pldta

Membres

Afficher le profil Afficher son activité

Compteur de contenus
92
Inscription
le 15 avril 2007
Dernière visite
le 21 mai 2019

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par pldta

Infections détectée par ZHPDIAG

pldta a répondu à un(e) sujet de pldta dans Analyses et éradication malwares

Avenger a tourné. J'ai eu un écran bleu au redémarrage mais un coup d'interrupteur et tout a redémarré. Voici la log de Avenger : Logfile of The Avenger Version 2.0, © by Swandog46 http://swandog46.geekstogo.com Platform: Windows XP ******************* Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Rootkit scan active. No rootkits found! Driver "d347bus" disabled successfully. Driver "d347prt" disabled successfully. Driver "sptd" disabled successfully. Driver "d347bus" deleted successfully. Driver "d347prt" deleted successfully. Driver "sptd" deleted successfully. File "C:\WINDOWS\system32\drivers\d347bus.sys" deleted successfully. File "C:\WINDOWS\system32\drivers\d347prt.sys" deleted successfully. File "C:\WINDOWS\system32\Drivers\sptd.sys" deleted successfully. Completed script processing. ******************* Finished! Terminate. J'ai toujours le process daemon.exe qui tourne mais c'est finalement le programme lancé par Pixvue logiciel qui dans le sous-répertoire bin contient également un fichier daemon.exe (vérifié par la commande tasklist) et voici la log de ZPDIAG avec toujours la même fin : Rapport de ZHPDiag v1.25.1413 par Nicolas Coolman Run by Pascal Admin at 30/04/2010 21:46:05 Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 MFIE: Mozilla Firefox (3.6.3) ---\\ System Information Platform : Microsoft Windows XP (5.1.2600) Service Pack 3 Processor: x86 Family 6 Model 6 Stepping 2, AuthenticAMD Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 511 MB (19% free) System drive C: has 14 GB (35%) free of 39 GB ---\\ Logged in mode Computer Name: PCPASCAL User Name: Pascal Admin Unselected Option: O1,O45,O61,O65 Logged in as Administrator ---\\ DOS/Devices A:\ Floppy drive, Flash card reader, USB Key (Not Inserted) C:\ Hard drive, Flash drive, Thumb drive (Free 14 Go of 39 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 5 Go of 75 Go) E:\ Hard drive, Flash drive, Thumb drive (Free 12 Go of 190 Go) F:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 37 Go) G:\ CD-ROM drive (Not Inserted) H:\ CD-ROM drive (Not Inserted) J:\ CD-ROM drive (Not Inserted) M:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK ---\\ Processus lancés [MD5.3E4C03CEFAD8DE135263236B61A49C90] - (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe [155648] [MD5.D552D5BC4E24373E0FFD9464E72493C6] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\PSDrvCheck.exe [396800] [MD5.56193BCE4DFD8879AEDEB26B71A0A583] - (.Elaborate Bytes AG - ElbyCheck.) -- C:\Program Files\SlySoft\CloneCD\ElbyCheck.exe [45056] [MD5.022DB38BECB5A44DA6F7E27923457624] - (.Logitech Inc. - Communications Manager.) -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe [488984] [MD5.AD7503D6857DBFFC7E5F2E96BC9CC283] - (.Logitech Inc. - LVCom Server.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe [252704] [MD5.64C4C17BF6A40FF1CD21205E6FD415B8] - (.ATI Technologies Inc. - CLI Application (Command Line Interface).) -- C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [45056] [MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153] [MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [248040] [MD5.F91F52F4EA5D88DAB6245682A16F3A72] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [36272] [MD5.DB1DB28467111A24664933AB8908CBCE] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [952768] [MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [MD5.59DC5BB82E4C8E0B3EADCFDBC44BA6E4] - (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe [15360] [MD5.177FF6608B48638D4066726F3A3F8444] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [102400] [MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289] [MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089] [MD5.A2EAEB497CA29ECAEAF0DF66AD85C57D] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [413696] [MD5.312A17DFF710A0F4E6D4DD1D52EAD1A8] - (.Pas de propriétaire - ATI Smart.) -- C:\WINDOWS\system32\ati2sgag.exe [520192] [MD5.E4BDF223CD75478BF44567B4D5C2634D] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) -- C:\WINDOWS\System32\svchost.exe [14336] [MD5.C3FB1D70CB88722267949694BA51759E] - (.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\WINDOWS\system32\services.exe [111104] [MD5.74E30A41CDCF331C74BC4D97BE40CC5B] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [MD5.9EF600C64435CCFDEA01C991289E76EC] - (.Sunbelt Software - Sunbelt Kerio Firewall Service.) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [1205784] [MD5.995D0B52870C7A5CAF3EA165FD674A35] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe [109344] [MD5.A005CEE9BE199C5E375FAA559CA9A7A9] - (.Logitech Inc. - LogitechService Launcher.) -- C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [105248] [MD5.CDF8AFB439D8CE182DB19E4D6B67FF63] - (.PixVue.Com - PixVue Daemon.) -- C:\Program Files\PixVue\bin\Daemon.exe [151552] [MD5.91E6024D6D4DCDECDB36C43ECF9BBECB] - (.Microsoft Corporation - LSA Shell (Export Version).) -- C:\WINDOWS\system32\lsass.exe [13312] [MD5.2B2B6189DC47F44D7549519AA7519777] - (.tzuk - Sandboxie Service.) -- C:\Program Files\Sandboxie\SbieSvc.exe [52224] [MD5.460E4CE148BD07218DA0B6A3D31885A9] - (.Microsoft Corporation - Spooler SubSystem App.) -- C:\WINDOWS\system32\spoolsv.exe [57856] [MD5.581061776E1B7C4C7771E97AE5EAF377] - (.Microsoft Corporation - Service Executable.) -- C:\Program Files\Windows Defender\MsMpEng.exe [13592] [MD5.581176F60885AEF8F78C6E38DCC3CDF9] - (.Microsoft Corporation - WMDM PMSP Service.) -- C:\WINDOWS\System32\MsPMSPSv.exe [53520] ---\\ Pages de recherche d'Internet Explorer (R1) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ---\\ Internet Explorer URLSearchHook (R3) R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Pas de propriétaire - Pas de description.) (No version) -- (.not file.) R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18904 (longhorn_ie8_gdr.100222-1700)) -- C:\WINDOWS\system32\ieframe.dll ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} . (.Xi - Net Transport IE Helper Module.) -- C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: &PixVue - {B28B4479-D9C2-41D1-B74D-74A1827037CD} . (.Pas de propriétaire - PixVue.) -- C:\Program Files\PixVue\bin\PixVue.dll ---\\ Applications démarrées automatiquement par le registre (O4) O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [PSDrvCheck] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\PSDrvCheck.exe O4 - HKLM\..\Run: [CloneCDElbyCDFL] . (.Elaborate Bytes AG - ElbyCheck.) -- C:\Program Files\SlySoft\CloneCD\ElbyCheck.exe O4 - HKLM\..\Run: [LogitechCommunicationsManager] . (.Logitech Inc. - Communications Manager.) -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe O4 - HKLM\..\Run: [LVCOMSX] . (.Logitech Inc. - LVCom Server.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe O4 - HKLM\..\Run: [ATICCC] . (.ATI Technologies Inc. - CLI Application (Command Line Interface).) -- C:\Program Files\ATI Technologies\ATI.ACE\cli.exe O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - Global Startup: WinZip Quick Pick.lnk . (.WinZip Computing LP - WinZip Executable.) -- C:\Program Files\WinZip\WZQKPICK.EXE O4 - Global Startup: HotSync Manager.lnk . (.Palm, Inc. - HotSync® Manager Application.) -- C:\Palm\HOTSYNC.EXE ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: &Télécharger avec NetTransport . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Xi\NetTransport 2\NTAddLink.html O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\WINDOWS\system32\GPhotos.scr O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe O8 - Extra context menu item: Tout t&élécharger avec NetTransport . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Xi\NetTransport 2\NTAddList.html ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ---\\ Site dans la Zone de confiance d'Internet Explorer (O15) O15 - Trusted Zone: [HKCU\...\Domains\www] http.cltnet.de ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: DirectAnimation Java Classes (DirectAnimation Java Classes) - (.not file.) - O16 - DPF: Microsoft XML Parser for Java (Microsoft XML Parser for Java) - (.not file.) - O16 - DPF: teleir_cert (teleir_cert) - (.not file.) - https:\\static.ir.dgi.minefi.gouv.fr\secure\connexion\archives\ie4n4\teleir_cert.cab O16 - DPF: {0D9392CD-A784-4FCA-9342-0F75F7D7C8CB} (Corporate Language Training Interface) - http://www.cltnet.de/login/dplaunch.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/get/shock...director/sw.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/housec...ivex/hcImpl.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1155398021206 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - (.not file.) - https:\\static.impots.gouv.fr\tdir\static\adpform\AdSignerADP-2.0.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 O17 - HKLM\System\CS4\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: !SASWinLogon . (.SUPERAntiSpyware.com - SUPERAntiSpyware WinLogon Processor.) -- C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\System32\Ati2evxx.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: PixVue . (.PixVue.Com - WinLogon Dynamic Link Library.) -- C:\Program Files\PixVue\bin\WinLogon.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Windows Genuine Advantage - Meddelande.) -- C:\WINDOWS\System32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier . (.Pas de propriétaire - Pas de description.) -- WRLogonNTF.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart (ATI Smart) . (.Pas de propriétaire - ATI Smart.) - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) . (.Sunbelt Software - Sunbelt Kerio Firewall Service.) - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) . (.Logitech Inc. - Logitech LVPrcSrv Module..) - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher (LVSrvLauncher) . (.Logitech Inc. - LogitechService Launcher.) - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: PixVue (PixVue) . (.PixVue.Com - PixVue Daemon.) - C:\Program Files\PixVue\bin\Daemon.exe O23 - Service: Sandboxie Service (SbieSvc) . (.tzuk - Sandboxie Service.) - C:\Program Files\Sandboxie\SbieSvc.exe ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MP Scheduled Scan.job ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP O40 - ASIC: YInstStarterUpgrade Class - {0291E591-EA41-4c82-8106-3DC6CE7F7664} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll O40 - ASIC: Macromedia Shockwave Director 10.1 - {166B1BCA-3F9C-11CF-8075-444553540000} . (.Macromedia, Inc. - Shockwave ActiveX Control.) -- C:\WINDOWS\system32\Macromed\Director\SwDir.dll O40 - ASIC: YInstStarter Class - {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll O40 - ASIC: YSearchSetting2 Class - {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp11.inf O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 9.0 r124.) -- C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: avgio (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys O41 - Driver: avipbb (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\WINDOWS\system32\DRIVERS\avipbb.sys O41 - Driver: Firewall Driver (fwdrv) . (.Sunbelt Software - Sunbelt Kerio Firewall FWDRV.) - C:\WINDOWS\system32\drivers\fwdrv.sys O41 - Driver: Kerio HIPS Driver (khips) . (.Sunbelt Software - Sunbelt Kerio Host Intrusion Prevention Dri.) - C:\WINDOWS\system32\drivers\khips.sys O41 - Driver: SASDIFSV (SASDIFSV) . (.Pas de propriétaire - SASDIFSV.) - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys O41 - Driver: SASKUTIL (SASKUTIL) . (.Pas de propriétaire - SASKUTIL.SYS.) - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys O41 - Driver: (VIAPFD) . (.VIA Technologies. Inc. - VIA PFD driver.) - C:\WINDOWS\system32\Drivers\VIAPFD.sys O41 - Driver: AVG Anti-Spyware Driver (AVG Anti-Spyware Driver) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\AVG Anti-Spyware 7.5\guard.sys O41 - Driver: AVG Anti-Spyware Clean Driver (AvgAsCln) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\DRIVERS\AvgAsCln.sys O41 - Driver: (NaiAvTdi1) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\drivers\mvstdi5x.sys ---\\ Logiciels installés (O42) O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] O42 - Logiciel: ASAPI Update - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ATI - Software Uninstall Utility - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: AVI/MPEG/RM/WMV Joiner 4.81 - (.Boilsoft, Inc..) [HKLM] O42 - Logiciel: Adobe Common File Installer - (.Adobe System Incorporated.) [HKLM] O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Adobe Flash Player ActiveX - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Adobe Help Center 2.1 - (.Adobe Systems.) [HKLM] O42 - Logiciel: Adobe Photoshop CS2 - (.Adobe Systems, Inc..) [HKLM] O42 - Logiciel: Adobe Photoshop Elements 5.0 - (.Adobe Systems, Inc..) [HKLM] O42 - Logiciel: Adobe Stock Photos 1.0 - (.Adobe Systems.) [HKLM] O42 - Logiciel: Advanced IRC - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Audacity 1.2.4 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Avi2Dvd 0.4.5 beta - (.TrustFm.) [HKLM] O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] O42 - Logiciel: BackupBuddy for Windows - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] O42 - Logiciel: CH Control Manager - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Clean 5 - (.Pinnacle Systems GmbH / Steinberg Media Technologies GmbH.) [HKLM] O42 - Logiciel: CloneCD - (.Elaborate Bytes.) [HKLM] O42 - Logiciel: Cobian Backup 9 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ConvertHelper 2.1 - (.DownloadHelper.) [HKLM] O42 - Logiciel: ConvertXtoDVD 3.2.9.94c - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] O42 - Logiciel: DoublePics v2.3.2(.4) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EPSON Smart Panel - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EVEREST Ultimate Edition v5.00 - (.Lavalys, Inc..) [HKLM] O42 - Logiciel: EarMaster Pro 5 - (.EarMaster ApS.) [HKLM] O42 - Logiciel: Exifer - (.Friedemann Schmidt.) [HKLM] O42 - Logiciel: File Uploader - (.Nikon.) [HKLM] O42 - Logiciel: Foxit Reader - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: GHCS Software GedStar for PalmOS - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: GNU Solfege 3.14.7 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: GedCom-Vision version 2.0e - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Greeting Card Creator - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Handy Recovery 1.0 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Harmony Assistant - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Helicon Filter 2.02 - (.Helicon Co..) [HKLM] O42 - Logiciel: Heredis 9 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: IFOEdit 0.971 Fr - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: IsoBuster 1.9.1 - (.Smart Projects.) [HKLM] O42 - Logiciel: J'apprends le piano - (.Musicalis.) [HKLM] O42 - Logiciel: Java 6 Update 19 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: K-Lite Mega Codec Pack 3.5.0 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Kaspersky Online Scanner - (.Kaspersky Lab.) [HKLM] O42 - Logiciel: Kommute - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Label Editor - (.Steinberg.) [HKLM] O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Lizardtech DjVu Control - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Logitech QuickCam - (.Logitech Inc..) [HKLM] O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 Parser and SDK - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MVision - (.Logitech Inc..) [HKLM] O42 - Logiciel: Macromedia Flash Player - (.Macromedia, Inc..) [HKLM] O42 - Logiciel: Macromedia Shockwave Player - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] O42 - Logiciel: MaxSplitter v1.53 Free Edition - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Media Player Classic fr - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB953297) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Baseline Security Analyzer 2.1 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Flight Simulator 2004 Un siècle d'aviation - (.Microsoft.) [HKLM] O42 - Logiciel: Microsoft Money - (.Microsoft.) [HKLM] O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Mozilla Firefox (3.6.3) - (.Mozilla.) [HKLM] O42 - Logiciel: Mp3DirectCut - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Neat Image v5 Demo (with plug-in) - (.Neat Image team, ABSoft.) [HKLM] O42 - Logiciel: Nero 6 Enterprise Edition - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Nero BurnRights (Ahead Software) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Net Transport 1.94.282 - (.Xi.) [HKLM] O42 - Logiciel: NikonCapture - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Notification Live Search - (.Pas de propriétaire.) [HKCU] O42 - Logiciel: OMeR - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: P2400P Guide de référence - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: PDFtoMusic - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: PTLens - (.ePaperPress.) [HKLM] O42 - Logiciel: PeerGuardian 2.0 - (.Methlabs Productions.) [HKLM] O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] O42 - Logiciel: Picture Control Utility - (.Nikon.) [HKLM] O42 - Logiciel: Planète Généalogie - (.BSD Concept.) [HKLM] O42 - Logiciel: Programme de gestion Camera de Logitech® - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: QuickPar 0.9 - (.Peter B. Clements.) [HKLM] O42 - Logiciel: QuickTime - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: RadCor 2.04 - (.TUVSW.) [HKLM] O42 - Logiciel: Radio Fr Solo 2.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: SanDisk SD Wi-Fi Card - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Sandboxie 3.34 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: SaverWiz - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ScummVM 1.0.0rc1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB978380) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB978382) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Outlook 2007 (KB972363) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB957789) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB980470) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB969604) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB969613) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] O42 - Logiciel: Sibelius 5 Demo - (.Sibelius Software.) [HKLM] O42 - Logiciel: Sibelius Scorch (Firefox, Opera, Netscape only) - (.Sibelius Software.) [HKLM] O42 - Logiciel: Simple Sudoku 4.2 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Skype™ 4.0 - (.Skype Technologies S.A..) [HKLM] O42 - Logiciel: SmartList To Go - (.DataViz, Inc..) [HKLM] O42 - Logiciel: Sophos Anti-Rootkit 1.3 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: SpeedFan (remove only) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Spybot - Search & Destroy 1.4 - (.Safer Networking Limited.) [HKLM] O42 - Logiciel: StationRipper 2.71 - (.Ratajik Software.) [HKLM] O42 - Logiciel: StealthNet 0.8.7.2 - (.The StealthNet Team.) [HKLM] O42 - Logiciel: Sudoku 3D Pro - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Sudoku V 3.0 - (.Olivier RAVET.) [HKLM] O42 - Logiciel: TeamViewer 4 - (.TeamViewer GmbH.) [HKLM] O42 - Logiciel: Tous les Noms de Famille de France V.6.5.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: UMVPLStandalone - (.Logitech Inc..) [HKLM] O42 - Logiciel: URL Snooper v2.26.01 - (.DonationCoder.com.) [HKLM] O42 - Logiciel: Universal Extractor 1.6 - (.Jared Breland.) [HKLM] O42 - Logiciel: Unlocker 1.8.6 - (.Cedrick Collomb.) [HKLM] O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] O42 - Logiciel: Update for 2007 Microsoft Office System (KB981715) - (.Microsoft.) [HKLM] O42 - Logiciel: Update for Microsoft Office InfoPath 2007 (KB976416) - (.Microsoft.) [HKLM] O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb981433) - (.Microsoft.) [HKLM] O42 - Logiciel: VDMSound - (.Vlad Romascanu.) [HKLM] O42 - Logiciel: VobEdit 0.6 Fr - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: WaveLab Lite - (.Steinberg.) [HKLM] O42 - Logiciel: WinHTTrack Website Copier 3.30 - (.HTTrack.) [HKLM] O42 - Logiciel: WinPcap 4.1.1 - (.CACE Technologies.) [HKLM] O42 - Logiciel: WinWAP for Windows 3.2 - (.Winwap Technologies Oy.) [HKLM] O42 - Logiciel: WinZip - (.WinZip Computing LP.) [HKLM] O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Installer Clean Up - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Wintree Version 3.0 d - (.Decrock.) [HKLM] O42 - Logiciel: ZebHelpProcess 2.34 - (.Nicolas Coolman.) [HKLM] O42 - Logiciel: dBpowerAMP Wavpack Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp FLAC Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Monkeys Audio Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Musepack Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Ogg Vorbis Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Windows Media Audio 10 Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dMC Power Pack - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: jv16 PowerTools 1.3 - (.Pas de propriétaire.) [HKLM] ---\\ HKCU & HKLM Software Keys [HKCU\Software\ABSoft] [HKCU\Software\AC3filter] [HKCU\Software\ASProtect] [HKCU\Software\ATI] [HKCU\Software\Ad-Remover] [HKCU\Software\Adobe] [HKCU\Software\Advanced IRC] [HKCU\Software\Ahead] [HKCU\Software\Alcohol Soft] [HKCU\Software\Angus Johnson] [HKCU\Software\Anuman Interactive] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\ApplianTechnologies] [HKCU\Software\ArcSoft] [HKCU\Software\Audacity] [HKCU\Software\Auralis] [HKCU\Software\Avira] [HKCU\Software\BITSoft] [HKCU\Software\BitTorrent] [HKCU\Software\Borland] [HKCU\Software\Bsd Concept] [HKCU\Software\CDIP] [HKCU\Software\CDRWIN 5] [HKCU\Software\Clients] [HKCU\Software\Cobian] [HKCU\Software\CoreVorbis] [HKCU\Software\Creative Tech] [HKCU\Software\Cyberlink] [HKCU\Software\DATA BECKER] [HKCU\Software\DDH Software] [HKCU\Software\DPSoftware] [HKCU\Software\DSP-worx] [HKCU\Software\DVD Shrink] [HKCU\Software\DataViz] [HKCU\Software\DefaultID] [HKCU\Software\Digital River] [HKCU\Software\DivXNetworks] [HKCU\Software\DxO Optics Pro] [HKCU\Software\DxO] [HKCU\Software\EMCO MSI Package Builder] [HKCU\Software\EMME] [HKCU\Software\EPSON] [HKCU\Software\EditHexa] [HKCU\Software\Elaborate Bytes] [HKCU\Software\Elcom] [HKCU\Software\Exifer] [HKCU\Software\Foxit Software Company] [HKCU\Software\Foxit Software] [HKCU\Software\FreeDownloadManager.ORG] [HKCU\Software\Freeware] [HKCU\Software\FreshDevices] [HKCU\Software\Fridgesoft] [HKCU\Software\GHCS] [HKCU\Software\GIANTCompany] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\Genie-Soft] [HKCU\Software\GlarySoft] [HKCU\Software\decrock] [HKCU\Software\digital publishing] [HKCU\Software\e-merge] [HKCU\Software\eMule] [HKCU\Software\ePaperPress] [HKCU\Software\ej-technologies] [HKLM\Software\ABSoft] [HKLM\Software\ACE Compression Software] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Adobe Systems] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\America Online] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Avira] [HKLM\Software\BigScott27] [HKLM\Software\Boonty] [HKLM\Software\Borland] [HKLM\Software\C07ft5Y] [HKLM\Software\CDDB] [HKLM\Software\CDRWIN5] [HKLM\Software\Canon] [HKLM\Software\Carpet] [HKLM\Software\Chilkat Software, Inc.] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Cobian] [HKLM\Software\Codec Tweak Tool] [HKLM\Software\Creative Tech] [HKLM\Software\Cyberlink] [HKLM\Software\D-Tools] [HKLM\Software\DDH Software] [HKLM\Software\DECROCK] [HKLM\Software\DIOC] [HKLM\Software\Debug] [HKLM\Software\DivXNetworks] [HKLM\Software\DownloadHelper] [HKLM\Software\EMCO MSI Package Builder] [HKLM\Software\EPSON Photo Print] [HKLM\Software\EPSON] [HKLM\Software\Elaborate Bytes] [HKLM\Software\Elcom] [HKLM\Software\Foxit Software] [HKLM\Software\FreshDevices] [HKLM\Software\GIANTCompany] [HKLM\Software\GNU] [HKLM\Software\Gabest] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\Gravity Soft] [HKLM\Software\HaaliMkx] [HKLM\Software\Hemera Products] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\Internet Download Manager] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KLCodecPack] [HKLM\Software\Licenses] [HKLM\Software\LizardTech] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Micro Application] [HKLM\Software\MicroQuill] [HKLM\Software\MidiTec] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\MyHeritage.com] [HKLM\Software\Myriad Software] [HKLM\Software\NCSoft] [HKLM\Software\Network Associates] [HKLM\Software\Nico Mak Computing] [HKLM\Software\Nikon] [HKLM\Software\ODBC] [HKLM\Software\Orium Software] [HKLM\Software\PACE Anti-Piracy] [HKLM\Software\PepiMK Software] [HKLM\Software\Pinnacle Systems] [HKLM\Software\PixVue.Com] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\Protexis] [HKLM\Software\Python] [HKLM\Software\QuEnc] [HKLM\Software\Ratajik Software] [HKLM\Software\RealNetworks] [HKLM\Software\RegisteredApplications] [HKLM\Software\RjH Software] [HKLM\Software\S3R521] [HKLM\Software\SUPERAntiSpyware.com] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Schlumberger] [HKLM\Software\Sibelius Software] [HKLM\Software\Skype] [HKLM\Software\Smart Panel] [HKLM\Software\Soeperman Enterprises Ltd.] [HKLM\Software\SoftLogica] [HKLM\Software\Sonic] [HKLM\Software\Sophos] [HKLM\Software\SplashData] [HKLM\Software\Sports] [HKLM\Software\Std] [HKLM\Software\Steinberg] [HKLM\Software\String Comparison] [HKLM\Software\Sunbelt Software] [HKLM\Software\Swearware] [HKLM\Software\TG Byte Software] [HKLM\Software\TeamViewer] [HKLM\Software\TorrentSearcher] [HKLM\Software\Totalidea Software] [HKLM\Software\Trad-FR] [HKLM\Software\TrendMicro] [HKLM\Software\Ulead Systems] [HKLM\Software\Uniblue] [HKLM\Software\VEGA] [HKLM\Software\VOB] [HKLM\Software\VSO] [HKLM\Software\Via4in1Driver] [HKLM\Software\Voice] [HKLM\Software\Wheel] [HKLM\Software\WinPcap] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Winzip FR] [HKLM\Software\Wise Solutions] [HKLM\Software\X-AVCSD] [HKLM\Software\Xi] [HKLM\Software\Yahoo] [HKLM\Software\Zone Labs] [HKLM\Software\ePaperPress] [HKLM\Software\mozilla.org] ---\\ Contenu des dossiers Fichiers Communs (O43) O43 - CFD:Common File Directory ----D- C:\Program Files\3D Photo Browser O43 - CFD:Common File Directory ----D- C:\Program Files\3M O43 - CFD:Common File Directory ----D- C:\Program Files\3M Littmann O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Advanced IRC O43 - CFD:Common File Directory ----D- C:\Program Files\Ahead O43 - CFD:Common File Directory ----D- C:\Program Files\Alcohol Soft O43 - CFD:Common File Directory ----D- C:\Program Files\ANtsP2P O43 - CFD:Common File Directory ----D- C:\Program Files\Anuman Interactive O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\Audacity O43 - CFD:Common File Directory ----D- C:\Program Files\AVG Anti-Spyware 7.5 O43 - CFD:Common File Directory ----D- C:\Program Files\AVI MPEG RM WMV Joiner O43 - CFD:Common File Directory ----D- C:\Program Files\Avi2Dvd O43 - CFD:Common File Directory ----D- C:\Program Files\Avira O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5 O43 - CFD:Common File Directory ----D- C:\Program Files\BackupBuddy O43 - CFD:Common File Directory ----D- C:\Program Files\Blues for Piano and Keyboard 10.0 O43 - CFD:Common File Directory ----D- C:\Program Files\BSD Concept O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner O43 - CFD:Common File Directory ----D- C:\Program Files\CDRWIN5 O43 - CFD:Common File Directory ----D- C:\Program Files\CH Products O43 - CFD:Common File Directory ----D- C:\Program Files\Cobian Backup 8 O43 - CFD:Common File Directory ----D- C:\Program Files\Cobian Backup 9 O43 - CFD:Common File Directory ----D- C:\Program Files\Common~1 O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications O43 - CFD:Common File Directory ----D- C:\Program Files\ConvertHelper O43 - CFD:Common File Directory ----D- C:\Program Files\Creative O43 - CFD:Common File Directory ----D- C:\Program Files\dBpowerAMP O43 - CFD:Common File Directory ----D- C:\Program Files\DivX O43 - CFD:Common File Directory ----D- C:\Program Files\Documents To Go O43 - CFD:Common File Directory ----D- C:\Program Files\DoublePics O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Shrink O43 - CFD:Common File Directory ----D- C:\Program Files\DxO Labs O43 - CFD:Common File Directory ----D- C:\Program Files\EarMaster Pro 5 O43 - CFD:Common File Directory ----D- C:\Program Files\EasyCleaner O43 - CFD:Common File Directory ----D- C:\Program Files\eMule O43 - CFD:Common File Directory ----D- C:\Program Files\ePaperPress O43 - CFD:Common File Directory ----D- C:\Program Files\EPSON O43 - CFD:Common File Directory ----D- C:\Program Files\Exifer O43 - CFD:Common File Directory ----D- C:\Program Files\FamilySearch O43 - CFD:Common File Directory R---D- C:\Program Files\Fichiers communs O43 - CFD:Common File Directory ----D- C:\Program Files\File Scanner Library (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\Foxit Software O43 - CFD:Common File Directory ----D- C:\Program Files\GedCom-Vision O43 - CFD:Common File Directory ----D- C:\Program Files\GedStar O43 - CFD:Common File Directory ----D- C:\Program Files\GNU O43 - CFD:Common File Directory ----D- C:\Program Files\GNU Solfege O43 - CFD:Common File Directory ----D- C:\Program Files\Google O43 - CFD:Common File Directory ----D- C:\Program Files\GrabIt O43 - CFD:Common File Directory ----D- C:\Program Files\Greeting Card Creator O43 - CFD:Common File Directory ----D- C:\Program Files\GRISOFT O43 - CFD:Common File Directory ----D- C:\Program Files\Guitar Pro 4 O43 - CFD:Common File Directory ----D- C:\Program Files\HanDBase3 O43 - CFD:Common File Directory ----D- C:\Program Files\HardwareDetection O43 - CFD:Common File Directory ----D- C:\Program Files\Harmony Assistant O43 - CFD:Common File Directory ----D- C:\Program Files\Helicon Software O43 - CFD:Common File Directory ----D- C:\Program Files\Hijackthis O43 - CFD:Common File Directory ----D- C:\Program Files\i2p O43 - CFD:Common File Directory ----D- C:\Program Files\icesword O43 - CFD:Common File Directory ----D- C:\Program Files\IfoEdit O43 - CFD:Common File Directory ----D- C:\Program Files\IKEA HomePlanner O43 - CFD:Common File Directory ----D- C:\Program Files\Illustrate O43 - CFD:Common File Directory ----D- C:\Program Files\iMule-1.4.5 O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer O43 - CFD:Common File Directory ----D- C:\Program Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\Java(2) O43 - CFD:Common File Directory ----D- C:\Program Files\jv16 PowerTools O43 - CFD:Common File Directory ----D- C:\Program Files\K-Lite Codec Pack O43 - CFD:Common File Directory ----D- C:\Program Files\Kommute O43 - CFD:Common File Directory ----D- C:\Program Files\Lavalys O43 - CFD:Common File Directory ----D- C:\Program Files\LizardTech O43 - CFD:Common File Directory ----D- C:\Program Files\Logitech O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com O43 - CFD:Common File Directory ----D- C:\Program Files\MagicISO O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD:Common File Directory ----D- C:\Program Files\Managed DirectX (0901) O43 - CFD:Common File Directory ----D- C:\Program Files\MaxSplitter O43 - CFD:Common File Directory ----D- C:\Program Files\Media Player Classic O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Backup O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft AntiSpyware O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Baseline Security Analyzer 2 O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Money 2005 O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET O43 - CFD:Common File Directory ----D- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox O43 - CFD:Common File Directory ----D- C:\Program Files\Mp3DirectCut O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache O43 - CFD:Common File Directory ----D- C:\Program Files\MSN O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0 O43 - CFD:Common File Directory ----D- C:\Program Files\Musicalis O43 - CFD:Common File Directory ----D- C:\Program Files\MUTE O43 - CFD:Common File Directory ----D- C:\Program Files\myFairTunes O43 - CFD:Common File Directory ----D- C:\Program Files\MyVideoSoft O43 - CFD:Common File Directory ----D- C:\Program Files\NapShare O43 - CFD:Common File Directory ----D- C:\Program Files\Neat Image O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting O43 - CFD:Common File Directory ----D- C:\Program Files\Newave O43 - CFD:Common File Directory ----D- C:\Program Files\Nikon O43 - CFD:Common File Directory ----D- C:\Program Files\Omer O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express O43 - CFD:Common File Directory ----D- C:\Program Files\Pando Networks O43 - CFD:Common File Directory ----D- C:\Program Files\PDFtoMusic O43 - CFD:Common File Directory ----D- C:\Program Files\PeerGuardian2 O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre O43 - CFD:Common File Directory ----D- C:\Program Files\Pinnacle O43 - CFD:Common File Directory ----D- C:\Program Files\PixVue O43 - CFD:Common File Directory ----D- C:\Program Files\PlayPianoTODAY O43 - CFD:Common File Directory ----D- C:\Program Files\PrivacyEraser Computing O43 - CFD:Common File Directory ----D- C:\Program Files\process monitor main O43 - CFD:Common File Directory ----D- C:\Program Files\PW O43 - CFD:Common File Directory ----D- C:\Program Files\QuickPar O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime O43 - CFD:Common File Directory ----D- C:\Program Files\RadCor O43 - CFD:Common File Directory ----D- C:\Program Files\Radio Fr Solo O43 - CFD:Common File Directory ----D- C:\Program Files\Reagclean O43 - CFD:Common File Directory ----D- C:\Program Files\Real O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies O43 - CFD:Common File Directory ----D- C:\Program Files\RegClean O43 - CFD:Common File Directory ----D- C:\Program Files\RipTiger O43 - CFD:Common File Directory ----D- C:\Program Files\Sandboxie O43 - CFD:Common File Directory ----D- C:\Program Files\SanDisk O43 - CFD:Common File Directory ----D- C:\Program Files\SaverWiz O43 - CFD:Common File Directory ----D- C:\Program Files\ScummVM O43 - CFD:Common File Directory ----D- C:\Program Files\SDHelper (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\SEAF O43 - CFD:Common File Directory ----D- C:\Program Files\Sensory O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne O43 - CFD:Common File Directory ----D- C:\Program Files\Sibelius Software O43 - CFD:Common File Directory ----D- C:\Program Files\Simple Sudoku O43 - CFD:Common File Directory R---D- C:\Program Files\Skype O43 - CFD:Common File Directory ----D- C:\Program Files\SlySoft O43 - CFD:Common File Directory ----D- C:\Program Files\Smart Panel O43 - CFD:Common File Directory ----D- C:\Program Files\Smart Projects O43 - CFD:Common File Directory ----D- C:\Program Files\SmartGenealogy_2.8c O43 - CFD:Common File Directory ----D- C:\Program Files\SmartList To Go O43 - CFD:Common File Directory ----D- C:\Program Files\SoftLogica O43 - CFD:Common File Directory ----D- C:\Program Files\Sophos O43 - CFD:Common File Directory ----D- C:\Program Files\SpeedFan O43 - CFD:Common File Directory ----D- C:\Program Files\SpeedItUpFree O43 - CFD:Common File Directory ----D- C:\Program Files\SplashData O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy O43 - CFD:Common File Directory ----D- C:\Program Files\StationRipper O43 - CFD:Common File Directory ----D- C:\Program Files\StealthNet O43 - CFD:Common File Directory ----D- C:\Program Files\Steinberg O43 - CFD:Common File Directory ----D- C:\Program Files\Sudoku O43 - CFD:Common File Directory ----D- C:\Program Files\Sudoku 3D Pro O43 - CFD:Common File Directory ----D- C:\Program Files\Sunbelt Software O43 - CFD:Common File Directory ----D- C:\Program Files\SUPERAntiSpyware O43 - CFD:Common File Directory ----D- C:\Program Files\SWI O43 - CFD:Common File Directory ----D- C:\Program Files\Synaesthete O43 - CFD:Common File Directory ----D- C:\Program Files\TeamViewer O43 - CFD:Common File Directory ----D- C:\Program Files\TeaTimer (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\thinkingBytes O43 - CFD:Common File Directory ----D- C:\Program Files\TimeAdjuster O43 - CFD:Common File Directory ----D- C:\Program Files\Tweak-XP Pro 4 O43 - CFD:Common File Directory ----D- C:\Program Files\Ujihara O43 - CFD:Common File Directory ----D- C:\Program Files\Ulead Systems O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information O43 - CFD:Common File Directory ----D- C:\Program Files\Universal Extractor O43 - CFD:Common File Directory ----D- C:\Program Files\Unlocker O43 - CFD:Common File Directory ----D- C:\Program Files\URLSnooper2 O43 - CFD:Common File Directory ----D- C:\Program Files\USB-set O43 - CFD:Common File Directory ----D- C:\Program Files\uTorrent O43 - CFD:Common File Directory ----D- C:\Program Files\VDMSound O43 - CFD:Common File Directory ----D- C:\Program Files\Vg O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN O43 - CFD:Common File Directory ----D- C:\Program Files\VirtualDubMOD O43 - CFD:Common File Directory ----D- C:\Program Files\VOB O43 - CFD:Common File Directory ----D- C:\Program Files\VSO O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Installer Clean Up O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Connect 2 O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT O43 - CFD:Common File Directory --HAD- C:\Program Files\WindowsUpdate O43 - CFD:Common File Directory ----D- C:\Program Files\WinHTTrack O43 - CFD:Common File Directory ----D- C:\Program Files\WinPcap O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR O43 - CFD:Common File Directory ----D- C:\Program Files\WINTREE O43 - CFD:Common File Directory ----D- C:\Program Files\Winwap Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\WinZip O43 - CFD:Common File Directory ----D- C:\Program Files\xerox O43 - CFD:Common File Directory ----D- C:\Program Files\Xi O43 - CFD:Common File Directory ----D- C:\Program Files\Yahoo! O43 - CFD:Common File Directory ----D- C:\Program Files\ZebHelpProcess 2 O43 - CFD:Common File Directory --H-D- C:\Program Files\Zero G Registry O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.00000000000000000000000000000000] - 30/04/2010 - 20:42:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1608728] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 30/04/2010 - 20:41:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.00000000000000000000000000000000] - 30/04/2010 - 20:41:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.00000000000000000000000000000000] - 30/04/2010 - 20:40:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 30/04/2010 - 20:40:27 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.3216055D989BB876D507BDA624D57AB6] - 30/04/2010 - 20:40:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\MEMORY.DMP [536428544] O44 - LFC:[MD5.043DA7677BFBAE621EDFD4E4D138B0F0] - 30/04/2010 - 20:40:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\avenger.txt [1774] O44 - LFC:[MD5.9395FC5D17F34FA1AC013CB896552717] - 30/04/2010 - 20:39:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000000-00000000-0000000B-00001102-00000004-00401102}.rfx [3888] O44 - LFC:[MD5.A6B198B7F3337705B124A2D56B29D69D] - 30/04/2010 - 20:39:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\BMXCtrlState-{00000000-00000000-0000000B-00001102-00000004-00401102}.rfx [3888] O44 - LFC:[MD5.00000000000000000000000000000000] - 30/04/2010 - 20:37:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SchedLgU.Txt [32484] O44 - LFC:[MD5.6490C3F6B8336D05DE8FCAD8C94F50C8] - 30/04/2010 - 13:22:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\PDOXUSRS.NET [13030] O44 - LFC:[MD5.23A8C23D9C43F96CAABA5102B2E9D85C] - 28/04/2010 - 20:19:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ComboFix.txt [27327] O44 - LFC:[MD5.87AFDE2B95CB0FDB8477AB22D02BFC94] - 28/04/2010 - 20:06:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system.ini [274] O44 - LFC:[MD5.7F4247C03A71E65171CEBC339B37AB20] - 27/04/2010 - 19:14:37 RSHA- . (.Pas de propriétaire - Pas de description.) -- C:\boot.ini [282] O44 - LFC:[MD5.3CECCD255392A3A640830F3CF97CE162] - 27/04/2010 - 19:14:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Boot.bak [212] O44 - LFC:[MD5.48C65662EC81FBCAA110509F50C51497] - 27/04/2010 - 19:14:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\cmldr [263488] O44 - LFC:[MD5.AE72E8619CB31D84DA25E2435E55003C] - 27/04/2010 - 19:12:56 ---A- . (.NirSoft - NirCmd.) -- C:\WINDOWS\NIRCMD.exe [31232] O44 - LFC:[MD5.C5EC72A20B4C98DB5314E6C46765B148] - 27/04/2010 - 19:12:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\MBR.exe [77312] O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 27/04/2010 - 19:12:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\grep.exe [80412] O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 27/04/2010 - 19:12:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\sed.exe [98816] O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 27/04/2010 - 19:12:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\zip.exe [68096] O44 - LFC:[MD5.01D95A1F8CF13D07CC564AABB36BCC0B] - 27/04/2010 - 19:12:56 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\WINDOWS\SWREG.exe [161792] O44 - LFC:[MD5.B7517DB073B28F5696A1E5528ABEB5D0] - 27/04/2010 - 19:12:56 ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\WINDOWS\SWSC.exe [136704] O44 - LFC:[MD5.B1A9CF0B6F80611D31987C247EC630B4] - 27/04/2010 - 19:12:56 ---A- . (.SteelWerX - Freeware implementation of XCACLS.) -- C:\WINDOWS\SWXCACLS.exe [212480] O44 - LFC:[MD5.1A6D80AA9E021EC3B094887D47202188] - 27/04/2010 - 12:26:33 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-CLEAN[1].txt [4714] O44 - LFC:[MD5.265672A002D063A3ED2D26F939E04FC3] - 27/04/2010 - 12:13:33 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-SCAN[1].txt [4046] O44 - LFC:[MD5.EC1C7B6CCFB28B096C9D514ACCF05C74] - 27/04/2010 - 09:12:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\TB.txt [3152] O44 - LFC:[MD5.4BB0628A9105D8C11B602E6F53470015] - 27/04/2010 - 07:59:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\drivers\fwdrv.err [1735460] O44 - LFC:[MD5.F1FBA6185A6A2BC6456970914875078E] - 26/04/2010 - 14:58:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\PEV.exe [256512] O44 - LFC:[MD5.FBFAF1C2C34F301BBE4C9407D2AC60E1] - 26/04/2010 - 11:21:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [2206] O44 - LFC:[MD5.7112190518B5AEAA05B259BBE393C9ED] - 25/04/2010 - 17:18:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\NeroDigital.ini [116] O44 - LFC:[MD5.43B537FA5AAC2FDE07A7E320E4362363] - 21/04/2010 - 06:53:57 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\3) [2133] O44 - LFC:[MD5.A9C93CE2627B78646BE5BBCB95DEC8EA] - 11/04/2010 - 12:59:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\win.ini [940] O44 - LFC:[MD5.19BC3077C98654C4F685624D8383BC2E] - 07/04/2010 - 06:10:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\Radio_Fr.ini [1208] O44 - LFC:[MD5.91BA33C14DF133FA79AFB6A92F582CDD] - 04/04/2010 - 15:41:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\d3d9caps.dat [664] O44 - LFC:[MD5.3C94558CD1705DA468C9562110F34069] - 04/04/2010 - 10:37:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\DonationCoder_urlsnooper_InstallInfo.dat [46] O44 - LFC:[MD5.7311558A1B943CED90A75E0409F5C5D9] - 04/04/2010 - 10:36:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\-1 [57] O44 - LFC:[MD5.CF236C6C37519794C8CB663FA639297D] - 03/04/2010 - 11:06:51 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\java.exe [145184] O44 - LFC:[MD5.8BB5783B22869D303B2E624947A9A52A] - 03/04/2010 - 11:06:51 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\javaw.exe [145184] O44 - LFC:[MD5.AC600895C014D245B03749CA3B5CBED4] - 03/04/2010 - 11:06:51 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\WINDOWS\System32\javaws.exe [153376] O44 - LFC:[MD5.FC1F0157B07D3FA402FC629AE9B977AE] - 03/04/2010 - 11:06:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\jupdate-1.6.0_19-b04.log [4229] O44 - LFC:[MD5.C71E8FF0D92FF876EB1C591A34AFDD03] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.INI [1395924] O44 - LFC:[MD5.842A215C78E052C380DCB2515035588F] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc009.dat [102990] O44 - LFC:[MD5.E2E8D636EFC592EB4E0383DEEC8E42F3] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [123638] O44 - LFC:[MD5.87D027A624CA713E45C12986BE94972C] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh009.dat [535828] O44 - LFC:[MD5.36A359FF2187AD2C10957403688B50CA] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [615420] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll O46 - SEH:ShellExecuteHooks - Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\PROGRA~1\WINDOW~4\MpShHook.dll ---\\ Export de clé d'application autorisée (ECAA) (O47) O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dpnsvr.exe" [Disabled] .