - 21:32:29 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gdefa04.tmp [360448] O61 - LFC:Last File Created 29/07/2010 - 21:32:29 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gsyst03.tmp [4382720] O61 - LFC:Last File Created 29/07/2010 - 21:32:30 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gNTUS06.tmp [1429504] O61 - LFC:Last File Created 29/07/2010 - 21:32:31 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gUsrC07.tmp [8192] O61 - LFC:Last File Created 29/07/2010 - 21:32:36 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gNTUS08.tmp [4599808] O61 - LFC:Last File Created 29/07/2010 - 21:32:36 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gUsrC09.tmp [159744] O61 - LFC:Last File Created 29/07/2010 - 21:32:37 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gNTUS10.tmp [1429504] O61 - LFC:Last File Created 29/07/2010 - 21:32:37 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gUsrC11.tmp [8192] O61 - LFC:Last File Created 29/07/2010 - 21:34:34 ---A- C:\Documents And Settings\joannes\Application Data\GlarySoft\Glary Utilities\Backups\40388,9406803009 [314] O61 - LFC:Last File Created 29/07/2010 - 21:35:01 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~glaryutilities-version.dat [505] O61 - LFC:Last File Created 29/07/2010 - 21:45:24 ---A- C:\Documents And Settings\joannes\Cookies\joannes@uimserv[1].txt [103] O61 - LFC:Last File Created 29/07/2010 - 21:45:29 ---A- C:\Documents And Settings\joannes\Cookies\joannes@www.skynet[1].txt [77] O61 - LFC:Last File Created 29/07/2010 - 21:52:39 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5B90F640-9B52-11DF-823D-0015F29952F1}.dat [38912] O61 - LFC:Last File Created 29/07/2010 - 21:57:23 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gu-ver.dat [505] O61 - LFC:Last File Created 29/07/2010 - 22:00:10 ---A- C:\Documents And Settings\All Users\Application Data\Messenger Plus!\Promotions\Listing.dat [1528] O61 - LFC:Last File Created 29/07/2010 - 22:00:12 ---A- C:\Documents And Settings\joannes\Tracing\WindowsLiveMessenger-uccapi-0.uccapilog [0] O61 - LFC:Last File Created 29/07/2010 - 22:00:33 ---A- C:\Documents And Settings\joannes\Application Data\Microsoft\IdentityCRL\Production\MetaConfig.xml [163] O61 - LFC:Last File Created 29/07/2010 - 22:00:35 ---A- C:\Documents And Settings\joannes\Cookies\joannes@c.live[1].txt [67] O61 - LFC:Last File Created 29/07/2010 - 22:00:35 ---A- C:\Documents And Settings\joannes\Cookies\joannes@c.msn[1].txt [66] O61 - LFC:Last File Created 29/07/2010 - 22:00:48 ---A- C:\Documents And Settings\joannes\Cookies\joannes@messenger.msn[1].txt [100] O61 - LFC:Last File Created 29/07/2010 - 22:00:50 ---A- C:\Documents And Settings\joannes\Cookies\joannes@rad.msn[2].txt [680] O61 - LFC:Last File Created 29/07/2010 - 22:02:08 ---A- C:\Documents And Settings\joannes\Application Data\Microsoft\MSN Messenger\sqmnoopt00.sqm [612] O61 - LFC:Last File Created 29/07/2010 - 22:02:09 ---A- C:\Documents And Settings\joannes\Application Data\Microsoft\MSN Messenger\sqmnoopt01.sqm [284] O61 - LFC:Last File Created 29/07/2010 - 22:02:11 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Windows Live Contacts\{02fe0e0e-5a61-4f06-bf0b-86f5cb78e067}\DBStore\LogFiles\edb.log [4194304] O61 - LFC:Last File Created 29/07/2010 - 22:02:11 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Windows Live Contacts\{02fe0e0e-5a61-4f06-bf0b-86f5cb78e067}\DBStore\contacts.edb [4210688] O61 - LFC:Last File Created 29/07/2010 - 22:02:11 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Windows Live Contacts\{02fe0e0e-5a61-4f06-bf0b-86f5cb78e067}\DBStore\dbstore.ini [174] O61 - LFC:Last File Created 29/07/2010 - 22:02:11 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Windows Live Contacts\{02fe0e0e-5a61-4f06-bf0b-86f5cb78e067}\DBStore\edb.chk [8192] O61 - LFC:Last File Created 29/07/2010 - 22:02:14 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Windows Live Contacts\{378eacdd-0264-4886-b03f-78961949d319}\DBStore\LogFiles\edb.log [4194304] O61 - LFC:Last File Created 29/07/2010 - 22:02:14 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Windows Live Contacts\{378eacdd-0264-4886-b03f-78961949d319}\DBStore\contacts.edb [6307840] O61 - LFC:Last File Created 29/07/2010 - 22:02:14 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Windows Live Contacts\{378eacdd-0264-4886-b03f-78961949d319}\DBStore\edb.chk [8192] O61 - LFC:Last File Created 29/07/2010 - 22:02:15 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Windows Live Contacts\{378eacdd-0264-4886-b03f-78961949d319}\DBStore\dbstore.ini [174] O61 - LFC:Last File Created 29/07/2010 - 22:02:24 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Messenger\ContactsLog.txt [2929458] O61 - LFC:Last File Created 29/07/2010 - 22:04:09 ---A- C:\Documents And Settings\joannes\Application Data\GlarySoft\Glary Utilities\Backups\index.ini [288] O61 - LFC:Last File Created 29/07/2010 - 22:04:10 ---A- C:\Documents And Settings\joannes\Application Data\GlarySoft\Glary Utilities\Backups\40388,9612247917 [314] O61 - LFC:Last File Created 29/07/2010 - 22:31:28 -SHA- C:\Documents And Settings\joannes\Local Settings\Historique\History.IE5\MSHist012010072920100730\index.dat [81920] O61 - LFC:Last File Created 29/07/2010 - 22:32:37 ---A- C:\Documents And Settings\joannes\Favoris\divers johan\languedoc surf casting.url [274] O61 - LFC:Last File Created 29/07/2010 - 22:32:39 ---A- C:\Documents And Settings\joannes\Cookies\joannes@atdmt[2].txt [432] O61 - LFC:Last File Created 29/07/2010 - 22:32:39 ---A- C:\Documents And Settings\joannes\Cookies\joannes@bing[2].txt [237] O61 - LFC:Last File Created 29/07/2010 - 22:32:39 ---A- C:\Documents And Settings\joannes\Cookies\joannes@windowsmarketplace[2].txt [265] O61 - LFC:Last File Created 29/07/2010 - 22:32:39 ---A- C:\Documents And Settings\joannes\Cookies\joannes@zune[2].txt [237] O61 - LFC:Last File Created 29/07/2010 - 22:34:19 ---A- C:\Documents And Settings\joannes\Cookies\joannes@a01.gestionpub[2].txt [241] O61 - LFC:Last File Created 29/07/2010 - 22:34:22 ---A- C:\Documents And Settings\joannes\Cookies\joannes@httplanguedocpeche.forumparfait[2].txt [672] O61 - LFC:Last File Created 29/07/2010 - 22:45:18 ---A- C:\Documents And Settings\joannes\Cookies\joannes@forum.tagoria[2].txt [114] O61 - LFC:Last File Created 29/07/2010 - 22:47:59 ---A- C:\Documents And Settings\joannes\Cookies\joannes@belswing[1].txt [263] O61 - LFC:Last File Created 30/07/2010 - 07:49:46 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\RecoveryStore.{9E9C5132-9BA6-11DF-823E-0015F29952F1}.dat [4608] O61 - LFC:Last File Created 30/07/2010 - 07:50:08 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\WER0b94.dir00\iexplore.exe.mdmp [69582] O61 - LFC:Last File Created 30/07/2010 - 07:50:14 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\WER0b94.dir00\iexplore.exe.hdmp [5487564] O61 - LFC:Last File Created 30/07/2010 - 07:51:34 ---A- C:\Documents And Settings\joannes\Cookies\joannes@bluestreak[2].txt [183] O61 - LFC:Last File Created 30/07/2010 - 07:53:47 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D228C875-9BA6-11DF-823E-0015F29952F1}.dat [4096] O61 - LFC:Last File Created 30/07/2010 - 07:53:51 