(.Microsoft Corporation - Microsoft DirectPlay8 Server.) -- C:\WINDOWS\system32\dpnsvr.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\sessmgr.exe" [Disabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe" [Disabled] .(.http://www.emule-project.net - eMule.) -- C:\Program Files\eMule\emule.exe O47 - AAKE:Key Export SP - "C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe" [Enabled] .(.Sunbelt Software - Sunbelt Kerio Firewall GUI.) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\uTorrent.exe" [Enabled] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\msncall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\MSN Messenger\msncall.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\livecall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\MSN Messenger\livecall.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) (.not file.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) (.not file.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"VIDC.DIVX"="divx.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\divx.dll O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\xvidvfw.dll O52 - TDSD: \Drivers32\"vidc.iv41"="Ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\Ir41_32.ax O52 - TDSD: \Drivers32\"VIDC.YV12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\WINDOWS\System32\yv12vfw.dll O52 - TDSD: \Drivers32\"msacm.vorbis"="vorbis.acm" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\System32\vorbis.acm O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\System32\ac3acm.acm O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\WINDOWS\System32\lameACM.acm O52 - TDSD: \Drivers32\"msacm.divxa32"="divxa32.acm" . (.Kristal Studi - DivX WMA Audi.) -- C:\WINDOWS\System32\divxa32.acm O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ff_vfw.dll O52 - TDSD: \Drivers32\"vidc.tscc"="tsccvid.dll" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- C:\WINDOWS\System32\tsccvid.dll O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"tssoft32.acm"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \drivers.desc\"iccvid.dll"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \drivers.desc\"ir32_32.dll"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \drivers.desc\"Ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"iyvu9_32.dll"="Indeo® video Raw YVU9 by Intel" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\iyvu9_32.dll O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\Iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\Iac25_32.ax O52 - TDSD: \drivers.desc\"divx.dll"="DivX Pro 6.7.0" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec v1.2.0-dev" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.97b2" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"vorbis.acm"="Ogg Vorbis Audio Codec" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\System32\vorbis.acm O52 - TDSD: \drivers.desc\"Ir41_32.ax"="Indeo® video interactive R4.3 by Intel" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\System32\ac3acm.acm O52 - TDSD: \drivers.desc\"divxa32.acm"="DivX Audio" . (.Kristal Studi - DivX WMA Audi.) -- C:\WINDOWS\System32\divxa32.acm O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ff_vfw.dll O52 - TDSD: \drivers.desc\"tsccvid.dll"="TechSmith Screen Capture Codec" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- C:\WINDOWS\System32\tsccvid.dll ---\\ ShareTools MSconfig StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\LogitechQuickCamRibbon [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1 O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDrives"=0 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:[MD5.95B4FB835E28AA1336CEEB07FD5B9398] - 13/04/2008 - 19:36:39 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\drivers\amdagp.sys O58 - SDL:[MD5.116BFF96077A4A724E0AAB800525CEB5] - 28/08/2002 - 22:59:12 ---A- . (.ADMtek Incorporated. - ADMtek AN983/AN985/ADM951X NDIS5 Driver.) -- C:\WINDOWS\system32\drivers\an983.sys O58 - SDL:[MD5.875F9079CABEE679D34B49E466B61701] - 17/04/2002 - 19:27:02 ---A- . (.VOB Computersysteme GmbH - ASAPI.) -- C:\WINDOWS\system32\drivers\asapiW2k.sys O58 - SDL:[MD5.D649C57DA6FA762C64013747E5D7D2D6] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\drivers\ati1btxx.sys O58 - SDL:[MD5.60B6AA2DC1521DA343F781B70EB7895A] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec.) -- C:\WINDOWS\system32\drivers\ati1mdxx.sys O58 - SDL:[MD5.6FDC61E8E8E17F6ECC2D9A10FA8DF347] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec.) -- C:\WINDOWS\system32\drivers\ati1pdxx.sys O58 - SDL:[MD5.9D318099BF3876A4AF4BC75966D27603] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\drivers\ati1raxx.sys O58 - SDL:[MD5.BCAF267B10620F8C93F6E87AB726E145] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1rvxx.sys O58 - SDL:[MD5.DAC7D785CF62F5BD41441E9D6F5A6EFE] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1snxx.sys O58 - SDL:[MD5.F7706DAE7D101F1B19CE552D772EBFCE] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\drivers\ati1ttxx.sys O58 - SDL:[MD5.6F714B4720DD80FFA9F8D2731594EA4C] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1tuxx.sys O58 - SDL:[MD5.67FFBC158DD4D27BA3FC92C6ACD87F73] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1xbxx.sys O58 - SDL:[MD5.0D8CAB1F08F7D3C4DE228B49E12E596A] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1xsxx.sys O58 - SDL:[MD5.A2F791E99FD6EECEBCCFB1953A1D6F24] - 19/08/2004 - 14:53:40 ---A- . (.ATI Technologies Inc. - Pilote de miniport ATI RAGE 128.) -- C:\WINDOWS\system32\drivers\ati2mtaa.sys O58 - SDL:[MD5.492BD2A5F65F218D4EDE5764A3BB67E9] - 03/05/2006 - 17:50:42 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys O58 - SDL:[MD5.993E7BD6438FE989E328C6B4BCA246A9] - 03/08/2004 - 21:29:28 ---A- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\drivers\atinbtxx.sys O58 - SDL:[MD5.ED4C2BF8403F4437987C0BA09CF48716] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec RT2.) -- C:\WINDOWS\system32\drivers\atinmdxx.sys O58 - SDL:[MD5.E90AC2B14E98F1A4372E5891B4278784] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec RT2.) -- C:\WINDOWS\system32\drivers\atinpdxx.sys O58 - SDL:[MD5.DA36687D701C833430605A298731410B] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\drivers\atinraxx.sys O58 - SDL:[MD5.A7A01B907DB63898D40B0A14248FF9A2] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver RT2.) -- C:\WINDOWS\system32\drivers\atinrvxx.sys O58 - SDL:[MD5.CEDDEE2E0591894D19654D458FD3B9BE] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\drivers\atinsnxx.sys O58 - SDL:[MD5.D80A8F6C0A717446496C3A06D33B0D9C] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\drivers\atinttxx.sys O58 - SDL:[MD5.EDD66332608D27F4FD5069BCD0BC5164] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\drivers\atintuxx.sys O58 - SDL:[MD5.3E7D485CBD0B0D9F6EA2AD9442411831] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\atinxbxx.sys O58 - SDL:[MD5.77B575D7AAB35D5908AE6CE681608D62] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver RT2.) -- C:\WINDOWS\system32\drivers\atinxsxx.sys O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 13/02/2009 - 11:17:49 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 10/12/2009 - 19:28:27 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys O58 - SDL:[MD5.2DAA8CC2670720DEDDCC74A20EDE2EE9] - 13/02/2009 - 11:28:39 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys O58 - SDL:[MD5.AD9BD66A862116E79CB45BB6BE46055F] - 30/03/2009 - 09:32:47 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\WINDOWS\system32\drivers\avipbb.sys O58 - SDL:[MD5.35A301482478E97BE6E1C2748CE930E1] - 02/07/2003 - 17:41:42 ---A- . (.Pas de propriétaire - SCSI miniport.) -- C:\WINDOWS\system32\drivers\axwhisky.sys O58 - SDL:[MD5.F3B1CE696CCF6448C85E7CDC702098D8] - 02/07/2003 - 16:49:52 ---A- . (.Pas de propriétaire - Plug and Play BIOS Extension.) -- C:\WINDOWS\system32\drivers\axwskbus.sys O58 - SDL:[MD5.AABFFD787AB272FC903AFEEB336C6899] - 21/11/2006 - 00:36:58 ---A- . (.CH Products - CH Control Manager Driver 1.) -- C:\WINDOWS\system32\drivers\chdrvr01.sys O58 - SDL:[MD5.7536FB70BCBF5D10B810E67E72F68137] - 22/12/2005 - 22:41:52 ---A- . (.CH Products - CH Control Manager Driver 2.) -- C:\WINDOWS\system32\drivers\chdrvr02.sys O58 - SDL:[MD5.07E3319E5BAE758CEB83C80419681B6A] - 22/12/2005 - 22:41:44 ---A- . (.CH Products - CH Control Manager Driver 3.) -- C:\WINDOWS\system32\drivers\chdrvr03.sys O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 28/08/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 28/08/2001 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys O58 - SDL:[MD5.D653F455B176529F0427B24361139619] - 11/09/2001 - 13:10:14 R--A- . (.Creative Technology Ltd. - Creative OS Services Driver (WDM).) -- C:\WINDOWS\system32\drivers\ctoss2k.sys O58 - SDL:[MD5.EF99D8DAB9FCE9B734B40D5E0DD6ABB4] - 02/10/2001 - 16:06:30 R--A- . (.Creative Technology Ltd - Creative EMU10Kx Device Driver (WDM).) -- C:\WINDOWS\system32\drivers\e10kx2k.sys O58 - SDL:[MD5.59C9E1336A4508F059827D638E924C62] - 28/11/2002 - 15:18:04 ---A- . (.Elaborate Bytes AG - ElbyCDIO Filter Driver.) -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys O58 - SDL:[MD5.389823DB299B350F2EE830D47376EEAC] - 29/11/2002 - 12:38:16 ---A- . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys O58 - SDL:[MD5.C4143FC2F7D39A5A8B1CFE0BC4BD8A9E] - 28/11/2002 - 11:43:49 ---A- . (.Elaborate Bytes AG - VirtualCloneCD Driver.) -- C:\WINDOWS\system32\drivers\ElbyVCD.sys O58 - SDL:[MD5.1FF2EEF447A177DF2C544B80F8F7F879] - 18/07/2006 - 11:02:50 ---A- . (.Sunbelt Software - Sunbelt Kerio Firewall FWDRV.) -- C:\WINDOWS\system32\drivers\fwdrv.sys O58 - SDL:[MD5.970178E8E003EB1481293830069624B9] - 03/08/2004 - 21:41:48 ---A- . (.Conexant Systems, Inc. - HSF_HWB2 WDM driver.) -- C:\WINDOWS\system32\drivers\hsfbs2s2.sys O58 - SDL:[MD5.1225EBEA76AAC3C84DF6C54FE5E5D8BE] - 03/08/2004 - 21:41:50 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\system32\drivers\hsfcxts2.sys O58 - SDL:[MD5.EBB354438A4C5A3327FB97306260714A] - 03/08/2004 - 21:41:56 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\drivers\hsfdpsp2.sys O58 - SDL:[MD5.0A7C49B48C772591A2D362DAA00246C8] - 03/03/2004 - 21:30:54 ---A- . (.Ahead Software AG - NERO IMAGEDRIVE SCSI miniport.) -- C:\WINDOWS\system32\drivers\imagedrv.sys O58 - SDL:[MD5.549BA4F539E7B8D8129500B96DD7B27A] - 03/03/2004 - 21:30:54 ---A- . (.Ahead Software AG - Nero Image Server.) -- C:\WINDOWS\system32\drivers\imagesrv.sys O58 - SDL:[MD5.AD81C7B17A815C872881BB56F42E56F4] - 26/03/2003 - 04:25:32 R--A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\WINDOWS\system32\drivers\iteraid.sys O58 - SDL:[MD5.304CE9FB3D64CAA07B940BEF4F8C2DCD] - 18/07/2006 - 11:02:52 ---A- . (.Sunbelt Software - Sunbelt Kerio Host Intrusion Prevention Driver.) -- C:\WINDOWS\system32\drivers\khips.sys O58 - SDL:[MD5.9A3D4FC6B86E7E36473079AB76AC703D] - 06/02/2007 - 16:42:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\Lvckap.sys O58 - SDL:[MD5.0ACBC11F19320AF6C19F2E20013D9095] - 06/02/2007 - 16:44:36 ---A- . (.Logitech Inc. - Logitech Machine Vision Engine Loader.) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys O58 - SDL:[MD5.E8ACF6DD83956FB63CEB058D5F51B18A] - 03/02/2007 - 09:30:58 ---A- . (.Logitech Inc. - Logitech AudioProcessing Filter Driver.) -- C:\WINDOWS\system32\drivers\lvpopflt.sys O58 - SDL:[MD5.12866641284EBB41E627BB53C04DA959] - 06/02/2007 - 16:45:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys O58 - SDL:[MD5.6E59BC28A41F8A2B702D345A5604652F] - 23/06/2006 - 23:29:43 R--A- . (.Logitech Inc. - Logitech Selective Suspend filter Driver.) -- C:\WINDOWS\system32\drivers\lvselsus.sys O58 - SDL:[MD5.64BC29C3A0388BFC580BB8B1346F7659] - 03/02/2007 - 09:32:36 ---A- . (.Logitech Inc. - USB Statistic Driver.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys O58 - SDL:[MD5.922BE6770499220DC27B529CA236815A] - 03/02/2007 - 09:32:46 ---A- . (.Logitech Inc. - Logitech USB Video Class Driver.) -- C:\WINDOWS\system32\drivers\lvuvc.sys O58 - SDL:[MD5.5C329E2AB8DD62310213CBFAC0178539] - 03/02/2007 - 09:33:00 ---A- . (.Logitech Inc. - Logitech USB Video Class Filter Driver.) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys O58 - SDL:[MD5.F61B04F2BB5098A34817D776C59E5E7C] - 30/03/2010 - 23:45:52 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys O58 - SDL:[MD5.75B8EF2A089127E8A3B38F46CC366D79] - 30/03/2010 - 23:46:30 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys O58 - SDL:[MD5.195741AEE20369980796B557358CD774] - 03/08/2004 - 21:41:56 ---A- . (.Conexant - Diagnostic Interface DRIVER.) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys O58 - SDL:[MD5.4D2D882DAEE49B35B7B56FD9444564E9] - 11/12/2007 - 01:05:36 R--A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\WINDOWS\system32\drivers\mod7700.sys O58 - SDL:[MD5.370E88453EC0D7BEA6EB24BE8D865DBE] - 19/10/2007 - 14:32:58 R--A- . (.DiBcom S.A. - HID Infrared Remote Control minidriver.) -- C:\WINDOWS\system32\drivers\modrc.sys O58 - SDL:[MD5.C53775780148884AC87C455489A0C070] - 03/08/2004 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys O58 - SDL:[MD5.54886A652BF5685192141DF304E923FD] - 03/08/2004 - 21:41:38 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\mtlstrm.sys O58 - SDL:[MD5.6DDA78A0BE692B61B668FAB860F276CF] - 03/08/2004 - 21:29:38 ---A- . (.Matrox Graphics Inc. - Matrox Parhelia Miniport Driver.) -- C:\WINDOWS\system32\drivers\mtxparhm.sys O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys O58 - SDL:[MD5.B9730495E0CF674680121E34BD95A73B] - 20/10/2009 - 19:19:44 ---A- . (.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\WINDOWS\system32\drivers\npf.sys O58 - SDL:[MD5.576B34CEAE5B7E5D9FD2775E93B3DB53] - 03/08/2004 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys O58 - SDL:[MD5.2B298519EDBFCF451D43E0F1E8F1006D] - 03/08/2004 - 21:29:56 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys O58 - SDL:[MD5.5B6C11DE7E839C05248CED8825470FEF] - 29/11/2008 - 13:53:06 ---A- . (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\WINDOWS\system32\drivers\pcouffin.sys O58 - SDL:[MD5.EEDB845B7648D6FD632DDB8744892743] - 02/02/2007 - 16:30:34 ---A- . (.Pinnacle Systems GmbH - Virtual NDIS miniport driver.) -- C:\WINDOWS\system32\drivers\PctvVirtualNdis.sys O58 - SDL:[MD5.C3127BFDAB6200769B5A0184FAB48573] - 22/05/2002 - 00:00:00 ---A- . (.Engelmann GmbH - PrecSim SCSI miniport.) -- C:\WINDOWS\system32\drivers\precsim.sys O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 28/08/2001 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys O58 - SDL:[MD5.49452BFCEC22F36A7A9B9C2181BC3042] - 20/11/2008 - 20:19:06 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\pxhelp20.sys O58 - SDL:[MD5.E9AAA0092D74A9D371659C4C38882E12] - 03/08/2004 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\recagent.sys O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys O58 - SDL:[MD5.0DBCC071A268E0340A2BA6BDD98BACE4] - 03/08/2004 - 21:29:52 ---A- . (.S3 Graphics, Inc. - S3 ProSavage(DDR) & Twister Miniport Driver.) -- C:\WINDOWS\system32\drivers\s3gnbm.sys O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys O58 - SDL:[MD5.6B33D0EBD30DB32E27D1D78FE946A754] - 13/04/2008 - 19:36:39 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\sisagp.sys O58 - SDL:[MD5.D9673011648A71ED1E1F77B831BC85E6] - 03/08/2004 - 21:41:42 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slnt7554.sys O58 - SDL:[MD5.2C1779C0FEB1F4A6033600305EBA623A] - 03/08/2004 - 21:41:44 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slntamr.sys O58 - SDL:[MD5.F9B8E30E82EE95CF3E1D3E495599B99C] - 03/08/2004 - 21:41:46 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slnthal.sys O58 - SDL:[MD5.DB56BB2C55723815CF549D7FC50CFCEB] - 03/08/2004 - 21:41:46 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slwdmsup.sys O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 03/10/2009 - 14:04:29 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys O58 - SDL:[MD5.465DC203AD69D56F290480DAE756A9F9] - 27/09/2005 - 08:00:02 ---A- . (.PACE Anti-Piracy, Inc. - InterLok system file.) -- C:\WINDOWS\system32\drivers\TPkd.sys O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 28/08/2001 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 28/08/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys O58 - SDL:[MD5.D956827780A0B7EAE97930116E5649F7] - 04/05/2001 - 08:24:52 ---A- . (.VIA Technologies. Inc. - VIA PFD driver.) -- C:\WINDOWS\system32\drivers\VIAPFD.SYS O58 - SDL:[MD5.0308AEF61941E4AF478FA1A0F83812F5] - 03/08/2004 - 21:29:40 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv07nt.sys O58 - SDL:[MD5.714038A8AA5DE08E12062202CD7EAEB5] - 03/08/2004 - 21:29:40 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv08nt.sys O58 - SDL:[MD5.7BB3AA595E4507A788DE1CDC63F4C8C4] - 03/08/2004 - 21:29:42 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv09nt.sys O58 - SDL:[MD5.36E6C405B6143D09687F4056FD9A0D10] - 03/08/2004 - 21:29:42 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv11nt.sys O58 - SDL:[MD5.352FA0E98BC461CE1CE5D41F64DB558D] - 03/08/2004 - 21:29:46 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\watv06nt.sys O58 - SDL:[MD5.791CC45DE6E50445BE72E8AD6401FF45] - 03/08/2004 - 21:29:46 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\watv10nt.sys O58 - SDL:[MD5.BA898B29F0DBF9307F494475A8393F03] - 05/05/2005 - 16:01:34 RSH-- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\0AA48D50C7.sys O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys O58 - SDL:[MD5.77EBF3E9386DAA51551AF429052D88D0] - 03/04/1996 - 20:33:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\giveio.sys O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 28/08/2002 - 20:23:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys O58 - SDL:[MD5.F171E6EC36928C226BB43D111C759F58] - 05/05/2005 - 16:15:39 -SHA- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\KGyGaAvL.sys O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 03/08/2004 - 21:45:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 03/08/2004 - 21:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 03/08/2004 - 21:45:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 03/08/2004 - 21:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 03/08/2004 - 21:45:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys O58 - SDL:[MD5.D703F972D23867DFD4EE9A9EF9CB767E] - 15/06/2005 - 15:55:53 ---A- . (.Windows ® 2000 DDK provider - SpeedFan Device Driver.) -- C:\WINDOWS\system32\speedfan.sys O58 - SDL:[MD5.F05028B163B92C302A74409D683AC9B0] - 27/04/2007 - 14:19:44 ---A- . (.AntiCracking - SVKP driver for NT.) -- C:\WINDOWS\system32\SVKP.sys ---\\ Alternate Data Stream File (ADS) (O62) O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\$winnt$.inf:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\0AA48D50C7.sys:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\12520437.cpx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\12520850.cpx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\aaaamon.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\acctres.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\acelpdec.ax:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\acledit.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\activeds(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\activeds.tlb:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\adptif.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\adsldpc(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\adsnds.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\advapi32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ansi.sys:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\apcups.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\append.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\apphelp(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\arp.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\asr_ldm.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\atkctrs.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\atl(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\atmpvcno.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\audiosrv(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\authz(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\autodisc.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\autoexec.nt:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\AUTOEXEC.NT.bak:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avicap.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avicap32.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avifile.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avmeter.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avtapi.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avwav.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bios1.rom:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bios4.rom:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bootok.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bootvid.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bootvrfy.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bopomofo.uce:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\browser(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cabinet(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\calc.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cards.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ccfgnt.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cdmodem.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\certcli(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\certmgr.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CF32569.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\charmap.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\Chaînes.scf:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\chcp.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\chkdsk.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\chkntfs.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciadmin.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciadv.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaResSvr20.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaSubClsSvr.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaXPFrame20.ocx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaXPRegSvr20.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaXPStatusBar20.ocx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cidaemon.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ckcnv.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clb.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clbcatq(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cliconf.chm:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cliconfg.rll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clspack.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clusapi(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmdlib.wsc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmmgr32.hlp:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmos.ram:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmpbk32.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cnetcfg.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CNMLM3q.DLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CNMVS3q.DLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cnvfat.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\colbact(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comcat.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comctl32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comdlg32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comm.drv:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\command.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\commdlg.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comp.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\compact.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\compmgmt.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\compobj.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comres(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comsvcs(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CONFIG.NT:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\console.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\control.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\convert.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\country.sys:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CPUINFO2.DLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\credui(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\crtdll.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\crypt32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cryptdll(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cryptsvc(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cryptui(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cscdll(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\csseqchk.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CtMp3.Crl:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ctype.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_037.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10000.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10006.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10007.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10010.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10017.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10029.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10079.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10081.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10082.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1026.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1250.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1251.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1252.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1253.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1254.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1255.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1256.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1257.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1258.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20127.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20261.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20866.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20905.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_21866.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28591.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28592.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28593.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\C_28594.NLS:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\C_28595.NLS:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\C_28597.NLS:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28598.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28599.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28603.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28605.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_437.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_500.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_737.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_775.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_850.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_852.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_855.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_857.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_860.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_861.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_863.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_865.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_866.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_869.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_874.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_875.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_932.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_936.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_949.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_950.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dim.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dpmesh.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dramp.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3drm.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dxof.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\davclnt(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbgeng.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbmsadsn.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbmsvinn.dLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ddeml.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\debug.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskadp.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskmon.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskperf.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\devmgmt.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dfrg.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dfrgres.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dgrpsetu.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dgsetup.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dhcpcsvc(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dhcpsapi.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diactfrm.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dimap.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskcomp.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskcopy.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskmgmt.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskperf.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\divxdec_0407.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\divxdec_040c.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\divxdec_0411.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dllhst3g.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmconfig.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmdskres.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmintf.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmocx.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmserver(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmview.ocx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dnsapi(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dnsrslvr(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\Drivers\acpiec.sys:KAVICHS ---\\ Liste des outils de nettoyage (LATC) (O63) O63 - Logiciel: Ad-Remover By C_XX - (.C_XX.) O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) O63 - Logiciel: SEAF By C_XX - (.C_XX.) O63 - Logiciel: ZHPDiag 1.25 - (.Nicolas Coolman.) O63 - Logiciel: RSIT - (.random/random.) O63 - Logiciel: Toolbar SD - (.IDN Team.) ---\\ Liste des services Legacy (LALS) (O64) O64 - Services: CurCS - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe - Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) .(.Pas de propriétaire - Pas de description.) - LEGACY_ADOBEACTIVEFILEMONITOR5.0 O64 - Services: CurCS - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe - Adobe LM Service (Adobe LM Service) .(.Adobe Systems - System Level Service Utility.) - LEGACY_ADOBE_LM_SERVICE O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\sched.exe - Avira AntiVir Planificateur (AntiVirSchedulerService) .(.Avira GmbH - Antivirus Scheduler.) - LEGACY_ANTIVIRSCHEDULERSERVICE O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avguard.exe - Avira AntiVir Guard (AntiVirService) .(.Avira GmbH - Antivirus On-Access Service.) - LEGACY_ANTIVIRSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Ati2evxx.exe - Ati HotKey Poller (Ati HotKey Poller) .(.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - LEGACY_ATI_HOTKEY_POLLER O64 - Services: CurCS - C:\WINDOWS\system32\ati2sgag.exe - ATI Smart (ATI Smart) .(.Pas de propriétaire - ATI Smart.) - LEGACY_ATI_SMART O64 - Services: CurCS - (.not file.) - Avg Anti-Rootkit Clean Driver (AvgArCln) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVGARCLN O64 - Services: CurCS - (.not file.) - AVG Anti-Spyware Clean Driver (AvgAsCln) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVGASCLN O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - (.not file.) - AVG Anti-Spyware Driver (AVG Anti-Spyware Driver) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVG_ANTI-SPYWARE_DRIVER O64 - Services: CurCS - (.not file.) - AVG Clean Driver (AVG Clean Driver) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVG_CLEAN_DRIVER O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB O64 - Services: CurCS - (.not file.) - catchme (catchme) .(.Pas de propriétaire - Pas de description.) - LEGACY_CATCHME O64 - Services: CurCS - (.not file.) - Creative AC3 Software Decoder (ctac32k) .(.Pas de propriétaire - Pas de description.) - LEGACY_CTAC32K O64 - Services: CurCS - (.not file.) - Creative Proxy Driver (ctprxy2k) .(.Pas de propriétaire - Pas de description.) - LEGACY_CTPRXY2K O64 - Services: CurCS - (.not file.) - Creative SoundFont Management Device Driver (ctsfm2k) .(.Pas de propriétaire - Pas de description.) - LEGACY_CTSFM2K O64 - Services: CurCS - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ElbyCDIO.sys - ElbyCDIO Driver (ElbyCDIO) .(.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) - LEGACY_ELBYCDIO O64 - Services: CurCS - (.not file.) - E-mu Plug-in Architecture Driver (emupia) .(.Pas de propriétaire - Pas de description.) - LEGACY_EMUPIA O64 - Services: CurCS - (.not file.) - Freenet 0.7 darknet (freenet-darknet) .(.Pas de propriétaire - Pas de description.) - LEGACY_FREENET-DARKNET O64 - Services: CurCS - C:\WINDOWS\system32\drivers\fwdrv.sys - Firewall Driver (fwdrv) .(.Sunbelt Software - Sunbelt Kerio Firewall FWDRV.) - LEGACY_FWDRV O64 - Services: CurCS - (.not file.) - fxliapoc (fxliapoc) .(.Pas de propriétaire - Pas de description.) - LEGACY_FXLIAPOC O64 - Services: CurCS - C:\WINDOWS\system32\giveio.sys - giveio (giveio) .(.Pas de propriétaire - Pas de description.) - LEGACY_GIVEIO O64 - Services: CurCS - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - Google Software Updater (gusvc) .(.Google - gusvc.) - LEGACY_GUSVC O64 - Services: CurCS - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe - InstallDriver Table Manager (IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT O64 - Services: CurCS - (.not file.) - File Security Kernel Anti-Spyware Driver (ikhfile) .(.Pas de propriétaire - Pas de description.) - LEGACY_IKHFILE O64 - Services: CurCS - (.not file.) - Kernel Anti-Spyware Driver (ikhlayer) .(.Pas de propriétaire - Pas de description.) - LEGACY_IKHLAYER O64 - Services: CurCS - (.not file.) - IsDrv118 (IsDrv118) .(.Pas de propriétaire - Pas de description.) - LEGACY_ISDRV118 O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\drivers\khips.sys - Kerio HIPS Driver (khips) .(.Sunbelt Software - Sunbelt Kerio Host Intrusion Prevention Dri.) - LEGACY_KHIPS O64 - Services: CurCS - (.not file.) - Klif (Klif) .(.Pas de propriétaire - Pas de description.) - LEGACY_KLIF O64 - Services: CurCS - (.not file.) - Klmc (Klmc) .(.Pas de propriétaire - Pas de description.) - LEGACY_KLMC O64 - Services: CurCS - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe - Sunbelt Kerio Personal Firewall 4 (KPF4) .(.Sunbelt Software - Sunbelt Kerio Firewall Service.) - LEGACY_KPF4 O64 - Services: CurCS - C:\WINDOWS\system32\drivers\LVPr2Mon.sys - Logitech LVPr2Mon Driver (LVPr2Mon) .(.Pas de propriétaire - Pas de description.) - LEGACY_LVPR2MON O64 - Services: CurCS - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe - Logitech Process Monitor (LVPrcSrv) .(.Logitech Inc. - Logitech LVPrcSrv Module..) - LEGACY_LVPRCSRV O64 - Services: CurCS - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe - LVSrvLauncher (LVSrvLauncher) .(.Logitech Inc. - LogitechService Launcher.) - LEGACY_LVSRVLAUNCHER O64 - Services: CurCS - (.not file.) - MBAMProtector (MBAMProtector) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - (.not file.) - MBAMService (MBAMService) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBAMSERVICE O64 - Services: CurCS - (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR O64 - Services: CurCS - (.not file.) - mchInjDrv (mchInjDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_MCHINJDRV O64 - Services: CurCS - (.not file.) - Network Associates McShield (McShield) .(.Pas de propriétaire - Pas de description.) - LEGACY_MCSHIELD O64 - Services: CurCS - (.not file.) - Network Associates Task Manager (McTaskManager) .(.Pas de propriétaire - Pas de description.) - LEGACY_MCTASKMANAGER O64 - Services: CurCS - (.not file.) - mountmgr (mountmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MOUNTMGR O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP O64 - Services: CurCS - (.not file.) - NaiAvFilter1 (NaiAvFilter1) .(.Pas de propriétaire - Pas de description.) - LEGACY_NAIAVFILTER1 O64 - Services: CurCS - (.not file.) - NAI Anti Virus (NaiAvFilter101) .(.Pas de propriétaire - Pas de description.) - LEGACY_NAIAVFILTER101 O64 - Services: CurCS - (.not file.) - NaiAvTdi1 (NaiAvTdi1) .(.Pas de propriétaire - Pas de description.) - LEGACY_NAIAVTDI1 O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS O64 - Services: CurCS - C:\WINDOWS\system32\drivers\npf.sys - NetGroup Packet Filter Driver (NPF) .(.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) - LEGACY_NPF O64 - Services: CurCS - C:\WINDOWS\system32\drivers\ctoss2k.sys - Creative OS Services Driver (ossrv) .(.Creative Technology Ltd. - Creative OS Services Driver (WDM).) - LEGACY_OSSRV O64 - Services: CurCS - (.not file.) - PartMgr (PartMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARTMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PFMODNT.sys - PfModNT (PfModNT) .(.Creative Technology Ltd. - PCI/ISA Device Info. Service.) - LEGACY_PFMODNT O64 - Services: CurCS - C:\Program Files\PixVue\bin\Daemon.exe - PixVue (PixVue) .(.PixVue.Com - PixVue Daemon.) - LEGACY_PIXVUE O64 - Services: CurCS - (.not file.) - PROCEXP113 (PROCEXP113) .(.Pas de propriétaire - Pas de description.) - LEGACY_PROCEXP113 O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP O64 - Services: CurCS - (.not file.) - RKREVEAL150 (RKREVEAL150) .(.Pas de propriétaire - Pas de description.) - LEGACY_RKREVEAL150 O64 - Services: CurCS - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS O64 - Services: CurCS - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys - SASDIFSV (SASDIFSV) .(.Pas de propriétaire - SASDIFSV.) - LEGACY_SASDIFSV O64 - Services: CurCS - C:\Program Files\SUPERAntiSpyware\SASENUM.sys - SASENUM (SASENUM) .(.SuperAdBlocker, Inc. - SuperAntiSpyware.) - LEGACY_SASENUM O64 - Services: CurCS - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys - SASKUTIL (SASKUTIL) .(.Pas de propriétaire - SASKUTIL.SYS.) - LEGACY_SASKUTIL O64 - Services: CurCS - (.not file.) - SAVOnAccess Control (SAVOnAccess Control) .(.Pas de propriétaire - Pas de description.) - LEGACY_SAVONACCESS_CONTROL O64 - Services: CurCS - (.not file.) - SAVOnAccess Filter (SAVOnAccess Filter) .(.Pas de propriétaire - Pas de description.) - LEGACY_SAVONACCESS_FILTER O64 - Services: CurCS - C:\Program Files\Sandboxie\SbieDrv.sys - SbieDrv (SbieDrv) .(.tzuk - Sandboxie Kernel Mode Driver.) - LEGACY_SBIEDRV O64 - Services: CurCS - C:\Program Files\Sandboxie\SbieSvc.exe - Sandboxie Service (SbieSvc) .(.tzuk - Sandboxie Service.) - LEGACY_SBIESVC O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\secdrv.sys - Secdrv (Secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - C:\WINDOWS\system32\speedfan.sys - speedfan (speedfan) .(.Windows ® 2000 DDK provider - SpeedFan Device Driver.) - LEGACY_SPEEDFAN O64 - Services: CurCS - (.not file.) - sptd (sptd) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPTD O64 - Services: CurCS - (.not file.) - srescan (srescan) .(.Pas de propriétaire - Pas de description.) - LEGACY_SRESCAN O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - C:\WINDOWS\system32\SVKP.sys - SVKP (SVKP) .(.AntiCracking - SVKP driver for NT.) - LEGACY_SVKP O64 - Services: CurCS - (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\TPKD.sys - TPkd (TPkd) .(.PACE Anti-Piracy, Inc. - InterLok system file.) - LEGACY_TPKD O64 - Services: CurCS - (.not file.) - Gestionnaire de téléchargement (uploadmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_UPLOADMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VIAPFD.sys - VIAPFD (VIAPFD) .(.VIA Technologies. Inc. - VIA PFD driver.) - LEGACY_VIAPFD O64 - Services: CurCS - (.not file.) - vsdatant (vsdatant) .(.Pas de propriétaire - Pas de description.) - LEGACY_VSDATANT O64 - Services: CurCS - (.not file.) - VSOMRIXF (VSOMRIXF) .(.Pas de propriétaire - Pas de description.) - LEGACY_VSOMRIXF ---\\ Observateur d'évènement d'application (OEA) (O66) O66 - EventLog: ID=1 (JavaQuickStarterService) - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf: No such file or directory\n"}; (.not file.) ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Pas de propriétaire - Pas de description.) -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKLM\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Pas de propriétaire - Pas de description.) -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O68 - StartMenuInternet: <MSN Explorer> <>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\MSN6.exe ---\\ Search Browser Infection (SBI) (O69) ---\\ Recherche d'infection Master Boot Record (O80) Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net Run by Pascal Admin at 30/04/2010 21:49:21 device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x830308C0]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\atapi -> 0x830308c0 IoDeviceObjectType -> ParseProcedure -> 0x8226d1b0 \Device\Harddisk0\DR0 -> ParseProcedure -> 0x8226d1b0 Warning: possible MBR rootkit infection ! user & kernel MBR OK Use "Recovery Console" command "fixmbr" to clear infection ! Use "ZHPFix" command "MBRFix" to clear infection ! End of the scan (1429 lines in 03mn 15s)
- le 30 avril 2010
- 85 réponses
Infections détectée par ZHPDIAG