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\WER8659.dir00\iexplore.exe.mdmp [83953] O61 - LFC:Last File Created 30/07/2010 - 07:53:56 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\WER8659.dir00\iexplore.exe.hdmp [6689615] O61 - LFC:Last File Created 30/07/2010 - 07:54:12 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\WERd378.dir00\iexplore.exe.mdmp [83953] O61 - LFC:Last File Created 30/07/2010 - 07:54:16 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\WERd378.dir00\iexplore.exe.hdmp [6689615] O61 - LFC:Last File Created 30/07/2010 - 08:20:21 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{F2FF1F64-9BA9-11DF-823E-0015F29952F1}.dat [760320] O61 - LFC:Last File Created 30/07/2010 - 17:17:26 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~DFDF08.tmp [16384] O61 - LFC:Last File Created 30/07/2010 - 17:56:48 ---A- C:\Documents And Settings\joannes\Cookies\joannes@tanoth[1].txt [93] O61 - LFC:Last File Created 30/07/2010 - 18:02:17 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Dr Watson\drwtsn32.log [80088] O61 - LFC:Last File Created 30/07/2010 - 18:02:17 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp [33036] O61 - LFC:Last File Created 30/07/2010 - 18:05:29 ---A- C:\Documents And Settings\joannes\Cookies\joannes@tagoria[3].txt [569] O61 - LFC:Last File Created 30/07/2010 - 18:07:57 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~DF5D2.tmp [16384] O61 - LFC:Last File Created 30/07/2010 - 18:18:45 ---A- C:\Documents And Settings\joannes\Favoris\jeux\Tagoria Village.url [14400] O61 - LFC:Last File Created 30/07/2010 - 18:38:55 --HA- C:\Documents And Settings\Administrateur\ntuser.dat.LOG [1024] O61 - LFC:Last File Created 30/07/2010 - 20:26:30 ---A- C:\Documents And Settings\joannes\Cookies\joannes@ncm.neteller[1].txt [96] O61 - LFC:Last File Created 30/07/2010 - 20:27:08 ---A- C:\Documents And Settings\joannes\Cookies\joannes@sharethis[1].txt [99] O61 - LFC:Last File Created 30/07/2010 - 20:30:22 ---A- C:\Documents And Settings\joannes\Cookies\joannes@h.online-metrix[1].txt [116] O61 - LFC:Last File Created 30/07/2010 - 20:30:23 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\#SharedObjects\XSM2BLAP\aa.online-metrix.net\fpc.swf\session.sol [76] O61 - LFC:Last File Created 30/07/2010 - 20:30:23 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#aa.online-metrix.net\settings.sol [90] O61 - LFC:Last File Created 30/07/2010 - 20:30:23 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol [1530] O61 - LFC:Last File Created 30/07/2010 - 20:31:38 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat [5471] O61 - LFC:Last File Created 30/07/2010 - 20:31:38 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat [4232] O61 - LFC:Last File Created 30/07/2010 - 20:31:39 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\AdobeARM.log [1059] O61 - LFC:Last File Created 30/07/2010 - 20:33:42 ---A- C:\Documents And Settings\joannes\Cookies\joannes@yahoo[1].txt [88] O61 - LFC:Last File Created 30/07/2010 - 20:33:54 ---A- C:\Documents And Settings\joannes\Cookies\joannes@laposte[1].txt [74] O61 - LFC:Last File Created 30/07/2010 - 20:34:01 ---A- C:\Documents And Settings\joannes\Favoris\Laposte.url [10183] O61 - LFC:Last File Created 30/07/2010 - 20:39:07 ---A- C:\Documents And Settings\joannes\Cookies\joannes@moneytransfer.neteller[2].txt [222] O61 - LFC:Last File Created 30/07/2010 - 20:44:39 ---A- C:\Documents And Settings\joannes\Application Data\Adobe\Acrobat\8.0\TMDocs.sav [36] O61 - LFC:Last File Created 30/07/2010 - 20:44:39 ---A- C:\Documents And Settings\joannes\Application Data\Adobe\Acrobat\8.0\TMGrpPrm.sav [54] O61 - LFC:Last File Created 30/07/2010 - 20:47:09 ---A- C:\Documents And Settings\joannes\Cookies\joannes@www1.neteller[2].txt [83] O61 - LFC:Last File Created 30/07/2010 - 20:50:00 ---A- C:\Documents And Settings\joannes\Cookies\joannes@www.neteller[2].txt [254] O61 - LFC:Last File Created 30/07/2010 - 20:50:01 ---A- C:\Documents And Settings\joannes\Cookies\joannes@neteller[2].txt [100] O61 - LFC:Last File Created 30/07/2010 - 20:50:49 ---A- C:\Documents And Settings\joannes\Cookies\joannes@test.coremetrics[2].txt [106] O61 - LFC:Last File Created 30/07/2010 - 20:58:12 ---A- C:\Documents And Settings\joannes\Cookies\joannes@help-fr.neteller[1].txt [250] O61 - LFC:Last File Created 30/07/2010 - 21:07:29 ---A- C:\Documents And Settings\joannes\Cookies\joannes@stats.wirecard[2].txt [137] O61 - LFC:Last File Created 30/07/2010 - 21:11:57 -S-A- C:\Documents And Settings\joannes\Application Data\Microsoft\CryptnetUrlCache\Content\E0368BD38F9E8E14978A5E6E94D1ECDF [1512] O61 - LFC:Last File Created 30/07/2010 - 21:11:57 -S-A- C:\Documents And Settings\joannes\Application Data\Microsoft\CryptnetUrlCache\MetaData\E0368BD38F9E8E14978A5E6E94D1ECDF [128] O61 - LFC:Last File Created 30/07/2010 - 21:24:50 ---A- C:\Documents And Settings\joannes\Cookies\joannes@overture[1].txt [159] O61 - LFC:Last File Created 30/07/2010 - 21:24:50 ---A- C:\Documents And Settings\joannes\Cookies\joannes@www.ask-ibs[1].txt [69] O61 - LFC:Last File Created 30/07/2010 - 21:25:10 ---A- C:\Documents And Settings\joannes\Favoris\Moneybookers.com - kviqztnr1.url [267] O61 - LFC:Last File Created 30/07/2010 - 21:28:17 -SHA- C:\Documents And Settings\joannes\Local Settings\Historique\History.IE5\MSHist012010073020100731\index.dat [81920] O61 - LFC:Last File Created 30/07/2010 - 21:45:32 ---A- C:\Documents And Settings\joannes\Cookies\joannes@wc.everestgaming[2].txt [245] O61 - LFC:Last File Created 30/07/2010 - 21:46:00 ---A- C:\Documents And Settings\joannes\Cookies\joannes@entropay[1].txt [359] O61 - LFC:Last File Created 30/07/2010 - 21:46:00 ---A- C:\Documents And Settings\joannes\Cookies\joannes@escape.insites[1].txt [90] O61 - LFC:Last File Created 30/07/2010 - 21:46:00 ---A- C:\Documents And Settings\joannes\Cookies\joannes@secure2.entropay[2].txt [647] O61 - LFC:Last File Created 30/07/2010 - 21:48:57 ---A- C:\Documents And Settings\joannes\Cookies\joannes@moneybookers[1].txt [445] O61 - LFC:Last File Created 31/07/2010 - 11:38:25 -SHA- C:\Documents And Settings\joannes\Local Settings\Historique\History.IE5\MSHist012010073120100801\index.dat [32768] O61 - LFC:Last File Created 31/07/2010 - 11:43:36 -SHA- C:\Documents And Settings\joannes\Mes documents\numerique\73. 10-11 juillet\Thumbs.db [68608] O61 - LFC:Last File Created 31/07/2010 - 11:46:18 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [18944] O61 - LFC:Last File Created 31/07/2010 - 11:48:10 -SHA- C:\Documents And Settings\All Users\DRM\Cache\Indiv02.tmp [0] O61 - LFC:Last File Created 31/07/2010 - 11:48:17 ---A- C:\Documents And Settings\joannes\Cookies\joannes@onlinestores.metaservices.microsoft[1].txt [147] O61 - LFC:Last File Created 31/07/2010 - 11:48:18 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\wmplog00.sqm [1424] O61 - LFC:Last File Created 31/07/2010 - 11:54:08 ---A- C:\Documents And Settings\joannes\Recent\MOV03344.lnk [431] O61 - LFC:Last File Created 31/07/2010 - 11:54:09 ---A- C:\Documents And Settings\joannes\Recent\101MSDCF.lnk [308] O61 - LFC:Last File Created 31/07/2010 - 11:55:33 -SHA- C:\Documents And Settings\All Users\DRM\drmstore.hds [200704] O61 - LFC:Last File Created 