pldta a répondu à un(e) sujet de pldta dans Analyses et éradication malwares

J'ai désinstallé Alcohol. Quant à Daemon tools , le programme de désinstallation dans son répertoire ne marche pas. J'ai viré le répertoire, vérifié qu'il ne se lançait rien au démarrage concernant Daemon tools avec Ccleaner. Pourtant quand je regarde les processus qui tournent par ctr alt supr je vois toujour un process daemon.exe qui est lancé . Quand à ZPDIAG rien de changé : Rapport de ZHPDiag v1.25.1413 par Nicolas Coolman Run by Pascal Admin at 30/04/2010 19:14:12 Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 MFIE: Mozilla Firefox (3.6.3) ---\\ System Information Platform : Microsoft Windows XP (5.1.2600) Service Pack 3 Processor: x86 Family 6 Model 6 Stepping 2, AuthenticAMD Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 511 MB (20% free) System drive C: has 14 GB (36%) free of 39 GB ---\\ Logged in mode Computer Name: PCPASCAL User Name: Pascal Admin Unselected Option: O1,O45,O61,O65 Logged in as Administrator ---\\ DOS/Devices A:\ Floppy drive, Flash card reader, USB Key (Not Inserted) C:\ Hard drive, Flash drive, Thumb drive (Free 14 Go of 39 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 5 Go of 75 Go) E:\ Hard drive, Flash drive, Thumb drive (Free 12 Go of 190 Go) F:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 37 Go) G:\ CD-ROM drive (Not Inserted) H:\ CD-ROM drive (Not Inserted) J:\ CD-ROM drive (Not Inserted) M:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK ---\\ Processus lancés [MD5.3E4C03CEFAD8DE135263236B61A49C90] - (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe [155648] [MD5.D552D5BC4E24373E0FFD9464E72493C6] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\PSDrvCheck.exe [396800] [MD5.56193BCE4DFD8879AEDEB26B71A0A583] - (.Elaborate Bytes AG - ElbyCheck.) -- C:\Program Files\SlySoft\CloneCD\ElbyCheck.exe [45056] [MD5.022DB38BECB5A44DA6F7E27923457624] - (.Logitech Inc. - Communications Manager.) -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe [488984] [MD5.AD7503D6857DBFFC7E5F2E96BC9CC283] - (.Logitech Inc. - LVCom Server.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe [252704] [MD5.64C4C17BF6A40FF1CD21205E6FD415B8] - (.ATI Technologies Inc. - CLI Application (Command Line Interface).) -- C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [45056] [MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153] [MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [248040] [MD5.F91F52F4EA5D88DAB6245682A16F3A72] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [36272] [MD5.DB1DB28467111A24664933AB8908CBCE] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [952768] [MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [MD5.59DC5BB82E4C8E0B3EADCFDBC44BA6E4] - (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe [15360] [MD5.177FF6608B48638D4066726F3A3F8444] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [102400] [MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289] [MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089] [MD5.A2EAEB497CA29ECAEAF0DF66AD85C57D] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [413696] [MD5.312A17DFF710A0F4E6D4DD1D52EAD1A8] - (.Pas de propriétaire - ATI Smart.) -- C:\WINDOWS\system32\ati2sgag.exe [520192] [MD5.E4BDF223CD75478BF44567B4D5C2634D] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) -- C:\WINDOWS\System32\svchost.exe [14336] [MD5.C3FB1D70CB88722267949694BA51759E] - (.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\WINDOWS\system32\services.exe [111104] [MD5.74E30A41CDCF331C74BC4D97BE40CC5B] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [MD5.9EF600C64435CCFDEA01C991289E76EC] - (.Sunbelt Software - Sunbelt Kerio Firewall Service.) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [1205784] [MD5.995D0B52870C7A5CAF3EA165FD674A35] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe [109344] [MD5.A005CEE9BE199C5E375FAA559CA9A7A9] - (.Logitech Inc. - LogitechService Launcher.) -- C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [105248] [MD5.CDF8AFB439D8CE182DB19E4D6B67FF63] - (.PixVue.Com - PixVue Daemon.) -- C:\Program Files\PixVue\bin\Daemon.exe [151552] [MD5.91E6024D6D4DCDECDB36C43ECF9BBECB] - (.Microsoft Corporation - LSA Shell (Export Version).) -- C:\WINDOWS\system32\lsass.exe [13312] [MD5.2B2B6189DC47F44D7549519AA7519777] - (.tzuk - Sandboxie Service.) -- C:\Program Files\Sandboxie\SbieSvc.exe [52224] [MD5.460E4CE148BD07218DA0B6A3D31885A9] - (.Microsoft Corporation - Spooler SubSystem App.) -- C:\WINDOWS\system32\spoolsv.exe [57856] [MD5.581061776E1B7C4C7771E97AE5EAF377] - (.Microsoft Corporation - Service Executable.) -- C:\Program Files\Windows Defender\MsMpEng.exe [13592] [MD5.581176F60885AEF8F78C6E38DCC3CDF9] - (.Microsoft Corporation - WMDM PMSP Service.) -- C:\WINDOWS\System32\MsPMSPSv.exe [53520] ---\\ Pages de recherche d'Internet Explorer (R1) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ---\\ Internet Explorer URLSearchHook (R3) R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Pas de propriétaire - Pas de description.) (No version) -- (.not file.) R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18904 (longhorn_ie8_gdr.100222-1700)) -- C:\WINDOWS\system32\ieframe.dll ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} . (.Xi - Net Transport IE Helper Module.) -- C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: &PixVue - {B28B4479-D9C2-41D1-B74D-74A1827037CD} . (.Pas de propriétaire - PixVue.) -- C:\Program Files\PixVue\bin\PixVue.dll ---\\ Applications démarrées automatiquement par le registre (O4) O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [PSDrvCheck] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\PSDrvCheck.exe O4 - HKLM\..\Run: [CloneCDElbyCDFL] . (.Elaborate Bytes AG - ElbyCheck.) -- C:\Program Files\SlySoft\CloneCD\ElbyCheck.exe O4 - HKLM\..\Run: [LogitechCommunicationsManager] . (.Logitech Inc. - Communications Manager.) -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe O4 - HKLM\..\Run: [LVCOMSX] . (.Logitech Inc. - LVCom Server.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe O4 - HKLM\..\Run: [ATICCC] . (.ATI Technologies Inc. - CLI Application (Command Line Interface).) -- C:\Program Files\ATI Technologies\ATI.ACE\cli.exe O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - Global Startup: WinZip Quick Pick.lnk . (.WinZip Computing LP - WinZip Executable.) -- C:\Program Files\WinZip\WZQKPICK.EXE O4 - Global Startup: HotSync Manager.lnk . (.Palm, Inc. - HotSync® Manager Application.) -- C:\Palm\HOTSYNC.EXE ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: &Télécharger avec NetTransport . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Xi\NetTransport 2\NTAddLink.html O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\WINDOWS\system32\GPhotos.scr O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe O8 - Extra context menu item: Tout t&élécharger avec NetTransport . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Xi\NetTransport 2\NTAddList.html ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ---\\ Site dans la Zone de confiance d'Internet Explorer (O15) O15 - Trusted Zone: [HKCU\...\Domains\www] http.cltnet.de ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: DirectAnimation Java Classes (DirectAnimation Java Classes) - (.not file.) - O16 - DPF: Microsoft XML Parser for Java (Microsoft XML Parser for Java) - (.not file.) - O16 - DPF: teleir_cert (teleir_cert) - (.not file.) - https:\\static.ir.dgi.minefi.gouv.fr\secure\connexion\archives\ie4n4\teleir_cert.cab O16 - DPF: {0D9392CD-A784-4FCA-9342-0F75F7D7C8CB} (Corporate Language Training Interface) - http://www.cltnet.de/login/dplaunch.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/get/shock...director/sw.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/housec...ivex/hcImpl.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1155398021206 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - (.not file.) - https:\\static.impots.gouv.fr\tdir\static\adpform\AdSignerADP-2.0.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 O17 - HKLM\System\CS4\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: !SASWinLogon . (.SUPERAntiSpyware.com - SUPERAntiSpyware WinLogon Processor.) -- C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\System32\Ati2evxx.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: PixVue . (.PixVue.Com - WinLogon Dynamic Link Library.) -- C:\Program Files\PixVue\bin\WinLogon.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Windows Genuine Advantage - Meddelande.) -- C:\WINDOWS\System32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier . (.Pas de propriétaire - Pas de description.) -- WRLogonNTF.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart (ATI Smart) . (.Pas de propriétaire - ATI Smart.) - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) . (.Sunbelt Software - Sunbelt Kerio Firewall Service.) - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) . (.Logitech Inc. - Logitech LVPrcSrv Module..) - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher (LVSrvLauncher) . (.Logitech Inc. - LogitechService Launcher.) - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: PixVue (PixVue) . (.PixVue.Com - PixVue Daemon.) - C:\Program Files\PixVue\bin\Daemon.exe O23 - Service: Sandboxie Service (SbieSvc) . (.tzuk - Sandboxie Service.) - C:\Program Files\Sandboxie\SbieSvc.exe ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MP Scheduled Scan.job ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP O40 - ASIC: YInstStarterUpgrade Class - {0291E591-EA41-4c82-8106-3DC6CE7F7664} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll O40 - ASIC: Macromedia Shockwave Director 10.1 - {166B1BCA-3F9C-11CF-8075-444553540000} . (.Macromedia, Inc. - Shockwave ActiveX Control.) -- C:\WINDOWS\system32\Macromed\Director\SwDir.dll O40 - ASIC: YInstStarter Class - {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll O40 - ASIC: YSearchSetting2 Class - {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp11.inf O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 9.0 r124.) -- C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: avgio (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys O41 - Driver: avipbb (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\WINDOWS\system32\DRIVERS\avipbb.sys O41 - Driver: Firewall Driver (fwdrv) . (.Sunbelt Software - Sunbelt Kerio Firewall FWDRV.) - C:\WINDOWS\system32\drivers\fwdrv.sys O41 - Driver: Kerio HIPS Driver (khips) . (.Sunbelt Software - Sunbelt Kerio Host Intrusion Prevention Dri.) - C:\WINDOWS\system32\drivers\khips.sys O41 - Driver: SASDIFSV (SASDIFSV) . (.Pas de propriétaire - SASDIFSV.) - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys O41 - Driver: SASKUTIL (SASKUTIL) . (.Pas de propriétaire - SASKUTIL.SYS.) - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys O41 - Driver: (VIAPFD) . (.VIA Technologies. Inc. - VIA PFD driver.) - C:\WINDOWS\system32\Drivers\VIAPFD.sys O41 - Driver: AVG Anti-Spyware Driver (AVG Anti-Spyware Driver) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\AVG Anti-Spyware 7.5\guard.sys O41 - Driver: AVG Anti-Spyware Clean Driver (AvgAsCln) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\DRIVERS\AvgAsCln.sys O41 - Driver: (NaiAvTdi1) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\drivers\mvstdi5x.sys ---\\ Logiciels installés (O42) O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] O42 - Logiciel: ASAPI Update - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ATI - Software Uninstall Utility - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: AVI/MPEG/RM/WMV Joiner 4.81 - (.Boilsoft, Inc..) [HKLM] O42 - Logiciel: Adobe Common File Installer - (.Adobe System Incorporated.) [HKLM] O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Adobe Flash Player ActiveX - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Adobe Help Center 2.1 - (.Adobe Systems.) [HKLM] O42 - Logiciel: Adobe Photoshop CS2 - (.Adobe Systems, Inc..) [HKLM] O42 - Logiciel: Adobe Photoshop Elements 5.0 - (.Adobe Systems, Inc..) [HKLM] O42 - Logiciel: Adobe Stock Photos 1.0 - (.Adobe Systems.) [HKLM] O42 - Logiciel: Advanced IRC - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Audacity 1.2.4 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Avi2Dvd 0.4.5 beta - (.TrustFm.) [HKLM] O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] O42 - Logiciel: BackupBuddy for Windows - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] O42 - Logiciel: CH Control Manager - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Clean 5 - (.Pinnacle Systems GmbH / Steinberg Media Technologies GmbH.) [HKLM] O42 - Logiciel: CloneCD - (.Elaborate Bytes.) [HKLM] O42 - Logiciel: Cobian Backup 9 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ConvertHelper 2.1 - (.DownloadHelper.) [HKLM] O42 - Logiciel: ConvertXtoDVD 3.2.9.94c - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] O42 - Logiciel: DoublePics v2.3.2(.4) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EPSON Smart Panel - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EVEREST Ultimate Edition v5.00 - (.Lavalys, Inc..) [HKLM] O42 - Logiciel: EarMaster Pro 5 - (.EarMaster ApS.) [HKLM] O42 - Logiciel: Exifer - (.Friedemann Schmidt.) [HKLM] O42 - Logiciel: File Uploader - (.Nikon.) [HKLM] O42 - Logiciel: Foxit Reader - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: GHCS Software GedStar for PalmOS - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: GNU Solfege 3.14.7 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: GedCom-Vision version 2.0e - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Greeting Card Creator - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Handy Recovery 1.0 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Harmony Assistant - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Helicon Filter 2.02 - (.Helicon Co..) [HKLM] O42 - Logiciel: Heredis 9 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: IFOEdit 0.971 Fr - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: IsoBuster 1.9.1 - (.Smart Projects.) [HKLM] O42 - Logiciel: J'apprends le piano - (.Musicalis.) [HKLM] O42 - Logiciel: Java 6 Update 19 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: K-Lite Mega Codec Pack 3.5.0 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Kaspersky Online Scanner - (.Kaspersky Lab.) [HKLM] O42 - Logiciel: Kommute - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Label Editor - (.Steinberg.) [HKLM] O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Lizardtech DjVu Control - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Logitech QuickCam - (.Logitech Inc..) [HKLM] O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 Parser and SDK - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MVision - (.Logitech Inc..) [HKLM] O42 - Logiciel: Macromedia Flash Player - (.Macromedia, Inc..) [HKLM] O42 - Logiciel: Macromedia Shockwave Player - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] O42 - Logiciel: MaxSplitter v1.53 Free Edition - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Media Player Classic fr - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB953297) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Baseline Security Analyzer 2.1 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Flight Simulator 2004 Un siècle d'aviation - (.Microsoft.) [HKLM] O42 - Logiciel: Microsoft Money - (.Microsoft.) [HKLM] O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Mozilla Firefox (3.6.3) - (.Mozilla.) [HKLM] O42 - Logiciel: Mp3DirectCut - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Neat Image v5 Demo (with plug-in) - (.Neat Image team, ABSoft.) [HKLM] O42 - Logiciel: Nero 6 Enterprise Edition - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Nero BurnRights (Ahead Software) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Net Transport 1.94.282 - (.Xi.) [HKLM] O42 - Logiciel: NikonCapture - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Notification Live Search - (.Pas de propriétaire.) [HKCU] O42 - Logiciel: OMeR - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: P2400P Guide de référence - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: PDFtoMusic - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: PTLens - (.ePaperPress.) [HKLM] O42 - Logiciel: PeerGuardian 2.0 - (.Methlabs Productions.) [HKLM] O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] O42 - Logiciel: Picture Control Utility - (.Nikon.) [HKLM] O42 - Logiciel: Planète Généalogie - (.BSD Concept.) [HKLM] O42 - Logiciel: Programme de gestion Camera de Logitech® - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: QuickPar 0.9 - (.Peter B. Clements.) [HKLM] O42 - Logiciel: QuickTime - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: RadCor 2.04 - (.TUVSW.) [HKLM] O42 - Logiciel: Radio Fr Solo 2.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: SanDisk SD Wi-Fi Card - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Sandboxie 3.34 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: SaverWiz - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ScummVM 1.0.0rc1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB978380) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB978382) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Outlook 2007 (KB972363) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB957789) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB980470) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB969604) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB969613) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] O42 - Logiciel: Sibelius 5 Demo - (.Sibelius Software.) [HKLM] O42 - Logiciel: Sibelius Scorch (Firefox, Opera, Netscape only) - (.Sibelius Software.) [HKLM] O42 - Logiciel: Simple Sudoku 4.2 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Skype™ 4.0 - (.Skype Technologies S.A..) [HKLM] O42 - Logiciel: SmartList To Go - (.DataViz, Inc..) [HKLM] O42 - Logiciel: Sophos Anti-Rootkit 1.3 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: SpeedFan (remove only) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Spybot - Search & Destroy 1.4 - (.Safer Networking Limited.) [HKLM] O42 - Logiciel: StationRipper 2.71 - (.Ratajik Software.) [HKLM] O42 - Logiciel: StealthNet 0.8.7.2 - (.The StealthNet Team.) [HKLM] O42 - Logiciel: Sudoku 3D Pro - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Sudoku V 3.0 - (.Olivier RAVET.) [HKLM] O42 - Logiciel: TeamViewer 4 - (.TeamViewer GmbH.) [HKLM] O42 - Logiciel: Tous les Noms de Famille de France V.6.5.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: UMVPLStandalone - (.Logitech Inc..) [HKLM] O42 - Logiciel: URL Snooper v2.26.01 - (.DonationCoder.com.) [HKLM] O42 - Logiciel: Universal Extractor 1.6 - (.Jared Breland.) [HKLM] O42 - Logiciel: Unlocker 1.8.6 - (.Cedrick Collomb.) [HKLM] O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] O42 - Logiciel: Update for 2007 Microsoft Office System (KB981715) - (.Microsoft.) [HKLM] O42 - Logiciel: Update for Microsoft Office InfoPath 2007 (KB976416) - (.Microsoft.) [HKLM] O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb981433) - (.Microsoft.) [HKLM] O42 - Logiciel: VDMSound - (.Vlad Romascanu.) [HKLM] O42 - Logiciel: VobEdit 0.6 Fr - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: WaveLab Lite - (.Steinberg.) [HKLM] O42 - Logiciel: WinHTTrack Website Copier 3.30 - (.HTTrack.) [HKLM] O42 - Logiciel: WinPcap 4.1.1 - (.CACE Technologies.) [HKLM] O42 - Logiciel: WinWAP for Windows 3.2 - (.Winwap Technologies Oy.) [HKLM] O42 - Logiciel: WinZip - (.WinZip Computing LP.) [HKLM] O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Installer Clean Up - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Wintree Version 3.0 d - (.Decrock.) [HKLM] O42 - Logiciel: ZebHelpProcess 2.34 - (.Nicolas Coolman.) [HKLM] O42 - Logiciel: dBpowerAMP Wavpack Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp FLAC Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Monkeys Audio Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Musepack Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Ogg Vorbis Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Windows Media Audio 10 Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dMC Power Pack - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: jv16 PowerTools 1.3 - (.Pas de propriétaire.) [HKLM] ---\\ HKCU & HKLM Software Keys [HKCU\Software\ABSoft] [HKCU\Software\AC3filter] [HKCU\Software\ASProtect] [HKCU\Software\ATI] [HKCU\Software\Ad-Remover] [HKCU\Software\Adobe] [HKCU\Software\Advanced IRC] [HKCU\Software\Ahead] [HKCU\Software\Alcohol Soft] [HKCU\Software\Angus Johnson] [HKCU\Software\Anuman Interactive] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\ApplianTechnologies] [HKCU\Software\ArcSoft] [HKCU\Software\Audacity] [HKCU\Software\Auralis] [HKCU\Software\Avira] [HKCU\Software\BITSoft] [HKCU\Software\BitTorrent] [HKCU\Software\Borland] [HKCU\Software\Bsd Concept] [HKCU\Software\CDIP] [HKCU\Software\CDRWIN 5] [HKCU\Software\Clients] [HKCU\Software\Cobian] [HKCU\Software\CoreVorbis] [HKCU\Software\Creative Tech] [HKCU\Software\Cyberlink] [HKCU\Software\DATA BECKER] [HKCU\Software\DDH Software] [HKCU\Software\DPSoftware] [HKCU\Software\DSP-worx] [HKCU\Software\DVD Shrink] [HKCU\Software\DataViz] [HKCU\Software\DefaultID] [HKCU\Software\Digital River] [HKCU\Software\DivXNetworks] [HKCU\Software\DxO Optics Pro] [HKCU\Software\DxO] [HKCU\Software\EMCO MSI Package Builder] [HKCU\Software\EMME] [HKCU\Software\EPSON] [HKCU\Software\EditHexa] [HKCU\Software\Elaborate Bytes] [HKCU\Software\Elcom] [HKCU\Software\Exifer] [HKCU\Software\Foxit Software Company] [HKCU\Software\Foxit Software] [HKCU\Software\FreeDownloadManager.ORG] [HKCU\Software\Freeware] [HKCU\Software\FreshDevices] [HKCU\Software\Fridgesoft] [HKCU\Software\GHCS] [HKCU\Software\GIANTCompany] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\Genie-Soft] [HKCU\Software\GlarySoft] [HKCU\Software\decrock] [HKCU\Software\digital publishing] [HKCU\Software\e-merge] [HKCU\Software\eMule] [HKCU\Software\ePaperPress] [HKCU\Software\ej-technologies] [HKLM\Software\ABSoft] [HKLM\Software\ACE Compression Software] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Adobe Systems] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\America Online] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Avira] [HKLM\Software\BigScott27] [HKLM\Software\Boonty] [HKLM\Software\Borland] [HKLM\Software\C07ft5Y] [HKLM\Software\CDDB] [HKLM\Software\CDRWIN5] [HKLM\Software\Canon] [HKLM\Software\Carpet] [HKLM\Software\Chilkat Software, Inc.] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Cobian] [HKLM\Software\Codec Tweak Tool] [HKLM\Software\Creative Tech] [HKLM\Software\Cyberlink] [HKLM\Software\D-Tools] [HKLM\Software\DDH Software] [HKLM\Software\DECROCK] [HKLM\Software\DIOC] [HKLM\Software\Debug] [HKLM\Software\DivXNetworks] [HKLM\Software\DownloadHelper] [HKLM\Software\EMCO MSI Package Builder] [HKLM\Software\EPSON Photo Print] [HKLM\Software\EPSON] [HKLM\Software\Elaborate Bytes] [HKLM\Software\Elcom] [HKLM\Software\Foxit Software] [HKLM\Software\FreshDevices] [HKLM\Software\GIANTCompany] [HKLM\Software\GNU] [HKLM\Software\Gabest] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\Gravity Soft] [HKLM\Software\HaaliMkx] [HKLM\Software\Hemera Products] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\Internet Download Manager] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KLCodecPack] [HKLM\Software\Licenses] [HKLM\Software\LizardTech] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Micro Application] [HKLM\Software\MicroQuill] [HKLM\Software\MidiTec] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\MyHeritage.com] [HKLM\Software\Myriad Software] [HKLM\Software\NCSoft] [HKLM\Software\Network Associates] [HKLM\Software\Nico Mak Computing] [HKLM\Software\Nikon] [HKLM\Software\ODBC] [HKLM\Software\Orium Software] [HKLM\Software\PACE Anti-Piracy] [HKLM\Software\PepiMK Software] [HKLM\Software\Pinnacle Systems] [HKLM\Software\PixVue.Com] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\Protexis] [HKLM\Software\Python] [HKLM\Software\QuEnc] [HKLM\Software\Ratajik Software] [HKLM\Software\RealNetworks] [HKLM\Software\RegisteredApplications] [HKLM\Software\RjH Software] [HKLM\Software\S3R521] [HKLM\Software\SUPERAntiSpyware.com] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Schlumberger] [HKLM\Software\Sibelius Software] [HKLM\Software\Skype] [HKLM\Software\Smart Panel] [HKLM\Software\Soeperman Enterprises Ltd.] [HKLM\Software\SoftLogica] [HKLM\Software\Sonic] [HKLM\Software\Sophos] [HKLM\Software\SplashData] [HKLM\Software\Sports] [HKLM\Software\Std] [HKLM\Software\Steinberg] [HKLM\Software\String Comparison] [HKLM\Software\Sunbelt Software] [HKLM\Software\Swearware] [HKLM\Software\TG Byte Software] [HKLM\Software\TeamViewer] [HKLM\Software\TorrentSearcher] [HKLM\Software\Totalidea Software] [HKLM\Software\Trad-FR] [HKLM\Software\TrendMicro] [HKLM\Software\Ulead Systems] [HKLM\Software\Uniblue] [HKLM\Software\VEGA] [HKLM\Software\VOB] [HKLM\Software\VSO] [HKLM\Software\Via4in1Driver] [HKLM\Software\Voice] [HKLM\Software\Wheel] [HKLM\Software\WinPcap] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Winzip FR] [HKLM\Software\Wise Solutions] [HKLM\Software\X-AVCSD] [HKLM\Software\Xi] [HKLM\Software\Yahoo] [HKLM\Software\Zone Labs] [HKLM\Software\ePaperPress] [HKLM\Software\mozilla.org] ---\\ Contenu des dossiers Fichiers Communs (O43) O43 - CFD:Common File Directory ----D- C:\Program Files\3D Photo Browser O43 - CFD:Common File Directory ----D- C:\Program Files\3M O43 - CFD:Common File Directory ----D- C:\Program Files\3M Littmann O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Advanced IRC O43 - CFD:Common File Directory ----D- C:\Program Files\Ahead O43 - CFD:Common File Directory ----D- C:\Program Files\Alcohol Soft O43 - CFD:Common File Directory ----D- C:\Program Files\ANtsP2P O43 - CFD:Common File Directory ----D- C:\Program Files\Anuman Interactive O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\Audacity O43 - CFD:Common File Directory ----D- C:\Program Files\AVG Anti-Spyware 7.5 O43 - CFD:Common File Directory ----D- C:\Program Files\AVI MPEG RM WMV Joiner O43 - CFD:Common File Directory ----D- C:\Program Files\Avi2Dvd O43 - CFD:Common File Directory ----D- C:\Program Files\Avira O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5 O43 - CFD:Common File Directory ----D- C:\Program Files\BackupBuddy O43 - CFD:Common File Directory ----D- C:\Program Files\Blues for Piano and Keyboard 10.0 O43 - CFD:Common File Directory ----D- C:\Program Files\BSD Concept O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner O43 - CFD:Common File Directory ----D- C:\Program Files\CDRWIN5 O43 - CFD:Common File Directory ----D- C:\Program Files\CH Products O43 - CFD:Common File Directory ----D- C:\Program Files\Cobian Backup 8 O43 - CFD:Common File Directory ----D- C:\Program Files\Cobian Backup 9 O43 - CFD:Common File Directory ----D- C:\Program Files\Common~1 O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications O43 - CFD:Common File Directory ----D- C:\Program Files\ConvertHelper O43 - CFD:Common File Directory ----D- C:\Program Files\Creative O43 - CFD:Common File Directory ----D- C:\Program Files\dBpowerAMP O43 - CFD:Common File Directory ----D- C:\Program Files\DivX O43 - CFD:Common File Directory ----D- C:\Program Files\Documents To Go O43 - CFD:Common File Directory ----D- C:\Program Files\DoublePics O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Shrink O43 - CFD:Common File Directory ----D- C:\Program Files\DxO Labs O43 - CFD:Common File Directory ----D- C:\Program Files\EarMaster Pro 5 O43 - CFD:Common File Directory ----D- C:\Program Files\EasyCleaner O43 - CFD:Common File Directory ----D- C:\Program Files\eMule O43 - CFD:Common File Directory ----D- C:\Program Files\ePaperPress O43 - CFD:Common File Directory ----D- C:\Program Files\EPSON O43 - CFD:Common File Directory ----D- C:\Program Files\Exifer O43 - CFD:Common File Directory ----D- C:\Program Files\FamilySearch O43 - CFD:Common File Directory R---D- C:\Program Files\Fichiers communs O43 - CFD:Common File Directory ----D- C:\Program Files\File Scanner Library (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\Foxit Software O43 - CFD:Common File Directory ----D- C:\Program Files\GedCom-Vision O43 - CFD:Common File Directory ----D- C:\Program Files\GedStar O43 - CFD:Common File Directory ----D- C:\Program Files\GNU O43 - CFD:Common File Directory ----D- C:\Program Files\GNU Solfege O43 - CFD:Common File Directory ----D- C:\Program Files\Google O43 - CFD:Common File Directory ----D- C:\Program Files\GrabIt O43 - CFD:Common File Directory ----D- C:\Program Files\Greeting Card Creator O43 - CFD:Common File Directory ----D- C:\Program Files\GRISOFT O43 - CFD:Common File Directory ----D- C:\Program Files\Guitar Pro 4 O43 - CFD:Common File Directory ----D- C:\Program Files\HanDBase3 O43 - CFD:Common File Directory ----D- C:\Program Files\HardwareDetection O43 - CFD:Common File Directory ----D- C:\Program Files\Harmony Assistant O43 - CFD:Common File Directory ----D- C:\Program Files\Helicon Software O43 - CFD:Common File Directory ----D- C:\Program Files\Hijackthis O43 - CFD:Common File Directory ----D- C:\Program Files\i2p O43 - CFD:Common File Directory ----D- C:\Program Files\icesword O43 - CFD:Common File Directory ----D- C:\Program Files\IfoEdit O43 - CFD:Common File Directory ----D- C:\Program Files\IKEA HomePlanner O43 - CFD:Common File Directory ----D- C:\Program Files\Illustrate O43 - CFD:Common File Directory ----D- C:\Program Files\iMule-1.4.5 O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer O43 - CFD:Common File Directory ----D- C:\Program Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\Java(2) O43 - CFD:Common File Directory ----D- C:\Program Files\jv16 PowerTools O43 - CFD:Common File Directory ----D- C:\Program Files\K-Lite Codec Pack O43 - CFD:Common File Directory ----D- C:\Program Files\Kommute O43 - CFD:Common File Directory ----D- C:\Program Files\Lavalys O43 - CFD:Common File Directory ----D- C:\Program Files\LizardTech O43 - CFD:Common File Directory ----D- C:\Program Files\Logitech O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com O43 - CFD:Common File Directory ----D- C:\Program Files\MagicISO O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD:Common File Directory ----D- C:\Program Files\Managed DirectX (0901) O43 - CFD:Common File Directory ----D- C:\Program Files\MaxSplitter O43 - CFD:Common File Directory ----D- C:\Program Files\Media Player Classic O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Backup O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft AntiSpyware O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Baseline Security Analyzer 2 O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Money 2005 O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET O43 - CFD:Common File Directory ----D- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox O43 - CFD:Common File Directory ----D- C:\Program Files\Mp3DirectCut O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache O43 - CFD:Common File Directory ----D- C:\Program Files\MSN O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0 O43 - CFD:Common File Directory ----D- C:\Program Files\Musicalis O43 - CFD:Common File Directory ----D- C:\Program Files\MUTE O43 - CFD:Common File Directory ----D- C:\Program Files\myFairTunes O43 - CFD:Common File Directory ----D- C:\Program Files\MyVideoSoft O43 - CFD:Common File Directory ----D- C:\Program Files\NapShare O43 - CFD:Common File Directory ----D- C:\Program Files\Neat Image O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting O43 - CFD:Common File Directory ----D- C:\Program Files\Newave O43 - CFD:Common File Directory ----D- C:\Program Files\Nikon O43 - CFD:Common File Directory ----D- C:\Program Files\Omer O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express O43 - CFD:Common File Directory ----D- C:\Program Files\Pando Networks O43 - CFD:Common File Directory ----D- C:\Program Files\PDFtoMusic O43 - CFD:Common File Directory ----D- C:\Program Files\PeerGuardian2 O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre O43 - CFD:Common File Directory ----D- C:\Program Files\Pinnacle O43 - CFD:Common File Directory ----D- C:\Program Files\PixVue O43 - CFD:Common File Directory ----D- C:\Program Files\PlayPianoTODAY O43 - CFD:Common File Directory ----D- C:\Program Files\PrivacyEraser Computing O43 - CFD:Common File Directory ----D- C:\Program Files\process monitor main O43 - CFD:Common File Directory ----D- C:\Program Files\PW O43 - CFD:Common File Directory ----D- C:\Program Files\QuickPar O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime O43 - CFD:Common File Directory ----D- C:\Program Files\RadCor O43 - CFD:Common File Directory ----D- C:\Program Files\Radio Fr Solo O43 - CFD:Common File Directory ----D- C:\Program Files\Reagclean O43 - CFD:Common File Directory ----D- C:\Program Files\Real O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies O43 - CFD:Common File Directory ----D- C:\Program Files\RegClean O43 - CFD:Common File Directory ----D- C:\Program Files\RipTiger O43 - CFD:Common File Directory ----D- C:\Program Files\Sandboxie O43 - CFD:Common File Directory ----D- C:\Program Files\SanDisk O43 - CFD:Common File Directory ----D- C:\Program Files\SaverWiz O43 - CFD:Common File Directory ----D- C:\Program Files\ScummVM O43 - CFD:Common File Directory ----D- C:\Program Files\SDHelper (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\SEAF O43 - CFD:Common File Directory ----D- C:\Program Files\Sensory O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne O43 - CFD:Common File Directory ----D- C:\Program Files\Sibelius Software O43 - CFD:Common File Directory ----D- C:\Program Files\Simple Sudoku O43 - CFD:Common File Directory R---D- C:\Program Files\Skype O43 - CFD:Common File Directory ----D- C:\Program Files\SlySoft O43 - CFD:Common File Directory ----D- C:\Program Files\Smart Panel O43 - CFD:Common File Directory ----D- C:\Program Files\Smart Projects O43 - CFD:Common File Directory ----D- C:\Program Files\SmartGenealogy_2.8c O43 - CFD:Common File Directory ----D- C:\Program Files\SmartList To Go O43 - CFD:Common File Directory ----D- C:\Program Files\SoftLogica O43 - CFD:Common File Directory ----D- C:\Program Files\Sophos O43 - CFD:Common File Directory ----D- C:\Program Files\SpeedFan O43 - CFD:Common File Directory ----D- C:\Program Files\SpeedItUpFree O43 - CFD:Common File Directory ----D- C:\Program Files\SplashData O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy O43 - CFD:Common File Directory ----D- C:\Program Files\StationRipper O43 - CFD:Common File Directory ----D- C:\Program Files\StealthNet O43 - CFD:Common File Directory ----D- C:\Program Files\Steinberg O43 - CFD:Common File Directory ----D- C:\Program Files\Sudoku O43 - CFD:Common File Directory ----D- C:\Program Files\Sudoku 3D Pro O43 - CFD:Common File Directory ----D- C:\Program Files\Sunbelt Software O43 - CFD:Common File Directory ----D- C:\Program Files\SUPERAntiSpyware O43 - CFD:Common File Directory ----D- C:\Program Files\SWI O43 - CFD:Common File Directory ----D- C:\Program Files\Synaesthete O43 - CFD:Common File Directory ----D- C:\Program Files\TeamViewer O43 - CFD:Common File Directory ----D- C:\Program Files\TeaTimer (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\thinkingBytes O43 - CFD:Common File Directory ----D- C:\Program Files\TimeAdjuster O43 - CFD:Common File Directory ----D- C:\Program Files\Tweak-XP Pro 4 O43 - CFD:Common File Directory ----D- C:\Program Files\Ujihara O43 - CFD:Common File Directory ----D- C:\Program Files\Ulead Systems O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information O43 - CFD:Common File Directory ----D- C:\Program Files\Universal Extractor O43 - CFD:Common File Directory ----D- C:\Program Files\Unlocker O43 - CFD:Common File Directory ----D- C:\Program Files\URLSnooper2 O43 - CFD:Common File Directory ----D- C:\Program Files\USB-set O43 - CFD:Common File Directory ----D- C:\Program Files\uTorrent O43 - CFD:Common File Directory ----D- C:\Program Files\VDMSound O43 - CFD:Common File Directory ----D- C:\Program Files\Vg O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN O43 - CFD:Common File Directory ----D- C:\Program Files\VirtualDubMOD O43 - CFD:Common File Directory ----D- C:\Program Files\VOB O43 - CFD:Common File Directory ----D- C:\Program Files\VSO O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Installer Clean Up O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Connect 2 O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT O43 - CFD:Common File Directory --HAD- C:\Program Files\WindowsUpdate O43 - CFD:Common File Directory ----D- C:\Program Files\WinHTTrack O43 - CFD:Common File Directory ----D- C:\Program Files\WinPcap O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR O43 - CFD:Common File Directory ----D- C:\Program Files\WINTREE O43 - CFD:Common File Directory ----D- C:\Program Files\Winwap Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\WinZip O43 - CFD:Common File Directory ----D- C:\Program Files\xerox O43 - CFD:Common File Directory ----D- C:\Program Files\Xi O43 - CFD:Common File Directory ----D- C:\Program Files\Yahoo! O43 - CFD:Common File Directory ----D- C:\Program Files\ZebHelpProcess 2 O43 - CFD:Common File Directory --H-D- C:\Program Files\Zero G Registry O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.00000000000000000000000000000000] - 30/04/2010 - 18:15:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1604931] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 30/04/2010 - 18:12:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.00000000000000000000000000000000] - 30/04/2010 - 18:11:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.00000000000000000000000000000000] - 30/04/2010 - 18:11:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 30/04/2010 - 18:11:16 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.5D3AEDF3D2FE2A4A2EA0C41929981BFC] - 30/04/2010 - 18:06:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000000-00000000-0000000B-00001102-00000004-00401102}.rfx [3888] O44 - LFC:[MD5.5D3AEDF3D2FE2A4A2EA0C41929981BFC] - 30/04/2010 - 18:06:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\BMXCtrlState-{00000000-00000000-0000000B-00001102-00000004-00401102}.rfx [3888] O44 - LFC:[MD5.00000000000000000000000000000000] - 30/04/2010 - 18:06:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SchedLgU.Txt [32484] O44 - LFC:[MD5.6490C3F6B8336D05DE8FCAD8C94F50C8] - 30/04/2010 - 13:22:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\PDOXUSRS.NET [13030] O44 - LFC:[MD5.E80B5452DC9E27364385BD69FDEDDEF2] - 30/04/2010 - 12:41:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\avenger.txt [886] O44 - LFC:[MD5.23A8C23D9C43F96CAABA5102B2E9D85C] - 28/04/2010 - 20:19:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ComboFix.txt [27327] O44 - LFC:[MD5.87AFDE2B95CB0FDB8477AB22D02BFC94] - 28/04/2010 - 20:06:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system.ini [274] O44 - LFC:[MD5.7F4247C03A71E65171CEBC339B37AB20] - 27/04/2010 - 19:14:37 RSHA- . (.Pas de propriétaire - Pas de description.) -- C:\boot.ini [282] O44 - LFC:[MD5.3CECCD255392A3A640830F3CF97CE162] - 27/04/2010 - 19:14:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Boot.bak [212] O44 - LFC:[MD5.48C65662EC81FBCAA110509F50C51497] - 27/04/2010 - 19:14:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\cmldr [263488] O44 - LFC:[MD5.AE72E8619CB31D84DA25E2435E55003C] - 27/04/2010 - 19:12:56 ---A- . (.NirSoft - NirCmd.) -- C:\WINDOWS\NIRCMD.exe [31232] O44 - LFC:[MD5.C5EC72A20B4C98DB5314E6C46765B148] - 27/04/2010 - 19:12:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\MBR.exe [77312] O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 27/04/2010 - 19:12:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\grep.exe [80412] O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 27/04/2010 - 19:12:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\sed.exe [98816] O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 27/04/2010 - 19:12:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\zip.exe [68096] O44 - LFC:[MD5.01D95A1F8CF13D07CC564AABB36BCC0B] - 27/04/2010 - 19:12:56 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\WINDOWS\SWREG.exe [161792] O44 - LFC:[MD5.B7517DB073B28F5696A1E5528ABEB5D0] - 27/04/2010 - 19:12:56 ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\WINDOWS\SWSC.exe [136704] O44 - LFC:[MD5.B1A9CF0B6F80611D31987C247EC630B4] - 27/04/2010 - 19:12:56 ---A- . (.SteelWerX - Freeware implementation of XCACLS.) -- C:\WINDOWS\SWXCACLS.exe [212480] O44 - LFC:[MD5.1A6D80AA9E021EC3B094887D47202188] - 27/04/2010 - 12:26:33 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-CLEAN[1].txt [4714] O44 - LFC:[MD5.265672A002D063A3ED2D26F939E04FC3] - 27/04/2010 - 12:13:33 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-SCAN[1].txt [4046] O44 - LFC:[MD5.EC1C7B6CCFB28B096C9D514ACCF05C74] - 27/04/2010 - 09:12:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\TB.txt [3152] O44 - LFC:[MD5.4BB0628A9105D8C11B602E6F53470015] - 27/04/2010 - 07:59:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\drivers\fwdrv.err [1735460] O44 - LFC:[MD5.F1FBA6185A6A2BC6456970914875078E] - 26/04/2010 - 14:58:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\PEV.exe [256512] O44 - LFC:[MD5.FBFAF1C2C34F301BBE4C9407D2AC60E1] - 26/04/2010 - 11:21:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [2206] O44 - LFC:[MD5.7112190518B5AEAA05B259BBE393C9ED] - 25/04/2010 - 17:18:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\NeroDigital.ini [116] O44 - LFC:[MD5.43B537FA5AAC2FDE07A7E320E4362363] - 21/04/2010 - 06:53:57 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\3) [2133] O44 - LFC:[MD5.A9C93CE2627B78646BE5BBCB95DEC8EA] - 11/04/2010 - 12:59:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\win.ini [940] O44 - LFC:[MD5.19BC3077C98654C4F685624D8383BC2E] - 07/04/2010 - 06:10:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\Radio_Fr.ini [1208] O44 - LFC:[MD5.91BA33C14DF133FA79AFB6A92F582CDD] - 04/04/2010 - 15:41:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\d3d9caps.dat [664] O44 - LFC:[MD5.3C94558CD1705DA468C9562110F34069] - 04/04/2010 - 10:37:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\DonationCoder_urlsnooper_InstallInfo.dat [46] O44 - LFC:[MD5.7311558A1B943CED90A75E0409F5C5D9] - 04/04/2010 - 10:36:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\-1 [57] O44 - LFC:[MD5.CF236C6C37519794C8CB663FA639297D] - 03/04/2010 - 11:06:51 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\java.exe [145184] O44 - LFC:[MD5.8BB5783B22869D303B2E624947A9A52A] - 03/04/2010 - 11:06:51 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\javaw.exe [145184] O44 - LFC:[MD5.AC600895C014D245B03749CA3B5CBED4] - 03/04/2010 - 11:06:51 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\WINDOWS\System32\javaws.exe [153376] O44 - LFC:[MD5.FC1F0157B07D3FA402FC629AE9B977AE] - 03/04/2010 - 11:06:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\jupdate-1.6.0_19-b04.log [4229] O44 - LFC:[MD5.C71E8FF0D92FF876EB1C591A34AFDD03] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.INI [1395924] O44 - LFC:[MD5.842A215C78E052C380DCB2515035588F] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc009.dat [102990] O44 - LFC:[MD5.E2E8D636EFC592EB4E0383DEEC8E42F3] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [123638] O44 - LFC:[MD5.87D027A624CA713E45C12986BE94972C] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh009.dat [535828] O44 - LFC:[MD5.36A359FF2187AD2C10957403688B50CA] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [615420] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll O46 - SEH:ShellExecuteHooks - Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\PROGRA~1\WINDOW~4\MpShHook.dll ---\\ Export de clé d'application autorisée (ECAA) (O47) O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dpnsvr.exe" [Disabled] .(.Microsoft Corporation - Microsoft DirectPlay8 Server.) -- C:\WINDOWS\system32\dpnsvr.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\sessmgr.exe" [Disabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe" [Disabled] .(.http://www.emule-project.net - eMule.) -- C:\Program Files\eMule\emule.exe O47 - AAKE:Key Export SP - "C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe" [Enabled] .(.Sunbelt Software - Sunbelt Kerio Firewall GUI.) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\uTorrent.exe" [Enabled] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\msncall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\MSN Messenger\msncall.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\livecall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\MSN Messenger\livecall.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) (.not file.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) (.not file.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"VIDC.DIVX"="divx.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\divx.dll O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\xvidvfw.dll O52 - TDSD: \Drivers32\"vidc.iv41"="Ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\Ir41_32.ax O52 - TDSD: \Drivers32\"VIDC.YV12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\WINDOWS\System32\yv12vfw.dll O52 - TDSD: \Drivers32\"msacm.vorbis"="vorbis.acm" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\System32\vorbis.acm O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\System32\ac3acm.acm O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\WINDOWS\System32\lameACM.acm O52 - TDSD: \Drivers32\"msacm.divxa32"="divxa32.acm" . (.Kristal Studi - DivX WMA Audi.) -- C:\WINDOWS\System32\divxa32.acm O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ff_vfw.dll O52 - TDSD: \Drivers32\"vidc.tscc"="tsccvid.dll" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- C:\WINDOWS\System32\tsccvid.dll O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"tssoft32.acm"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \drivers.desc\"iccvid.dll"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \drivers.desc\"ir32_32.dll"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \drivers.desc\"Ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"iyvu9_32.dll"="Indeo® video Raw YVU9 by Intel" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\iyvu9_32.dll O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\Iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\Iac25_32.ax O52 - TDSD: \drivers.desc\"divx.dll"="DivX Pro 6.7.0" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec v1.2.0-dev" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.97b2" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"vorbis.acm"="Ogg Vorbis Audio Codec" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\System32\vorbis.acm O52 - TDSD: \drivers.desc\"Ir41_32.ax"="Indeo® video interactive R4.3 by Intel" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\System32\ac3acm.acm O52 - TDSD: \drivers.desc\"divxa32.acm"="DivX Audio" . (.Kristal Studi - DivX WMA Audi.) -- C:\WINDOWS\System32\divxa32.acm O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ff_vfw.dll O52 - TDSD: \drivers.desc\"tsccvid.dll"="TechSmith Screen Capture Codec" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- C:\WINDOWS\System32\tsccvid.dll ---\\ ShareTools MSconfig StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\LogitechQuickCamRibbon [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1 O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDrives"=0 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:[MD5.95B4FB835E28AA1336CEEB07FD5B9398] - 13/04/2008 - 19:36:39 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\drivers\amdagp.sys O58 - SDL:[MD5.116BFF96077A4A724E0AAB800525CEB5] - 28/08/2002 - 22:59:12 ---A- . (.ADMtek Incorporated. - ADMtek AN983/AN985/ADM951X NDIS5 Driver.) -- C:\WINDOWS\system32\drivers\an983.sys O58 - SDL:[MD5.875F9079CABEE679D34B49E466B61701] - 17/04/2002 - 19:27:02 ---A- . (.VOB Computersysteme GmbH - ASAPI.) -- C:\WINDOWS\system32\drivers\asapiW2k.sys O58 - SDL:[MD5.D649C57DA6FA762C64013747E5D7D2D6] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\drivers\ati1btxx.sys O58 - SDL:[MD5.60B6AA2DC1521DA343F781B70EB7895A] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec.) -- C:\WINDOWS\system32\drivers\ati1mdxx.sys O58 - SDL:[MD5.6FDC61E8E8E17F6ECC2D9A10FA8DF347] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec.) -- C:\WINDOWS\system32\drivers\ati1pdxx.sys O58 - SDL:[MD5.9D318099BF3876A4AF4BC75966D27603] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\drivers\ati1raxx.sys O58 - SDL:[MD5.BCAF267B10620F8C93F6E87AB726E145] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1rvxx.sys O58 - SDL:[MD5.DAC7D785CF62F5BD41441E9D6F5A6EFE] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1snxx.sys O58 - SDL:[MD5.F7706DAE7D101F1B19CE552D772EBFCE] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\drivers\ati1ttxx.sys O58 - SDL:[MD5.6F714B4720DD80FFA9F8D2731594EA4C] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1tuxx.sys O58 - SDL:[MD5.67FFBC158DD4D27BA3FC92C6ACD87F73] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1xbxx.sys O58 - SDL:[MD5.0D8CAB1F08F7D3C4DE228B49E12E596A] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1xsxx.sys O58 - SDL:[MD5.A2F791E99FD6EECEBCCFB1953A1D6F24] - 19/08/2004 - 14:53:40 ---A- . (.ATI Technologies Inc. - Pilote de miniport ATI RAGE 128.) -- C:\WINDOWS\system32\drivers\ati2mtaa.sys O58 - SDL:[MD5.492BD2A5F65F218D4EDE5764A3BB67E9] - 03/05/2006 - 17:50:42 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys O58 - SDL:[MD5.993E7BD6438FE989E328C6B4BCA246A9] - 03/08/2004 - 21:29:28 ---A- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\drivers\atinbtxx.sys O58 - SDL:[MD5.ED4C2BF8403F4437987C0BA09CF48716] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec RT2.) -- C:\WINDOWS\system32\drivers\atinmdxx.sys O58 - SDL:[MD5.E90AC2B14E98F1A4372E5891B4278784] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec RT2.) -- C:\WINDOWS\system32\drivers\atinpdxx.sys O58 - SDL:[MD5.DA36687D701C833430605A298731410B] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\drivers\atinraxx.sys O58 - SDL:[MD5.A7A01B907DB63898D40B0A14248FF9A2] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver RT2.) -- C:\WINDOWS\system32\drivers\atinrvxx.sys O58 - SDL:[MD5.CEDDEE2E0591894D19654D458FD3B9BE] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\drivers\atinsnxx.sys O58 - SDL:[MD5.D80A8F6C0A717446496C3A06D33B0D9C] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\drivers\atinttxx.sys O58 - SDL:[MD5.EDD66332608D27F4FD5069BCD0BC5164] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\drivers\atintuxx.sys O58 - SDL:[MD5.3E7D485CBD0B0D9F6EA2AD9442411831] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\atinxbxx.sys O58 - SDL:[MD5.77B575D7AAB35D5908AE6CE681608D62] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver RT2.) -- C:\WINDOWS\system32\drivers\atinxsxx.sys O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 13/02/2009 - 11:17:49 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 10/12/2009 - 19:28:27 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys O58 - SDL:[MD5.2DAA8CC2670720DEDDCC74A20EDE2EE9] - 13/02/2009 - 11:28:39 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys O58 - SDL:[MD5.AD9BD66A862116E79CB45BB6BE46055F] - 30/03/2009 - 09:32:47 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\WINDOWS\system32\drivers\avipbb.sys O58 - SDL:[MD5.35A301482478E97BE6E1C2748CE930E1] - 02/07/2003 - 17:41:42 ---A- . (.Pas de propriétaire - SCSI miniport.) -- C:\WINDOWS\system32\drivers\axwhisky.sys O58 - SDL:[MD5.F3B1CE696CCF6448C85E7CDC702098D8] - 02/07/2003 - 16:49:52 ---A- . (.Pas de propriétaire - Plug and Play BIOS Extension.) -- C:\WINDOWS\system32\drivers\axwskbus.sys O58 - SDL:[MD5.AABFFD787AB272FC903AFEEB336C6899] - 21/11/2006 - 00:36:58 ---A- . (.CH Products - CH Control Manager Driver 1.) -- C:\WINDOWS\system32\drivers\chdrvr01.sys O58 - SDL:[MD5.7536FB70BCBF5D10B810E67E72F68137] - 22/12/2005 - 22:41:52 ---A- . (.CH Products - CH Control Manager Driver 2.) -- C:\WINDOWS\system32\drivers\chdrvr02.sys O58 - SDL:[MD5.07E3319E5BAE758CEB83C80419681B6A] - 22/12/2005 - 22:41:44 ---A- . (.CH Products - CH Control Manager Driver 3.) -- C:\WINDOWS\system32\drivers\chdrvr03.sys O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 28/08/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 28/08/2001 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys O58 - SDL:[MD5.D653F455B176529F0427B24361139619] - 11/09/2001 - 13:10:14 R--A- . (.Creative Technology Ltd. - Creative OS Services Driver (WDM).) -- C:\WINDOWS\system32\drivers\ctoss2k.sys O58 - SDL:[MD5.5776322F93CDB91086111F5FFBFDA2A0] - 22/08/2004 - 15:31:10 ---A- . (.Pas de propriétaire - PnP BIOS Extension.) -- C:\WINDOWS\system32\drivers\d347bus.sys O58 - SDL:[MD5.B49F79ACE459763F4E0380071BE9CB45] - 22/08/2004 - 15:31:48 ---A- . (.Pas de propriétaire - SCSI miniport.) -- C:\WINDOWS\system32\drivers\d347prt.sys O58 - SDL:[MD5.EF99D8DAB9FCE9B734B40D5E0DD6ABB4] - 02/10/2001 - 16:06:30 R--A- . (.Creative Technology Ltd - Creative EMU10Kx Device Driver (WDM).) -- C:\WINDOWS\system32\drivers\e10kx2k.sys O58 - SDL:[MD5.59C9E1336A4508F059827D638E924C62] - 28/11/2002 - 15:18:04 ---A- . (.Elaborate Bytes AG - ElbyCDIO Filter Driver.) -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys O58 - SDL:[MD5.389823DB299B350F2EE830D47376EEAC] - 29/11/2002 - 12:38:16 ---A- . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys O58 - SDL:[MD5.C4143FC2F7D39A5A8B1CFE0BC4BD8A9E] - 28/11/2002 - 11:43:49 ---A- . (.Elaborate Bytes AG - VirtualCloneCD Driver.) -- C:\WINDOWS\system32\drivers\ElbyVCD.sys O58 - SDL:[MD5.1FF2EEF447A177DF2C544B80F8F7F879] - 18/07/2006 - 11:02:50 ---A- . (.Sunbelt Software - Sunbelt Kerio Firewall FWDRV.) -- C:\WINDOWS\system32\drivers\fwdrv.sys O58 - SDL:[MD5.970178E8E003EB1481293830069624B9] - 03/08/2004 - 21:41:48 ---A- . (.Conexant Systems, Inc. - HSF_HWB2 WDM driver.) -- C:\WINDOWS\system32\drivers\hsfbs2s2.sys O58 - SDL:[MD5.1225EBEA76AAC3C84DF6C54FE5E5D8BE] - 03/08/2004 - 21:41:50 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\system32\drivers\hsfcxts2.sys O58 - SDL:[MD5.EBB354438A4C5A3327FB97306260714A] - 03/08/2004 - 21:41:56 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\drivers\hsfdpsp2.sys O58 - SDL:[MD5.0A7C49B48C772591A2D362DAA00246C8] - 03/03/2004 - 21:30:54 ---A- . (.Ahead Software AG - NERO IMAGEDRIVE SCSI miniport.) -- C:\WINDOWS\system32\drivers\imagedrv.sys O58 - SDL:[MD5.549BA4F539E7B8D8129500B96DD7B27A] - 03/03/2004 - 21:30:54 ---A- . (.Ahead Software AG - Nero Image Server.) -- C:\WINDOWS\system32\drivers\imagesrv.sys O58 - SDL:[MD5.AD81C7B17A815C872881BB56F42E56F4] - 26/03/2003 - 04:25:32 R--A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\WINDOWS\system32\drivers\iteraid.sys O58 - SDL:[MD5.304CE9FB3D64CAA07B940BEF4F8C2DCD] - 18/07/2006 - 11:02:52 ---A- . (.Sunbelt Software - Sunbelt Kerio Host Intrusion Prevention Driver.) -- C:\WINDOWS\system32\drivers\khips.sys O58 - SDL:[MD5.9A3D4FC6B86E7E36473079AB76AC703D] - 06/02/2007 - 16:42:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\Lvckap.sys O58 - SDL:[MD5.0ACBC11F19320AF6C19F2E20013D9095] - 06/02/2007 - 16:44:36 ---A- . (.Logitech Inc. - Logitech Machine Vision Engine Loader.) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys O58 - SDL:[MD5.E8ACF6DD83956FB63CEB058D5F51B18A] - 03/02/2007 - 09:30:58 ---A- . (.Logitech Inc. - Logitech AudioProcessing Filter Driver.) -- C:\WINDOWS\system32\drivers\lvpopflt.sys O58 - SDL:[MD5.12866641284EBB41E627BB53C04DA959] - 06/02/2007 - 16:45:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys O58 - SDL:[MD5.6E59BC28A41F8A2B702D345A5604652F] - 23/06/2006 - 23:29:43 R--A- . (.Logitech Inc. - Logitech Selective Suspend filter Driver.) -- C:\WINDOWS\system32\drivers\lvselsus.sys O58 - SDL:[MD5.64BC29C3A0388BFC580BB8B1346F7659] - 03/02/2007 - 09:32:36 ---A- . (.Logitech Inc. - USB Statistic Driver.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys O58 - SDL:[MD5.922BE6770499220DC27B529CA236815A] - 03/02/2007 - 09:32:46 ---A- . (.Logitech Inc. - Logitech USB Video Class Driver.) -- C:\WINDOWS\system32\drivers\lvuvc.sys O58 - SDL:[MD5.5C329E2AB8DD62310213CBFAC0178539] - 03/02/2007 - 09:33:00 ---A- . (.Logitech Inc. - Logitech USB Video Class Filter Driver.) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys O58 - SDL:[MD5.F61B04F2BB5098A34817D776C59E5E7C] - 30/03/2010 - 23:45:52 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys O58 - SDL:[MD5.75B8EF2A089127E8A3B38F46CC366D79] - 30/03/2010 - 23:46:30 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys O58 - SDL:[MD5.195741AEE20369980796B557358CD774] - 03/08/2004 - 21:41:56 ---A- . (.Conexant - Diagnostic Interface DRIVER.) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys O58 - SDL:[MD5.4D2D882DAEE49B35B7B56FD9444564E9] - 11/12/2007 - 01:05:36 R--A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\WINDOWS\system32\drivers\mod7700.sys O58 - SDL:[MD5.370E88453EC0D7BEA6EB24BE8D865DBE] - 19/10/2007 - 14:32:58 R--A- . (.DiBcom S.A. - HID Infrared Remote Control minidriver.) -- C:\WINDOWS\system32\drivers\modrc.sys O58 - SDL:[MD5.C53775780148884AC87C455489A0C070] - 03/08/2004 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys O58 - SDL:[MD5.54886A652BF5685192141DF304E923FD] - 03/08/2004 - 21:41:38 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\mtlstrm.sys O58 - SDL:[MD5.6DDA78A0BE692B61B668FAB860F276CF] - 03/08/2004 - 21:29:38 ---A- . (.Matrox Graphics Inc. - Matrox Parhelia Miniport Driver.) -- C:\WINDOWS\system32\drivers\mtxparhm.sys O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys O58 - SDL:[MD5.B9730495E0CF674680121E34BD95A73B] - 20/10/2009 - 19:19:44 ---A- . (.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\WINDOWS\system32\drivers\npf.sys O58 - SDL:[MD5.576B34CEAE5B7E5D9FD2775E93B3DB53] - 03/08/2004 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys O58 - SDL:[MD5.2B298519EDBFCF451D43E0F1E8F1006D] - 03/08/2004 - 21:29:56 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys O58 - SDL:[MD5.5B6C11DE7E839C05248CED8825470FEF] - 29/11/2008 - 13:53:06 ---A- . (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\WINDOWS\system32\drivers\pcouffin.sys O58 - SDL:[MD5.EEDB845B7648D6FD632DDB8744892743] - 02/02/2007 - 16:30:34 ---A- . (.Pinnacle Systems GmbH - Virtual NDIS miniport driver.) -- C:\WINDOWS\system32\drivers\PctvVirtualNdis.sys O58 - SDL:[MD5.C3127BFDAB6200769B5A0184FAB48573] - 22/05/2002 - 00:00:00 ---A- . (.Engelmann GmbH - PrecSim SCSI miniport.) -- C:\WINDOWS\system32\drivers\precsim.sys O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 28/08/2001 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys O58 - SDL:[MD5.49452BFCEC22F36A7A9B9C2181BC3042] - 20/11/2008 - 20:19:06 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\pxhelp20.sys O58 - SDL:[MD5.E9AAA0092D74A9D371659C4C38882E12] - 03/08/2004 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\recagent.sys O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys O58 - SDL:[MD5.0DBCC071A268E0340A2BA6BDD98BACE4] - 03/08/2004 - 21:29:52 ---A- . (.S3 Graphics, Inc. - S3 ProSavage(DDR) & Twister Miniport Driver.) -- C:\WINDOWS\system32\drivers\s3gnbm.sys O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys O58 - SDL:[MD5.6B33D0EBD30DB32E27D1D78FE946A754] - 13/04/2008 - 19:36:39 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\sisagp.sys O58 - SDL:[MD5.D9673011648A71ED1E1F77B831BC85E6] - 03/08/2004 - 21:41:42 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slnt7554.sys O58 - SDL:[MD5.2C1779C0FEB1F4A6033600305EBA623A] - 03/08/2004 - 21:41:44 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slntamr.sys O58 - SDL:[MD5.F9B8E30E82EE95CF3E1D3E495599B99C] - 03/08/2004 - 21:41:46 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slnthal.sys O58 - SDL:[MD5.DB56BB2C55723815CF549D7FC50CFCEB] - 03/08/2004 - 21:41:46 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slwdmsup.sys O58 - SDL:[MD5.71E276F6D189413266EA22171806597B] - 23/08/2008 - 10:10:57 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\WINDOWS\system32\drivers\sptd.sys O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 03/10/2009 - 14:04:29 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys O58 - SDL:[MD5.465DC203AD69D56F290480DAE756A9F9] - 27/09/2005 - 08:00:02 ---A- . (.PACE Anti-Piracy, Inc. - InterLok system file.) -- C:\WINDOWS\system32\drivers\TPkd.sys O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 28/08/2001 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 28/08/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys O58 - SDL:[MD5.D956827780A0B7EAE97930116E5649F7] - 04/05/2001 - 08:24:52 ---A- . (.VIA Technologies. Inc. - VIA PFD driver.) -- C:\WINDOWS\system32\drivers\VIAPFD.SYS O58 - SDL:[MD5.0308AEF61941E4AF478FA1A0F83812F5] - 03/08/2004 - 21:29:40 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv07nt.sys O58 - SDL:[MD5.714038A8AA5DE08E12062202CD7EAEB5] - 03/08/2004 - 21:29:40 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv08nt.sys O58 - SDL:[MD5.7BB3AA595E4507A788DE1CDC63F4C8C4] - 03/08/2004 - 21:29:42 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv09nt.sys O58 - SDL:[MD5.36E6C405B6143D09687F4056FD9A0D10] - 03/08/2004 - 21:29:42 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv11nt.sys O58 - SDL:[MD5.352FA0E98BC461CE1CE5D41F64DB558D] - 03/08/2004 - 21:29:46 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\watv06nt.sys O58 - SDL:[MD5.791CC45DE6E50445BE72E8AD6401FF45] - 03/08/2004 - 21:29:46 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\watv10nt.sys O58 - SDL:[MD5.BA898B29F0DBF9307F494475A8393F03] - 05/05/2005 - 16:01:34 RSH-- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\0AA48D50C7.sys O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys O58 - SDL:[MD5.77EBF3E9386DAA51551AF429052D88D0] - 03/04/1996 - 20:33:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\giveio.sys O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 28/08/2002 - 20:23:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys O58 - SDL:[MD5.F171E6EC36928C226BB43D111C759F58] - 05/05/2005 - 16:15:39 -SHA- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\KGyGaAvL.sys O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 03/08/2004 - 21:45:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 03/08/2004 - 21:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 03/08/2004 - 21:45:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 03/08/2004 - 21:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 03/08/2004 - 21:45:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys O58 - SDL:[MD5.D703F972D23867DFD4EE9A9EF9CB767E] - 15/06/2005 - 15:55:53 ---A- . (.Windows ® 2000 DDK provider - SpeedFan Device Driver.) -- C:\WINDOWS\system32\speedfan.sys O58 - SDL:[MD5.F05028B163B92C302A74409D683AC9B0] - 27/04/2007 - 14:19:44 ---A- . (.AntiCracking - SVKP driver for NT.) -- C:\WINDOWS\system32\SVKP.sys ---\\ Alternate Data Stream File (ADS) (O62) O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\$winnt$.inf:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\0AA48D50C7.sys:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\12520437.cpx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\12520850.cpx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\aaaamon.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\acctres.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\acelpdec.ax:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\acledit.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\activeds(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\activeds.tlb:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\adptif.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\adsldpc(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\adsnds.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\advapi32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ansi.sys:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\apcups.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\append.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\apphelp(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\arp.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\asr_ldm.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\atkctrs.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\atl(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\atmpvcno.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\audiosrv(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\authz(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\autodisc.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\autoexec.nt:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\AUTOEXEC.NT.bak:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avicap.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avicap32.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avifile.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avmeter.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avtapi.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avwav.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bios1.rom:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bios4.rom:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bootok.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bootvid.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bootvrfy.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bopomofo.uce:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\browser(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cabinet(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\calc.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cards.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ccfgnt.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cdmodem.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\certcli(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\certmgr.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CF32569.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\charmap.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\Chaînes.scf:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\chcp.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\chkdsk.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\chkntfs.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciadmin.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciadv.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaResSvr20.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaSubClsSvr.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaXPFrame20.ocx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaXPRegSvr20.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaXPStatusBar20.ocx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cidaemon.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ckcnv.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clb.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clbcatq(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cliconf.chm:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cliconfg.rll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clspack.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clusapi(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmdlib.wsc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmmgr32.hlp:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmos.ram:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmpbk32.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cnetcfg.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CNMLM3q.DLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CNMVS3q.DLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cnvfat.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\colbact(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comcat.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comctl32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comdlg32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comm.drv:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\command.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\commdlg.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comp.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\compact.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\compmgmt.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\compobj.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comres(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comsvcs(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CONFIG.NT:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\console.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\control.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\convert.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\country.sys:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CPUINFO2.DLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\credui(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\crtdll.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\crypt32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cryptdll(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cryptsvc(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cryptui(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cscdll(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\csseqchk.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CtMp3.Crl:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ctype.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_037.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10000.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10006.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10007.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10010.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10017.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10029.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10079.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10081.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10082.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1026.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1250.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1251.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1252.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1253.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1254.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1255.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1256.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1257.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1258.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20127.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20261.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20866.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20905.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_21866.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28591.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28592.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28593.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\C_28594.NLS:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\C_28595.NLS:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\C_28597.NLS:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28598.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28599.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28603.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28605.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_437.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_500.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_737.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_775.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_850.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_852.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_855.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_857.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_860.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_861.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_863.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_865.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_866.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_869.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_874.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_875.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_932.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_936.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_949.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_950.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dim.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dpmesh.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dramp.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3drm.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dxof.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\davclnt(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbgeng.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbmsadsn.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbmsvinn.dLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ddeml.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\debug.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskadp.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskmon.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskperf.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\devmgmt.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dfrg.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dfrgres.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dgrpsetu.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dgsetup.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dhcpcsvc(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dhcpsapi.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diactfrm.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dimap.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskcomp.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskcopy.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskmgmt.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskperf.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\divxdec_0407.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\divxdec_040c.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\divxdec_0411.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dllhst3g.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmconfig.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmdskres.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmintf.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmocx.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmserver(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmview.ocx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dnsapi(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dnsrslvr(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\Drivers\acpiec.sys:KAVICHS ---\\ Liste des outils de nettoyage (LATC) (O63) O63 - Logiciel: Ad-Remover By C_XX - (.C_XX.) O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) O63 - Logiciel: SEAF By C_XX - (.C_XX.) O63 - Logiciel: ZHPDiag 1.25 - (.Nicolas Coolman.) O63 - Logiciel: RSIT - (.random/random.) O63 - Logiciel: Toolbar SD - (.IDN Team.) ---\\ Liste des services Legacy (LALS) (O64) O64 - Services: CurCS - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe - Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) .(.Pas de propriétaire - Pas de description.) - LEGACY_ADOBEACTIVEFILEMONITOR5.0 O64 - Services: CurCS - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe - Adobe LM Service (Adobe LM Service) .(.Adobe Systems - System Level Service Utility.) - LEGACY_ADOBE_LM_SERVICE O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\sched.exe - Avira AntiVir Planificateur (AntiVirSchedulerService) .(.Avira GmbH - Antivirus Scheduler.) - LEGACY_ANTIVIRSCHEDULERSERVICE O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avguard.exe - Avira AntiVir Guard (AntiVirService) .(.Avira GmbH - Antivirus On-Access Service.) - LEGACY_ANTIVIRSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Ati2evxx.exe - Ati HotKey Poller (Ati HotKey Poller) .(.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - LEGACY_ATI_HOTKEY_POLLER O64 - Services: CurCS - C:\WINDOWS\system32\ati2sgag.exe - ATI Smart (ATI Smart) .(.Pas de propriétaire - ATI Smart.) - LEGACY_ATI_SMART O64 - Services: CurCS - (.not file.) - Avg Anti-Rootkit Clean Driver (AvgArCln) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVGARCLN O64 - Services: CurCS - (.not file.) - AVG Anti-Spyware Clean Driver (AvgAsCln) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVGASCLN O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - (.not file.) - AVG Anti-Spyware Driver (AVG Anti-Spyware Driver) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVG_ANTI-SPYWARE_DRIVER O64 - Services: CurCS - (.not file.) - AVG Clean Driver (AVG Clean Driver) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVG_CLEAN_DRIVER O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB O64 - Services: CurCS - (.not file.) - catchme (catchme) .(.Pas de propriétaire - Pas de description.) - LEGACY_CATCHME O64 - Services: CurCS - (.not file.) - Creative AC3 Software Decoder (ctac32k) .(.Pas de propriétaire - Pas de description.) - LEGACY_CTAC32K O64 - Services: CurCS - (.not file.) - Creative Proxy Driver (ctprxy2k) .(.Pas de propriétaire - Pas de description.) - LEGACY_CTPRXY2K O64 - Services: CurCS - (.not file.) - Creative SoundFont Management Device Driver (ctsfm2k) .(.Pas de propriétaire - Pas de description.) - LEGACY_CTSFM2K O64 - Services: CurCS - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ElbyCDIO.sys - ElbyCDIO Driver (ElbyCDIO) .(.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) - LEGACY_ELBYCDIO O64 - Services: CurCS - (.not file.) - E-mu Plug-in Architecture Driver (emupia) .(.Pas de propriétaire - Pas de description.) - LEGACY_EMUPIA O64 - Services: CurCS - (.not file.) - Freenet 0.7 darknet (freenet-darknet) .(.Pas de propriétaire - Pas de description.) - LEGACY_FREENET-DARKNET O64 - Services: CurCS - C:\WINDOWS\system32\drivers\fwdrv.sys - Firewall Driver (fwdrv) .(.Sunbelt Software - Sunbelt Kerio Firewall FWDRV.) - LEGACY_FWDRV O64 - Services: CurCS - (.not file.) - fxliapoc (fxliapoc) .(.Pas de propriétaire - Pas de description.) - LEGACY_FXLIAPOC O64 - Services: CurCS - C:\WINDOWS\system32\giveio.sys - giveio (giveio) .(.Pas de propriétaire - Pas de description.) - LEGACY_GIVEIO O64 - Services: CurCS - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - Google Software Updater (gusvc) .(.Google - gusvc.) - LEGACY_GUSVC O64 - Services: CurCS - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe - InstallDriver Table Manager (IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT O64 - Services: CurCS - (.not file.) - File Security Kernel Anti-Spyware Driver (ikhfile) .(.Pas de propriétaire - Pas de description.) - LEGACY_IKHFILE O64 - Services: CurCS - (.not file.) - Kernel Anti-Spyware Driver (ikhlayer) .(.Pas de propriétaire - Pas de description.) - LEGACY_IKHLAYER O64 - Services: CurCS - (.not file.) - IsDrv118 (IsDrv118) .(.Pas de propriétaire - Pas de description.) - LEGACY_ISDRV118 O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\drivers\khips.sys - Kerio HIPS Driver (khips) .(.Sunbelt Software - Sunbelt Kerio Host Intrusion Prevention Dri.) - LEGACY_KHIPS O64 - Services: CurCS - (.not file.) - Klif (Klif) .(.Pas de propriétaire - Pas de description.) - LEGACY_KLIF O64 - Services: CurCS - (.not file.) - Klmc (Klmc) .(.Pas de propriétaire - Pas de description.) - LEGACY_KLMC O64 - Services: CurCS - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe - Sunbelt Kerio Personal Firewall 4 (KPF4) .(.Sunbelt Software - Sunbelt Kerio Firewall Service.) - LEGACY_KPF4 O64 - Services: CurCS - C:\WINDOWS\system32\drivers\LVPr2Mon.sys - Logitech LVPr2Mon Driver (LVPr2Mon) .(.Pas de propriétaire - Pas de description.) - LEGACY_LVPR2MON O64 - Services: CurCS - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe - Logitech Process Monitor (LVPrcSrv) .(.Logitech Inc. - Logitech LVPrcSrv Module..) - LEGACY_LVPRCSRV O64 - Services: CurCS - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe - LVSrvLauncher (LVSrvLauncher) .(.Logitech Inc. - LogitechService Launcher.) - LEGACY_LVSRVLAUNCHER O64 - Services: CurCS - (.not file.) - MBAMProtector (MBAMProtector) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - (.not file.) - MBAMService (MBAMService) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBAMSERVICE O64 - Services: CurCS - (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR O64 - Services: CurCS - (.not file.) - mchInjDrv (mchInjDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_MCHINJDRV O64 - Services: CurCS - (.not file.) - Network Associates McShield (McShield) .(.Pas de propriétaire - Pas de description.) - LEGACY_MCSHIELD O64 - Services: CurCS - (.not file.) - Network Associates Task Manager (McTaskManager) .(.Pas de propriétaire - Pas de description.) - LEGACY_MCTASKMANAGER O64 - Services: CurCS - (.not file.) - mountmgr (mountmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MOUNTMGR O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP O64 - Services: CurCS - (.not file.) - NaiAvFilter1 (NaiAvFilter1) .(.Pas de propriétaire - Pas de description.) - LEGACY_NAIAVFILTER1 O64 - Services: CurCS - (.not file.) - NAI Anti Virus (NaiAvFilter101) .(.Pas de propriétaire - Pas de description.) - LEGACY_NAIAVFILTER101 O64 - Services: CurCS - (.not file.) - NaiAvTdi1 (NaiAvTdi1) .(.Pas de propriétaire - Pas de description.) - LEGACY_NAIAVTDI1 O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS O64 - Services: CurCS - C:\WINDOWS\system32\drivers\npf.sys - NetGroup Packet Filter Driver (NPF) .(.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) - LEGACY_NPF O64 - Services: CurCS - C:\WINDOWS\system32\drivers\ctoss2k.sys - Creative OS Services Driver (ossrv) .(.Creative Technology Ltd. - Creative OS Services Driver (WDM).) - LEGACY_OSSRV O64 - Services: CurCS - (.not file.) - PartMgr (PartMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARTMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PFMODNT.sys - PfModNT (PfModNT) .(.Creative Technology Ltd. - PCI/ISA Device Info. Service.) - LEGACY_PFMODNT O64 - Services: CurCS - C:\Program Files\PixVue\bin\Daemon.exe - PixVue (PixVue) .(.PixVue.Com - PixVue Daemon.) - LEGACY_PIXVUE O64 - Services: CurCS - (.not file.) - PROCEXP113 (PROCEXP113) .(.Pas de propriétaire - Pas de description.) - LEGACY_PROCEXP113 O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP O64 - Services: CurCS - (.not file.) - RKREVEAL150 (RKREVEAL150) .(.Pas de propriétaire - Pas de description.) - LEGACY_RKREVEAL150 O64 - Services: CurCS - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS O64 - Services: CurCS - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys - SASDIFSV (SASDIFSV) .(.Pas de propriétaire - SASDIFSV.) - LEGACY_SASDIFSV O64 - Services: CurCS - C:\Program Files\SUPERAntiSpyware\SASENUM.sys - SASENUM (SASENUM) .(.SuperAdBlocker, Inc. - SuperAntiSpyware.) - LEGACY_SASENUM O64 - Services: CurCS - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys - SASKUTIL (SASKUTIL) .(.Pas de propriétaire - SASKUTIL.SYS.) - LEGACY_SASKUTIL O64 - Services: CurCS - (.not file.) - SAVOnAccess Control (SAVOnAccess Control) .(.Pas de propriétaire - Pas de description.) - LEGACY_SAVONACCESS_CONTROL O64 - Services: CurCS - (.not file.) - SAVOnAccess Filter (SAVOnAccess Filter) .(.Pas de propriétaire - Pas de description.) - LEGACY_SAVONACCESS_FILTER O64 - Services: CurCS - C:\Program Files\Sandboxie\SbieDrv.sys - SbieDrv (SbieDrv) .(.tzuk - Sandboxie Kernel Mode Driver.) - LEGACY_SBIEDRV O64 - Services: CurCS - C:\Program Files\Sandboxie\SbieSvc.exe - Sandboxie Service (SbieSvc) .(.tzuk - Sandboxie Service.) - LEGACY_SBIESVC O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\secdrv.sys - Secdrv (Secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - C:\WINDOWS\system32\speedfan.sys - speedfan (speedfan) .(.Windows ® 2000 DDK provider - SpeedFan Device Driver.) - LEGACY_SPEEDFAN O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\sptd.sys - sptd (sptd) .(.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) - LEGACY_SPTD O64 - Services: CurCS - (.not file.) - srescan (srescan) .(.Pas de propriétaire - Pas de description.) - LEGACY_SRESCAN O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - C:\WINDOWS\system32\SVKP.sys - SVKP (SVKP) .(.AntiCracking - SVKP driver for NT.) - LEGACY_SVKP O64 - Services: CurCS - (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\TPKD.sys - TPkd (TPkd) .(.PACE Anti-Piracy, Inc. - InterLok system file.) - LEGACY_TPKD O64 - Services: CurCS - (.not file.) - Gestionnaire de téléchargement (uploadmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_UPLOADMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VIAPFD.sys - VIAPFD (VIAPFD) .(.VIA Technologies. Inc. - VIA PFD driver.) - LEGACY_VIAPFD O64 - Services: CurCS - (.not file.) - vsdatant (vsdatant) .(.Pas de propriétaire - Pas de description.) - LEGACY_VSDATANT O64 - Services: CurCS - (.not file.) - VSOMRIXF (VSOMRIXF) .(.Pas de propriétaire - Pas de description.) - LEGACY_VSOMRIXF ---\\ Observateur d'évènement d'application (OEA) (O66) O66 - EventLog: ID=1 (JavaQuickStarterService) - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf: No such file or directory\n"}; (.not file.) ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Pas de propriétaire - Pas de description.) -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKLM\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Pas de propriétaire - Pas de description.) -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O68 - StartMenuInternet: <MSN Explorer> <>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\MSN6.exe ---\\ Search Browser Infection (SBI) (O69) ---\\ Recherche d'infection Master Boot Record (O80) Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net Run by Pascal Admin at 30/04/2010 19:20:25 device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x831571A0]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\atapi -> 0x831571a0 IoDeviceObjectType -> ParseProcedure -> 0x822391b0 \Device\Harddisk0\DR0 -> ParseProcedure -> 0x822391b0 Warning: possible MBR rootkit infection ! user & kernel MBR OK Use "Recovery Console" command "fixmbr" to clear infection ! Use "ZHPFix" command "MBRFix" to clear infection ! End of the scan (1431 lines in 06mn 13s)
- le 30 avril 2010
- 85 réponses
Infections détectée par ZHPDIAG

pldta a répondu à un(e) sujet de pldta dans Analyses et éradication malwares

le programme SPTDinst-v156-x86.exe téléchargé avec l'adresse au-dessus ne s'exécute pas : ce n'est pas une application win32 valide. J'ai trouvé sur le net une version SPTDinst-v156-x86.exe qui m'indique que je n'ai aucun driver SPTD installé . Quant à Avenger voici le résultat : Logfile of The Avenger Version 2.0, © by Swandog46 http://swandog46.geekstogo.com Platform: Windows XP ******************* Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Rootkit scan active. No rootkits found! Completed script processing. ******************* Finished! Terminate. Au fait ZHP signale ces 3 lignes en variable : O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 30/04/2010 - 12:43:07 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0] => Empty File O44 - LFC:[MD5.F1FBA6185A6A2BC6456970914875078E] - 26/04/2010 - 14:58:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\PEV.exe [256512] => Possible W32/Heuristic-210!Eldorado O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bootvrfy.exe:KAVICHS => Microsoft or malware le fichier pev.exe a été créé le 26/04/2010 et déclenche 4 alertes sur virustotal: Fichier PEV.exe reçu le 2010.04.30 12:16:48 (UTC) Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.50 2010.04.30 - AhnLab-V3 2010.04.30.02 2010.04.30 - AntiVir 8.2.1.224 2010.04.30 - Antiy-AVL 2.0.3.7 2010.04.30 - Authentium 5.2.0.5 2010.04.30 - Avast 4.8.1351.0 2010.04.30 - Avast5 5.0.332.0 2010.04.30 - AVG 9.0.0.787 2010.04.30 - BitDefender 7.2 2010.04.30 - CAT-QuickHeal 10.00 2010.04.29 (Suspicious) - DNAScan ClamAV 0.96.0.3-git 2010.04.30 - Comodo 4718 2010.04.30 - DrWeb 5.0.2.03300 2010.04.30 - eSafe 7.0.17.0 2010.04.29 Suspicious File eTrust-Vet 35.2.7460 2010.04.30 - F-Prot 4.5.1.85 2010.04.30 - F-Secure 9.0.15370.0 2010.04.30 - Fortinet 4.0.14.0 2010.04.30 - GData 21 2010.04.30 - Ikarus T3.1.1.80.0 2010.04.30 - Jiangmin 13.0.900 2010.04.29 - Kaspersky 7.0.0.125 2010.04.30 - McAfee 5.400.0.1158 2010.04.30 - McAfee-GW-Edition 6.8.5 2010.04.30 Heuristic.LooksLike.Trojan.Dropper.C Microsoft 1.5703 2010.04.30 - NOD32 5074 2010.04.30 - Norman 6.04.12 2010.04.30 - nProtect 2010-04-30.01 2010.04.30 - Panda 10.0.2.7 2010.04.29 Suspicious file PCTools 7.0.3.5 2010.04.30 - Prevx 3.0 2010.04.30 - Rising 22.45.04.03 2010.04.30 - Sophos 4.53.0 2010.04.30 - Sunbelt 6241 2010.04.30 - Symantec 20091.2.0.41 2010.04.30 - TheHacker 6.5.2.0.274 2010.04.30 - TrendMicro 9.120.0.1004 2010.04.30 - TrendMicro-HouseCall 9.120.0.1004 2010.04.30 - VBA32 3.12.12.4 2010.04.30 - ViRobot 2010.4.29.2296 2010.04.30 - VirusBuster 5.0.27.0 2010.04.30 - Information additionnelle File size: 256512 bytes MD5...: f1fba6185a6a2bc6456970914875078e SHA1..: a3a0da9b072ad4ceab9aec41af71a730d9b44744 SHA256: deaaab3b825ebadb6395e0be7671f96fd30ca8f76159b53c2d11da5c2ca7b7d0 ssdeep: 6144:/uhtJBJ/2pIHsWNUhP58juAgJF16QXh7BIixl5EHg2:/uvopIHHjpgJF16W Vl PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x1000 timedatestamp.....: 0x4bd0e994 (Fri Apr 23 00:28:04 2010) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0xcd000 0x3d200 8.00 10fd9cd92edc7a153b218ddee60205c2 .rsrc 0xce000 0x2000 0x1200 7.15 819809785c41fb4f99e9a4bbda6774ba .reloc 0xd0000 0x200 0x200 0.21 3c3c8a3260698cdfd07b5610e18e4e45 ( 1 imports ) > kernel32.dll: LoadLibraryA, GetProcAddress, VirtualAlloc, VirtualFree ( 0 exports ) RDS...: NSRL Reference Data Set - pdfid.: - trid..: Win32 EXE PECompact compressed (v2.x) (48.9%) Win32 EXE PECompact compressed (generic) (34.4%) Win32 Executable Generic (7.0%) Win32 Dynamic Link Library (generic) (6.2%) Generic Win/DOS Executable (1.6%) sigcheck: publisher....: n/a copyright....: n/a product......: n/a description..: n/a original name: n/a internal name: n/a file version.: n/a comments.....: n/a signers......: - signing date.: - verified.....: Unsigned packers (Kaspersky): PE_Patch.PECompact, PecBundle, PECompact packers (F-Prot): PecBundle, PECompact Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.50 2010.04.30 - AhnLab-V3 2010.04.30.02 2010.04.30 - AntiVir 8.2.1.224 2010.04.30 - Antiy-AVL 2.0.3.7 2010.04.30 - Authentium 5.2.0.5 2010.04.30 - Avast 4.8.1351.0 2010.04.30 - Avast5 5.0.332.0 2010.04.30 - AVG 9.0.0.787 2010.04.30 - BitDefender 7.2 2010.04.30 - CAT-QuickHeal 10.00 2010.04.29 (Suspicious) - DNAScan ClamAV 0.96.0.3-git 2010.04.30 - Comodo 4718 2010.04.30 - DrWeb 5.0.2.03300 2010.04.30 - eSafe 7.0.17.0 2010.04.29 Suspicious File eTrust-Vet 35.2.7460 2010.04.30 - F-Prot 4.5.1.85 2010.04.30 - F-Secure 9.0.15370.0 2010.04.30 - Fortinet 4.0.14.0 2010.04.30 - GData 21 2010.04.30 - Ikarus T3.1.1.80.0 2010.04.30 - Jiangmin 13.0.900 2010.04.29 - Kaspersky 7.0.0.125 2010.04.30 - McAfee 5.400.0.1158 2010.04.30 - McAfee-GW-Edition 6.8.5 2010.04.30 Heuristic.LooksLike.Trojan.Dropper.C Microsoft 1.5703 2010.04.30 - NOD32 5074 2010.04.30 - Norman 6.04.12 2010.04.30 - nProtect 2010-04-30.01 2010.04.30 - Panda 10.0.2.7 2010.04.29 Suspicious file PCTools 7.0.3.5 2010.04.30 - Prevx 3.0 2010.04.30 - Rising 22.45.04.03 2010.04.30 - Sophos 4.53.0 2010.04.30 - Sunbelt 6241 2010.04.30 - Symantec 20091.2.0.41 2010.04.30 - TheHacker 6.5.2.0.274 2010.04.30 - TrendMicro 9.120.0.1004 2010.04.30 - TrendMicro-HouseCall 9.120.0.1004 2010.04.30 - VBA32 3.12.12.4 2010.04.30 - ViRobot 2010.4.29.2296 2010.04.30 - VirusBuster 5.0.27.0 2010.04.30 - Information additionnelle File size: 256512 bytes MD5...: f1fba6185a6a2bc6456970914875078e SHA1..: a3a0da9b072ad4ceab9aec41af71a730d9b44744 SHA256: deaaab3b825ebadb6395e0be7671f96fd30ca8f76159b53c2d11da5c2ca7b7d0 ssdeep: 6144:/uhtJBJ/2pIHsWNUhP58juAgJF16QXh7BIixl5EHg2:/uvopIHHjpgJF16W Vl PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x1000 timedatestamp.....: 0x4bd0e994 (Fri Apr 23 00:28:04 2010) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0xcd000 0x3d200 8.00 10fd9cd92edc7a153b218ddee60205c2 .rsrc 0xce000 0x2000 0x1200 7.15 819809785c41fb4f99e9a4bbda6774ba .reloc 0xd0000 0x200 0x200 0.21 3c3c8a3260698cdfd07b5610e18e4e45 ( 1 imports ) > kernel32.dll: LoadLibraryA, GetProcAddress, VirtualAlloc, VirtualFree ( 0 exports ) RDS...: NSRL Reference Data Set - pdfid.: - trid..: Win32 EXE PECompact compressed (v2.x) (48.9%) Win32 EXE PECompact compressed (generic) (34.4%) Win32 Executable Generic (7.0%) Win32 Dynamic Link Library (generic) (6.2%) Generic Win/DOS Executable (1.6%) sigcheck: publisher....: n/a copyright....: n/a product......: n/a description..: n/a original name: n/a internal name: n/a file version.: n/a comments.....: n/a signers......: - signing date.: - verified.....: Unsigned packers (Kaspersky): PE_Patch.PECompact, PecBundle, PECompact packers (F-Prot): PecBundle, PECompact et le rapport ZHPDIAG qui se termine toujours pareil: Rapport de ZHPDiag v1.25.1413 par Nicolas Coolman Run by Pascal Admin at 30/04/2010 13:51:14 Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 MFIE: Mozilla Firefox (3.6.3) ---\\ System Information Platform : Microsoft Windows XP (5.1.2600) Service Pack 3 Processor: x86 Family 6 Model 6 Stepping 2, AuthenticAMD Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 511 MB (35% free) System drive C: has 14 GB (37%) free of 39 GB ---\\ Logged in mode Computer Name: PCPASCAL User Name: Pascal Admin Unselected Option: O1,O45,O61,O65 Logged in as Administrator ---\\ DOS/Devices A:\ Floppy drive, Flash card reader, USB Key (Not Inserted) C:\ Hard drive, Flash drive, Thumb drive (Free 14 Go of 39 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 5 Go of 75 Go) E:\ Hard drive, Flash drive, Thumb drive (Free 12 Go of 190 Go) F:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 37 Go) G:\ CD-ROM drive (Not Inserted) H:\ CD-ROM drive (Not Inserted) J:\ CD-ROM drive (Not Inserted) M:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK ---\\ Processus lancés [MD5.3E4C03CEFAD8DE135263236B61A49C90] - (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe [155648] [MD5.D552D5BC4E24373E0FFD9464E72493C6] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\PSDrvCheck.exe [396800] [MD5.56193BCE4DFD8879AEDEB26B71A0A583] - (.Elaborate Bytes AG - ElbyCheck.) -- C:\Program Files\SlySoft\CloneCD\ElbyCheck.exe [45056] [MD5.022DB38BECB5A44DA6F7E27923457624] - (.Logitech Inc. - Communications Manager.) -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe [488984] [MD5.AD7503D6857DBFFC7E5F2E96BC9CC283] - (.Logitech Inc. - LVCom Server.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe [252704] [MD5.64C4C17BF6A40FF1CD21205E6FD415B8] - (.ATI Technologies Inc. - CLI Application (Command Line Interface).) -- C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [45056] [MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153] [MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [248040] [MD5.F91F52F4EA5D88DAB6245682A16F3A72] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [36272] [MD5.DB1DB28467111A24664933AB8908CBCE] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [952768] [MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [MD5.59DC5BB82E4C8E0B3EADCFDBC44BA6E4] - (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe [15360] [MD5.177FF6608B48638D4066726F3A3F8444] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [102400] [MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289] [MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089] [MD5.A2EAEB497CA29ECAEAF0DF66AD85C57D] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [413696] [MD5.312A17DFF710A0F4E6D4DD1D52EAD1A8] - (.Pas de propriétaire - ATI Smart.) -- C:\WINDOWS\system32\ati2sgag.exe [520192] [MD5.E4BDF223CD75478BF44567B4D5C2634D] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) -- C:\WINDOWS\System32\svchost.exe [14336] [MD5.C3FB1D70CB88722267949694BA51759E] - (.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\WINDOWS\system32\services.exe [111104] [MD5.74E30A41CDCF331C74BC4D97BE40CC5B] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [MD5.9EF600C64435CCFDEA01C991289E76EC] - (.Sunbelt Software - Sunbelt Kerio Firewall Service.) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [1205784] [MD5.995D0B52870C7A5CAF3EA165FD674A35] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe [109344] [MD5.A005CEE9BE199C5E375FAA559CA9A7A9] - (.Logitech Inc. - LogitechService Launcher.) -- C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [105248] [MD5.CDF8AFB439D8CE182DB19E4D6B67FF63] - (.PixVue.Com - PixVue Daemon.) -- C:\Program Files\PixVue\bin\Daemon.exe [151552] [MD5.91E6024D6D4DCDECDB36C43ECF9BBECB] - (.Microsoft Corporation - LSA Shell (Export Version).) -- C:\WINDOWS\system32\lsass.exe [13312] [MD5.2B2B6189DC47F44D7549519AA7519777] - (.tzuk - Sandboxie Service.) -- C:\Program Files\Sandboxie\SbieSvc.exe [52224] [MD5.460E4CE148BD07218DA0B6A3D31885A9] - (.Microsoft Corporation - Spooler SubSystem App.) -- C:\WINDOWS\system32\spoolsv.exe [57856] [MD5.581061776E1B7C4C7771E97AE5EAF377] - (.Microsoft Corporation - Service Executable.) -- C:\Program Files\Windows Defender\MsMpEng.exe [13592] [MD5.581176F60885AEF8F78C6E38DCC3CDF9] - (.Microsoft Corporation - WMDM PMSP Service.) -- C:\WINDOWS\System32\MsPMSPSv.exe [53520] ---\\ Pages de recherche d'Internet Explorer (R1) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ---\\ Internet Explorer URLSearchHook (R3) R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Pas de propriétaire - Pas de description.) (No version) -- (.not file.) R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18904 (longhorn_ie8_gdr.100222-1700)) -- C:\WINDOWS\system32\ieframe.dll ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} . (.Xi - Net Transport IE Helper Module.) -- C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: &PixVue - {B28B4479-D9C2-41D1-B74D-74A1827037CD} . (.Pas de propriétaire - PixVue.) -- C:\Program Files\PixVue\bin\PixVue.dll ---\\ Applications démarrées automatiquement par le registre (O4) O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [PSDrvCheck] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\PSDrvCheck.exe O4 - HKLM\..\Run: [CloneCDElbyCDFL] . (.Elaborate Bytes AG - ElbyCheck.) -- C:\Program Files\SlySoft\CloneCD\ElbyCheck.exe O4 - HKLM\..\Run: [LogitechCommunicationsManager] . (.Logitech Inc. - Communications Manager.) -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe O4 - HKLM\..\Run: [LVCOMSX] . (.Logitech Inc. - LVCom Server.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe O4 - HKLM\..\Run: [ATICCC] . (.ATI Technologies Inc. - CLI Application (Command Line Interface).) -- C:\Program Files\ATI Technologies\ATI.ACE\cli.exe O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - Global Startup: Nikon Monitor.lnk . (.Nikon Corporation - Nikon Transfer Monitor.) -- C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe O4 - Global Startup: WinZip Quick Pick.lnk . (.WinZip Computing LP - WinZip Executable.) -- C:\Program Files\WinZip\WZQKPICK.EXE O4 - Global Startup: Adobe Gamma.lnk . (.Adobe Systems, Inc. - Adobe Gamma Loader.) -- C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HotSync Manager.lnk . (.Palm, Inc. - HotSync® Manager Application.) -- C:\Palm\HOTSYNC.EXE ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: &Télécharger avec NetTransport . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Xi\NetTransport 2\NTAddLink.html O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\WINDOWS\system32\GPhotos.scr O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe O8 - Extra context menu item: Tout t&élécharger avec NetTransport . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Xi\NetTransport 2\NTAddList.html ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ---\\ Site dans la Zone de confiance d'Internet Explorer (O15) O15 - Trusted Zone: [HKCU\...\Domains\www] http.cltnet.de ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: DirectAnimation Java Classes (DirectAnimation Java Classes) - (.not file.) - O16 - DPF: Microsoft XML Parser for Java (Microsoft XML Parser for Java) - (.not file.) - O16 - DPF: teleir_cert (teleir_cert) - (.not file.) - https:\\static.ir.dgi.minefi.gouv.fr\secure\connexion\archives\ie4n4\teleir_cert.cab O16 - DPF: {0D9392CD-A784-4FCA-9342-0F75F7D7C8CB} (Corporate Language Training Interface) - http://www.cltnet.de/login/dplaunch.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/get/shock...director/sw.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/housec...ivex/hcImpl.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1155398021206 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - (.not file.) - https:\\static.impots.gouv.fr\tdir\static\adpform\AdSignerADP-2.0.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 O17 - HKLM\System\CS4\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: !SASWinLogon . (.SUPERAntiSpyware.com - SUPERAntiSpyware WinLogon Processor.) -- C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\System32\Ati2evxx.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: PixVue . (.PixVue.Com - WinLogon Dynamic Link Library.) -- C:\Program Files\PixVue\bin\WinLogon.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Windows Genuine Advantage - Meddelande.) -- C:\WINDOWS\System32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier . (.Pas de propriétaire - Pas de description.) -- WRLogonNTF.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart (ATI Smart) . (.Pas de propriétaire - ATI Smart.) - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) . (.Sunbelt Software - Sunbelt Kerio Firewall Service.) - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) . (.Logitech Inc. - Logitech LVPrcSrv Module..) - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher (LVSrvLauncher) . (.Logitech Inc. - LogitechService Launcher.) - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: PixVue (PixVue) . (.PixVue.Com - PixVue Daemon.) - C:\Program Files\PixVue\bin\Daemon.exe O23 - Service: Sandboxie Service (SbieSvc) . (.tzuk - Sandboxie Service.) - C:\Program Files\Sandboxie\SbieSvc.exe ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MP Scheduled Scan.job ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP O40 - ASIC: YInstStarterUpgrade Class - {0291E591-EA41-4c82-8106-3DC6CE7F7664} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll O40 - ASIC: Macromedia Shockwave Director 10.1 - {166B1BCA-3F9C-11CF-8075-444553540000} . (.Macromedia, Inc. - Shockwave ActiveX Control.) -- C:\WINDOWS\system32\Macromed\Director\SwDir.dll O40 - ASIC: YInstStarter Class - {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll O40 - ASIC: YSearchSetting2 Class - {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp11.inf O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 9.0 r124.) -- C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: avgio (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys O41 - Driver: avipbb (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\WINDOWS\system32\DRIVERS\avipbb.sys O41 - Driver: Firewall Driver (fwdrv) . (.Sunbelt Software - Sunbelt Kerio Firewall FWDRV.) - C:\WINDOWS\system32\drivers\fwdrv.sys O41 - Driver: Kerio HIPS Driver (khips) . (.Sunbelt Software - Sunbelt Kerio Host Intrusion Prevention Dri.) - C:\WINDOWS\system32\drivers\khips.sys O41 - Driver: SASDIFSV (SASDIFSV) . (.Pas de propriétaire - SASDIFSV.) - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys O41 - Driver: SASKUTIL (SASKUTIL) . (.Pas de propriétaire - SASKUTIL.SYS.) - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys O41 - Driver: (VIAPFD) . (.VIA Technologies. Inc. - VIA PFD driver.) - C:\WINDOWS\system32\Drivers\VIAPFD.sys O41 - Driver: AVG Anti-Spyware Driver (AVG Anti-Spyware Driver) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\AVG Anti-Spyware 7.5\guard.sys O41 - Driver: AVG Anti-Spyware Clean Driver (AvgAsCln) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\DRIVERS\AvgAsCln.sys O41 - Driver: (NaiAvTdi1) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\drivers\mvstdi5x.sys ---\\ Logiciels installés (O42) O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] O42 - Logiciel: ASAPI Update - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ATI - Software Uninstall Utility - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: AVI/MPEG/RM/WMV Joiner 4.81 - (.Boilsoft, Inc..) [HKLM] O42 - Logiciel: Adobe Common File Installer - (.Adobe System Incorporated.) [HKLM] O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Adobe Flash Player ActiveX - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Adobe Help Center 2.1 - (.Adobe Systems.) [HKLM] O42 - Logiciel: Adobe Photoshop CS2 - (.Adobe Systems, Inc..) [HKLM] O42 - Logiciel: Adobe Photoshop Elements 5.0 - (.Adobe Systems, Inc..) [HKLM] O42 - Logiciel: Adobe Stock Photos 1.0 - (.Adobe Systems.) [HKLM] O42 - Logiciel: Advanced IRC - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Audacity 1.2.4 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Avi2Dvd 0.4.5 beta - (.TrustFm.) [HKLM] O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] O42 - Logiciel: BackupBuddy for Windows - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] O42 - Logiciel: CH Control Manager - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Clean 5 - (.Pinnacle Systems GmbH / Steinberg Media Technologies GmbH.) [HKLM] O42 - Logiciel: CloneCD - (.Elaborate Bytes.) [HKLM] O42 - Logiciel: Cobian Backup 9 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ConvertHelper 2.1 - (.DownloadHelper.) [HKLM] O42 - Logiciel: ConvertXtoDVD 3.2.9.94c - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] O42 - Logiciel: DoublePics v2.3.2(.4) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EPSON Smart Panel - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EVEREST Ultimate Edition v5.00 - (.Lavalys, Inc..) [HKLM] O42 - Logiciel: EarMaster Pro 5 - (.EarMaster ApS.) [HKLM] O42 - Logiciel: Exifer - (.Friedemann Schmidt.) [HKLM] O42 - Logiciel: File Uploader - (.Nikon.) [HKLM] O42 - Logiciel: Foxit Reader - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: GHCS Software GedStar for PalmOS - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: GNU Solfege 3.14.7 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: GedCom-Vision version 2.0e - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Greeting Card Creator - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Handy Recovery 1.0 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Harmony Assistant - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Helicon Filter 2.02 - (.Helicon Co..) [HKLM] O42 - Logiciel: Heredis 9 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: IFOEdit 0.971 Fr - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: IsoBuster 1.9.1 - (.Smart Projects.) [HKLM] O42 - Logiciel: J'apprends le piano - (.Musicalis.) [HKLM] O42 - Logiciel: Java 6 Update 19 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: K-Lite Mega Codec Pack 3.5.0 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Kaspersky Online Scanner - (.Kaspersky Lab.) [HKLM] O42 - Logiciel: Kommute - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Label Editor - (.Steinberg.) [HKLM] O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Lizardtech DjVu Control - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Logitech QuickCam - (.Logitech Inc..) [HKLM] O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 Parser and SDK - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MVision - (.Logitech Inc..) [HKLM] O42 - Logiciel: Macromedia Flash Player - (.Macromedia, Inc..) [HKLM] O42 - Logiciel: Macromedia Shockwave Player - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] O42 - Logiciel: MaxSplitter v1.53 Free Edition - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Media Player Classic fr - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB953297) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Baseline Security Analyzer 2.1 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Flight Simulator 2004 Un siècle d'aviation - (.Microsoft.) [HKLM] O42 - Logiciel: Microsoft Money - (.Microsoft.) [HKLM] O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Mozilla Firefox (3.6.3) - (.Mozilla.) [HKLM] O42 - Logiciel: Mp3DirectCut - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Neat Image v5 Demo (with plug-in) - (.Neat Image team, ABSoft.) [HKLM] O42 - Logiciel: Nero 6 Enterprise Edition - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Nero BurnRights (Ahead Software) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Net Transport 1.94.282 - (.Xi.) [HKLM] O42 - Logiciel: NikonCapture - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Notification Live Search - (.Pas de propriétaire.) [HKCU] O42 - Logiciel: OMeR - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: P2400P Guide de référence - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: PDFtoMusic - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: PTLens - (.ePaperPress.) [HKLM] O42 - Logiciel: PeerGuardian 2.0 - (.Methlabs Productions.) [HKLM] O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] O42 - Logiciel: Picture Control Utility - (.Nikon.) [HKLM] O42 - Logiciel: Planète Généalogie - (.BSD Concept.) [HKLM] O42 - Logiciel: Programme de gestion Camera de Logitech® - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: QuickPar 0.9 - (.Peter B. Clements.) [HKLM] O42 - Logiciel: QuickTime - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: RadCor 2.04 - (.TUVSW.) [HKLM] O42 - Logiciel: Radio Fr Solo 2.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: SanDisk SD Wi-Fi Card - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Sandboxie 3.34 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: SaverWiz - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ScummVM 1.0.0rc1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB978380) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB978382) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Outlook 2007 (KB972363) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB957789) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB980470) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB969604) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB969613) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] O42 - Logiciel: Sibelius 5 Demo - (.Sibelius Software.) [HKLM] O42 - Logiciel: Sibelius Scorch (Firefox, Opera, Netscape only) - (.Sibelius Software.) [HKLM] O42 - Logiciel: Simple Sudoku 4.2 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Skype™ 4.0 - (.Skype Technologies S.A..) [HKLM] O42 - Logiciel: SmartList To Go - (.DataViz, Inc..) [HKLM] O42 - Logiciel: Sophos Anti-Rootkit 1.3 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: SpeedFan (remove only) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Spybot - Search & Destroy 1.4 - (.Safer Networking Limited.) [HKLM] O42 - Logiciel: StationRipper 2.71 - (.Ratajik Software.) [HKLM] O42 - Logiciel: StealthNet 0.8.7.2 - (.The StealthNet Team.) [HKLM] O42 - Logiciel: Sudoku 3D Pro - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Sudoku V 3.0 - (.Olivier RAVET.) [HKLM] O42 - Logiciel: TeamViewer 4 - (.TeamViewer GmbH.) [HKLM] O42 - Logiciel: Tous les Noms de Famille de France V.6.5.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: UMVPLStandalone - (.Logitech Inc..) [HKLM] O42 - Logiciel: URL Snooper v2.26.01 - (.DonationCoder.com.) [HKLM] O42 - Logiciel: Universal Extractor 1.6 - (.Jared Breland.) [HKLM] O42 - Logiciel: Unlocker 1.8.6 - (.Cedrick Collomb.) [HKLM] O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] O42 - Logiciel: Update for 2007 Microsoft Office System (KB981715) - (.Microsoft.) [HKLM] O42 - Logiciel: Update for Microsoft Office InfoPath 2007 (KB976416) - (.Microsoft.) [HKLM] O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb981433) - (.Microsoft.) [HKLM] O42 - Logiciel: VDMSound - (.Vlad Romascanu.) [HKLM] O42 - Logiciel: VobEdit 0.6 Fr - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: WaveLab Lite - (.Steinberg.) [HKLM] O42 - Logiciel: WinHTTrack Website Copier 3.30 - (.HTTrack.) [HKLM] O42 - Logiciel: WinPcap 4.1.1 - (.CACE Technologies.) [HKLM] O42 - Logiciel: WinWAP for Windows 3.2 - (.Winwap Technologies Oy.) [HKLM] O42 - Logiciel: WinZip - (.WinZip Computing LP.) [HKLM] O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Installer Clean Up - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Wintree Version 3.0 d - (.Decrock.) [HKLM] O42 - Logiciel: ZebHelpProcess 2.34 - (.Nicolas Coolman.) [HKLM] O42 - Logiciel: dBpowerAMP Wavpack Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp FLAC Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Monkeys Audio Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Musepack Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Ogg Vorbis Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Windows Media Audio 10 Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dMC Power Pack - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: jv16 PowerTools 1.3 - (.Pas de propriétaire.) [HKLM] ---\\ HKCU & HKLM Software Keys [HKCU\Software\ABSoft] [HKCU\Software\AC3filter] [HKCU\Software\ASProtect] [HKCU\Software\ATI] [HKCU\Software\Ad-Remover] [HKCU\Software\Adobe] [HKCU\Software\Advanced IRC] [HKCU\Software\Ahead] [HKCU\Software\Alcohol Soft] [HKCU\Software\Angus Johnson] [HKCU\Software\Anuman Interactive] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\ApplianTechnologies] [HKCU\Software\ArcSoft] [HKCU\Software\Audacity] [HKCU\Software\Auralis] [HKCU\Software\Avira] [HKCU\Software\BITSoft] [HKCU\Software\BitTorrent] [HKCU\Software\Borland] [HKCU\Software\Bsd Concept] [HKCU\Software\CDIP] [HKCU\Software\CDRWIN 5] [HKCU\Software\Clients] [HKCU\Software\Cobian] [HKCU\Software\CoreVorbis] [HKCU\Software\Creative Tech] [HKCU\Software\Cyberlink] [HKCU\Software\DATA BECKER] [HKCU\Software\DDH Software] [HKCU\Software\DPSoftware] [HKCU\Software\DSP-worx] [HKCU\Software\DVD Shrink] [HKCU\Software\DataViz] [HKCU\Software\DefaultID] [HKCU\Software\Digital River] [HKCU\Software\DivXNetworks] [HKCU\Software\DxO Optics Pro] [HKCU\Software\DxO] [HKCU\Software\EMCO MSI Package Builder] [HKCU\Software\EMME] [HKCU\Software\EPSON] [HKCU\Software\EditHexa] [HKCU\Software\Elaborate Bytes] [HKCU\Software\Elcom] [HKCU\Software\Exifer] [HKCU\Software\Foxit Software Company] [HKCU\Software\Foxit Software] [HKCU\Software\FreeDownloadManager.ORG] [HKCU\Software\Freeware] [HKCU\Software\FreshDevices] [HKCU\Software\Fridgesoft] [HKCU\Software\GHCS] [HKCU\Software\GIANTCompany] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\Genie-Soft] [HKCU\Software\GlarySoft] [HKCU\Software\decrock] [HKCU\Software\digital publishing] [HKCU\Software\e-merge] [HKCU\Software\eMule] [HKCU\Software\ePaperPress] [HKCU\Software\ej-technologies] [HKLM\Software\ABSoft] [HKLM\Software\ACE Compression Software] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Adobe Systems] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\America Online] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Avira] [HKLM\Software\BigScott27] [HKLM\Software\Boonty] [HKLM\Software\Borland] [HKLM\Software\C07ft5Y] [HKLM\Software\CDDB] [HKLM\Software\CDRWIN5] [HKLM\Software\Canon] [HKLM\Software\Carpet] [HKLM\Software\Chilkat Software, Inc.] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Cobian] [HKLM\Software\Codec Tweak Tool] [HKLM\Software\Creative Tech] [HKLM\Software\Cyberlink] [HKLM\Software\D-Tools] [HKLM\Software\DDH Software] [HKLM\Software\DECROCK] [HKLM\Software\DIOC] [HKLM\Software\Debug] [HKLM\Software\DivXNetworks] [HKLM\Software\DownloadHelper] [HKLM\Software\EMCO MSI Package Builder] [HKLM\Software\EPSON Photo Print] [HKLM\Software\EPSON] [HKLM\Software\Elaborate Bytes] [HKLM\Software\Elcom] [HKLM\Software\Foxit Software] [HKLM\Software\FreshDevices] [HKLM\Software\GIANTCompany] [HKLM\Software\GNU] [HKLM\Software\Gabest] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\Gravity Soft] [HKLM\Software\HaaliMkx] [HKLM\Software\Hemera Products] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\Internet Download Manager] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KLCodecPack] [HKLM\Software\Licenses] [HKLM\Software\LizardTech] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Micro Application] [HKLM\Software\MicroQuill] [HKLM\Software\MidiTec] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\MyHeritage.com] [HKLM\Software\Myriad Software] [HKLM\Software\NCSoft] [HKLM\Software\Network Associates] [HKLM\Software\Nico Mak Computing] [HKLM\Software\Nikon] [HKLM\Software\ODBC] [HKLM\Software\Orium Software] [HKLM\Software\PACE Anti-Piracy] [HKLM\Software\PepiMK Software] [HKLM\Software\Pinnacle Systems] [HKLM\Software\PixVue.Com] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\Protexis] [HKLM\Software\Python] [HKLM\Software\QuEnc] [HKLM\Software\Ratajik Software] [HKLM\Software\RealNetworks] [HKLM\Software\RegisteredApplications] [HKLM\Software\RjH Software] [HKLM\Software\S3R521] [HKLM\Software\SUPERAntiSpyware.com] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Schlumberger] [HKLM\Software\Sibelius Software] [HKLM\Software\Skype] [HKLM\Software\Smart Panel] [HKLM\Software\Soeperman Enterprises Ltd.] [HKLM\Software\SoftLogica] [HKLM\Software\Sonic] [HKLM\Software\Sophos] [HKLM\Software\SplashData] [HKLM\Software\Sports] [HKLM\Software\Std] [HKLM\Software\Steinberg] [HKLM\Software\String Comparison] [HKLM\Software\Sunbelt Software] [HKLM\Software\Swearware] [HKLM\Software\TG Byte Software] [HKLM\Software\TeamViewer] [HKLM\Software\TorrentSearcher] [HKLM\Software\Totalidea Software] [HKLM\Software\Trad-FR] [HKLM\Software\TrendMicro] [HKLM\Software\Ulead Systems] [HKLM\Software\Uniblue] [HKLM\Software\VEGA] [HKLM\Software\VOB] [HKLM\Software\VSO] [HKLM\Software\Via4in1Driver] [HKLM\Software\Voice] [HKLM\Software\Wheel] [HKLM\Software\WinPcap] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Winzip FR] [HKLM\Software\Wise Solutions] [HKLM\Software\X-AVCSD] [HKLM\Software\Xi] [HKLM\Software\Yahoo] [HKLM\Software\Zone Labs] [HKLM\Software\ePaperPress] [HKLM\Software\mozilla.org] ---\\ Contenu des dossiers Fichiers Communs (O43) O43 - CFD:Common File Directory ----D- C:\Program Files\3D Photo Browser O43 - CFD:Common File Directory ----D- C:\Program Files\3M O43 - CFD:Common File Directory ----D- C:\Program Files\3M Littmann O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Advanced IRC O43 - CFD:Common File Directory ----D- C:\Program Files\Ahead O43 - CFD:Common File Directory ----D- C:\Program Files\Alcohol Soft O43 - CFD:Common File Directory ----D- C:\Program Files\ANtsP2P O43 - CFD:Common File Directory ----D- C:\Program Files\Anuman Interactive O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\Audacity O43 - CFD:Common File Directory ----D- C:\Program Files\AVG Anti-Spyware 7.5 O43 - CFD:Common File Directory ----D- C:\Program Files\AVI MPEG RM WMV Joiner O43 - CFD:Common File Directory ----D- C:\Program Files\Avi2Dvd O43 - CFD:Common File Directory ----D- C:\Program Files\Avira O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5 O43 - CFD:Common File Directory ----D- C:\Program Files\BackupBuddy O43 - CFD:Common File Directory ----D- C:\Program Files\Blues for Piano and Keyboard 10.0 O43 - CFD:Common File Directory ----D- C:\Program Files\BSD Concept O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner O43 - CFD:Common File Directory ----D- C:\Program Files\CDRWIN5 O43 - CFD:Common File Directory ----D- C:\Program Files\CH Products O43 - CFD:Common File Directory ----D- C:\Program Files\Cobian Backup 8 O43 - CFD:Common File Directory ----D- C:\Program Files\Cobian Backup 9 O43 - CFD:Common File Directory ----D- C:\Program Files\Common~1 O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications O43 - CFD:Common File Directory ----D- C:\Program Files\ConvertHelper O43 - CFD:Common File Directory ----D- C:\Program Files\Creative O43 - CFD:Common File Directory ----D- C:\Program Files\DAEMON Tools O43 - CFD:Common File Directory ----D- C:\Program Files\dBpowerAMP O43 - CFD:Common File Directory ----D- C:\Program Files\DivX O43 - CFD:Common File Directory ----D- C:\Program Files\Documents To Go O43 - CFD:Common File Directory ----D- C:\Program Files\DoublePics O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Shrink O43 - CFD:Common File Directory ----D- C:\Program Files\DxO Labs O43 - CFD:Common File Directory ----D- C:\Program Files\EarMaster Pro 5 O43 - CFD:Common File Directory ----D- C:\Program Files\EasyCleaner O43 - CFD:Common File Directory ----D- C:\Program Files\eMule O43 - CFD:Common File Directory ----D- C:\Program Files\ePaperPress O43 - CFD:Common File Directory ----D- C:\Program Files\EPSON O43 - CFD:Common File Directory ----D- C:\Program Files\Exifer O43 - CFD:Common File Directory ----D- C:\Program Files\FamilySearch O43 - CFD:Common File Directory R---D- C:\Program Files\Fichiers communs O43 - CFD:Common File Directory ----D- C:\Program Files\File Scanner Library (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\Foxit Software O43 - CFD:Common File Directory ----D- C:\Program Files\GedCom-Vision O43 - CFD:Common File Directory ----D- C:\Program Files\GedStar O43 - CFD:Common File Directory ----D- C:\Program Files\GNU O43 - CFD:Common File Directory ----D- C:\Program Files\GNU Solfege O43 - CFD:Common File Directory ----D- C:\Program Files\Google O43 - CFD:Common File Directory ----D- C:\Program Files\GrabIt O43 - CFD:Common File Directory ----D- C:\Program Files\Greeting Card Creator O43 - CFD:Common File Directory ----D- C:\Program Files\GRISOFT O43 - CFD:Common File Directory ----D- C:\Program Files\Guitar Pro 4 O43 - CFD:Common File Directory ----D- C:\Program Files\HanDBase3 O43 - CFD:Common File Directory ----D- C:\Program Files\HardwareDetection O43 - CFD:Common File Directory ----D- C:\Program Files\Harmony Assistant O43 - CFD:Common File Directory ----D- C:\Program Files\Helicon Software O43 - CFD:Common File Directory ----D- C:\Program Files\Hijackthis O43 - CFD:Common File Directory ----D- C:\Program Files\i2p O43 - CFD:Common File Directory ----D- C:\Program Files\icesword O43 - CFD:Common File Directory ----D- C:\Program Files\IfoEdit O43 - CFD:Common File Directory ----D- C:\Program Files\IKEA HomePlanner O43 - CFD:Common File Directory ----D- C:\Program Files\Illustrate O43 - CFD:Common File Directory ----D- C:\Program Files\iMule-1.4.5 O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer O43 - CFD:Common File Directory ----D- C:\Program Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\Java(2) O43 - CFD:Common File Directory ----D- C:\Program Files\jv16 PowerTools O43 - CFD:Common File Directory ----D- C:\Program Files\K-Lite Codec Pack O43 - CFD:Common File Directory ----D- C:\Program Files\Kommute O43 - CFD:Common File Directory ----D- C:\Program Files\Lavalys O43 - CFD:Common File Directory ----D- C:\Program Files\LizardTech O43 - CFD:Common File Directory ----D- C:\Program Files\Logitech O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com O43 - CFD:Common File Directory ----D- C:\Program Files\MagicISO O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD:Common File Directory ----D- C:\Program Files\Managed DirectX (0901) O43 - CFD:Common File Directory ----D- C:\Program Files\MaxSplitter O43 - CFD:Common File Directory ----D- C:\Program Files\Media Player Classic O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Backup O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft AntiSpyware O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Baseline Security Analyzer 2 O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Money 2005 O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET O43 - CFD:Common File Directory ----D- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox O43 - CFD:Common File Directory ----D- C:\Program Files\Mp3DirectCut O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache O43 - CFD:Common File Directory ----D- C:\Program Files\MSN O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0 O43 - CFD:Common File Directory ----D- C:\Program Files\Musicalis O43 - CFD:Common File Directory ----D- C:\Program Files\MUTE O43 - CFD:Common File Directory ----D- C:\Program Files\myFairTunes O43 - CFD:Common File Directory ----D- C:\Program Files\MyVideoSoft O43 - CFD:Common File Directory ----D- C:\Program Files\NapShare O43 - CFD:Common File Directory ----D- C:\Program Files\Neat Image O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting O43 - CFD:Common File Directory ----D- C:\Program Files\Newave O43 - CFD:Common File Directory ----D- C:\Program Files\Nikon O43 - CFD:Common File Directory ----D- C:\Program Files\Omer O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express O43 - CFD:Common File Directory ----D- C:\Program Files\Pando Networks O43 - CFD:Common File Directory ----D- C:\Program Files\PDFtoMusic O43 - CFD:Common File Directory ----D- C:\Program Files\PeerGuardian2 O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre O43 - CFD:Common File Directory ----D- C:\Program Files\Pinnacle O43 - CFD:Common File Directory ----D- C:\Program Files\PixVue O43 - CFD:Common File Directory ----D- C:\Program Files\PlayPianoTODAY O43 - CFD:Common File Directory ----D- C:\Program Files\PrivacyEraser Computing O43 - CFD:Common File Directory ----D- C:\Program Files\process monitor main O43 - CFD:Common File Directory ----D- C:\Program Files\PW O43 - CFD:Common File Directory ----D- C:\Program Files\QuickPar O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime O43 - CFD:Common File Directory ----D- C:\Program Files\RadCor O43 - CFD:Common File Directory ----D- C:\Program Files\Radio Fr Solo O43 - CFD:Common File Directory ----D- C:\Program Files\Reagclean O43 - CFD:Common File Directory ----D- C:\Program Files\Real O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies O43 - CFD:Common File Directory ----D- C:\Program Files\RegClean O43 - CFD:Common File Directory ----D- C:\Program Files\RipTiger O43 - CFD:Common File Directory ----D- C:\Program Files\Sandboxie O43 - CFD:Common File Directory ----D- C:\Program Files\SanDisk O43 - CFD:Common File Directory ----D- C:\Program Files\SaverWiz O43 - CFD:Common File Directory ----D- C:\Program Files\ScummVM O43 - CFD:Common File Directory ----D- C:\Program Files\SDHelper (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\SEAF O43 - CFD:Common File Directory ----D- C:\Program Files\Sensory O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne O43 - CFD:Common File Directory ----D- C:\Program Files\Sibelius Software O43 - CFD:Common File Directory ----D- C:\Program Files\Simple Sudoku O43 - CFD:Common File Directory R---D- C:\Program Files\Skype O43 - CFD:Common File Directory ----D- C:\Program Files\SlySoft O43 - CFD:Common File Directory ----D- C:\Program Files\Smart Panel O43 - CFD:Common File Directory ----D- C:\Program Files\Smart Projects O43 - CFD:Common File Directory ----D- C:\Program Files\SmartGenealogy_2.8c O43 - CFD:Common File Directory ----D- C:\Program Files\SmartList To Go O43 - CFD:Common File Directory ----D- C:\Program Files\SoftLogica O43 - CFD:Common File Directory ----D- C:\Program Files\Sophos O43 - CFD:Common File Directory ----D- C:\Program Files\SpeedFan O43 - CFD:Common File Directory ----D- C:\Program Files\SpeedItUpFree O43 - CFD:Common File Directory ----D- C:\Program Files\SplashData O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy O43 - CFD:Common File Directory ----D- C:\Program Files\StationRipper O43 - CFD:Common File Directory ----D- C:\Program Files\StealthNet O43 - CFD:Common File Directory ----D- C:\Program Files\Steinberg O43 - CFD:Common File Directory ----D- C:\Program Files\Sudoku O43 - CFD:Common File Directory ----D- C:\Program Files\Sudoku 3D Pro O43 - CFD:Common File Directory ----D- C:\Program Files\Sunbelt Software O43 - CFD:Common File Directory ----D- C:\Program Files\SUPERAntiSpyware O43 - CFD:Common File Directory ----D- C:\Program Files\SWI O43 - CFD:Common File Directory ----D- C:\Program Files\Synaesthete O43 - CFD:Common File Directory ----D- C:\Program Files\TeamViewer O43 - CFD:Common File Directory ----D- C:\Program Files\TeaTimer (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\thinkingBytes O43 - CFD:Common File Directory ----D- C:\Program Files\TimeAdjuster O43 - CFD:Common File Directory ----D- C:\Program Files\Tweak-XP Pro 4 O43 - CFD:Common File Directory ----D- C:\Program Files\Ujihara O43 - CFD:Common File Directory ----D- C:\Program Files\Ulead Systems O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information O43 - CFD:Common File Directory ----D- C:\Program Files\Universal Extractor O43 - CFD:Common File Directory ----D- C:\Program Files\Unlocker O43 - CFD:Common File Directory ----D- C:\Program Files\URLSnooper2 O43 - CFD:Common File Directory ----D- C:\Program Files\USB-set O43 - CFD:Common File Directory ----D- C:\Program Files\uTorrent O43 - CFD:Common File Directory ----D- C:\Program Files\VDMSound O43 - CFD:Common File Directory ----D- C:\Program Files\Vg O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN O43 - CFD:Common File Directory ----D- C:\Program Files\VirtualDubMOD O43 - CFD:Common File Directory ----D- C:\Program Files\VOB O43 - CFD:Common File Directory ----D- C:\Program Files\VSO O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Installer Clean Up O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Connect 2 O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT O43 - CFD:Common File Directory --HAD- C:\Program Files\WindowsUpdate O43 - CFD:Common File Directory ----D- C:\Program Files\WinHTTrack O43 - CFD:Common File Directory ----D- C:\Program Files\WinPcap O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR O43 - CFD:Common File Directory ----D- C:\Program Files\WINTREE O43 - CFD:Common File Directory ----D- C:\Program Files\Winwap Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\WinZip O43 - CFD:Common File Directory ----D- C:\Program Files\xerox O43 - CFD:Common File Directory ----D- C:\Program Files\Xi O43 - CFD:Common File Directory ----D- C:\Program Files\Yahoo! O43 - CFD:Common File Directory ----D- C:\Program Files\ZebHelpProcess 2 O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.00000000000000000000000000000000] - 30/04/2010 - 12:44:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1593276] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 30/04/2010 - 12:43:07 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.00000000000000000000000000000000] - 30/04/2010 - 12:42:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.00000000000000000000000000000000] - 30/04/2010 - 12:42:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 30/04/2010 - 12:42:06 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.E80B5452DC9E27364385BD69FDEDDEF2] - 30/04/2010 - 12:41:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\avenger.txt [886] O44 - LFC:[MD5.7F257AF568F66606F494A760B5AD7F65] - 30/04/2010 - 12:40:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000000-00000000-0000000B-00001102-00000004-00401102}.rfx [3888] O44 - LFC:[MD5.7F257AF568F66606F494A760B5AD7F65] - 30/04/2010 - 12:40:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\BMXCtrlState-{00000000-00000000-0000000B-00001102-00000004-00401102}.rfx [3888] O44 - LFC:[MD5.00000000000000000000000000000000] - 30/04/2010 - 12:40:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SchedLgU.Txt [32484] O44 - LFC:[MD5.6490C3F6B8336D05DE8FCAD8C94F50C8] - 29/04/2010 - 13:39:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\PDOXUSRS.NET [13030] O44 - LFC:[MD5.829BEECB029A6E8ED6D2BB6867B33ECD] - 29/04/2010 - 07:59:52 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB976002-v5.log [3483] O44 - LFC:[MD5.23A8C23D9C43F96CAABA5102B2E9D85C] - 28/04/2010 - 20:19:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ComboFix.txt [27327] O44 - LFC:[MD5.87AFDE2B95CB0FDB8477AB22D02BFC94] - 28/04/2010 - 20:06:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system.ini [274] O44 - LFC:[MD5.7F4247C03A71E65171CEBC339B37AB20] - 27/04/2010 - 19:14:37 RSHA- . (.Pas de propriétaire - Pas de description.) -- C:\boot.ini [282] O44 - LFC:[MD5.3CECCD255392A3A640830F3CF97CE162] - 27/04/2010 - 19:14:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Boot.bak [212] O44 - LFC:[MD5.48C65662EC81FBCAA110509F50C51497] - 27/04/2010 - 19:14:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\cmldr [263488] O44 - LFC:[MD5.AE72E8619CB31D84DA25E2435E55003C] - 27/04/2010 - 19:12:56 ---A- . (.NirSoft - NirCmd.) -- C:\WINDOWS\NIRCMD.exe [31232] O44 - LFC:[MD5.C5EC72A20B4C98DB5314E6C46765B148] - 27/04/2010 - 19:12:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\MBR.exe [77312] O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 27/04/2010 - 19:12:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\grep.exe [80412] O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 27/04/2010 - 19:12:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\sed.exe [98816] O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 27/04/2010 - 19:12:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\zip.exe [68096] O44 - LFC:[MD5.01D95A1F8CF13D07CC564AABB36BCC0B] - 27/04/2010 - 19:12:56 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\WINDOWS\SWREG.exe [161792] O44 - LFC:[MD5.B7517DB073B28F5696A1E5528ABEB5D0] - 27/04/2010 - 19:12:56 ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\WINDOWS\SWSC.exe [136704] O44 - LFC:[MD5.B1A9CF0B6F80611D31987C247EC630B4] - 27/04/2010 - 19:12:56 ---A- . (.SteelWerX - Freeware implementation of XCACLS.) -- C:\WINDOWS\SWXCACLS.exe [212480] O44 - LFC:[MD5.4CB377F47552A9EF7EC3CDF19DFD4F5B] - 27/04/2010 - 18:57:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupapi.log [17331] O44 - LFC:[MD5.1A6D80AA9E021EC3B094887D47202188] - 27/04/2010 - 12:26:33 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-CLEAN[1].txt [4714] O44 - LFC:[MD5.265672A002D063A3ED2D26F939E04FC3] - 27/04/2010 - 12:13:33 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-SCAN[1].txt [4046] O44 - LFC:[MD5.EC1C7B6CCFB28B096C9D514ACCF05C74] - 27/04/2010 - 09:12:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\TB.txt [3152] O44 - LFC:[MD5.03939357AC44D57533D006012F4DE2D0] - 27/04/2010 - 08:02:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ntbtlog.txt [164570] O44 - LFC:[MD5.4BB0628A9105D8C11B602E6F53470015] - 27/04/2010 - 07:59:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\drivers\fwdrv.err [1735460] O44 - LFC:[MD5.F1FBA6185A6A2BC6456970914875078E] - 26/04/2010 - 14:58:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\PEV.exe [256512] O44 - LFC:[MD5.FBFAF1C2C34F301BBE4C9407D2AC60E1] - 26/04/2010 - 11:21:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [2206] O44 - LFC:[MD5.7112190518B5AEAA05B259BBE393C9ED] - 25/04/2010 - 17:18:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\NeroDigital.ini [116] O44 - LFC:[MD5.43B537FA5AAC2FDE07A7E320E4362363] - 21/04/2010 - 06:53:57 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\3) [2133] O44 - LFC:[MD5.A9C93CE2627B78646BE5BBCB95DEC8EA] - 11/04/2010 - 12:59:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\win.ini [940] O44 - LFC:[MD5.19BC3077C98654C4F685624D8383BC2E] - 07/04/2010 - 06:10:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\Radio_Fr.ini [1208] O44 - LFC:[MD5.91BA33C14DF133FA79AFB6A92F582CDD] - 04/04/2010 - 15:41:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\d3d9caps.dat [664] O44 - LFC:[MD5.3C94558CD1705DA468C9562110F34069] - 04/04/2010 - 10:37:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\DonationCoder_urlsnooper_InstallInfo.dat [46] O44 - LFC:[MD5.7311558A1B943CED90A75E0409F5C5D9] - 04/04/2010 - 10:36:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\-1 [57] O44 - LFC:[MD5.CF236C6C37519794C8CB663FA639297D] - 03/04/2010 - 11:06:51 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\java.exe [145184] O44 - LFC:[MD5.8BB5783B22869D303B2E624947A9A52A] - 03/04/2010 - 11:06:51 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\javaw.exe [145184] O44 - LFC:[MD5.AC600895C014D245B03749CA3B5CBED4] - 03/04/2010 - 11:06:51 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\WINDOWS\System32\javaws.exe [153376] O44 - LFC:[MD5.FC1F0157B07D3FA402FC629AE9B977AE] - 03/04/2010 - 11:06:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\jupdate-1.6.0_19-b04.log [4229] O44 - LFC:[MD5.C71E8FF0D92FF876EB1C591A34AFDD03] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.INI [1395924] O44 - LFC:[MD5.842A215C78E052C380DCB2515035588F] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc009.dat [102990] O44 - LFC:[MD5.E2E8D636EFC592EB4E0383DEEC8E42F3] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [123638] O44 - LFC:[MD5.87D027A624CA713E45C12986BE94972C] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh009.dat [535828] O44 - LFC:[MD5.36A359FF2187AD2C10957403688B50CA] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [615420] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll O46 - SEH:ShellExecuteHooks - Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\PROGRA~1\WINDOW~4\MpShHook.dll ---\\ Export de clé d'application autorisée (ECAA) (O47) O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dpnsvr.exe" [Disabled] .