31/07/2010 - 11:56:50 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Media Player\lastplayed.wpl [453] O61 - LFC:Last File Created 31/07/2010 - 11:56:55 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Media Player\wmpfolders.wmdb [5874] O61 - LFC:Last File Created 31/07/2010 - 11:56:56 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_360.wmdb [5394432] O61 - LFC:Last File Created 31/07/2010 - 11:56:56 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\wmplog01.sqm [1424] O61 - LFC:Last File Created 31/07/2010 - 11:57:30 ---A- C:\Documents And Settings\joannes\Application Data\Microsoft\Windows Live\Toolbar\Feeds\index.xml [650] O61 - LFC:Last File Created 31/07/2010 - 11:57:32 ---A- C:\Documents And Settings\joannes\Cookies\joannes@facebook[1].txt [290] O61 - LFC:Last File Created 31/07/2010 - 11:58:33 -SHA- C:\Documents And Settings\joannes\Mes documents\numerique\74. l'abricot\Thumbs.db [24576] O61 - LFC:Last File Created 31/07/2010 - 12:01:57 ---A- C:\Documents And Settings\joannes\Recent\DSC03356.lnk [994] O61 - LFC:Last File Created 31/07/2010 - 12:01:58 ---A- C:\Documents And Settings\joannes\Recent\75. 29 juillet 1ere séance de coiffeur.lnk [685] O61 - LFC:Last File Created 31/07/2010 - 12:02:05 -SHA- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\Thumbs.db [59392] O61 - LFC:Last File Created 31/07/2010 - 12:02:24 ---A- C:\Documents And Settings\joannes\Recent\74. l'abricot.lnk [560] O61 - LFC:Last File Created 31/07/2010 - 12:02:24 ---A- C:\Documents And Settings\joannes\Recent\DSC03339.lnk [819] O61 - LFC:Last File Created 31/07/2010 - 12:03:34 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Identities\{6B321075-F734-473B-BA0F-9554D3D23D22}\Microsoft\Outlook Express\Boîte de réception.dbx [1161840] O61 - LFC:Last File Created 31/07/2010 - 12:03:40 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Identities\{6B321075-F734-473B-BA0F-9554D3D23D22}\Microsoft\Outlook Express\Boîte d'envoi.dbx [4319956] O61 - LFC:Last File Created 31/07/2010 - 12:03:40 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Identities\{6B321075-F734-473B-BA0F-9554D3D23D22}\Microsoft\Outlook Express\Folders.dbx [74720] O61 - LFC:Last File Created 31/07/2010 - 12:03:40 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Identities\{6B321075-F734-473B-BA0F-9554D3D23D22}\Microsoft\Outlook Express\Offline.dbx [9656] O61 - LFC:Last File Created 31/07/2010 - 12:03:40 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Identities\{6B321075-F734-473B-BA0F-9554D3D23D22}\Microsoft\Outlook Express\Pop3uidl.dbx [9404] O61 - LFC:Last File Created 31/07/2010 - 12:03:40 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Identities\{6B321075-F734-473B-BA0F-9554D3D23D22}\Microsoft\Outlook Express\Éléments envoyés.dbx [4333680] O61 - LFC:Last File Created 31/07/2010 - 12:03:40 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Identities\{6B321075-F734-473B-BA0F-9554D3D23D22}\Microsoft\Outlook Express\Éléments supprimés.dbx [387796] O61 - LFC:Last File Created 31/07/2010 - 12:04:15 --HA- C:\Documents And Settings\joannes\Local Settings\Application Data\IconCache.db [5565778] ---\\ Alternate Data Stream File (ADS) (O62) O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\TVModeLib.dll:Zone.Identifier ---\\ Liste des outils de nettoyage (LATC) (O63) O63 - Logiciel: ZHPDiag 1.26 - (.Nicolas Coolman.) ---\\ Liste des services Legacy (LALS) (O64) O64 - Services: CurCS - (.not file.) - 3a4e7e6a (3a4e7e6a) .(.Pas de propriétaire - Pas de description.) - LEGACY_3A4E7E6A O64 - Services: CurCS - (.not file.) - 451d30fa (451d30fa) .