(.Microsoft Corporation - Microsoft DirectPlay8 Server.) -- C:\WINDOWS\system32\dpnsvr.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\sessmgr.exe" [Disabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe" [Disabled] .(.http://www.emule-project.net - eMule.) -- C:\Program Files\eMule\emule.exe O47 - AAKE:Key Export SP - "C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe" [Enabled] .(.Sunbelt Software - Sunbelt Kerio Firewall GUI.) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\uTorrent.exe" [Enabled] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\msncall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\MSN Messenger\msncall.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\livecall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\MSN Messenger\livecall.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) (.not file.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) (.not file.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"VIDC.DIVX"="divx.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\divx.dll O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\xvidvfw.dll O52 - TDSD: \Drivers32\"vidc.iv41"="Ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\Ir41_32.ax O52 - TDSD: \Drivers32\"VIDC.YV12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\WINDOWS\System32\yv12vfw.dll O52 - TDSD: \Drivers32\"msacm.vorbis"="vorbis.acm" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\System32\vorbis.acm O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\System32\ac3acm.acm O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\WINDOWS\System32\lameACM.acm O52 - TDSD: \Drivers32\"msacm.divxa32"="divxa32.acm" . (.Kristal Studi - DivX WMA Audi.) -- C:\WINDOWS\System32\divxa32.acm O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ff_vfw.dll O52 - TDSD: \Drivers32\"vidc.tscc"="tsccvid.dll" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- C:\WINDOWS\System32\tsccvid.dll O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"tssoft32.acm"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \drivers.desc\"iccvid.dll"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \drivers.desc\"ir32_32.dll"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \drivers.desc\"Ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"iyvu9_32.dll"="Indeo® video Raw YVU9 by Intel" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\iyvu9_32.dll O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\Iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\Iac25_32.ax O52 - TDSD: \drivers.desc\"divx.dll"="DivX Pro 6.7.0" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec v1.2.0-dev" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.97b2" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"vorbis.acm"="Ogg Vorbis Audio Codec" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\System32\vorbis.acm O52 - TDSD: \drivers.desc\"Ir41_32.ax"="Indeo® video interactive R4.3 by Intel" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\System32\ac3acm.acm O52 - TDSD: \drivers.desc\"divxa32.acm"="DivX Audio" . (.Kristal Studi - DivX WMA Audi.) -- C:\WINDOWS\System32\divxa32.acm O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ff_vfw.dll O52 - TDSD: \drivers.desc\"tsccvid.dll"="TechSmith Screen Capture Codec" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- C:\WINDOWS\System32\tsccvid.dll ---\\ ShareTools MSconfig StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\DAEMON Tools [Key] . (.DT Soft Ltd. - Virtual DAEMON Manager.) -- C:\Program Files\DAEMON Tools\daemon.exe O53 - SMSR:HKLM\...\startupreg\LogitechQuickCamRibbon [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1 O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDrives"=0 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:[MD5.95B4FB835E28AA1336CEEB07FD5B9398] - 13/04/2008 - 19:36:39 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\drivers\amdagp.sys O58 - SDL:[MD5.116BFF96077A4A724E0AAB800525CEB5] - 28/08/2002 - 22:59:12 ---A- . (.ADMtek Incorporated. - ADMtek AN983/AN985/ADM951X NDIS5 Driver.) -- C:\WINDOWS\system32\drivers\an983.sys O58 - SDL:[MD5.875F9079CABEE679D34B49E466B61701] - 17/04/2002 - 19:27:02 ---A- . (.VOB Computersysteme GmbH - ASAPI.) -- C:\WINDOWS\system32\drivers\asapiW2k.sys O58 - SDL:[MD5.D649C57DA6FA762C64013747E5D7D2D6] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\drivers\ati1btxx.sys O58 - SDL:[MD5.60B6AA2DC1521DA343F781B70EB7895A] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec.) -- C:\WINDOWS\system32\drivers\ati1mdxx.sys O58 - SDL:[MD5.6FDC61E8E8E17F6ECC2D9A10FA8DF347] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec.) -- C:\WINDOWS\system32\drivers\ati1pdxx.sys O58 - SDL:[MD5.9D318099BF3876A4AF4BC75966D27603] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\drivers\ati1raxx.sys O58 - SDL:[MD5.BCAF267B10620F8C93F6E87AB726E145] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1rvxx.sys O58 - SDL:[MD5.DAC7D785CF62F5BD41441E9D6F5A6EFE] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1snxx.sys O58 - SDL:[MD5.F7706DAE7D101F1B19CE552D772EBFCE] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\drivers\ati1ttxx.sys O58 - SDL:[MD5.6F714B4720DD80FFA9F8D2731594EA4C] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1tuxx.sys O58 - SDL:[MD5.67FFBC158DD4D27BA3FC92C6ACD87F73] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1xbxx.sys O58 - SDL:[MD5.0D8CAB1F08F7D3C4DE228B49E12E596A] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1xsxx.sys O58 - SDL:[MD5.A2F791E99FD6EECEBCCFB1953A1D6F24] - 19/08/2004 - 14:53:40 ---A- . (.ATI Technologies Inc. - Pilote de miniport ATI RAGE 128.) -- C:\WINDOWS\system32\drivers\ati2mtaa.sys O58 - SDL:[MD5.492BD2A5F65F218D4EDE5764A3BB67E9] - 03/05/2006 - 17:50:42 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys O58 - SDL:[MD5.993E7BD6438FE989E328C6B4BCA246A9] - 03/08/2004 - 21:29:28 ---A- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\drivers\atinbtxx.sys O58 - SDL:[MD5.ED4C2BF8403F4437987C0BA09CF48716] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec RT2.) -- C:\WINDOWS\system32\drivers\atinmdxx.sys O58 - SDL:[MD5.E90AC2B14E98F1A4372E5891B4278784] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec RT2.) -- C:\WINDOWS\system32\drivers\atinpdxx.sys O58 - SDL:[MD5.DA36687D701C833430605A298731410B] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\drivers\atinraxx.sys O58 - SDL:[MD5.A7A01B907DB63898D40B0A14248FF9A2] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver RT2.) -- C:\WINDOWS\system32\drivers\atinrvxx.sys O58 - SDL:[MD5.CEDDEE2E0591894D19654D458FD3B9BE] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\drivers\atinsnxx.sys O58 - SDL:[MD5.D80A8F6C0A717446496C3A06D33B0D9C] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\drivers\atinttxx.sys O58 - SDL:[MD5.EDD66332608D27F4FD5069BCD0BC5164] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\drivers\atintuxx.sys O58 - SDL:[MD5.3E7D485CBD0B0D9F6EA2AD9442411831] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\atinxbxx.sys O58 - SDL:[MD5.77B575D7AAB35D5908AE6CE681608D62] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver RT2.) -- C:\WINDOWS\system32\drivers\atinxsxx.sys O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 13/02/2009 - 11:17:49 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 10/12/2009 - 19:28:27 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys O58 - SDL:[MD5.2DAA8CC2670720DEDDCC74A20EDE2EE9] - 13/02/2009 - 11:28:39 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys O58 - SDL:[MD5.AD9BD66A862116E79CB45BB6BE46055F] - 30/03/2009 - 09:32:47 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\WINDOWS\system32\drivers\avipbb.sys O58 - SDL:[MD5.35A301482478E97BE6E1C2748CE930E1] - 02/07/2003 - 17:41:42 ---A- . (.Pas de propriétaire - SCSI miniport.) -- C:\WINDOWS\system32\drivers\axwhisky.sys O58 - SDL:[MD5.F3B1CE696CCF6448C85E7CDC702098D8] - 02/07/2003 - 16:49:52 ---A- . (.Pas de propriétaire - Plug and Play BIOS Extension.) -- C:\WINDOWS\system32\drivers\axwskbus.sys O58 - SDL:[MD5.AABFFD787AB272FC903AFEEB336C6899] - 21/11/2006 - 00:36:58 ---A- . (.CH Products - CH Control Manager Driver 1.) -- C:\WINDOWS\system32\drivers\chdrvr01.sys O58 - SDL:[MD5.7536FB70BCBF5D10B810E67E72F68137] - 22/12/2005 - 22:41:52 ---A- . (.CH Products - CH Control Manager Driver 2.) -- C:\WINDOWS\system32\drivers\chdrvr02.sys O58 - SDL:[MD5.07E3319E5BAE758CEB83C80419681B6A] - 22/12/2005 - 22:41:44 ---A- . (.CH Products - CH Control Manager Driver 3.) -- C:\WINDOWS\system32\drivers\chdrvr03.sys O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 28/08/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 28/08/2001 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys O58 - SDL:[MD5.D653F455B176529F0427B24361139619] - 11/09/2001 - 13:10:14 R--A- . (.Creative Technology Ltd. - Creative OS Services Driver (WDM).) -- C:\WINDOWS\system32\drivers\ctoss2k.sys O58 - SDL:[MD5.5776322F93CDB91086111F5FFBFDA2A0] - 22/08/2004 - 15:31:10 ---A- . (.Pas de propriétaire - PnP BIOS Extension.) -- C:\WINDOWS\system32\drivers\d347bus.sys O58 - SDL:[MD5.B49F79ACE459763F4E0380071BE9CB45] - 22/08/2004 - 15:31:48 ---A- . (.Pas de propriétaire - SCSI miniport.) -- C:\WINDOWS\system32\drivers\d347prt.sys O58 - SDL:[MD5.EF99D8DAB9FCE9B734B40D5E0DD6ABB4] - 02/10/2001 - 16:06:30 R--A- . (.Creative Technology Ltd - Creative EMU10Kx Device Driver (WDM).) -- C:\WINDOWS\system32\drivers\e10kx2k.sys O58 - SDL:[MD5.59C9E1336A4508F059827D638E924C62] - 28/11/2002 - 15:18:04 ---A- . (.Elaborate Bytes AG - ElbyCDIO Filter Driver.) -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys O58 - SDL:[MD5.389823DB299B350F2EE830D47376EEAC] - 29/11/2002 - 12:38:16 ---A- . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys O58 - SDL:[MD5.C4143FC2F7D39A5A8B1CFE0BC4BD8A9E] - 28/11/2002 - 11:43:49 ---A- . (.Elaborate Bytes AG - VirtualCloneCD Driver.) -- C:\WINDOWS\system32\drivers\ElbyVCD.sys O58 - SDL:[MD5.1FF2EEF447A177DF2C544B80F8F7F879] - 18/07/2006 - 11:02:50 ---A- . (.Sunbelt Software - Sunbelt Kerio Firewall FWDRV.) -- C:\WINDOWS\system32\drivers\fwdrv.sys O58 - SDL:[MD5.970178E8E003EB1481293830069624B9] - 03/08/2004 - 21:41:48 ---A- . (.Conexant Systems, Inc. - HSF_HWB2 WDM driver.) -- C:\WINDOWS\system32\drivers\hsfbs2s2.sys O58 - SDL:[MD5.1225EBEA76AAC3C84DF6C54FE5E5D8BE] - 03/08/2004 - 21:41:50 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\system32\drivers\hsfcxts2.sys O58 - SDL:[MD5.EBB354438A4C5A3327FB97306260714A] - 03/08/2004 - 21:41:56 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\drivers\hsfdpsp2.sys O58 - SDL:[MD5.0A7C49B48C772591A2D362DAA00246C8] - 03/03/2004 - 21:30:54 ---A- . (.Ahead Software AG - NERO IMAGEDRIVE SCSI miniport.) -- C:\WINDOWS\system32\drivers\imagedrv.sys O58 - SDL:[MD5.549BA4F539E7B8D8129500B96DD7B27A] - 03/03/2004 - 21:30:54 ---A- . (.Ahead Software AG - Nero Image Server.) -- C:\WINDOWS\system32\drivers\imagesrv.sys O58 - SDL:[MD5.AD81C7B17A815C872881BB56F42E56F4] - 26/03/2003 - 04:25:32 R--A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\WINDOWS\system32\drivers\iteraid.sys O58 - SDL:[MD5.304CE9FB3D64CAA07B940BEF4F8C2DCD] - 18/07/2006 - 11:02:52 ---A- . (.Sunbelt Software - Sunbelt Kerio Host Intrusion Prevention Driver.) -- C:\WINDOWS\system32\drivers\khips.sys O58 - SDL:[MD5.9A3D4FC6B86E7E36473079AB76AC703D] - 06/02/2007 - 16:42:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\Lvckap.sys O58 - SDL:[MD5.0ACBC11F19320AF6C19F2E20013D9095] - 06/02/2007 - 16:44:36 ---A- . (.Logitech Inc. - Logitech Machine Vision Engine Loader.) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys O58 - SDL:[MD5.E8ACF6DD83956FB63CEB058D5F51B18A] - 03/02/2007 - 09:30:58 ---A- . (.Logitech Inc. - Logitech AudioProcessing Filter Driver.) -- C:\WINDOWS\system32\drivers\lvpopflt.sys O58 - SDL:[MD5.12866641284EBB41E627BB53C04DA959] - 06/02/2007 - 16:45:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys O58 - SDL:[MD5.6E59BC28A41F8A2B702D345A5604652F] - 23/06/2006 - 23:29:43 R--A- . (.Logitech Inc. - Logitech Selective Suspend filter Driver.) -- C:\WINDOWS\system32\drivers\lvselsus.sys O58 - SDL:[MD5.64BC29C3A0388BFC580BB8B1346F7659] - 03/02/2007 - 09:32:36 ---A- . (.Logitech Inc. - USB Statistic Driver.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys O58 - SDL:[MD5.922BE6770499220DC27B529CA236815A] - 03/02/2007 - 09:32:46 ---A- . (.Logitech Inc. - Logitech USB Video Class Driver.) -- C:\WINDOWS\system32\drivers\lvuvc.sys O58 - SDL:[MD5.5C329E2AB8DD62310213CBFAC0178539] - 03/02/2007 - 09:33:00 ---A- . (.Logitech Inc. - Logitech USB Video Class Filter Driver.) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys O58 - SDL:[MD5.F61B04F2BB5098A34817D776C59E5E7C] - 30/03/2010 - 23:45:52 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys O58 - SDL:[MD5.75B8EF2A089127E8A3B38F46CC366D79] - 30/03/2010 - 23:46:30 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys O58 - SDL:[MD5.195741AEE20369980796B557358CD774] - 03/08/2004 - 21:41:56 ---A- . (.Conexant - Diagnostic Interface DRIVER.) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys O58 - SDL:[MD5.4D2D882DAEE49B35B7B56FD9444564E9] - 11/12/2007 - 01:05:36 R--A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\WINDOWS\system32\drivers\mod7700.sys O58 - SDL:[MD5.370E88453EC0D7BEA6EB24BE8D865DBE] - 19/10/2007 - 14:32:58 R--A- . (.DiBcom S.A. - HID Infrared Remote Control minidriver.) -- C:\WINDOWS\system32\drivers\modrc.sys O58 - SDL:[MD5.C53775780148884AC87C455489A0C070] - 03/08/2004 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys O58 - SDL:[MD5.54886A652BF5685192141DF304E923FD] - 03/08/2004 - 21:41:38 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\mtlstrm.sys O58 - SDL:[MD5.6DDA78A0BE692B61B668FAB860F276CF] - 03/08/2004 - 21:29:38 ---A- . (.Matrox Graphics Inc. - Matrox Parhelia Miniport Driver.) -- C:\WINDOWS\system32\drivers\mtxparhm.sys O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys O58 - SDL:[MD5.B9730495E0CF674680121E34BD95A73B] - 20/10/2009 - 19:19:44 ---A- . (.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\WINDOWS\system32\drivers\npf.sys O58 - SDL:[MD5.576B34CEAE5B7E5D9FD2775E93B3DB53] - 03/08/2004 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys O58 - SDL:[MD5.2B298519EDBFCF451D43E0F1E8F1006D] - 03/08/2004 - 21:29:56 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys O58 - SDL:[MD5.5B6C11DE7E839C05248CED8825470FEF] - 29/11/2008 - 13:53:06 ---A- . (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\WINDOWS\system32\drivers\pcouffin.sys O58 - SDL:[MD5.EEDB845B7648D6FD632DDB8744892743] - 02/02/2007 - 16:30:34 ---A- . (.Pinnacle Systems GmbH - Virtual NDIS miniport driver.) -- C:\WINDOWS\system32\drivers\PctvVirtualNdis.sys O58 - SDL:[MD5.C3127BFDAB6200769B5A0184FAB48573] - 22/05/2002 - 00:00:00 ---A- . (.Engelmann GmbH - PrecSim SCSI miniport.) -- C:\WINDOWS\system32\drivers\precsim.sys O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 28/08/2001 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys O58 - SDL:[MD5.49452BFCEC22F36A7A9B9C2181BC3042] - 20/11/2008 - 20:19:06 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\pxhelp20.sys O58 - SDL:[MD5.E9AAA0092D74A9D371659C4C38882E12] - 03/08/2004 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\recagent.sys O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys O58 - SDL:[MD5.0DBCC071A268E0340A2BA6BDD98BACE4] - 03/08/2004 - 21:29:52 ---A- . (.S3 Graphics, Inc. - S3 ProSavage(DDR) & Twister Miniport Driver.) -- C:\WINDOWS\system32\drivers\s3gnbm.sys O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys O58 - SDL:[MD5.6B33D0EBD30DB32E27D1D78FE946A754] - 13/04/2008 - 19:36:39 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\sisagp.sys O58 - SDL:[MD5.D9673011648A71ED1E1F77B831BC85E6] - 03/08/2004 - 21:41:42 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slnt7554.sys O58 - SDL:[MD5.2C1779C0FEB1F4A6033600305EBA623A] - 03/08/2004 - 21:41:44 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slntamr.sys O58 - SDL:[MD5.F9B8E30E82EE95CF3E1D3E495599B99C] - 03/08/2004 - 21:41:46 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slnthal.sys O58 - SDL:[MD5.DB56BB2C55723815CF549D7FC50CFCEB] - 03/08/2004 - 21:41:46 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slwdmsup.sys O58 - SDL:[MD5.71E276F6D189413266EA22171806597B] - 23/08/2008 - 10:10:57 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\WINDOWS\system32\drivers\sptd.sys O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 03/10/2009 - 14:04:29 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys O58 - SDL:[MD5.465DC203AD69D56F290480DAE756A9F9] - 27/09/2005 - 08:00:02 ---A- . (.PACE Anti-Piracy, Inc. - InterLok system file.) -- C:\WINDOWS\system32\drivers\TPkd.sys O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 28/08/2001 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 28/08/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys O58 - SDL:[MD5.D956827780A0B7EAE97930116E5649F7] - 04/05/2001 - 08:24:52 ---A- . (.VIA Technologies. Inc. - VIA PFD driver.) -- C:\WINDOWS\system32\drivers\VIAPFD.SYS O58 - SDL:[MD5.0308AEF61941E4AF478FA1A0F83812F5] - 03/08/2004 - 21:29:40 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv07nt.sys O58 - SDL:[MD5.714038A8AA5DE08E12062202CD7EAEB5] - 03/08/2004 - 21:29:40 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv08nt.sys O58 - SDL:[MD5.7BB3AA595E4507A788DE1CDC63F4C8C4] - 03/08/2004 - 21:29:42 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv09nt.sys O58 - SDL:[MD5.36E6C405B6143D09687F4056FD9A0D10] - 03/08/2004 - 21:29:42 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv11nt.sys O58 - SDL:[MD5.352FA0E98BC461CE1CE5D41F64DB558D] - 03/08/2004 - 21:29:46 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\watv06nt.sys O58 - SDL:[MD5.791CC45DE6E50445BE72E8AD6401FF45] - 03/08/2004 - 21:29:46 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\watv10nt.sys O58 - SDL:[MD5.BA898B29F0DBF9307F494475A8393F03] - 05/05/2005 - 16:01:34 RSH-- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\0AA48D50C7.sys O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys O58 - SDL:[MD5.77EBF3E9386DAA51551AF429052D88D0] - 03/04/1996 - 20:33:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\giveio.sys O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 28/08/2002 - 20:23:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys O58 - SDL:[MD5.F171E6EC36928C226BB43D111C759F58] - 05/05/2005 - 16:15:39 -SHA- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\KGyGaAvL.sys O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 03/08/2004 - 21:45:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 03/08/2004 - 21:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 03/08/2004 - 21:45:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 03/08/2004 - 21:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 03/08/2004 - 21:45:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys O58 - SDL:[MD5.D703F972D23867DFD4EE9A9EF9CB767E] - 15/06/2005 - 15:55:53 ---A- . (.Windows ® 2000 DDK provider - SpeedFan Device Driver.) -- C:\WINDOWS\system32\speedfan.sys O58 - SDL:[MD5.F05028B163B92C302A74409D683AC9B0] - 27/04/2007 - 14:19:44 ---A- . (.AntiCracking - SVKP driver for NT.) -- C:\WINDOWS\system32\SVKP.sys ---\\ Alternate Data Stream File (ADS) (O62) O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\$winnt$.inf:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\0AA48D50C7.sys:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\12520437.cpx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\12520850.cpx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\aaaamon.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\acctres.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\acelpdec.ax:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\acledit.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\activeds(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\activeds.tlb:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\adptif.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\adsldpc(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\adsnds.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\advapi32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ansi.sys:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\apcups.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\append.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\apphelp(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\arp.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\asr_ldm.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\atkctrs.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\atl(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\atmpvcno.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\audiosrv(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\authz(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\autodisc.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\autoexec.nt:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\AUTOEXEC.NT.bak:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avicap.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avicap32.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avifile.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avmeter.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avtapi.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avwav.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bios1.rom:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bios4.rom:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bootok.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bootvid.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bootvrfy.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bopomofo.uce:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\browser(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cabinet(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\calc.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cards.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ccfgnt.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cdmodem.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\certcli(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\certmgr.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CF32569.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\charmap.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\Chaînes.scf:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\chcp.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\chkdsk.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\chkntfs.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciadmin.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciadv.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaResSvr20.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaSubClsSvr.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaXPFrame20.ocx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaXPRegSvr20.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaXPStatusBar20.ocx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cidaemon.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ckcnv.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clb.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clbcatq(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cliconf.chm:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cliconfg.rll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clspack.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clusapi(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmdlib.wsc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmmgr32.hlp:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmos.ram:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmpbk32.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cnetcfg.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CNMLM3q.DLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CNMVS3q.DLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cnvfat.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\colbact(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comcat.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comctl32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comdlg32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comm.drv:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\command.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\commdlg.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comp.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\compact.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\compmgmt.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\compobj.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comres(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comsvcs(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CONFIG.NT:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\console.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\control.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\convert.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\country.sys:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CPUINFO2.DLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\credui(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\crtdll.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\crypt32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cryptdll(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cryptsvc(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cryptui(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cscdll(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\csseqchk.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CtMp3.Crl:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ctype.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_037.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10000.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10006.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10007.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10010.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10017.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10029.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10079.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10081.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10082.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1026.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1250.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1251.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1252.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1253.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1254.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1255.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1256.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1257.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1258.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20127.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20261.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20866.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20905.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_21866.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28591.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28592.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28593.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\C_28594.NLS:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\C_28595.NLS:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\C_28597.NLS:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28598.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28599.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28603.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28605.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_437.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_500.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_737.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_775.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_850.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_852.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_855.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_857.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_860.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_861.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_863.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_865.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_866.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_869.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_874.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_875.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_932.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_936.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_949.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_950.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dim.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dpmesh.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dramp.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3drm.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dxof.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\davclnt(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbgeng.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbmsadsn.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbmsvinn.dLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ddeml.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\debug.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskadp.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskmon.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskperf.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\devmgmt.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dfrg.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dfrgres.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dgrpsetu.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dgsetup.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dhcpcsvc(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dhcpsapi.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diactfrm.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dimap.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskcomp.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskcopy.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskmgmt.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskperf.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\divxdec_0407.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\divxdec_040c.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\divxdec_0411.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dllhst3g.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmconfig.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmdskres.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmintf.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmocx.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmserver(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmview.ocx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dnsapi(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dnsrslvr(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\Drivers\acpiec.sys:KAVICHS ---\\ Liste des outils de nettoyage (LATC) (O63) O63 - Logiciel: Ad-Remover By C_XX - (.C_XX.) O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) O63 - Logiciel: SEAF By C_XX - (.C_XX.) O63 - Logiciel: ZHPDiag 1.25 - (.Nicolas Coolman.) O63 - Logiciel: RSIT - (.random/random.) O63 - Logiciel: Toolbar SD - (.IDN Team.) ---\\ Liste des services Legacy (LALS) (O64) O64 - Services: CurCS - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe - Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) .(.Pas de propriétaire - Pas de description.) - LEGACY_ADOBEACTIVEFILEMONITOR5.0 O64 - Services: CurCS - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe - Adobe LM Service (Adobe LM Service) .(.Adobe Systems - System Level Service Utility.) - LEGACY_ADOBE_LM_SERVICE O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\sched.exe - Avira AntiVir Planificateur (AntiVirSchedulerService) .(.Avira GmbH - Antivirus Scheduler.) - LEGACY_ANTIVIRSCHEDULERSERVICE O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avguard.exe - Avira AntiVir Guard (AntiVirService) .(.Avira GmbH - Antivirus On-Access Service.) - LEGACY_ANTIVIRSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Ati2evxx.exe - Ati HotKey Poller (Ati HotKey Poller) .(.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - LEGACY_ATI_HOTKEY_POLLER O64 - Services: CurCS - C:\WINDOWS\system32\ati2sgag.exe - ATI Smart (ATI Smart) .(.Pas de propriétaire - ATI Smart.) - LEGACY_ATI_SMART O64 - Services: CurCS - (.not file.) - Avg Anti-Rootkit Clean Driver (AvgArCln) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVGARCLN O64 - Services: CurCS - (.not file.) - AVG Anti-Spyware Clean Driver (AvgAsCln) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVGASCLN O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - (.not file.) - AVG Anti-Spyware Driver (AVG Anti-Spyware Driver) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVG_ANTI-SPYWARE_DRIVER O64 - Services: CurCS - (.not file.) - AVG Clean Driver (AVG Clean Driver) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVG_CLEAN_DRIVER O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB O64 - Services: CurCS - (.not file.) - catchme (catchme) .(.Pas de propriétaire - Pas de description.) - LEGACY_CATCHME O64 - Services: CurCS - (.not file.) - Creative AC3 Software Decoder (ctac32k) .(.Pas de propriétaire - Pas de description.) - LEGACY_CTAC32K O64 - Services: CurCS - (.not file.) - Creative Proxy Driver (ctprxy2k) .(.Pas de propriétaire - Pas de description.) - LEGACY_CTPRXY2K O64 - Services: CurCS - (.not file.) - Creative SoundFont Management Device Driver (ctsfm2k) .(.Pas de propriétaire - Pas de description.) - LEGACY_CTSFM2K O64 - Services: CurCS - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ElbyCDIO.sys - ElbyCDIO Driver (ElbyCDIO) .(.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) - LEGACY_ELBYCDIO O64 - Services: CurCS - (.not file.) - E-mu Plug-in Architecture Driver (emupia) .(.Pas de propriétaire - Pas de description.) - LEGACY_EMUPIA O64 - Services: CurCS - (.not file.) - Freenet 0.7 darknet (freenet-darknet) .(.Pas de propriétaire - Pas de description.) - LEGACY_FREENET-DARKNET O64 - Services: CurCS - C:\WINDOWS\system32\drivers\fwdrv.sys - Firewall Driver (fwdrv) .(.Sunbelt Software - Sunbelt Kerio Firewall FWDRV.) - LEGACY_FWDRV O64 - Services: CurCS - (.not file.) - fxliapoc (fxliapoc) .(.Pas de propriétaire - Pas de description.) - LEGACY_FXLIAPOC O64 - Services: CurCS - C:\WINDOWS\system32\giveio.sys - giveio (giveio) .(.Pas de propriétaire - Pas de description.) - LEGACY_GIVEIO O64 - Services: CurCS - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - Google Software Updater (gusvc) .(.Google - gusvc.) - LEGACY_GUSVC O64 - Services: CurCS - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe - InstallDriver Table Manager (IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT O64 - Services: CurCS - (.not file.) - File Security Kernel Anti-Spyware Driver (ikhfile) .(.Pas de propriétaire - Pas de description.) - LEGACY_IKHFILE O64 - Services: CurCS - (.not file.) - Kernel Anti-Spyware Driver (ikhlayer) .(.Pas de propriétaire - Pas de description.) - LEGACY_IKHLAYER O64 - Services: CurCS - (.not file.) - IsDrv118 (IsDrv118) .(.Pas de propriétaire - Pas de description.) - LEGACY_ISDRV118 O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\drivers\khips.sys - Kerio HIPS Driver (khips) .(.Sunbelt Software - Sunbelt Kerio Host Intrusion Prevention Dri.) - LEGACY_KHIPS O64 - Services: CurCS - (.not file.) - Klif (Klif) .(.Pas de propriétaire - Pas de description.) - LEGACY_KLIF O64 - Services: CurCS - (.not file.) - Klmc (Klmc) .(.Pas de propriétaire - Pas de description.) - LEGACY_KLMC O64 - Services: CurCS - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe - Sunbelt Kerio Personal Firewall 4 (KPF4) .(.Sunbelt Software - Sunbelt Kerio Firewall Service.) - LEGACY_KPF4 O64 - Services: CurCS - C:\WINDOWS\system32\drivers\LVPr2Mon.sys - Logitech LVPr2Mon Driver (LVPr2Mon) .(.Pas de propriétaire - Pas de description.) - LEGACY_LVPR2MON O64 - Services: CurCS - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe - Logitech Process Monitor (LVPrcSrv) .(.Logitech Inc. - Logitech LVPrcSrv Module..) - LEGACY_LVPRCSRV O64 - Services: CurCS - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe - LVSrvLauncher (LVSrvLauncher) .(.Logitech Inc. - LogitechService Launcher.) - LEGACY_LVSRVLAUNCHER O64 - Services: CurCS - (.not file.) - MBAMProtector (MBAMProtector) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - (.not file.) - MBAMService (MBAMService) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBAMSERVICE O64 - Services: CurCS - (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR O64 - Services: CurCS - (.not file.) - mchInjDrv (mchInjDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_MCHINJDRV O64 - Services: CurCS - (.not file.) - Network Associates McShield (McShield) .(.Pas de propriétaire - Pas de description.) - LEGACY_MCSHIELD O64 - Services: CurCS - (.not file.) - Network Associates Task Manager (McTaskManager) .(.Pas de propriétaire - Pas de description.) - LEGACY_MCTASKMANAGER O64 - Services: CurCS - (.not file.) - mountmgr (mountmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MOUNTMGR O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP O64 - Services: CurCS - (.not file.) - NaiAvFilter1 (NaiAvFilter1) .(.Pas de propriétaire - Pas de description.) - LEGACY_NAIAVFILTER1 O64 - Services: CurCS - (.not file.) - NAI Anti Virus (NaiAvFilter101) .(.Pas de propriétaire - Pas de description.) - LEGACY_NAIAVFILTER101 O64 - Services: CurCS - (.not file.) - NaiAvTdi1 (NaiAvTdi1) .(.Pas de propriétaire - Pas de description.) - LEGACY_NAIAVTDI1 O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS O64 - Services: CurCS - C:\WINDOWS\system32\drivers\npf.sys - NetGroup Packet Filter Driver (NPF) .(.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) - LEGACY_NPF O64 - Services: CurCS - C:\WINDOWS\system32\drivers\ctoss2k.sys - Creative OS Services Driver (ossrv) .(.Creative Technology Ltd. - Creative OS Services Driver (WDM).) - LEGACY_OSSRV O64 - Services: CurCS - (.not file.) - PartMgr (PartMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARTMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PFMODNT.sys - PfModNT (PfModNT) .(.Creative Technology Ltd. - PCI/ISA Device Info. Service.) - LEGACY_PFMODNT O64 - Services: CurCS - C:\Program Files\PixVue\bin\Daemon.exe - PixVue (PixVue) .(.PixVue.Com - PixVue Daemon.) - LEGACY_PIXVUE O64 - Services: CurCS - (.not file.) - PROCEXP113 (PROCEXP113) .(.Pas de propriétaire - Pas de description.) - LEGACY_PROCEXP113 O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP O64 - Services: CurCS - (.not file.) - RKREVEAL150 (RKREVEAL150) .(.Pas de propriétaire - Pas de description.) - LEGACY_RKREVEAL150 O64 - Services: CurCS - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS O64 - Services: CurCS - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys - SASDIFSV (SASDIFSV) .(.Pas de propriétaire - SASDIFSV.) - LEGACY_SASDIFSV O64 - Services: CurCS - C:\Program Files\SUPERAntiSpyware\SASENUM.sys - SASENUM (SASENUM) .(.SuperAdBlocker, Inc. - SuperAntiSpyware.) - LEGACY_SASENUM O64 - Services: CurCS - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys - SASKUTIL (SASKUTIL) .(.Pas de propriétaire - SASKUTIL.SYS.) - LEGACY_SASKUTIL O64 - Services: CurCS - (.not file.) - SAVOnAccess Control (SAVOnAccess Control) .(.Pas de propriétaire - Pas de description.) - LEGACY_SAVONACCESS_CONTROL O64 - Services: CurCS - (.not file.) - SAVOnAccess Filter (SAVOnAccess Filter) .(.Pas de propriétaire - Pas de description.) - LEGACY_SAVONACCESS_FILTER O64 - Services: CurCS - C:\Program Files\Sandboxie\SbieDrv.sys - SbieDrv (SbieDrv) .(.tzuk - Sandboxie Kernel Mode Driver.) - LEGACY_SBIEDRV O64 - Services: CurCS - C:\Program Files\Sandboxie\SbieSvc.exe - Sandboxie Service (SbieSvc) .(.tzuk - Sandboxie Service.) - LEGACY_SBIESVC O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\secdrv.sys - Secdrv (Secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - C:\WINDOWS\system32\speedfan.sys - speedfan (speedfan) .(.Windows ® 2000 DDK provider - SpeedFan Device Driver.) - LEGACY_SPEEDFAN O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\sptd.sys - sptd (sptd) .(.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) - LEGACY_SPTD O64 - Services: CurCS - (.not file.) - srescan (srescan) .(.Pas de propriétaire - Pas de description.) - LEGACY_SRESCAN O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - C:\WINDOWS\system32\SVKP.sys - SVKP (SVKP) .(.AntiCracking - SVKP driver for NT.) - LEGACY_SVKP O64 - Services: CurCS - (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\TPKD.sys - TPkd (TPkd) .(.PACE Anti-Piracy, Inc. - InterLok system file.) - LEGACY_TPKD O64 - Services: CurCS - (.not file.) - Gestionnaire de téléchargement (uploadmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_UPLOADMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VIAPFD.sys - VIAPFD (VIAPFD) .(.VIA Technologies. Inc. - VIA PFD driver.) - LEGACY_VIAPFD O64 - Services: CurCS - (.not file.) - vsdatant (vsdatant) .(.Pas de propriétaire - Pas de description.) - LEGACY_VSDATANT O64 - Services: CurCS - (.not file.) - VSOMRIXF (VSOMRIXF) .(.Pas de propriétaire - Pas de description.) - LEGACY_VSOMRIXF ---\\ Observateur d'évènement d'application (OEA) (O66) O66 - EventLog: ID=1 (JavaQuickStarterService) - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf: No such file or directory\n"}; (.not file.) ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Pas de propriétaire - Pas de description.) -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKLM\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Pas de propriétaire - Pas de description.) -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O68 - StartMenuInternet: <MSN Explorer> <>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\MSN6.exe ---\\ Search Browser Infection (SBI) (O69) ---\\ Recherche d'infection Master Boot Record (O80) Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net Run by Pascal Admin at 30/04/2010 13:53:33 device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x82E76CE8]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\atapi -> 0x82e76ce8 IoDeviceObjectType -> ParseProcedure -> 0x822381b0 \Device\Harddisk0\DR0 -> ParseProcedure -> 0x822381b0 Warning: possible MBR rootkit infection ! user & kernel MBR OK Use "Recovery Console" command "fixmbr" to clear infection ! Use "ZHPFix" command "MBRFix" to clear infection ! End of the scan (1437 lines in 02mn 19s) petite erreur dans on mail précédent c'est le programme SPTDinst-v169-x86.exe qui ne s'exécute pas.
- le 30 avril 2010
- 85 réponses
Infections détectée par ZHPDIAG