(.Pas de propriétaire - Pas de description.) - LEGACY_451D30FA O64 - Services: CurCS - C:\WINDOWS\system32\ASNDIS5.sys - ASNDIS5 Protocol Driver (ASNDIS5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) - LEGACY_ASNDIS5 O64 - Services: CurCS - (.not file.) - avgntflt (avgntflt) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVGNTFLT O64 - Services: CurCS - C:\Windows\system32\drivers\bdfm.sys - BDFM (bdfm) .(.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender Active Virus Control Filter Dri.) - LEGACY_BDFM O64 - Services: CurCS - C:\Windows\system32\drivers\bdfsfltr.sys - bdfsfltr (bdfsfltr) .(.BitDefender - BitDefender AntiVirus FS filter driver.) - LEGACY_BDFSFLTR O64 - Services: CurCS - C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys - bdftdif (bdftdif) .(.BitDefender LLC - BitDefender Firewall TDI Filter Driver.) - LEGACY_BDFTDIF O64 - Services: CurCS - C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys - BDSelfPr (BDSelfPr) .(.BitDefender - BitDefender Self Protection Driver.) - LEGACY_BDSELFPR O64 - Services: CurCS - C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys - BDVEDISK (BDVEDISK) .(.BitDefender - FileVault Disk Driver.) - LEGACY_BDVEDISK O64 - Services: CurCS - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH O64 - Services: CurCS - (.not file.) - Symantec Eraser Control driver (eeCtrl) .(.Pas de propriétaire - Pas de description.) - LEGACY_EECTRL O64 - Services: CurCS - (.not file.) - EraserUtilDrv10741 (EraserUtilDrv10741) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRV10741 O64 - Services: CurCS - (.not file.) - EraserUtilRebootDrv (EraserUtilRebootDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILREBOOTDRV O64 - Services: CurCS - C:\Program Files\MSI\Live Update 4\LU4\FLASHsys.sys - FLASHSYS (FLASHSYS) .(.Pas de propriétaire - Pas de description.) - LEGACY_FLASHSYS O64 - Services: CurCS - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe - InstallDriver Table Manager (IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe - BitDefender Desktop Update Service (LIVESRV) .(.BitDefender S.R.L. - BitDefender Update Service.) - LEGACY_LIVESRV O64 - Services: CurCS - C:\Program Files\ma-config.com\maconfservice.exe - Ma-Config Service (maconfservice) .(.CybelSoft - Service de détection matériel.) - LEGACY_MACONFSERVICE O64 - Services: CurCS - (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mdc8021x.sys - AEGIS Protocol (IEEE 802.1x) v2.3.1.9 (MDC8021X) .(.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) - LEGACY_MDC8021X O64 - Services: CurCS - (.not file.) - mountmgr (mountmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MOUNTMGR O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS O64 - Services: CurCS - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Display Driver Service (NVSvc) .(.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 182.5.) - LEGACY_NVSVC O64 - Services: CurCS - (.not file.) - PartMgr (PartMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARTMGR O64 - Services: CurCS - C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys - Profos (Profos) .(.BitDefender S.R.L. - Profos Kernel Module.) - LEGACY_PROFOS O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP O64 - Services: CurCS - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS O64 - Services: CurCS - (.not file.) - SAVRTPEL (SAVRTPEL) .(.Pas de propriétaire - Pas de description.) - LEGACY_SAVRTPEL O64 - Services: CurCS - C:\Windows\system32\DRIVERS\secdrv.sys - Secdrv (Secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - C:\Windows\system32\drivers\sfdrv01.sys - StarForce Protection Environment Driver (version 1.x) (sfdrv01) .(.Protection Technology (StarForce) - FrontLine Environment Driver.) - LEGACY_SFDRV01 O64 - Services: CurCS - C:\Windows\system32\drivers\sfhlp02.sys - StarForce Protection Helper Driver (version 2.x) (sfhlp02) .(.Protection Technology (StarForce) - FrontLine Helper Driver.) - LEGACY_SFHLP02 O64 - Services: CurCS - C:\Windows\system32\drivers\sisidex.sys - sisidex (sisidex) .(.Windows ® 2000 DDK provider - SISIDEX Driver.) - LEGACY_SISIDEX O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe - SupportSoft RemoteAssist (SupportSoft RemoteAssist) .(.SupportSoft, Inc. - ssrc Module.) - LEGACY_SUPPORTSOFT_REMOTEASSIST O64 - Services: CurCS - (.not file.) - SYMIDSCO (SYMIDSCO) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMIDSCO O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMTDI O64 - Services: CurCS - (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE O64 - Services: CurCS - C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys - Trufos (Trufos) .(.BitDefender S.R.L. - Trufos Kernel Module.) - LEGACY_TRUFOS O64 - Services: CurCS - (.not file.) - Gestionnaire de téléchargement (uploadmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_UPLOADMGR O64 - Services: CurCS - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe - BitDefender Virus Shield (VSSERV) .(.BitDefender S.R.L. - BitDefender Security Service.) - LEGACY_VSSERV ---\\ Liste des fichiers non signés (LUF) (O65) O65 - LUF:17/05/2004 (.Pas de propriétaire - AegisInstall Application.) (2, 3, 1, 9) - c:\windows\system32\AegisI5.exe O65 - LUF:20/08/2002 (.Pas de propriétaire - IDEproperty Dynamic Link Library.) (1, 0, 0, 1) - c:\windows\system32\IDEproperty.dll O65 - LUF:17/03/2005 (.Pas de propriétaire - setuplib Dynamic Link Library.) (1, 0, 0, 1) - c:\windows\system32\setuplib.dll O65 - LUF:17/03/2005 (.Pas de propriétaire - TVModeLib Dynamic Link Library.) (1, 0, 0, 1) - c:\windows\system32\TVModeLib.dll ---\\ Observateur d'évènement d'application (OEA) (O66) O66 - EventLog: ID=490 (ESENT) - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb O66 - EventLog: ID=490 (ESENT) - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb O66 - EventLog: ID=439 (ESENT) - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.chk O66 - EventLog: ID=490 (ESENT) - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.chk O66 - EventLog: ID=490 (ESENT) - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\CatRoot2\edb.log O66 - EventLog: ID=490 (ESENT) - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\CatRoot2\edb.chk ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (SBI) (O69) [HKCU\Software\Microsoft\Internet Explorer\MenuExt\E&xporter vers Microsoft Excel] O69 - SBI: SearchScopes {05EEC121-5BEB-4A00-8B2A-AEC38B987241}- (Wikipedia (en)) - http://en.wikipedia.org O69 - SBI: SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A}- (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes {3D60FDCD-0B78-48BD-88C8-EDEDA746855C}- (Google) - Google O69 - SBI: SearchScopes {570E00E6-B32E-414B-9B4D-188248677B1F}- (Youtube) - http://www.youtube.com O69 - SBI: SearchScopes {8ABC3C14-2C17-4B68-BE60-185185FBD1C0} [DefaultScope] - (Google Skynet) - Skynet.be - LE portail belge – DE Belgische portaalsite! O69 - SBI: SearchScopes {DDFB46EA-5894-4C6D-A44E-980690A900FB}- (Blogs) - Skynet.be - LE portail belge – DE Belgische portaalsite! ---\\ Search Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover Run by joannes at 01/08/2010 22:58:16 device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys siside.sys PCIIDEX.SYS kernel: MBR read successfully