pldta a répondu à un(e) sujet de pldta dans Analyses et éradication malwares

Voici le rapport de ZHPdiag , la fin du messa (au fait c'est quoi SPTD?): Rapport de ZHPDiag v1.25.1413 par Nicolas Coolman Run by Pascal Admin at 29/04/2010 18:27:16 Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 MFIE: Mozilla Firefox (3.6.3) ---\\ System Information Platform : Microsoft Windows XP (5.1.2600) Service Pack 3 Processor: x86 Family 6 Model 6 Stepping 2, AuthenticAMD Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 511 MB (19% free) System drive C: has 15 GB (37%) free of 39 GB ---\\ Logged in mode Computer Name: PCPASCAL User Name: Pascal Admin Unselected Option: O1,O45,O61,O65 Logged in as Administrator ---\\ DOS/Devices A:\ Floppy drive, Flash card reader, USB Key (Not Inserted) C:\ Hard drive, Flash drive, Thumb drive (Free 15 Go of 39 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 5 Go of 75 Go) E:\ Hard drive, Flash drive, Thumb drive (Free 12 Go of 190 Go) F:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 37 Go) G:\ CD-ROM drive (Not Inserted) H:\ CD-ROM drive (Not Inserted) J:\ CD-ROM drive (Not Inserted) M:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK ---\\ Processus lancés [MD5.3E4C03CEFAD8DE135263236B61A49C90] - (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe [155648] [MD5.D552D5BC4E24373E0FFD9464E72493C6] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\PSDrvCheck.exe [396800] [MD5.56193BCE4DFD8879AEDEB26B71A0A583] - (.Elaborate Bytes AG - ElbyCheck.) -- C:\Program Files\SlySoft\CloneCD\ElbyCheck.exe [45056] [MD5.022DB38BECB5A44DA6F7E27923457624] - (.Logitech Inc. - Communications Manager.) -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe [488984] [MD5.AD7503D6857DBFFC7E5F2E96BC9CC283] - (.Logitech Inc. - LVCom Server.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe [252704] [MD5.64C4C17BF6A40FF1CD21205E6FD415B8] - (.ATI Technologies Inc. - CLI Application (Command Line Interface).) -- C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [45056] [MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153] [MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [248040] [MD5.F91F52F4EA5D88DAB6245682A16F3A72] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [36272] [MD5.DB1DB28467111A24664933AB8908CBCE] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [952768] [MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [MD5.59DC5BB82E4C8E0B3EADCFDBC44BA6E4] - (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe [15360] [MD5.177FF6608B48638D4066726F3A3F8444] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [102400] [MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289] [MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089] [MD5.A2EAEB497CA29ECAEAF0DF66AD85C57D] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [413696] [MD5.312A17DFF710A0F4E6D4DD1D52EAD1A8] - (.Pas de propriétaire - ATI Smart.) -- C:\WINDOWS\system32\ati2sgag.exe [520192] [MD5.E4BDF223CD75478BF44567B4D5C2634D] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) -- C:\WINDOWS\System32\svchost.exe [14336] [MD5.C3FB1D70CB88722267949694BA51759E] - (.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\WINDOWS\system32\services.exe [111104] [MD5.74E30A41CDCF331C74BC4D97BE40CC5B] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [MD5.9EF600C64435CCFDEA01C991289E76EC] - (.Sunbelt Software - Sunbelt Kerio Firewall Service.) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [1205784] [MD5.995D0B52870C7A5CAF3EA165FD674A35] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe [109344] [MD5.A005CEE9BE199C5E375FAA559CA9A7A9] - (.Logitech Inc. - LogitechService Launcher.) -- C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [105248] [MD5.CDF8AFB439D8CE182DB19E4D6B67FF63] - (.PixVue.Com - PixVue Daemon.) -- C:\Program Files\PixVue\bin\Daemon.exe [151552] [MD5.91E6024D6D4DCDECDB36C43ECF9BBECB] - (.Microsoft Corporation - LSA Shell (Export Version).) -- C:\WINDOWS\system32\lsass.exe [13312] [MD5.2B2B6189DC47F44D7549519AA7519777] - (.tzuk - Sandboxie Service.) -- C:\Program Files\Sandboxie\SbieSvc.exe [52224] [MD5.460E4CE148BD07218DA0B6A3D31885A9] - (.Microsoft Corporation - Spooler SubSystem App.) -- C:\WINDOWS\system32\spoolsv.exe [57856] [MD5.581061776E1B7C4C7771E97AE5EAF377] - (.Microsoft Corporation - Service Executable.) -- C:\Program Files\Windows Defender\MsMpEng.exe [13592] [MD5.581176F60885AEF8F78C6E38DCC3CDF9] - (.Microsoft Corporation - WMDM PMSP Service.) -- C:\WINDOWS\System32\MsPMSPSv.exe [53520] ---\\ Pages de recherche d'Internet Explorer (R1) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ---\\ Internet Explorer URLSearchHook (R3) R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Pas de propriétaire - Pas de description.) (No version) -- (.not file.) R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18904 (longhorn_ie8_gdr.100222-1700)) -- C:\WINDOWS\system32\ieframe.dll ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} . (.Xi - Net Transport IE Helper Module.) -- C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: &PixVue - {B28B4479-D9C2-41D1-B74D-74A1827037CD} . (.Pas de propriétaire - PixVue.) -- C:\Program Files\PixVue\bin\PixVue.dll ---\\ Applications démarrées automatiquement par le registre (O4) O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [PSDrvCheck] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\PSDrvCheck.exe O4 - HKLM\..\Run: [CloneCDElbyCDFL] . (.Elaborate Bytes AG - ElbyCheck.) -- C:\Program Files\SlySoft\CloneCD\ElbyCheck.exe O4 - HKLM\..\Run: [LogitechCommunicationsManager] . (.Logitech Inc. - Communications Manager.) -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe O4 - HKLM\..\Run: [LVCOMSX] . (.Logitech Inc. - LVCom Server.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe O4 - HKLM\..\Run: [ATICCC] . (.ATI Technologies Inc. - CLI Application (Command Line Interface).) -- C:\Program Files\ATI Technologies\ATI.ACE\cli.exe O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - Global Startup: Nikon Monitor.lnk . (.Nikon Corporation - Nikon Transfer Monitor.) -- C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe O4 - Global Startup: WinZip Quick Pick.lnk . (.WinZip Computing LP - WinZip Executable.) -- C:\Program Files\WinZip\WZQKPICK.EXE O4 - Global Startup: Adobe Gamma.lnk . (.Adobe Systems, Inc. - Adobe Gamma Loader.) -- C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HotSync Manager.lnk . (.Palm, Inc. - HotSync® Manager Application.) -- C:\Palm\HOTSYNC.EXE ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: &Télécharger avec NetTransport . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Xi\NetTransport 2\NTAddLink.html O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\WINDOWS\system32\GPhotos.scr O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe O8 - Extra context menu item: Tout t&élécharger avec NetTransport . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Xi\NetTransport 2\NTAddList.html ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ---\\ Site dans la Zone de confiance d'Internet Explorer (O15) O15 - Trusted Zone: [HKCU\...\Domains\www] http.cltnet.de ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: DirectAnimation Java Classes (DirectAnimation Java Classes) - (.not file.) - O16 - DPF: Microsoft XML Parser for Java (Microsoft XML Parser for Java) - (.not file.) - O16 - DPF: teleir_cert (teleir_cert) - (.not file.) - https:\\static.ir.dgi.minefi.gouv.fr\secure\connexion\archives\ie4n4\teleir_cert.cab O16 - DPF: {0D9392CD-A784-4FCA-9342-0F75F7D7C8CB} (Corporate Language Training Interface) - http://www.cltnet.de/login/dplaunch.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/get/shock...director/sw.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/housec...ivex/hcImpl.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1155398021206 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - (.not file.) - https:\\static.impots.gouv.fr\tdir\static\adpform\AdSignerADP-2.0.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 O17 - HKLM\System\CS4\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: !SASWinLogon . (.SUPERAntiSpyware.com - SUPERAntiSpyware WinLogon Processor.) -- C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\System32\Ati2evxx.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: PixVue . (.PixVue.Com - WinLogon Dynamic Link Library.) -- C:\Program Files\PixVue\bin\WinLogon.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Windows Genuine Advantage - Meddelande.) -- C:\WINDOWS\System32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier . (.Pas de propriétaire - Pas de description.) -- WRLogonNTF.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart (ATI Smart) . (.Pas de propriétaire - ATI Smart.) - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) . (.Sunbelt Software - Sunbelt Kerio Firewall Service.) - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) . (.Logitech Inc. - Logitech LVPrcSrv Module..) - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher (LVSrvLauncher) . (.Logitech Inc. - LogitechService Launcher.) - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: PixVue (PixVue) . (.PixVue.Com - PixVue Daemon.) - C:\Program Files\PixVue\bin\Daemon.exe O23 - Service: Sandboxie Service (SbieSvc) . (.tzuk - Sandboxie Service.) - C:\Program Files\Sandboxie\SbieSvc.exe ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MP Scheduled Scan.job ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP O40 - ASIC: YInstStarterUpgrade Class - {0291E591-EA41-4c82-8106-3DC6CE7F7664} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll O40 - ASIC: Macromedia Shockwave Director 10.1 - {166B1BCA-3F9C-11CF-8075-444553540000} . (.Macromedia, Inc. - Shockwave ActiveX Control.) -- C:\WINDOWS\system32\Macromed\Director\SwDir.dll O40 - ASIC: YInstStarter Class - {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll O40 - ASIC: YSearchSetting2 Class - {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp11.inf O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 9.0 r124.) -- C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: avgio (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys O41 - Driver: avipbb (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\WINDOWS\system32\DRIVERS\avipbb.sys O41 - Driver: Firewall Driver (fwdrv) . (.Sunbelt Software - Sunbelt Kerio Firewall FWDRV.) - C:\WINDOWS\system32\drivers\fwdrv.sys O41 - Driver: Kerio HIPS Driver (khips) . (.Sunbelt Software - Sunbelt Kerio Host Intrusion Prevention Dri.) - C:\WINDOWS\system32\drivers\khips.sys O41 - Driver: SASDIFSV (SASDIFSV) . (.Pas de propriétaire - SASDIFSV.) - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys O41 - Driver: SASKUTIL (SASKUTIL) . (.Pas de propriétaire - SASKUTIL.SYS.) - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys O41 - Driver: (VIAPFD) . (.VIA Technologies. Inc. - VIA PFD driver.) - C:\WINDOWS\system32\Drivers\VIAPFD.sys O41 - Driver: AVG Anti-Spyware Driver (AVG Anti-Spyware Driver) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\AVG Anti-Spyware 7.5\guard.sys O41 - Driver: AVG Anti-Spyware Clean Driver (AvgAsCln) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\DRIVERS\AvgAsCln.sys O41 - Driver: (NaiAvTdi1) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\drivers\mvstdi5x.sys ---\\ Logiciels installés (O42) O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] O42 - Logiciel: ASAPI Update - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ATI - Software Uninstall Utility - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: AVI/MPEG/RM/WMV Joiner 4.81 - (.Boilsoft, Inc..) [HKLM] O42 - Logiciel: Adobe Common File Installer - (.Adobe System Incorporated.) [HKLM] O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Adobe Flash Player ActiveX - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Adobe Help Center 2.1 - (.Adobe Systems.) [HKLM] O42 - Logiciel: Adobe Photoshop CS2 - (.Adobe Systems, Inc..) [HKLM] O42 - Logiciel: Adobe Photoshop Elements 5.0 - (.Adobe Systems, Inc..) [HKLM] O42 - Logiciel: Adobe Stock Photos 1.0 - (.Adobe Systems.) [HKLM] O42 - Logiciel: Advanced IRC - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Audacity 1.2.4 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Avi2Dvd 0.4.5 beta - (.TrustFm.) [HKLM] O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] O42 - Logiciel: BackupBuddy for Windows - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] O42 - Logiciel: CH Control Manager - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Clean 5 - (.Pinnacle Systems GmbH / Steinberg Media Technologies GmbH.) [HKLM] O42 - Logiciel: CloneCD - (.Elaborate Bytes.) [HKLM] O42 - Logiciel: Cobian Backup 9 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ConvertHelper 2.1 - (.DownloadHelper.) [HKLM] O42 - Logiciel: ConvertXtoDVD 3.2.9.94c - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] O42 - Logiciel: DoublePics v2.3.2(.4) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EPSON Smart Panel - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EVEREST Ultimate Edition v5.00 - (.Lavalys, Inc..) [HKLM] O42 - Logiciel: EarMaster Pro 5 - (.EarMaster ApS.) [HKLM] O42 - Logiciel: Exifer - (.Friedemann Schmidt.) [HKLM] O42 - Logiciel: File Uploader - (.Nikon.) [HKLM] O42 - Logiciel: Foxit Reader - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: GHCS Software GedStar for PalmOS - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: GNU Solfege 3.14.7 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: GedCom-Vision version 2.0e - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Greeting Card Creator - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Handy Recovery 1.0 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Harmony Assistant - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Helicon Filter 2.02 - (.Helicon Co..) [HKLM] O42 - Logiciel: Heredis 9 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: IFOEdit 0.971 Fr - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: IsoBuster 1.9.1 - (.Smart Projects.) [HKLM] O42 - Logiciel: J'apprends le piano - (.Musicalis.) [HKLM] O42 - Logiciel: Java 6 Update 19 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: K-Lite Mega Codec Pack 3.5.0 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Kaspersky Online Scanner - (.Kaspersky Lab.) [HKLM] O42 - Logiciel: Kommute - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Label Editor - (.Steinberg.) [HKLM] O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Lizardtech DjVu Control - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Logitech QuickCam - (.Logitech Inc..) [HKLM] O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 Parser and SDK - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MVision - (.Logitech Inc..) [HKLM] O42 - Logiciel: Macromedia Flash Player - (.Macromedia, Inc..) [HKLM] O42 - Logiciel: Macromedia Shockwave Player - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] O42 - Logiciel: MaxSplitter v1.53 Free Edition - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Media Player Classic fr - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB953297) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Baseline Security Analyzer 2.1 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Flight Simulator 2004 Un siècle d'aviation - (.Microsoft.) [HKLM] O42 - Logiciel: Microsoft Money - (.Microsoft.) [HKLM] O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Mozilla Firefox (3.6.3) - (.Mozilla.) [HKLM] O42 - Logiciel: Mp3DirectCut - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Neat Image v5 Demo (with plug-in) - (.Neat Image team, ABSoft.) [HKLM] O42 - Logiciel: Nero 6 Enterprise Edition - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Nero BurnRights (Ahead Software) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Net Transport 1.94.282 - (.Xi.) [HKLM] O42 - Logiciel: NikonCapture - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Notification Live Search - (.Pas de propriétaire.) [HKCU] O42 - Logiciel: OMeR - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: P2400P Guide de référence - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: PDFtoMusic - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: PTLens - (.ePaperPress.) [HKLM] O42 - Logiciel: PeerGuardian 2.0 - (.Methlabs Productions.) [HKLM] O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] O42 - Logiciel: Picture Control Utility - (.Nikon.) [HKLM] O42 - Logiciel: Planète Généalogie - (.BSD Concept.) [HKLM] O42 - Logiciel: Programme de gestion Camera de Logitech® - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: QuickPar 0.9 - (.Peter B. Clements.) [HKLM] O42 - Logiciel: QuickTime - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: RadCor 2.04 - (.TUVSW.) [HKLM] O42 - Logiciel: Radio Fr Solo 2.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: SanDisk SD Wi-Fi Card - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Sandboxie 3.34 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: SaverWiz - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ScummVM 1.0.0rc1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB978380) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB978382) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Outlook 2007 (KB972363) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB957789) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB980470) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB969604) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB969613) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] O42 - Logiciel: Sibelius 5 Demo - (.Sibelius Software.) [HKLM] O42 - Logiciel: Sibelius Scorch (Firefox, Opera, Netscape only) - (.Sibelius Software.) [HKLM] O42 - Logiciel: Simple Sudoku 4.2 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Skype™ 4.0 - (.Skype Technologies S.A..) [HKLM] O42 - Logiciel: SmartList To Go - (.DataViz, Inc..) [HKLM] O42 - Logiciel: Sophos Anti-Rootkit 1.3 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: SpeedFan (remove only) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Spybot - Search & Destroy 1.4 - (.Safer Networking Limited.) [HKLM] O42 - Logiciel: StationRipper 2.71 - (.Ratajik Software.) [HKLM] O42 - Logiciel: StealthNet 0.8.7.2 - (.The StealthNet Team.) [HKLM] O42 - Logiciel: Sudoku 3D Pro - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Sudoku V 3.0 - (.Olivier RAVET.) [HKLM] O42 - Logiciel: TeamViewer 4 - (.TeamViewer GmbH.) [HKLM] O42 - Logiciel: Tous les Noms de Famille de France V.6.5.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: UMVPLStandalone - (.Logitech Inc..) [HKLM] O42 - Logiciel: URL Snooper v2.26.01 - (.DonationCoder.com.) [HKLM] O42 - Logiciel: Universal Extractor 1.6 - (.Jared Breland.) [HKLM] O42 - Logiciel: Unlocker 1.8.6 - (.Cedrick Collomb.) [HKLM] O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] O42 - Logiciel: Update for 2007 Microsoft Office System (KB981715) - (.Microsoft.) [HKLM] O42 - Logiciel: Update for Microsoft Office InfoPath 2007 (KB976416) - (.Microsoft.) [HKLM] O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb981433) - (.Microsoft.) [HKLM] O42 - Logiciel: VDMSound - (.Vlad Romascanu.) [HKLM] O42 - Logiciel: VobEdit 0.6 Fr - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: WaveLab Lite - (.Steinberg.) [HKLM] O42 - Logiciel: WinHTTrack Website Copier 3.30 - (.HTTrack.) [HKLM] O42 - Logiciel: WinPcap 4.1.1 - (.CACE Technologies.) [HKLM] O42 - Logiciel: WinWAP for Windows 3.2 - (.Winwap Technologies Oy.) [HKLM] O42 - Logiciel: WinZip - (.WinZip Computing LP.) [HKLM] O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Installer Clean Up - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Wintree Version 3.0 d - (.Decrock.) [HKLM] O42 - Logiciel: ZebHelpProcess 2.34 - (.Nicolas Coolman.) [HKLM] O42 - Logiciel: dBpowerAMP Wavpack Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp FLAC Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Monkeys Audio Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Musepack Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Ogg Vorbis Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Windows Media Audio 10 Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dMC Power Pack - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: jv16 PowerTools 1.3 - (.Pas de propriétaire.) [HKLM] ---\\ HKCU & HKLM Software Keys [HKCU\Software\ABSoft] [HKCU\Software\AC3filter] [HKCU\Software\ASProtect] [HKCU\Software\ATI] [HKCU\Software\Ad-Remover] [HKCU\Software\Adobe] [HKCU\Software\Advanced IRC] [HKCU\Software\Ahead] [HKCU\Software\Alcohol Soft] [HKCU\Software\Angus Johnson] [HKCU\Software\Anuman Interactive] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\ApplianTechnologies] [HKCU\Software\ArcSoft] [HKCU\Software\Audacity] [HKCU\Software\Auralis] [HKCU\Software\Avira] [HKCU\Software\BITSoft] [HKCU\Software\BitTorrent] [HKCU\Software\Borland] [HKCU\Software\Bsd Concept] [HKCU\Software\CDIP] [HKCU\Software\CDRWIN 5] [HKCU\Software\Clients] [HKCU\Software\Cobian] [HKCU\Software\CoreVorbis] [HKCU\Software\Creative Tech] [HKCU\Software\Cyberlink] [HKCU\Software\DATA BECKER] [HKCU\Software\DDH Software] [HKCU\Software\DPSoftware] [HKCU\Software\DSP-worx] [HKCU\Software\DVD Shrink] [HKCU\Software\DataViz] [HKCU\Software\DefaultID] [HKCU\Software\Digital River] [HKCU\Software\DivXNetworks] [HKCU\Software\DxO Optics Pro] [HKCU\Software\DxO] [HKCU\Software\EMCO MSI Package Builder] [HKCU\Software\EMME] [HKCU\Software\EPSON] [HKCU\Software\EditHexa] [HKCU\Software\Elaborate Bytes] [HKCU\Software\Elcom] [HKCU\Software\Exifer] [HKCU\Software\Foxit Software Company] [HKCU\Software\Foxit Software] [HKCU\Software\FreeDownloadManager.ORG] [HKCU\Software\Freeware] [HKCU\Software\FreshDevices] [HKCU\Software\Fridgesoft] [HKCU\Software\GHCS] [HKCU\Software\GIANTCompany] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\Genie-Soft] [HKCU\Software\GlarySoft] [HKCU\Software\decrock] [HKCU\Software\digital publishing] [HKCU\Software\e-merge] [HKCU\Software\eMule] [HKCU\Software\ePaperPress] [HKCU\Software\ej-technologies] [HKLM\Software\ABSoft] [HKLM\Software\ACE Compression Software] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Adobe Systems] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\America Online] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Avira] [HKLM\Software\BigScott27] [HKLM\Software\Boonty] [HKLM\Software\Borland] [HKLM\Software\C07ft5Y] [HKLM\Software\CDDB] [HKLM\Software\CDRWIN5] [HKLM\Software\Canon] [HKLM\Software\Carpet] [HKLM\Software\Chilkat Software, Inc.] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Cobian] [HKLM\Software\Codec Tweak Tool] [HKLM\Software\Creative Tech] [HKLM\Software\Cyberlink] [HKLM\Software\D-Tools] [HKLM\Software\DDH Software] [HKLM\Software\DECROCK] [HKLM\Software\DIOC] [HKLM\Software\Debug] [HKLM\Software\DivXNetworks] [HKLM\Software\DownloadHelper] [HKLM\Software\EMCO MSI Package Builder] [HKLM\Software\EPSON Photo Print] [HKLM\Software\EPSON] [HKLM\Software\Elaborate Bytes] [HKLM\Software\Elcom] [HKLM\Software\Foxit Software] [HKLM\Software\FreshDevices] [HKLM\Software\GIANTCompany] [HKLM\Software\GNU] [HKLM\Software\Gabest] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\Gravity Soft] [HKLM\Software\HaaliMkx] [HKLM\Software\Hemera Products] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\Internet Download Manager] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KLCodecPack] [HKLM\Software\Licenses] [HKLM\Software\LizardTech] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Micro Application] [HKLM\Software\MicroQuill] [HKLM\Software\MidiTec] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\MyHeritage.com] [HKLM\Software\Myriad Software] [HKLM\Software\NCSoft] [HKLM\Software\Network Associates] [HKLM\Software\Nico Mak Computing] [HKLM\Software\Nikon] [HKLM\Software\ODBC] [HKLM\Software\Orium Software] [HKLM\Software\PACE Anti-Piracy] [HKLM\Software\PepiMK Software] [HKLM\Software\Pinnacle Systems] [HKLM\Software\PixVue.Com] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\Protexis] [HKLM\Software\Python] [HKLM\Software\QuEnc] [HKLM\Software\Ratajik Software] [HKLM\Software\RealNetworks] [HKLM\Software\RegisteredApplications] [HKLM\Software\RjH Software] [HKLM\Software\S3R521] [HKLM\Software\SUPERAntiSpyware.com] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Schlumberger] [HKLM\Software\Sibelius Software] [HKLM\Software\Skype] [HKLM\Software\Smart Panel] [HKLM\Software\Soeperman Enterprises Ltd.] [HKLM\Software\SoftLogica] [HKLM\Software\Sonic] [HKLM\Software\Sophos] [HKLM\Software\SplashData] [HKLM\Software\Sports] [HKLM\Software\Std] [HKLM\Software\Steinberg] [HKLM\Software\String Comparison] [HKLM\Software\Sunbelt Software] [HKLM\Software\Swearware] [HKLM\Software\TG Byte Software] [HKLM\Software\TeamViewer] [HKLM\Software\TorrentSearcher] [HKLM\Software\Totalidea Software] [HKLM\Software\Trad-FR] [HKLM\Software\TrendMicro] [HKLM\Software\Ulead Systems] [HKLM\Software\Uniblue] [HKLM\Software\VEGA] [HKLM\Software\VOB] [HKLM\Software\VSO] [HKLM\Software\Via4in1Driver] [HKLM\Software\Voice] [HKLM\Software\Wheel] [HKLM\Software\WinPcap] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Winzip FR] [HKLM\Software\Wise Solutions] [HKLM\Software\X-AVCSD] [HKLM\Software\Xi] [HKLM\Software\Yahoo] [HKLM\Software\Zone Labs] [HKLM\Software\ePaperPress] [HKLM\Software\mozilla.org] ---\\ Contenu des dossiers Fichiers Communs (O43) O43 - CFD:Common File Directory ----D- C:\Program Files\3D Photo Browser O43 - CFD:Common File Directory ----D- C:\Program Files\3M O43 - CFD:Common File Directory ----D- C:\Program Files\3M Littmann O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Advanced IRC O43 - CFD:Common File Directory ----D- C:\Program Files\Ahead O43 - CFD:Common File Directory ----D- C:\Program Files\Alcohol Soft O43 - CFD:Common File Directory ----D- C:\Program Files\ANtsP2P O43 - CFD:Common File Directory ----D- C:\Program Files\Anuman Interactive O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\Audacity O43 - CFD:Common File Directory ----D- C:\Program Files\AVG Anti-Spyware 7.5 O43 - CFD:Common File Directory ----D- C:\Program Files\AVI MPEG RM WMV Joiner O43 - CFD:Common File Directory ----D- C:\Program Files\Avi2Dvd O43 - CFD:Common File Directory ----D- C:\Program Files\Avira O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5 O43 - CFD:Common File Directory ----D- C:\Program Files\BackupBuddy O43 - CFD:Common File Directory ----D- C:\Program Files\Blues for Piano and Keyboard 10.0 O43 - CFD:Common File Directory ----D- C:\Program Files\BSD Concept O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner O43 - CFD:Common File Directory ----D- C:\Program Files\CDRWIN5 O43 - CFD:Common File Directory ----D- C:\Program Files\CH Products O43 - CFD:Common File Directory ----D- C:\Program Files\Cobian Backup 8 O43 - CFD:Common File Directory ----D- C:\Program Files\Cobian Backup 9 O43 - CFD:Common File Directory ----D- C:\Program Files\Common~1 O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications O43 - CFD:Common File Directory ----D- C:\Program Files\ConvertHelper O43 - CFD:Common File Directory ----D- C:\Program Files\Creative O43 - CFD:Common File Directory ----D- C:\Program Files\DAEMON Tools O43 - CFD:Common File Directory ----D- C:\Program Files\dBpowerAMP O43 - CFD:Common File Directory ----D- C:\Program Files\DivX O43 - CFD:Common File Directory ----D- C:\Program Files\Documents To Go O43 - CFD:Common File Directory ----D- C:\Program Files\DoublePics O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Shrink O43 - CFD:Common File Directory ----D- C:\Program Files\DxO Labs O43 - CFD:Common File Directory ----D- C:\Program Files\EarMaster Pro 5 O43 - CFD:Common File Directory ----D- C:\Program Files\EasyCleaner O43 - CFD:Common File Directory ----D- C:\Program Files\eMule O43 - CFD:Common File Directory ----D- C:\Program Files\ePaperPress O43 - CFD:Common File Directory ----D- C:\Program Files\EPSON O43 - CFD:Common File Directory ----D- C:\Program Files\Exifer O43 - CFD:Common File Directory ----D- C:\Program Files\FamilySearch O43 - CFD:Common File Directory R---D- C:\Program Files\Fichiers communs O43 - CFD:Common File Directory ----D- C:\Program Files\File Scanner Library (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\Foxit Software O43 - CFD:Common File Directory ----D- C:\Program Files\GedCom-Vision O43 - CFD:Common File Directory ----D- C:\Program Files\GedStar O43 - CFD:Common File Directory ----D- C:\Program Files\GNU O43 - CFD:Common File Directory ----D- C:\Program Files\GNU Solfege O43 - CFD:Common File Directory ----D- C:\Program Files\Google O43 - CFD:Common File Directory ----D- C:\Program Files\GrabIt O43 - CFD:Common File Directory ----D- C:\Program Files\Greeting Card Creator O43 - CFD:Common File Directory ----D- C:\Program Files\GRISOFT O43 - CFD:Common File Directory ----D- C:\Program Files\Guitar Pro 4 O43 - CFD:Common File Directory ----D- C:\Program Files\HanDBase3 O43 - CFD:Common File Directory ----D- C:\Program Files\HardwareDetection O43 - CFD:Common File Directory ----D- C:\Program Files\Harmony Assistant O43 - CFD:Common File Directory ----D- C:\Program Files\Helicon Software O43 - CFD:Common File Directory ----D- C:\Program Files\Hijackthis O43 - CFD:Common File Directory ----D- C:\Program Files\i2p O43 - CFD:Common File Directory ----D- C:\Program Files\icesword O43 - CFD:Common File Directory ----D- C:\Program Files\IfoEdit O43 - CFD:Common File Directory ----D- C:\Program Files\IKEA HomePlanner O43 - CFD:Common File Directory ----D- C:\Program Files\Illustrate O43 - CFD:Common File Directory ----D- C:\Program Files\iMule-1.4.5 O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer O43 - CFD:Common File Directory ----D- C:\Program Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\Java(2) O43 - CFD:Common File Directory ----D- C:\Program Files\jv16 PowerTools O43 - CFD:Common File Directory ----D- C:\Program Files\K-Lite Codec Pack O43 - CFD:Common File Directory ----D- C:\Program Files\Kommute O43 - CFD:Common File Directory ----D- C:\Program Files\Lavalys O43 - CFD:Common File Directory ----D- C:\Program Files\LizardTech O43 - CFD:Common File Directory ----D- C:\Program Files\Logitech O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com O43 - CFD:Common File Directory ----D- C:\Program Files\MagicISO O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD:Common File Directory ----D- C:\Program Files\Managed DirectX (0901) O43 - CFD:Common File Directory ----D- C:\Program Files\MaxSplitter O43 - CFD:Common File Directory ----D- C:\Program Files\Media Player Classic O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Backup O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft AntiSpyware O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Baseline Security Analyzer 2 O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Money 2005 O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET O43 - CFD:Common File Directory ----D- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox O43 - CFD:Common File Directory ----D- C:\Program Files\Mp3DirectCut O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache O43 - CFD:Common File Directory ----D- C:\Program Files\MSN O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0 O43 - CFD:Common File Directory ----D- C:\Program Files\Musicalis O43 - CFD:Common File Directory ----D- C:\Program Files\MUTE O43 - CFD:Common File Directory ----D- C:\Program Files\myFairTunes O43 - CFD:Common File Directory ----D- C:\Program Files\MyVideoSoft O43 - CFD:Common File Directory ----D- C:\Program Files\NapShare O43 - CFD:Common File Directory ----D- C:\Program Files\Neat Image O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting O43 - CFD:Common File Directory ----D- C:\Program Files\Newave O43 - CFD:Common File Directory ----D- C:\Program Files\Nikon O43 - CFD:Common File Directory ----D- C:\Program Files\Omer O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express O43 - CFD:Common File Directory ----D- C:\Program Files\Pando Networks O43 - CFD:Common File Directory ----D- C:\Program Files\PDFtoMusic O43 - CFD:Common File Directory ----D- C:\Program Files\PeerGuardian2 O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre O43 - CFD:Common File Directory ----D- C:\Program Files\Pinnacle O43 - CFD:Common File Directory ----D- C:\Program Files\PixVue O43 - CFD:Common File Directory ----D- C:\Program Files\PlayPianoTODAY O43 - CFD:Common File Directory ----D- C:\Program Files\PrivacyEraser Computing O43 - CFD:Common File Directory ----D- C:\Program Files\process monitor main O43 - CFD:Common File Directory ----D- C:\Program Files\PW O43 - CFD:Common File Directory ----D- C:\Program Files\QuickPar O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime O43 - CFD:Common File Directory ----D- C:\Program Files\RadCor O43 - CFD:Common File Directory ----D- C:\Program Files\Radio Fr Solo O43 - CFD:Common File Directory ----D- C:\Program Files\Reagclean O43 - CFD:Common File Directory ----D- C:\Program Files\Real O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies O43 - CFD:Common File Directory ----D- C:\Program Files\RegClean O43 - CFD:Common File Directory ----D- C:\Program Files\RipTiger O43 - CFD:Common File Directory ----D- C:\Program Files\Sandboxie O43 - CFD:Common File Directory ----D- C:\Program Files\SanDisk O43 - CFD:Common File Directory ----D- C:\Program Files\SaverWiz O43 - CFD:Common File Directory ----D- C:\Program Files\ScummVM O43 - CFD:Common File Directory ----D- C:\Program Files\SDHelper (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\SEAF O43 - CFD:Common File Directory ----D- C:\Program Files\Sensory O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne O43 - CFD:Common File Directory ----D- C:\Program Files\Sibelius Software O43 - CFD:Common File Directory ----D- C:\Program Files\Simple Sudoku O43 - CFD:Common File Directory R---D- C:\Program Files\Skype O43 - CFD:Common File Directory ----D- C:\Program Files\SlySoft O43 - CFD:Common File Directory ----D- C:\Program Files\Smart Panel O43 - CFD:Common File Directory ----D- C:\Program Files\Smart Projects O43 - CFD:Common File Directory ----D- C:\Program Files\SmartGenealogy_2.8c O43 - CFD:Common File Directory ----D- C:\Program Files\SmartList To Go O43 - CFD:Common File Directory ----D- C:\Program Files\SoftLogica O43 - CFD:Common File Directory ----D- C:\Program Files\Sophos O43 - CFD:Common File Directory ----D- C:\Program Files\SpeedFan O43 - CFD:Common File Directory ----D- C:\Program Files\SpeedItUpFree O43 - CFD:Common File Directory ----D- C:\Program Files\SplashData O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy O43 - CFD:Common File Directory ----D- C:\Program Files\StationRipper O43 - CFD:Common File Directory ----D- C:\Program Files\StealthNet O43 - CFD:Common File Directory ----D- C:\Program Files\Steinberg O43 - CFD:Common File Directory ----D- C:\Program Files\Sudoku O43 - CFD:Common File Directory ----D- C:\Program Files\Sudoku 3D Pro O43 - CFD:Common File Directory ----D- C:\Program Files\Sunbelt Software O43 - CFD:Common File Directory ----D- C:\Program Files\SUPERAntiSpyware O43 - CFD:Common File Directory ----D- C:\Program Files\SWI O43 - CFD:Common File Directory ----D- C:\Program Files\Synaesthete O43 - CFD:Common File Directory ----D- C:\Program Files\TeamViewer O43 - CFD:Common File Directory ----D- C:\Program Files\TeaTimer (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\thinkingBytes O43 - CFD:Common File Directory ----D- C:\Program Files\TimeAdjuster O43 - CFD:Common File Directory ----D- C:\Program Files\Tweak-XP Pro 4 O43 - CFD:Common File Directory ----D- C:\Program Files\Ujihara O43 - CFD:Common File Directory ----D- C:\Program Files\Ulead Systems O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information O43 - CFD:Common File Directory ----D- C:\Program Files\Universal Extractor O43 - CFD:Common File Directory ----D- C:\Program Files\Unlocker O43 - CFD:Common File Directory ----D- C:\Program Files\URLSnooper2 O43 - CFD:Common File Directory ----D- C:\Program Files\USB-set O43 - CFD:Common File Directory ----D- C:\Program Files\uTorrent O43 - CFD:Common File Directory ----D- C:\Program Files\VDMSound O43 - CFD:Common File Directory ----D- C:\Program Files\Vg O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN O43 - CFD:Common File Directory ----D- C:\Program Files\VirtualDubMOD O43 - CFD:Common File Directory ----D- C:\Program Files\VOB O43 - CFD:Common File Directory ----D- C:\Program Files\VSO O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Installer Clean Up O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Connect 2 O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT O43 - CFD:Common File Directory --HAD- C:\Program Files\WindowsUpdate O43 - CFD:Common File Directory ----D- C:\Program Files\WinHTTrack O43 - CFD:Common File Directory ----D- C:\Program Files\WinPcap O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR O43 - CFD:Common File Directory ----D- C:\Program Files\WINTREE O43 - CFD:Common File Directory ----D- C:\Program Files\Winwap Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\WinZip O43 - CFD:Common File Directory ----D- C:\Program Files\xerox O43 - CFD:Common File Directory ----D- C:\Program Files\Xi O43 - CFD:Common File Directory ----D- C:\Program Files\Yahoo! O43 - CFD:Common File Directory ----D- C:\Program Files\ZebHelpProcess 2 O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.00000000000000000000000000000000] - 29/04/2010 - 17:27:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1560264] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/04/2010 - 17:26:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.00000000000000000000000000000000] - 29/04/2010 - 17:26:07 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.00000000000000000000000000000000] - 29/04/2010 - 17:25:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 29/04/2010 - 17:25:30 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.06A8E2233C4800E2A95F5DECAAD5C849] - 29/04/2010 - 17:24:07 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000000-00000000-0000000B-00001102-00000004-00401102}.rfx [3888] O44 - LFC:[MD5.06A8E2233C4800E2A95F5DECAAD5C849] - 29/04/2010 - 17:24:07 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\BMXCtrlState-{00000000-00000000-0000000B-00001102-00000004-00401102}.rfx [3888] O44 - LFC:[MD5.00000000000000000000000000000000] - 29/04/2010 - 17:23:49 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SchedLgU.Txt [32484] O44 - LFC:[MD5.6490C3F6B8336D05DE8FCAD8C94F50C8] - 29/04/2010 - 13:39:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\PDOXUSRS.NET [13030] O44 - LFC:[MD5.829BEECB029A6E8ED6D2BB6867B33ECD] - 29/04/2010 - 07:59:52 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB976002-v5.log [3483] O44 - LFC:[MD5.23A8C23D9C43F96CAABA5102B2E9D85C] - 28/04/2010 - 20:19:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ComboFix.txt [27327] O44 - LFC:[MD5.87AFDE2B95CB0FDB8477AB22D02BFC94] - 28/04/2010 - 20:06:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system.ini [274] O44 - LFC:[MD5.7F4247C03A71E65171CEBC339B37AB20] - 27/04/2010 - 19:14:37 RSHA- . (.Pas de propriétaire - Pas de description.) -- C:\boot.ini [282] O44 - LFC:[MD5.3CECCD255392A3A640830F3CF97CE162] - 27/04/2010 - 19:14:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Boot.bak [212] O44 - LFC:[MD5.48C65662EC81FBCAA110509F50C51497] - 27/04/2010 - 19:14:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\cmldr [263488] O44 - LFC:[MD5.AE72E8619CB31D84DA25E2435E55003C] - 27/04/2010 - 19:12:56 ---A- . (.NirSoft - NirCmd.) -- C:\WINDOWS\NIRCMD.exe [31232] O44 - LFC:[MD5.C5EC72A20B4C98DB5314E6C46765B148] - 27/04/2010 - 19:12:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\MBR.exe [77312] O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 27/04/2010 - 19:12:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\grep.exe [80412] O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 27/04/2010 - 19:12:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\sed.exe [98816] O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 27/04/2010 - 19:12:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\zip.exe [68096] O44 - LFC:[MD5.01D95A1F8CF13D07CC564AABB36BCC0B] - 27/04/2010 - 19:12:56 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\WINDOWS\SWREG.exe [161792] O44 - LFC:[MD5.B7517DB073B28F5696A1E5528ABEB5D0] - 27/04/2010 - 19:12:56 ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\WINDOWS\SWSC.exe [136704] O44 - LFC:[MD5.B1A9CF0B6F80611D31987C247EC630B4] - 27/04/2010 - 19:12:56 ---A- . (.SteelWerX - Freeware implementation of XCACLS.) -- C:\WINDOWS\SWXCACLS.exe [212480] O44 - LFC:[MD5.4CB377F47552A9EF7EC3CDF19DFD4F5B] - 27/04/2010 - 18:57:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupapi.log [17331] O44 - LFC:[MD5.1A6D80AA9E021EC3B094887D47202188] - 27/04/2010 - 12:26:33 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-CLEAN[1].txt [4714] O44 - LFC:[MD5.265672A002D063A3ED2D26F939E04FC3] - 27/04/2010 - 12:13:33 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-SCAN[1].txt [4046] O44 - LFC:[MD5.EC1C7B6CCFB28B096C9D514ACCF05C74] - 27/04/2010 - 09:12:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\TB.txt [3152] O44 - LFC:[MD5.03939357AC44D57533D006012F4DE2D0] - 27/04/2010 - 08:02:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ntbtlog.txt [164570] O44 - LFC:[MD5.4BB0628A9105D8C11B602E6F53470015] - 27/04/2010 - 07:59:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\drivers\fwdrv.err [1735460] O44 - LFC:[MD5.F1FBA6185A6A2BC6456970914875078E] - 26/04/2010 - 14:58:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\PEV.exe [256512] O44 - LFC:[MD5.FBFAF1C2C34F301BBE4C9407D2AC60E1] - 26/04/2010 - 11:21:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [2206] O44 - LFC:[MD5.7112190518B5AEAA05B259BBE393C9ED] - 25/04/2010 - 17:18:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\NeroDigital.ini [116] O44 - LFC:[MD5.43B537FA5AAC2FDE07A7E320E4362363] - 21/04/2010 - 06:53:57 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\3) [2133] O44 - LFC:[MD5.A9C93CE2627B78646BE5BBCB95DEC8EA] - 11/04/2010 - 12:59:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\win.ini [940] O44 - LFC:[MD5.19BC3077C98654C4F685624D8383BC2E] - 07/04/2010 - 06:10:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\Radio_Fr.ini [1208] O44 - LFC:[MD5.91BA33C14DF133FA79AFB6A92F582CDD] - 04/04/2010 - 15:41:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\d3d9caps.dat [664] O44 - LFC:[MD5.3C94558CD1705DA468C9562110F34069] - 04/04/2010 - 10:37:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\DonationCoder_urlsnooper_InstallInfo.dat [46] O44 - LFC:[MD5.7311558A1B943CED90A75E0409F5C5D9] - 04/04/2010 - 10:36:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\-1 [57] O44 - LFC:[MD5.CF236C6C37519794C8CB663FA639297D] - 03/04/2010 - 11:06:51 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\java.exe [145184] O44 - LFC:[MD5.8BB5783B22869D303B2E624947A9A52A] - 03/04/2010 - 11:06:51 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\javaw.exe [145184] O44 - LFC:[MD5.AC600895C014D245B03749CA3B5CBED4] - 03/04/2010 - 11:06:51 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\WINDOWS\System32\javaws.exe [153376] O44 - LFC:[MD5.FC1F0157B07D3FA402FC629AE9B977AE] - 03/04/2010 - 11:06:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\jupdate-1.6.0_19-b04.log [4229] O44 - LFC:[MD5.C71E8FF0D92FF876EB1C591A34AFDD03] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.INI [1395924] O44 - LFC:[MD5.842A215C78E052C380DCB2515035588F] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc009.dat [102990] O44 - LFC:[MD5.E2E8D636EFC592EB4E0383DEEC8E42F3] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [123638] O44 - LFC:[MD5.87D027A624CA713E45C12986BE94972C] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh009.dat [535828] O44 - LFC:[MD5.36A359FF2187AD2C10957403688B50CA] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [615420] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll O46 - SEH:ShellExecuteHooks - Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\PROGRA~1\WINDOW~4\MpShHook.dll ---\\ Export de clé d'application autorisée (ECAA) (O47) O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dpnsvr.exe" [Disabled] .