user & kernel MBR OK ---\\ Recherche des services démarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\appmgmts.dll [0] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\System32\audiosrv.dll [42496] O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\System32\cryptsvc.dll [62464] O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\System32\dmserver.dll [24576] O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\System32\dhcpcsvc.dll [127488] O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\System32\ersvc.dll [23040] O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\System32\es.dll [253952] O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680] O83 - Search Svchost Services: HidServ (HidServ) . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\hidserv.dll [0] O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\System32\srvsvc.dll [96768] O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\System32\netman.dll [198144] O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\System32\mswsock.dll [247808] O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [88576] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [186368] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\System32\mprdim.dll [53248] O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [194560] O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\System32\seclogon.dll [18944] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\WINDOWS\System32\ipnathlp.dll [332800] O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\System32\srsvc.dll [171520] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\WINDOWS\System32\tapisrv.dll [249856] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680] O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112] O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\System32\w32time.dll [178176] O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\System32\wzcsvc.dll [483840] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [145408] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Service Terminal Server.) -- C:\WINDOWS\System32\termsrv.dll [297984] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\WINDOWS\system32\qmgr.dll [409088] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680] O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400] O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\System32\xmlprov.dll [129024] O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [80896] O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS\system32\MsPMSNSv.dll [27136] O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Exécution du service Agent de quarantaine.) -- C:\WINDOWS\System32\qagentrt.dll [293376] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\WINDOWS\System32\kmsvc.dll [61440] End of the scan (1110 lines in 17mn 41s)(0)
-
bonjour ok je ferrais cela lundi soir car je suis a l exterieur ce week end Merci de votre reponse rapide et je poste le rapport au plus vite johan
-
Bonjour, depuis +/- 15 jours mon pc est devenu tres lent. apres un crasch windows ecran bleu et redemarage je suis sous xp sp3 et avant j avais antivir maintenant bitdefender j aimerais avoir un avis sur mon pc je trouve des processus identique qui me bouffe des resources j ai deja effectue pas mal de nettoyage avec les differents programmes je suis sur le pc du boulot si vs pouviez me dire que faire et avec quel programme je posterai ce soir les rapports je ne penses pas a un malware mais plutot a des truc qui ce charge plusieurs fois " je suis pas expert " Merci
-
ok merci je vais voire cela ce soir