(.Microsoft Corporation - Microsoft DirectPlay8 Server.) -- C:\WINDOWS\system32\dpnsvr.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\sessmgr.exe" [Disabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe" [Disabled] .(.http://www.emule-project.net - eMule.) -- C:\Program Files\eMule\emule.exe O47 - AAKE:Key Export SP - "C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe" [Enabled] .(.Sunbelt Software - Sunbelt Kerio Firewall GUI.) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\uTorrent.exe" [Enabled] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\msncall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\MSN Messenger\msncall.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\livecall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\MSN Messenger\livecall.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) (.not file.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) (.not file.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"VIDC.DIVX"="divx.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\divx.dll O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\xvidvfw.dll O52 - TDSD: \Drivers32\"vidc.iv41"="Ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\Ir41_32.ax O52 - TDSD: \Drivers32\"VIDC.YV12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\WINDOWS\System32\yv12vfw.dll O52 - TDSD: \Drivers32\"msacm.vorbis"="vorbis.acm" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\System32\vorbis.acm O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\System32\ac3acm.acm O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\WINDOWS\System32\lameACM.acm O52 - TDSD: \Drivers32\"msacm.divxa32"="divxa32.acm" . (.Kristal Studi - DivX WMA Audi.) -- C:\WINDOWS\System32\divxa32.acm O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ff_vfw.dll O52 - TDSD: \Drivers32\"vidc.tscc"="tsccvid.dll" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- C:\WINDOWS\System32\tsccvid.dll O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"tssoft32.acm"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \drivers.desc\"iccvid.dll"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \drivers.desc\"ir32_32.dll"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \drivers.desc\"Ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"iyvu9_32.dll"="Indeo® video Raw YVU9 by Intel" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\iyvu9_32.dll O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\Iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\Iac25_32.ax O52 - TDSD: \drivers.desc\"divx.dll"="DivX Pro 6.7.0" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec v1.2.0-dev" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.97b2" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"vorbis.acm"="Ogg Vorbis Audio Codec" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\System32\vorbis.acm O52 - TDSD: \drivers.desc\"Ir41_32.ax"="Indeo® video interactive R4.3 by Intel" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\System32\ac3acm.acm O52 - TDSD: \drivers.desc\"divxa32.acm"="DivX Audio" . (.Kristal Studi - DivX WMA Audi.) -- C:\WINDOWS\System32\divxa32.acm O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ff_vfw.dll O52 - TDSD: \drivers.desc\"tsccvid.dll"="TechSmith Screen Capture Codec" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- C:\WINDOWS\System32\tsccvid.dll ---\\ ShareTools MSconfig StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\DAEMON Tools [Key] . (.DT Soft Ltd. - Virtual DAEMON Manager.) -- C:\Program Files\DAEMON Tools\daemon.exe O53 - SMSR:HKLM\...\startupreg\LogitechQuickCamRibbon [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1 O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDrives"=0 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:[MD5.95B4FB835E28AA1336CEEB07FD5B9398] - 13/04/2008 - 19:36:39 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\drivers\amdagp.sys O58 - SDL:[MD5.116BFF96077A4A724E0AAB800525CEB5] - 28/08/2002 - 22:59:12 ---A- . (.ADMtek Incorporated. - ADMtek AN983/AN985/ADM951X NDIS5 Driver.) -- C:\WINDOWS\system32\drivers\an983.sys O58 - SDL:[MD5.875F9079CABEE679D34B49E466B61701] - 17/04/2002 - 19:27:02 ---A- . (.VOB Computersysteme GmbH - ASAPI.) -- C:\WINDOWS\system32\drivers\asapiW2k.sys O58 - SDL:[MD5.D649C57DA6FA762C64013747E5D7D2D6] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\drivers\ati1btxx.sys O58 - SDL:[MD5.60B6AA2DC1521DA343F781B70EB7895A] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec.) -- C:\WINDOWS\system32\drivers\ati1mdxx.sys O58 - SDL:[MD5.6FDC61E8E8E17F6ECC2D9A10FA8DF347] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec.) -- C:\WINDOWS\system32\drivers\ati1pdxx.sys O58 - SDL:[MD5.9D318099BF3876A4AF4BC75966D27603] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\drivers\ati1raxx.sys O58 - SDL:[MD5.BCAF267B10620F8C93F6E87AB726E145] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1rvxx.sys O58 - SDL:[MD5.DAC7D785CF62F5BD41441E9D6F5A6EFE] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1snxx.sys O58 - SDL:[MD5.F7706DAE7D101F1B19CE552D772EBFCE] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\drivers\ati1ttxx.sys O58 - SDL:[MD5.6F714B4720DD80FFA9F8D2731594EA4C] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1tuxx.sys O58 - SDL:[MD5.67FFBC158DD4D27BA3FC92C6ACD87F73] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1xbxx.sys O58 - SDL:[MD5.0D8CAB1F08F7D3C4DE228B49E12E596A] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1xsxx.sys O58 - SDL:[MD5.A2F791E99FD6EECEBCCFB1953A1D6F24] - 19/08/2004 - 14:53:40 ---A- . (.ATI Technologies Inc. - Pilote de miniport ATI RAGE 128.) -- C:\WINDOWS\system32\drivers\ati2mtaa.sys O58 - SDL:[MD5.492BD2A5F65F218D4EDE5764A3BB67E9] - 03/05/2006 - 17:50:42 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys O58 - SDL:[MD5.993E7BD6438FE989E328C6B4BCA246A9] - 03/08/2004 - 21:29:28 ---A- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\drivers\atinbtxx.sys O58 - SDL:[MD5.ED4C2BF8403F4437987C0BA09CF48716] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec RT2.) -- C:\WINDOWS\system32\drivers\atinmdxx.sys O58 - SDL:[MD5.E90AC2B14E98F1A4372E5891B4278784] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec RT2.) -- C:\WINDOWS\system32\drivers\atinpdxx.sys O58 - SDL:[MD5.DA36687D701C833430605A298731410B] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\drivers\atinraxx.sys O58 - SDL:[MD5.A7A01B907DB63898D40B0A14248FF9A2] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver RT2.) -- C:\WINDOWS\system32\drivers\atinrvxx.sys O58 - SDL:[MD5.CEDDEE2E0591894D19654D458FD3B9BE] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\drivers\atinsnxx.sys O58 - SDL:[MD5.D80A8F6C0A717446496C3A06D33B0D9C] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\drivers\atinttxx.sys O58 - SDL:[MD5.EDD66332608D27F4FD5069BCD0BC5164] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\drivers\atintuxx.sys O58 - SDL:[MD5.3E7D485CBD0B0D9F6EA2AD9442411831] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\atinxbxx.sys O58 - SDL:[MD5.77B575D7AAB35D5908AE6CE681608D62] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver RT2.) -- C:\WINDOWS\system32\drivers\atinxsxx.sys O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 13/02/2009 - 11:17:49 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 10/12/2009 - 19:28:27 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys O58 - SDL:[MD5.2DAA8CC2670720DEDDCC74A20EDE2EE9] - 13/02/2009 - 11:28:39 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys O58 - SDL:[MD5.AD9BD66A862116E79CB45BB6BE46055F] - 30/03/2009 - 09:32:47 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\WINDOWS\system32\drivers\avipbb.sys O58 - SDL:[MD5.35A301482478E97BE6E1C2748CE930E1] - 02/07/2003 - 17:41:42 ---A- . (.Pas de propriétaire - SCSI miniport.) -- C:\WINDOWS\system32\drivers\axwhisky.sys O58 - SDL:[MD5.F3B1CE696CCF6448C85E7CDC702098D8] - 02/07/2003 - 16:49:52 ---A- . (.Pas de propriétaire - Plug and Play BIOS Extension.) -- C:\WINDOWS\system32\drivers\axwskbus.sys O58 - SDL:[MD5.AABFFD787AB272FC903AFEEB336C6899] - 21/11/2006 - 00:36:58 ---A- . (.CH Products - CH Control Manager Driver 1.) -- C:\WINDOWS\system32\drivers\chdrvr01.sys O58 - SDL:[MD5.7536FB70BCBF5D10B810E67E72F68137] - 22/12/2005 - 22:41:52 ---A- . (.CH Products - CH Control Manager Driver 2.) -- C:\WINDOWS\system32\drivers\chdrvr02.sys O58 - SDL:[MD5.07E3319E5BAE758CEB83C80419681B6A] - 22/12/2005 - 22:41:44 ---A- . (.CH Products - CH Control Manager Driver 3.) -- C:\WINDOWS\system32\drivers\chdrvr03.sys O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 28/08/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 28/08/2001 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys O58 - SDL:[MD5.D653F455B176529F0427B24361139619] - 11/09/2001 - 13:10:14 R--A- . (.Creative Technology Ltd. - Creative OS Services Driver (WDM).) -- C:\WINDOWS\system32\drivers\ctoss2k.sys O58 - SDL:[MD5.5776322F93CDB91086111F5FFBFDA2A0] - 22/08/2004 - 15:31:10 ---A- . (.Pas de propriétaire - PnP BIOS Extension.) -- C:\WINDOWS\system32\drivers\d347bus.sys O58 - SDL:[MD5.B49F79ACE459763F4E0380071BE9CB45] - 22/08/2004 - 15:31:48 ---A- . (.Pas de propriétaire - SCSI miniport.) -- C:\WINDOWS\system32\drivers\d347prt.sys O58 - SDL:[MD5.EF99D8DAB9FCE9B734B40D5E0DD6ABB4] - 02/10/2001 - 16:06:30 R--A- . (.Creative Technology Ltd - Creative EMU10Kx Device Driver (WDM).) -- C:\WINDOWS\system32\drivers\e10kx2k.sys O58 - SDL:[MD5.59C9E1336A4508F059827D638E924C62] - 28/11/2002 - 15:18:04 ---A- . (.Elaborate Bytes AG - ElbyCDIO Filter Driver.) -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys O58 - SDL:[MD5.389823DB299B350F2EE830D47376EEAC] - 29/11/2002 - 12:38:16 ---A- . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys O58 - SDL:[MD5.C4143FC2F7D39A5A8B1CFE0BC4BD8A9E] - 28/11/2002 - 11:43:49 ---A- . (.Elaborate Bytes AG - VirtualCloneCD Driver.) -- C:\WINDOWS\system32\drivers\ElbyVCD.sys O58 - SDL:[MD5.1FF2EEF447A177DF2C544B80F8F7F879] - 18/07/2006 - 11:02:50 ---A- . (.Sunbelt Software - Sunbelt Kerio Firewall FWDRV.) -- C:\WINDOWS\system32\drivers\fwdrv.sys O58 - SDL:[MD5.970178E8E003EB1481293830069624B9] - 03/08/2004 - 21:41:48 ---A- . (.Conexant Systems, Inc. - HSF_HWB2 WDM driver.) -- C:\WINDOWS\system32\drivers\hsfbs2s2.sys O58 - SDL:[MD5.1225EBEA76AAC3C84DF6C54FE5E5D8BE] - 03/08/2004 - 21:41:50 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\system32\drivers\hsfcxts2.sys O58 - SDL:[MD5.EBB354438A4C5A3327FB97306260714A] - 03/08/2004 - 21:41:56 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\drivers\hsfdpsp2.sys O58 - SDL:[MD5.0A7C49B48C772591A2D362DAA00246C8] - 03/03/2004 - 21:30:54 ---A- . (.Ahead Software AG - NERO IMAGEDRIVE SCSI miniport.) -- C:\WINDOWS\system32\drivers\imagedrv.sys O58 - SDL:[MD5.549BA4F539E7B8D8129500B96DD7B27A] - 03/03/2004 - 21:30:54 ---A- . (.Ahead Software AG - Nero Image Server.) -- C:\WINDOWS\system32\drivers\imagesrv.sys O58 - SDL:[MD5.AD81C7B17A815C872881BB56F42E56F4] - 26/03/2003 - 04:25:32 R--A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\WINDOWS\system32\drivers\iteraid.sys O58 - SDL:[MD5.304CE9FB3D64CAA07B940BEF4F8C2DCD] - 18/07/2006 - 11:02:52 ---A- . (.Sunbelt Software - Sunbelt Kerio Host Intrusion Prevention Driver.) -- C:\WINDOWS\system32\drivers\khips.sys O58 - SDL:[MD5.9A3D4FC6B86E7E36473079AB76AC703D] - 06/02/2007 - 16:42:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\Lvckap.sys O58 - SDL:[MD5.0ACBC11F19320AF6C19F2E20013D9095] - 06/02/2007 - 16:44:36 ---A- . (.Logitech Inc. - Logitech Machine Vision Engine Loader.) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys O58 - SDL:[MD5.E8ACF6DD83956FB63CEB058D5F51B18A] - 03/02/2007 - 09:30:58 ---A- . (.Logitech Inc. - Logitech AudioProcessing Filter Driver.) -- C:\WINDOWS\system32\drivers\lvpopflt.sys O58 - SDL:[MD5.12866641284EBB41E627BB53C04DA959] - 06/02/2007 - 16:45:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys O58 - SDL:[MD5.6E59BC28A41F8A2B702D345A5604652F] - 23/06/2006 - 23:29:43 R--A- . (.Logitech Inc. - Logitech Selective Suspend filter Driver.) -- C:\WINDOWS\system32\drivers\lvselsus.sys O58 - SDL:[MD5.64BC29C3A0388BFC580BB8B1346F7659] - 03/02/2007 - 09:32:36 ---A- . (.Logitech Inc. - USB Statistic Driver.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys O58 - SDL:[MD5.922BE6770499220DC27B529CA236815A] - 03/02/2007 - 09:32:46 ---A- . (.Logitech Inc. - Logitech USB Video Class Driver.) -- C:\WINDOWS\system32\drivers\lvuvc.sys O58 - SDL:[MD5.5C329E2AB8DD62310213CBFAC0178539] - 03/02/2007 - 09:33:00 ---A- . (.Logitech Inc. - Logitech USB Video Class Filter Driver.) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys O58 - SDL:[MD5.F61B04F2BB5098A34817D776C59E5E7C] - 30/03/2010 - 23:45:52 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys O58 - SDL:[MD5.75B8EF2A089127E8A3B38F46CC366D79] - 30/03/2010 - 23:46:30 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys O58 - SDL:[MD5.195741AEE20369980796B557358CD774] - 03/08/2004 - 21:41:56 ---A- . (.Conexant - Diagnostic Interface DRIVER.) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys O58 - SDL:[MD5.4D2D882DAEE49B35B7B56FD9444564E9] - 11/12/2007 - 01:05:36 R--A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\WINDOWS\system32\drivers\mod7700.sys O58 - SDL:[MD5.370E88453EC0D7BEA6EB24BE8D865DBE] - 19/10/2007 - 14:32:58 R--A- . (.DiBcom S.A. - HID Infrared Remote Control minidriver.) -- C:\WINDOWS\system32\drivers\modrc.sys O58 - SDL:[MD5.C53775780148884AC87C455489A0C070] - 03/08/2004 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys O58 - SDL:[MD5.54886A652BF5685192141DF304E923FD] - 03/08/2004 - 21:41:38 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\mtlstrm.sys O58 - SDL:[MD5.6DDA78A0BE692B61B668FAB860F276CF] - 03/08/2004 - 21:29:38 ---A- . (.Matrox Graphics Inc. - Matrox Parhelia Miniport Driver.) -- C:\WINDOWS\system32\drivers\mtxparhm.sys O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys O58 - SDL:[MD5.B9730495E0CF674680121E34BD95A73B] - 20/10/2009 - 19:19:44 ---A- . (.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\WINDOWS\system32\drivers\npf.sys O58 - SDL:[MD5.576B34CEAE5B7E5D9FD2775E93B3DB53] - 03/08/2004 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys O58 - SDL:[MD5.2B298519EDBFCF451D43E0F1E8F1006D] - 03/08/2004 - 21:29:56 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys O58 - SDL:[MD5.5B6C11DE7E839C05248CED8825470FEF] - 29/11/2008 - 13:53:06 ---A- . (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\WINDOWS\system32\drivers\pcouffin.sys O58 - SDL:[MD5.EEDB845B7648D6FD632DDB8744892743] - 02/02/2007 - 16:30:34 ---A- . (.Pinnacle Systems GmbH - Virtual NDIS miniport driver.) -- C:\WINDOWS\system32\drivers\PctvVirtualNdis.sys O58 - SDL:[MD5.C3127BFDAB6200769B5A0184FAB48573] - 22/05/2002 - 00:00:00 ---A- . (.Engelmann GmbH - PrecSim SCSI miniport.) -- C:\WINDOWS\system32\drivers\precsim.sys O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 28/08/2001 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys O58 - SDL:[MD5.49452BFCEC22F36A7A9B9C2181BC3042] - 20/11/2008 - 20:19:06 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\pxhelp20.sys O58 - SDL:[MD5.E9AAA0092D74A9D371659C4C38882E12] - 03/08/2004 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\recagent.sys O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys O58 - SDL:[MD5.0DBCC071A268E0340A2BA6BDD98BACE4] - 03/08/2004 - 21:29:52 ---A- . (.S3 Graphics, Inc. - S3 ProSavage(DDR) & Twister Miniport Driver.) -- C:\WINDOWS\system32\drivers\s3gnbm.sys O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys O58 - SDL:[MD5.6B33D0EBD30DB32E27D1D78FE946A754] - 13/04/2008 - 19:36:39 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\sisagp.sys O58 - SDL:[MD5.D9673011648A71ED1E1F77B831BC85E6] - 03/08/2004 - 21:41:42 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slnt7554.sys O58 - SDL:[MD5.2C1779C0FEB1F4A6033600305EBA623A] - 03/08/2004 - 21:41:44 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slntamr.sys O58 - SDL:[MD5.F9B8E30E82EE95CF3E1D3E495599B99C] - 03/08/2004 - 21:41:46 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slnthal.sys O58 - SDL:[MD5.DB56BB2C55723815CF549D7FC50CFCEB] - 03/08/2004 - 21:41:46 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slwdmsup.sys O58 - SDL:[MD5.71E276F6D189413266EA22171806597B] - 23/08/2008 - 10:10:57 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\WINDOWS\system32\drivers\sptd.sys O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 03/10/2009 - 14:04:29 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys O58 - SDL:[MD5.465DC203AD69D56F290480DAE756A9F9] - 27/09/2005 - 08:00:02 ---A- . (.PACE Anti-Piracy, Inc. - InterLok system file.) -- C:\WINDOWS\system32\drivers\TPkd.sys O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 28/08/2001 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 28/08/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys O58 - SDL:[MD5.D956827780A0B7EAE97930116E5649F7] - 04/05/2001 - 08:24:52 ---A- . (.VIA Technologies. Inc. - VIA PFD driver.) -- C:\WINDOWS\system32\drivers\VIAPFD.SYS O58 - SDL:[MD5.0308AEF61941E4AF478FA1A0F83812F5] - 03/08/2004 - 21:29:40 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv07nt.sys O58 - SDL:[MD5.714038A8AA5DE08E12062202CD7EAEB5] - 03/08/2004 - 21:29:40 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv08nt.sys O58 - SDL:[MD5.7BB3AA595E4507A788DE1CDC63F4C8C4] - 03/08/2004 - 21:29:42 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv09nt.sys O58 - SDL:[MD5.36E6C405B6143D09687F4056FD9A0D10] - 03/08/2004 - 21:29:42 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv11nt.sys O58 - SDL:[MD5.352FA0E98BC461CE1CE5D41F64DB558D] - 03/08/2004 - 21:29:46 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\watv06nt.sys O58 - SDL:[MD5.791CC45DE6E50445BE72E8AD6401FF45] - 03/08/2004 - 21:29:46 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\watv10nt.sys O58 - SDL:[MD5.BA898B29F0DBF9307F494475A8393F03] - 05/05/2005 - 16:01:34 RSH-- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\0AA48D50C7.sys O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys O58 - SDL:[MD5.77EBF3E9386DAA51551AF429052D88D0] - 03/04/1996 - 20:33:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\giveio.sys O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 28/08/2002 - 20:23:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys O58 - SDL:[MD5.F171E6EC36928C226BB43D111C759F58] - 05/05/2005 - 16:15:39 -SHA- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\KGyGaAvL.sys O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 03/08/2004 - 21:45:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 03/08/2004 - 21:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 03/08/2004 - 21:45:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 03/08/2004 - 21:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 03/08/2004 - 21:45:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys O58 - SDL:[MD5.D703F972D23867DFD4EE9A9EF9CB767E] - 15/06/2005 - 15:55:53 ---A- . (.Windows ® 2000 DDK provider - SpeedFan Device Driver.) -- C:\WINDOWS\system32\speedfan.sys O58 - SDL:[MD5.F05028B163B92C302A74409D683AC9B0] - 27/04/2007 - 14:19:44 ---A- . (.AntiCracking - SVKP driver for NT.) -- C:\WINDOWS\system32\SVKP.sys ---\\ Alternate Data Stream File (ADS) (O62) O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\$winnt$.inf:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\0AA48D50C7.sys:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\12520437.cpx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\12520850.cpx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\aaaamon.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\acctres.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\acelpdec.ax:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\acledit.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\activeds(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\activeds.tlb:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\adptif.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\adsldpc(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\adsnds.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\advapi32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ansi.sys:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\apcups.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\append.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\apphelp(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\arp.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\asr_ldm.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\atkctrs.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\atl(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\atmpvcno.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\audiosrv(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\authz(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\autodisc.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\autoexec.nt:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\AUTOEXEC.NT.bak:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avicap.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avicap32.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avifile.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avmeter.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avtapi.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avwav.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bios1.rom:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bios4.rom:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bootok.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bootvid.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bootvrfy.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bopomofo.uce:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\browser(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cabinet(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\calc.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cards.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ccfgnt.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cdmodem.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\certcli(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\certmgr.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CF32569.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\charmap.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\Chaînes.scf:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\chcp.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\chkdsk.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\chkntfs.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciadmin.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciadv.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaResSvr20.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaSubClsSvr.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaXPFrame20.ocx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaXPRegSvr20.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaXPStatusBar20.ocx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cidaemon.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ckcnv.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clb.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clbcatq(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cliconf.chm:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cliconfg.rll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clspack.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clusapi(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmdlib.wsc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmmgr32.hlp:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmos.ram:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmpbk32.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cnetcfg.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CNMLM3q.DLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CNMVS3q.DLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cnvfat.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\colbact(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comcat.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comctl32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comdlg32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comm.drv:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\command.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\commdlg.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comp.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\compact.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\compmgmt.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\compobj.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comres(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comsvcs(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CONFIG.NT:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\console.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\control.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\convert.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\country.sys:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CPUINFO2.DLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\credui(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\crtdll.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\crypt32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cryptdll(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cryptsvc(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cryptui(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cscdll(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\csseqchk.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CtMp3.Crl:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ctype.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_037.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10000.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10006.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10007.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10010.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10017.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10029.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10079.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10081.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10082.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1026.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1250.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1251.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1252.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1253.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1254.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1255.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1256.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1257.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1258.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20127.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20261.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20866.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20905.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_21866.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28591.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28592.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28593.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\C_28594.NLS:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\C_28595.NLS:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\C_28597.NLS:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28598.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28599.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28603.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28605.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_437.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_500.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_737.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_775.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_850.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_852.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_855.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_857.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_860.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_861.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_863.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_865.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_866.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_869.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_874.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_875.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_932.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_936.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_949.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_950.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dim.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dpmesh.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dramp.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3drm.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dxof.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\davclnt(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbgeng.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbmsadsn.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbmsvinn.dLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ddeml.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\debug.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskadp.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskmon.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskperf.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\devmgmt.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dfrg.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dfrgres.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dgrpsetu.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dgsetup.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dhcpcsvc(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dhcpsapi.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diactfrm.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dimap.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskcomp.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskcopy.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskmgmt.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskperf.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\divxdec_0407.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\divxdec_040c.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\divxdec_0411.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dllhst3g.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmconfig.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmdskres.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmintf.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmocx.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmserver(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmview.ocx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dnsapi(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dnsrslvr(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\Drivers\acpiec.sys:KAVICHS ---\\ Liste des outils de nettoyage (LATC) (O63) O63 - Logiciel: Ad-Remover By C_XX - (.C_XX.) O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) O63 - Logiciel: SEAF By C_XX - (.C_XX.) O63 - Logiciel: ZHPDiag 1.25 - (.Nicolas Coolman.) O63 - Logiciel: RSIT - (.random/random.) O63 - Logiciel: Toolbar SD - (.IDN Team.) ---\\ Liste des services Legacy (LALS) (O64) O64 - Services: CurCS - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe - Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) .(.Pas de propriétaire - Pas de description.) - LEGACY_ADOBEACTIVEFILEMONITOR5.0 O64 - Services: CurCS - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe - Adobe LM Service (Adobe LM Service) .(.Adobe Systems - System Level Service Utility.) - LEGACY_ADOBE_LM_SERVICE O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\sched.exe - Avira AntiVir Planificateur (AntiVirSchedulerService) .(.Avira GmbH - Antivirus Scheduler.) - LEGACY_ANTIVIRSCHEDULERSERVICE O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avguard.exe - Avira AntiVir Guard (AntiVirService) .(.Avira GmbH - Antivirus On-Access Service.) - LEGACY_ANTIVIRSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Ati2evxx.exe - Ati HotKey Poller (Ati HotKey Poller) .(.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - LEGACY_ATI_HOTKEY_POLLER O64 - Services: CurCS - C:\WINDOWS\system32\ati2sgag.exe - ATI Smart (ATI Smart) .(.Pas de propriétaire - ATI Smart.) - LEGACY_ATI_SMART O64 - Services: CurCS - (.not file.) - Avg Anti-Rootkit Clean Driver (AvgArCln) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVGARCLN O64 - Services: CurCS - (.not file.) - AVG Anti-Spyware Clean Driver (AvgAsCln) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVGASCLN O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - (.not file.) - AVG Anti-Spyware Driver (AVG Anti-Spyware Driver) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVG_ANTI-SPYWARE_DRIVER O64 - Services: CurCS - (.not file.) - AVG Clean Driver (AVG Clean Driver) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVG_CLEAN_DRIVER O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB O64 - Services: CurCS - (.not file.) - catchme (catchme) .(.Pas de propriétaire - Pas de description.) - LEGACY_CATCHME O64 - Services: CurCS - (.not file.) - Creative AC3 Software Decoder (ctac32k) .(.Pas de propriétaire - Pas de description.) - LEGACY_CTAC32K O64 - Services: CurCS - (.not file.) - Creative Proxy Driver (ctprxy2k) .(.Pas de propriétaire - Pas de description.) - LEGACY_CTPRXY2K O64 - Services: CurCS - (.not file.) - Creative SoundFont Management Device Driver (ctsfm2k) .(.Pas de propriétaire - Pas de description.) - LEGACY_CTSFM2K O64 - Services: CurCS - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ElbyCDIO.sys - ElbyCDIO Driver (ElbyCDIO) .(.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) - LEGACY_ELBYCDIO O64 - Services: CurCS - (.not file.) - E-mu Plug-in Architecture Driver (emupia) .(.Pas de propriétaire - Pas de description.) - LEGACY_EMUPIA O64 - Services: CurCS - (.not file.) - Freenet 0.7 darknet (freenet-darknet) .(.Pas de propriétaire - Pas de description.) - LEGACY_FREENET-DARKNET O64 - Services: CurCS - C:\WINDOWS\system32\drivers\fwdrv.sys - Firewall Driver (fwdrv) .(.Sunbelt Software - Sunbelt Kerio Firewall FWDRV.) - LEGACY_FWDRV O64 - Services: CurCS - (.not file.) - fxliapoc (fxliapoc) .(.Pas de propriétaire - Pas de description.) - LEGACY_FXLIAPOC O64 - Services: CurCS - C:\WINDOWS\system32\giveio.sys - giveio (giveio) .(.Pas de propriétaire - Pas de description.) - LEGACY_GIVEIO O64 - Services: CurCS - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - Google Software Updater (gusvc) .(.Google - gusvc.) - LEGACY_GUSVC O64 - Services: CurCS - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe - InstallDriver Table Manager (IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT O64 - Services: CurCS - (.not file.) - File Security Kernel Anti-Spyware Driver (ikhfile) .(.Pas de propriétaire - Pas de description.) - LEGACY_IKHFILE O64 - Services: CurCS - (.not file.) - Kernel Anti-Spyware Driver (ikhlayer) .(.Pas de propriétaire - Pas de description.) - LEGACY_IKHLAYER O64 - Services: CurCS - (.not file.) - IsDrv118 (IsDrv118) .(.Pas de propriétaire - Pas de description.) - LEGACY_ISDRV118 O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\drivers\khips.sys - Kerio HIPS Driver (khips) .(.Sunbelt Software - Sunbelt Kerio Host Intrusion Prevention Dri.) - LEGACY_KHIPS O64 - Services: CurCS - (.not file.) - Klif (Klif) .(.Pas de propriétaire - Pas de description.) - LEGACY_KLIF O64 - Services: CurCS - (.not file.) - Klmc (Klmc) .(.Pas de propriétaire - Pas de description.) - LEGACY_KLMC O64 - Services: CurCS - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe - Sunbelt Kerio Personal Firewall 4 (KPF4) .(.Sunbelt Software - Sunbelt Kerio Firewall Service.) - LEGACY_KPF4 O64 - Services: CurCS - C:\WINDOWS\system32\drivers\LVPr2Mon.sys - Logitech LVPr2Mon Driver (LVPr2Mon) .(.Pas de propriétaire - Pas de description.) - LEGACY_LVPR2MON O64 - Services: CurCS - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe - Logitech Process Monitor (LVPrcSrv) .(.Logitech Inc. - Logitech LVPrcSrv Module..) - LEGACY_LVPRCSRV O64 - Services: CurCS - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe - LVSrvLauncher (LVSrvLauncher) .(.Logitech Inc. - LogitechService Launcher.) - LEGACY_LVSRVLAUNCHER O64 - Services: CurCS - (.not file.) - MBAMProtector (MBAMProtector) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - (.not file.) - MBAMService (MBAMService) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBAMSERVICE O64 - Services: CurCS - (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR O64 - Services: CurCS - (.not file.) - mchInjDrv (mchInjDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_MCHINJDRV O64 - Services: CurCS - (.not file.) - Network Associates McShield (McShield) .(.Pas de propriétaire - Pas de description.) - LEGACY_MCSHIELD O64 - Services: CurCS - (.not file.) - Network Associates Task Manager (McTaskManager) .(.Pas de propriétaire - Pas de description.) - LEGACY_MCTASKMANAGER O64 - Services: CurCS - (.not file.) - mountmgr (mountmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MOUNTMGR O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP O64 - Services: CurCS - (.not file.) - NaiAvFilter1 (NaiAvFilter1) .(.Pas de propriétaire - Pas de description.) - LEGACY_NAIAVFILTER1 O64 - Services: CurCS - (.not file.) - NAI Anti Virus (NaiAvFilter101) .(.Pas de propriétaire - Pas de description.) - LEGACY_NAIAVFILTER101 O64 - Services: CurCS - (.not file.) - NaiAvTdi1 (NaiAvTdi1) .(.Pas de propriétaire - Pas de description.) - LEGACY_NAIAVTDI1 O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS O64 - Services: CurCS - C:\WINDOWS\system32\drivers\npf.sys - NetGroup Packet Filter Driver (NPF) .(.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) - LEGACY_NPF O64 - Services: CurCS - C:\WINDOWS\system32\drivers\ctoss2k.sys - Creative OS Services Driver (ossrv) .(.Creative Technology Ltd. - Creative OS Services Driver (WDM).) - LEGACY_OSSRV O64 - Services: CurCS - (.not file.) - PartMgr (PartMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARTMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PFMODNT.sys - PfModNT (PfModNT) .(.Creative Technology Ltd. - PCI/ISA Device Info. Service.) - LEGACY_PFMODNT O64 - Services: CurCS - C:\Program Files\PixVue\bin\Daemon.exe - PixVue (PixVue) .(.PixVue.Com - PixVue Daemon.) - LEGACY_PIXVUE O64 - Services: CurCS - (.not file.) - PROCEXP113 (PROCEXP113) .(.Pas de propriétaire - Pas de description.) - LEGACY_PROCEXP113 O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP O64 - Services: CurCS - (.not file.) - RKREVEAL150 (RKREVEAL150) .(.Pas de propriétaire - Pas de description.) - LEGACY_RKREVEAL150 O64 - Services: CurCS - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS O64 - Services: CurCS - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys - SASDIFSV (SASDIFSV) .(.Pas de propriétaire - SASDIFSV.) - LEGACY_SASDIFSV O64 - Services: CurCS - C:\Program Files\SUPERAntiSpyware\SASENUM.sys - SASENUM (SASENUM) .(.SuperAdBlocker, Inc. - SuperAntiSpyware.) - LEGACY_SASENUM O64 - Services: CurCS - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys - SASKUTIL (SASKUTIL) .(.Pas de propriétaire - SASKUTIL.SYS.) - LEGACY_SASKUTIL O64 - Services: CurCS - (.not file.) - SAVOnAccess Control (SAVOnAccess Control) .(.Pas de propriétaire - Pas de description.) - LEGACY_SAVONACCESS_CONTROL O64 - Services: CurCS - (.not file.) - SAVOnAccess Filter (SAVOnAccess Filter) .(.Pas de propriétaire - Pas de description.) - LEGACY_SAVONACCESS_FILTER O64 - Services: CurCS - C:\Program Files\Sandboxie\SbieDrv.sys - SbieDrv (SbieDrv) .(.tzuk - Sandboxie Kernel Mode Driver.) - LEGACY_SBIEDRV O64 - Services: CurCS - C:\Program Files\Sandboxie\SbieSvc.exe - Sandboxie Service (SbieSvc) .(.tzuk - Sandboxie Service.) - LEGACY_SBIESVC O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\secdrv.sys - Secdrv (Secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - C:\WINDOWS\system32\speedfan.sys - speedfan (speedfan) .(.Windows ® 2000 DDK provider - SpeedFan Device Driver.) - LEGACY_SPEEDFAN O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\sptd.sys - sptd (sptd) .(.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) - LEGACY_SPTD O64 - Services: CurCS - (.not file.) - srescan (srescan) .(.Pas de propriétaire - Pas de description.) - LEGACY_SRESCAN O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - C:\WINDOWS\system32\SVKP.sys - SVKP (SVKP) .(.AntiCracking - SVKP driver for NT.) - LEGACY_SVKP O64 - Services: CurCS - (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\TPKD.sys - TPkd (TPkd) .(.PACE Anti-Piracy, Inc. - InterLok system file.) - LEGACY_TPKD O64 - Services: CurCS - (.not file.) - Gestionnaire de téléchargement (uploadmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_UPLOADMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VIAPFD.sys - VIAPFD (VIAPFD) .(.VIA Technologies. Inc. - VIA PFD driver.) - LEGACY_VIAPFD O64 - Services: CurCS - (.not file.) - vsdatant (vsdatant) .(.Pas de propriétaire - Pas de description.) - LEGACY_VSDATANT O64 - Services: CurCS - (.not file.) - VSOMRIXF (VSOMRIXF) .(.Pas de propriétaire - Pas de description.) - LEGACY_VSOMRIXF ---\\ Observateur d'évènement d'application (OEA) (O66) O66 - EventLog: ID=1 (JavaQuickStarterService) - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf: No such file or directory\n"}; (.not file.) ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Pas de propriétaire - Pas de description.) -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKLM\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Pas de propriétaire - Pas de description.) -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O68 - StartMenuInternet: <MSN Explorer> <>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\MSN6.exe ---\\ Search Browser Infection (SBI) (O69) ---\\ Recherche d'infection Master Boot Record (O80) Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net Run by Pascal Admin at 29/04/2010 18:31:42 device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x83025BE8]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\atapi -> 0x83025be8 IoDeviceObjectType -> ParseProcedure -> 0x82d961b0 \Device\Harddisk0\DR0 -> ParseProcedure -> 0x82d961b0 Warning: possible MBR rootkit infection ! user & kernel MBR OK Use "Recovery Console" command "fixmbr" to clear infection ! Use "ZHPFix" command "MBRFix" to clear infection ! End of the scan (1435 lines in 04mn 26s)
- le 29 avril 2010
- 85 réponses
Infections détectée par ZHPDIAG

pldta a répondu à un(e) sujet de pldta dans Analyses et éradication malwares

Suite du message précédent : Est-il normal que sur mon pc GMER se lance puis est arrêté avec un message sur dwwin.exe
- le 29 avril 2010
- 85 réponses
Infections détectée par ZHPDIAG

pldta a répondu à un(e) sujet de pldta dans Analyses et éradication malwares

Je ne suis pas sûr de bien comprendre . Quand je fais tourner la version 1.25.413 de ZHPDIAG j'ai toujours le même message en bas de la log de ZHP. Faut-il faire autre chose? Rapport de ZHPDiag v1.25.1413 par Nicolas Coolman Run by Pascal Admin at 29/04/2010 14:33:23 Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 MFIE: Mozilla Firefox (3.6.3) ---\\ System Information Platform : Microsoft Windows XP (5.1.2600) Service Pack 3 Processor: x86 Family 6 Model 6 Stepping 2, AuthenticAMD Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 511 MB (31% free) System drive C: has 15 GB (37%) free of 39 GB ---\\ Logged in mode Computer Name: PCPASCAL User Name: Pascal Admin Unselected Option: O1,O45,O61,O65 Logged in as Administrator ---\\ DOS/Devices A:\ Floppy drive, Flash card reader, USB Key (Not Inserted) C:\ Hard drive, Flash drive, Thumb drive (Free 15 Go of 39 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 5 Go of 75 Go) E:\ Hard drive, Flash drive, Thumb drive (Free 12 Go of 190 Go) F:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 37 Go) G:\ CD-ROM drive (Not Inserted) H:\ CD-ROM drive (Not Inserted) I:\ CD-ROM drive (Not Inserted) J:\ CD-ROM drive (Not Inserted) M:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK ---\\ Processus lancés [MD5.3E4C03CEFAD8DE135263236B61A49C90] - (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe [155648] [MD5.D552D5BC4E24373E0FFD9464E72493C6] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\PSDrvCheck.exe [396800] [MD5.56193BCE4DFD8879AEDEB26B71A0A583] - (.Elaborate Bytes AG - ElbyCheck.) -- C:\Program Files\SlySoft\CloneCD\ElbyCheck.exe [45056] [MD5.022DB38BECB5A44DA6F7E27923457624] - (.Logitech Inc. - Communications Manager.) -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe [488984] [MD5.AD7503D6857DBFFC7E5F2E96BC9CC283] - (.Logitech Inc. - LVCom Server.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe [252704] [MD5.64C4C17BF6A40FF1CD21205E6FD415B8] - (.ATI Technologies Inc. - CLI Application (Command Line Interface).) -- C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [45056] [MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153] [MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [248040] [MD5.F91F52F4EA5D88DAB6245682A16F3A72] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [36272] [MD5.DB1DB28467111A24664933AB8908CBCE] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [952768] [MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [MD5.59DC5BB82E4C8E0B3EADCFDBC44BA6E4] - (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe [15360] [MD5.177FF6608B48638D4066726F3A3F8444] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [102400] [MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289] [MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089] [MD5.A2EAEB497CA29ECAEAF0DF66AD85C57D] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [413696] [MD5.312A17DFF710A0F4E6D4DD1D52EAD1A8] - (.Pas de propriétaire - ATI Smart.) -- C:\WINDOWS\system32\ati2sgag.exe [520192] [MD5.E4BDF223CD75478BF44567B4D5C2634D] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) -- C:\WINDOWS\System32\svchost.exe [14336] [MD5.C3FB1D70CB88722267949694BA51759E] - (.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\WINDOWS\system32\services.exe [111104] [MD5.74E30A41CDCF331C74BC4D97BE40CC5B] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [MD5.9EF600C64435CCFDEA01C991289E76EC] - (.Sunbelt Software - Sunbelt Kerio Firewall Service.) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [1205784] [MD5.995D0B52870C7A5CAF3EA165FD674A35] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe [109344] [MD5.A005CEE9BE199C5E375FAA559CA9A7A9] - (.Logitech Inc. - LogitechService Launcher.) -- C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [105248] [MD5.CDF8AFB439D8CE182DB19E4D6B67FF63] - (.PixVue.Com - PixVue Daemon.) -- C:\Program Files\PixVue\bin\Daemon.exe [151552] [MD5.91E6024D6D4DCDECDB36C43ECF9BBECB] - (.Microsoft Corporation - LSA Shell (Export Version).) -- C:\WINDOWS\system32\lsass.exe [13312] [MD5.2B2B6189DC47F44D7549519AA7519777] - (.tzuk - Sandboxie Service.) -- C:\Program Files\Sandboxie\SbieSvc.exe [52224] [MD5.460E4CE148BD07218DA0B6A3D31885A9] - (.Microsoft Corporation - Spooler SubSystem App.) -- C:\WINDOWS\system32\spoolsv.exe [57856] [MD5.581061776E1B7C4C7771E97AE5EAF377] - (.Microsoft Corporation - Service Executable.) -- C:\Program Files\Windows Defender\MsMpEng.exe [13592] [MD5.581176F60885AEF8F78C6E38DCC3CDF9] - (.Microsoft Corporation - WMDM PMSP Service.) -- C:\WINDOWS\System32\MsPMSPSv.exe [53520] ---\\ Pages de recherche d'Internet Explorer (R1) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ---\\ Internet Explorer URLSearchHook (R3) R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Pas de propriétaire - Pas de description.) (No version) -- (.not file.) R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18904 (longhorn_ie8_gdr.100222-1700)) -- C:\WINDOWS\system32\ieframe.dll ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} . (.Xi - Net Transport IE Helper Module.) -- C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: &PixVue - {B28B4479-D9C2-41D1-B74D-74A1827037CD} . (.Pas de propriétaire - PixVue.) -- C:\Program Files\PixVue\bin\PixVue.dll ---\\ Applications démarrées automatiquement par le registre (O4) O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [PSDrvCheck] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\PSDrvCheck.exe O4 - HKLM\..\Run: [CloneCDElbyCDFL] . (.Elaborate Bytes AG - ElbyCheck.) -- C:\Program Files\SlySoft\CloneCD\ElbyCheck.exe O4 - HKLM\..\Run: [LogitechCommunicationsManager] . (.Logitech Inc. - Communications Manager.) -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe O4 - HKLM\..\Run: [LVCOMSX] . (.Logitech Inc. - LVCom Server.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe O4 - HKLM\..\Run: [ATICCC] . (.ATI Technologies Inc. - CLI Application (Command Line Interface).) -- C:\Program Files\ATI Technologies\ATI.ACE\cli.exe O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - Global Startup: Nikon Monitor.lnk . (.Nikon Corporation - Nikon Transfer Monitor.) -- C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe O4 - Global Startup: WinZip Quick Pick.lnk . (.WinZip Computing LP - WinZip Executable.) -- C:\Program Files\WinZip\WZQKPICK.EXE O4 - Global Startup: Adobe Gamma.lnk . (.Adobe Systems, Inc. - Adobe Gamma Loader.) -- C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HotSync Manager.lnk . (.Palm, Inc. - HotSync® Manager Application.) -- C:\Palm\HOTSYNC.EXE ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: &Télécharger avec NetTransport . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Xi\NetTransport 2\NTAddLink.html O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\WINDOWS\system32\GPhotos.scr O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe O8 - Extra context menu item: Tout t&élécharger avec NetTransport . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Xi\NetTransport 2\NTAddList.html ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ---\\ Site dans la Zone de confiance d'Internet Explorer (O15) O15 - Trusted Zone: [HKCU\...\Domains\www] http.cltnet.de ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: DirectAnimation Java Classes (DirectAnimation Java Classes) - (.not file.) - O16 - DPF: Microsoft XML Parser for Java (Microsoft XML Parser for Java) - (.not file.) - O16 - DPF: teleir_cert (teleir_cert) - (.not file.) - https:\\static.ir.dgi.minefi.gouv.fr\secure\connexion\archives\ie4n4\teleir_cert.cab O16 - DPF: {0D9392CD-A784-4FCA-9342-0F75F7D7C8CB} (Corporate Language Training Interface) - http://www.cltnet.de/login/dplaunch.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/get/shock...director/sw.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/housec...ivex/hcImpl.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1155398021206 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - (.not file.) - https:\\static.impots.gouv.fr\tdir\static\adpform\AdSignerADP-2.0.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 O17 - HKLM\System\CS4\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: !SASWinLogon . (.SUPERAntiSpyware.com - SUPERAntiSpyware WinLogon Processor.) -- C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\System32\Ati2evxx.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: PixVue . (.PixVue.Com - WinLogon Dynamic Link Library.) -- C:\Program Files\PixVue\bin\WinLogon.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Windows Genuine Advantage - Meddelande.) -- C:\WINDOWS\System32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier . (.Pas de propriétaire - Pas de description.) -- WRLogonNTF.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart (ATI Smart) . (.Pas de propriétaire - ATI Smart.) - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) . (.Sunbelt Software - Sunbelt Kerio Firewall Service.) - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) . (.Logitech Inc. - Logitech LVPrcSrv Module..) - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher (LVSrvLauncher) . (.Logitech Inc. - LogitechService Launcher.) - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: PixVue (PixVue) . (.PixVue.Com - PixVue Daemon.) - C:\Program Files\PixVue\bin\Daemon.exe O23 - Service: Sandboxie Service (SbieSvc) . (.tzuk - Sandboxie Service.) - C:\Program Files\Sandboxie\SbieSvc.exe ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MP Scheduled Scan.job ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP O40 - ASIC: YInstStarterUpgrade Class - {0291E591-EA41-4c82-8106-3DC6CE7F7664} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll O40 - ASIC: Macromedia Shockwave Director 10.1 - {166B1BCA-3F9C-11CF-8075-444553540000} . (.Macromedia, Inc. - Shockwave ActiveX Control.) -- C:\WINDOWS\system32\Macromed\Director\SwDir.dll O40 - ASIC: YInstStarter Class - {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll O40 - ASIC: YSearchSetting2 Class - {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp11.inf O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 9.0 r124.) -- C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: avgio (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys O41 - Driver: avipbb (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\WINDOWS\system32\DRIVERS\avipbb.sys O41 - Driver: Firewall Driver (fwdrv) . (.Sunbelt Software - Sunbelt Kerio Firewall FWDRV.) - C:\WINDOWS\system32\drivers\fwdrv.sys O41 - Driver: Kerio HIPS Driver (khips) . (.Sunbelt Software - Sunbelt Kerio Host Intrusion Prevention Dri.) - C:\WINDOWS\system32\drivers\khips.sys O41 - Driver: SASDIFSV (SASDIFSV) . (.Pas de propriétaire - SASDIFSV.) - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys O41 - Driver: SASKUTIL (SASKUTIL) . (.Pas de propriétaire - SASKUTIL.SYS.) - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys O41 - Driver: (VIAPFD) . (.VIA Technologies. Inc. - VIA PFD driver.) - C:\WINDOWS\system32\Drivers\VIAPFD.sys O41 - Driver: AVG Anti-Spyware Driver (AVG Anti-Spyware Driver) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\AVG Anti-Spyware 7.5\guard.sys O41 - Driver: AVG Anti-Spyware Clean Driver (AvgAsCln) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\DRIVERS\AvgAsCln.sys O41 - Driver: (NaiAvTdi1) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\drivers\mvstdi5x.sys ---\\ Logiciels installés (O42) O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] O42 - Logiciel: ASAPI Update - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ATI - Software Uninstall Utility - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: AVI/MPEG/RM/WMV Joiner 4.81 - (.Boilsoft, Inc..) [HKLM] O42 - Logiciel: Adobe Common File Installer - (.Adobe System Incorporated.) [HKLM] O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Adobe Flash Player ActiveX - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Adobe Help Center 2.1 - (.Adobe Systems.) [HKLM] O42 - Logiciel: Adobe Photoshop CS2 - (.Adobe Systems, Inc..) [HKLM] O42 - Logiciel: Adobe Photoshop Elements 5.0 - (.Adobe Systems, Inc..) [HKLM] O42 - Logiciel: Adobe Stock Photos 1.0 - (.Adobe Systems.) [HKLM] O42 - Logiciel: Advanced IRC - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Audacity 1.2.4 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Avi2Dvd 0.4.5 beta - (.TrustFm.) [HKLM] O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] O42 - Logiciel: BackupBuddy for Windows - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] O42 - Logiciel: CH Control Manager - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Clean 5 - (.Pinnacle Systems GmbH / Steinberg Media Technologies GmbH.) [HKLM] O42 - Logiciel: CloneCD - (.Elaborate Bytes.) [HKLM] O42 - Logiciel: Cobian Backup 9 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ConvertHelper 2.1 - (.DownloadHelper.) [HKLM] O42 - Logiciel: ConvertXtoDVD 3.2.9.94c - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] O42 - Logiciel: DoublePics v2.3.2(.4) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EPSON Smart Panel - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EVEREST Ultimate Edition v5.00 - (.Lavalys, Inc..) [HKLM] O42 - Logiciel: EarMaster Pro 5 - (.EarMaster ApS.) [HKLM] O42 - Logiciel: Exifer - (.Friedemann Schmidt.) [HKLM] O42 - Logiciel: File Uploader - (.Nikon.) [HKLM] O42 - Logiciel: Foxit Reader - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: GHCS Software GedStar for PalmOS - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: GNU Solfege 3.14.7 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: GedCom-Vision version 2.0e - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Greeting Card Creator - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Handy Recovery 1.0 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Harmony Assistant - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Helicon Filter 2.02 - (.Helicon Co..) [HKLM] O42 - Logiciel: Heredis 9 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: IFOEdit 0.971 Fr - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: IsoBuster 1.9.1 - (.Smart Projects.) [HKLM] O42 - Logiciel: J'apprends le piano - (.Musicalis.) [HKLM] O42 - Logiciel: Java 6 Update 19 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: K-Lite Mega Codec Pack 3.5.0 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Kaspersky Online Scanner - (.Kaspersky Lab.) [HKLM] O42 - Logiciel: Kommute - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Label Editor - (.Steinberg.) [HKLM] O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Lizardtech DjVu Control - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Logitech QuickCam - (.Logitech Inc..) [HKLM] O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 Parser and SDK - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MVision - (.Logitech Inc..) [HKLM] O42 - Logiciel: Macromedia Flash Player - (.Macromedia, Inc..) [HKLM] O42 - Logiciel: Macromedia Shockwave Player - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] O42 - Logiciel: MaxSplitter v1.53 Free Edition - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Media Player Classic fr - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB953297) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Baseline Security Analyzer 2.1 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Flight Simulator 2004 Un siècle d'aviation - (.Microsoft.) [HKLM] O42 - Logiciel: Microsoft Money - (.Microsoft.) [HKLM] O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Mozilla Firefox (3.6.3) - (.Mozilla.) [HKLM] O42 - Logiciel: Mp3DirectCut - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Neat Image v5 Demo (with plug-in) - (.Neat Image team, ABSoft.) [HKLM] O42 - Logiciel: Nero 6 Enterprise Edition - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Nero BurnRights (Ahead Software) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Net Transport 1.94.282 - (.Xi.) [HKLM] O42 - Logiciel: NikonCapture - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Notification Live Search - (.Pas de propriétaire.) [HKCU] O42 - Logiciel: OMeR - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: P2400P Guide de référence - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: PDFtoMusic - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: PTLens - (.ePaperPress.) [HKLM] O42 - Logiciel: PeerGuardian 2.0 - (.Methlabs Productions.) [HKLM] O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] O42 - Logiciel: Picture Control Utility - (.Nikon.) [HKLM] O42 - Logiciel: Planète Généalogie - (.BSD Concept.) [HKLM] O42 - Logiciel: Programme de gestion Camera de Logitech® - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: QuickPar 0.9 - (.Peter B. Clements.) [HKLM] O42 - Logiciel: QuickTime - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: RadCor 2.04 - (.TUVSW.) [HKLM] O42 - Logiciel: Radio Fr Solo 2.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: SanDisk SD Wi-Fi Card - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Sandboxie 3.34 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: SaverWiz - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ScummVM 1.0.0rc1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB978380) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB978382) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Outlook 2007 (KB972363) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB957789) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB980470) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB969604) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB969613) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] O42 - Logiciel: Sibelius 5 Demo - (.Sibelius Software.) [HKLM] O42 - Logiciel: Sibelius Scorch (Firefox, Opera, Netscape only) - (.Sibelius Software.) [HKLM] O42 - Logiciel: Simple Sudoku 4.2 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Skype™ 4.0 - (.Skype Technologies S.A..) [HKLM] O42 - Logiciel: SmartList To Go - (.DataViz, Inc..) [HKLM] O42 - Logiciel: Sophos Anti-Rootkit 1.3 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: SpeedFan (remove only) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Spybot - Search & Destroy 1.4 - (.Safer Networking Limited.) [HKLM] O42 - Logiciel: StationRipper 2.71 - (.Ratajik Software.) [HKLM] O42 - Logiciel: StealthNet 0.8.7.2 - (.The StealthNet Team.) [HKLM] O42 - Logiciel: Sudoku 3D Pro - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Sudoku V 3.0 - (.Olivier RAVET.) [HKLM] O42 - Logiciel: TeamViewer 4 - (.TeamViewer GmbH.) [HKLM] O42 - Logiciel: Tous les Noms de Famille de France V.6.5.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: UMVPLStandalone - (.Logitech Inc..) [HKLM] O42 - Logiciel: URL Snooper v2.26.01 - (.DonationCoder.com.) [HKLM] O42 - Logiciel: Universal Extractor 1.6 - (.Jared Breland.) [HKLM] O42 - Logiciel: Unlocker 1.8.6 - (.Cedrick Collomb.) [HKLM] O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] O42 - Logiciel: Update for 2007 Microsoft Office System (KB981715) - (.Microsoft.) [HKLM] O42 - Logiciel: Update for Microsoft Office InfoPath 2007 (KB976416) - (.Microsoft.) [HKLM] O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb981433) - (.Microsoft.) [HKLM] O42 - Logiciel: VDMSound - (.Vlad Romascanu.) [HKLM] O42 - Logiciel: VobEdit 0.6 Fr - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: WaveLab Lite - (.Steinberg.) [HKLM] O42 - Logiciel: WinHTTrack Website Copier 3.30 - (.HTTrack.) [HKLM] O42 - Logiciel: WinPcap 4.1.1 - (.CACE Technologies.) [HKLM] O42 - Logiciel: WinWAP for Windows 3.2 - (.Winwap Technologies Oy.) [HKLM] O42 - Logiciel: WinZip - (.WinZip Computing LP.) [HKLM] O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Installer Clean Up - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Wintree Version 3.0 d - (.Decrock.) [HKLM] O42 - Logiciel: ZebHelpProcess 2.34 - (.Nicolas Coolman.) [HKLM] O42 - Logiciel: dBpowerAMP Wavpack Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp FLAC Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Monkeys Audio Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Musepack Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Ogg Vorbis Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Windows Media Audio 10 Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dMC Power Pack - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: jv16 PowerTools 1.3 - (.Pas de propriétaire.) [HKLM] ---\\ HKCU & HKLM Software Keys [HKCU\Software\ABSoft] [HKCU\Software\AC3filter] [HKCU\Software\ASProtect] [HKCU\Software\ATI] [HKCU\Software\Ad-Remover] [HKCU\Software\Adobe] [HKCU\Software\Advanced IRC] [HKCU\Software\Ahead] [HKCU\Software\Alcohol Soft] [HKCU\Software\Angus Johnson] [HKCU\Software\Anuman Interactive] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\ApplianTechnologies] [HKCU\Software\ArcSoft] [HKCU\Software\Audacity] [HKCU\Software\Auralis] [HKCU\Software\Avira] [HKCU\Software\BITSoft] [HKCU\Software\BitTorrent] [HKCU\Software\Borland] [HKCU\Software\Bsd Concept] [HKCU\Software\CDIP] [HKCU\Software\CDRWIN 5] [HKCU\Software\Clients] [HKCU\Software\Cobian] [HKCU\Software\CoreVorbis] [HKCU\Software\Creative Tech] [HKCU\Software\Cyberlink] [HKCU\Software\DATA BECKER] [HKCU\Software\DDH Software] [HKCU\Software\DPSoftware] [HKCU\Software\DSP-worx] [HKCU\Software\DVD Shrink] [HKCU\Software\DataViz] [HKCU\Software\DefaultID] [HKCU\Software\Digital River] [HKCU\Software\DivXNetworks] [HKCU\Software\DxO Optics Pro] [HKCU\Software\DxO] [HKCU\Software\EMCO MSI Package Builder] [HKCU\Software\EMME] [HKCU\Software\EPSON] [HKCU\Software\EditHexa] [HKCU\Software\Elaborate Bytes] [HKCU\Software\Elcom] [HKCU\Software\Exifer] [HKCU\Software\Foxit Software Company] [HKCU\Software\Foxit Software] [HKCU\Software\FreeDownloadManager.ORG] [HKCU\Software\Freeware] [HKCU\Software\FreshDevices] [HKCU\Software\Fridgesoft] [HKCU\Software\GHCS] [HKCU\Software\GIANTCompany] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\Genie-Soft] [HKCU\Software\GlarySoft] [HKCU\Software\decrock] [HKCU\Software\digital publishing] [HKCU\Software\e-merge] [HKCU\Software\eMule] [HKCU\Software\ePaperPress] [HKCU\Software\ej-technologies] [HKLM\Software\ABSoft] [HKLM\Software\ACE Compression Software] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Adobe Systems] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\America Online] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Avira] [HKLM\Software\BigScott27] [HKLM\Software\Boonty] [HKLM\Software\Borland] [HKLM\Software\C07ft5Y] [HKLM\Software\CDDB] [HKLM\Software\CDRWIN5] [HKLM\Software\Canon] [HKLM\Software\Carpet] [HKLM\Software\Chilkat Software, Inc.] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Cobian] [HKLM\Software\Codec Tweak Tool] [HKLM\Software\Creative Tech] [HKLM\Software\Cyberlink] [HKLM\Software\D-Tools] [HKLM\Software\DDH Software] [HKLM\Software\DECROCK] [HKLM\Software\DIOC] [HKLM\Software\Debug] [HKLM\Software\DivXNetworks] [HKLM\Software\DownloadHelper] [HKLM\Software\EMCO MSI Package Builder] [HKLM\Software\EPSON Photo Print] [HKLM\Software\EPSON] [HKLM\Software\Elaborate Bytes] [HKLM\Software\Elcom] [HKLM\Software\Foxit Software] [HKLM\Software\FreshDevices] [HKLM\Software\GIANTCompany] [HKLM\Software\GNU] [HKLM\Software\Gabest] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\Gravity Soft] [HKLM\Software\HaaliMkx] [HKLM\Software\Hemera Products] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\Internet Download Manager] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KLCodecPack] [HKLM\Software\Licenses] [HKLM\Software\LizardTech] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Micro Application] [HKLM\Software\MicroQuill] [HKLM\Software\MidiTec] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\MyHeritage.com] [HKLM\Software\Myriad Software] [HKLM\Software\NCSoft] [HKLM\Software\Network Associates] [HKLM\Software\Nico Mak Computing] [HKLM\Software\Nikon] [HKLM\Software\ODBC] [HKLM\Software\Orium Software] [HKLM\Software\PACE Anti-Piracy] [HKLM\Software\PepiMK Software] [HKLM\Software\Pinnacle Systems] [HKLM\Software\PixVue.Com] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\Protexis] [HKLM\Software\Python] [HKLM\Software\QuEnc] [HKLM\Software\Ratajik Software] [HKLM\Software\RealNetworks] [HKLM\Software\RegisteredApplications] [HKLM\Software\RjH Software] [HKLM\Software\S3R521] [HKLM\Software\SUPERAntiSpyware.com] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Schlumberger] [HKLM\Software\Sibelius Software] [HKLM\Software\Skype] [HKLM\Software\Smart Panel] [HKLM\Software\Soeperman Enterprises Ltd.] [HKLM\Software\SoftLogica] [HKLM\Software\Sonic] [HKLM\Software\Sophos] [HKLM\Software\SplashData] [HKLM\Software\Sports] [HKLM\Software\Std] [HKLM\Software\Steinberg] [HKLM\Software\String Comparison] [HKLM\Software\Sunbelt Software] [HKLM\Software\Swearware] [HKLM\Software\TG Byte Software] [HKLM\Software\TeamViewer] [HKLM\Software\TorrentSearcher] [HKLM\Software\Totalidea Software] [HKLM\Software\Trad-FR] [HKLM\Software\TrendMicro] [HKLM\Software\Ulead Systems] [HKLM\Software\Uniblue] [HKLM\Software\VEGA] [HKLM\Software\VOB] [HKLM\Software\VSO] [HKLM\Software\Via4in1Driver] [HKLM\Software\Voice] [HKLM\Software\Wheel] [HKLM\Software\WinPcap] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Winzip FR] [HKLM\Software\Wise Solutions] [HKLM\Software\X-AVCSD] [HKLM\Software\Xi] [HKLM\Software\Yahoo] [HKLM\Software\Zone Labs] [HKLM\Software\ePaperPress] [HKLM\Software\mozilla.org] ---\\ Contenu des dossiers Fichiers Communs (O43) O43 - CFD:Common File Directory ----D- C:\Program Files\3D Photo Browser O43 - CFD:Common File Directory ----D- C:\Program Files\3M O43 - CFD:Common File Directory ----D- C:\Program Files\3M Littmann O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Advanced IRC O43 - CFD:Common File Directory ----D- C:\Program Files\Ahead O43 - CFD:Common File Directory ----D- C:\Program Files\Alcohol Soft O43 - CFD:Common File Directory ----D- C:\Program Files\ANtsP2P O43 - CFD:Common File Directory ----D- C:\Program Files\Anuman Interactive O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\Audacity O43 - CFD:Common File Directory ----D- C:\Program Files\AVG Anti-Spyware 7.5 O43 - CFD:Common File Directory ----D- C:\Program Files\AVI MPEG RM WMV Joiner O43 - CFD:Common File Directory ----D- C:\Program Files\Avi2Dvd O43 - CFD:Common File Directory ----D- C:\Program Files\Avira O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5 O43 - CFD:Common File Directory ----D- C:\Program Files\BackupBuddy O43 - CFD:Common File Directory ----D- C:\Program Files\Blues for Piano and Keyboard 10.0 O43 - CFD:Common File Directory ----D- C:\Program Files\BSD Concept O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner O43 - CFD:Common File Directory ----D- C:\Program Files\CDRWIN5 O43 - CFD:Common File Directory ----D- C:\Program Files\CH Products O43 - CFD:Common File Directory ----D- C:\Program Files\Cobian Backup 8 O43 - CFD:Common File Directory ----D- C:\Program Files\Cobian Backup 9 O43 - CFD:Common File Directory ----D- C:\Program Files\Common~1 O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications O43 - CFD:Common File Directory ----D- C:\Program Files\ConvertHelper O43 - CFD:Common File Directory ----D- C:\Program Files\Creative O43 - CFD:Common File Directory ----D- C:\Program Files\DAEMON Tools O43 - CFD:Common File Directory ----D- C:\Program Files\dBpowerAMP O43 - CFD:Common File Directory ----D- C:\Program Files\DivX O43 - CFD:Common File Directory ----D- C:\Program Files\Documents To Go O43 - CFD:Common File Directory ----D- C:\Program Files\DoublePics O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Shrink O43 - CFD:Common File Directory ----D- C:\Program Files\DxO Labs O43 - CFD:Common File Directory ----D- C:\Program Files\EarMaster Pro 5 O43 - CFD:Common File Directory ----D- C:\Program Files\EasyCleaner O43 - CFD:Common File Directory ----D- C:\Program Files\eMule O43 - CFD:Common File Directory ----D- C:\Program Files\ePaperPress O43 - CFD:Common File Directory ----D- C:\Program Files\EPSON O43 - CFD:Common File Directory ----D- C:\Program Files\Exifer O43 - CFD:Common File Directory ----D- C:\Program Files\FamilySearch O43 - CFD:Common File Directory R---D- C:\Program Files\Fichiers communs O43 - CFD:Common File Directory ----D- C:\Program Files\File Scanner Library (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\Foxit Software O43 - CFD:Common File Directory ----D- C:\Program Files\GedCom-Vision O43 - CFD:Common File Directory ----D- C:\Program Files\GedStar O43 - CFD:Common File Directory ----D- C:\Program Files\GNU O43 - CFD:Common File Directory ----D- C:\Program Files\GNU Solfege O43 - CFD:Common File Directory ----D- C:\Program Files\Google O43 - CFD:Common File Directory ----D- C:\Program Files\GrabIt O43 - CFD:Common File Directory ----D- C:\Program Files\Greeting Card Creator O43 - CFD:Common File Directory ----D- C:\Program Files\GRISOFT O43 - CFD:Common File Directory ----D- C:\Program Files\Guitar Pro 4 O43 - CFD:Common File Directory ----D- C:\Program Files\HanDBase3 O43 - CFD:Common File Directory ----D- C:\Program Files\HardwareDetection O43 - CFD:Common File Directory ----D- C:\Program Files\Harmony Assistant O43 - CFD:Common File Directory ----D- C:\Program Files\Helicon Software O43 - CFD:Common File Directory ----D- C:\Program Files\Hijackthis O43 - CFD:Common File Directory ----D- C:\Program Files\i2p O43 - CFD:Common File Directory ----D- C:\Program Files\icesword O43 - CFD:Common File Directory ----D- C:\Program Files\IfoEdit O43 - CFD:Common File Directory ----D- C:\Program Files\IKEA HomePlanner O43 - CFD:Common File Directory ----D- C:\Program Files\Illustrate O43 - CFD:Common File Directory ----D- C:\Program Files\iMule-1.4.5 O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer O43 - CFD:Common File Directory ----D- C:\Program Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\Java(2) O43 - CFD:Common File Directory ----D- C:\Program Files\jv16 PowerTools O43 - CFD:Common File Directory ----D- C:\Program Files\K-Lite Codec Pack O43 - CFD:Common File Directory ----D- C:\Program Files\Kommute O43 - CFD:Common File Directory ----D- C:\Program Files\Lavalys O43 - CFD:Common File Directory ----D- C:\Program Files\LizardTech O43 - CFD:Common File Directory ----D- C:\Program Files\Logitech O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com O43 - CFD:Common File Directory ----D- C:\Program Files\MagicISO O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD:Common File Directory ----D- C:\Program Files\Managed DirectX (0901) O43 - CFD:Common File Directory ----D- C:\Program Files\MaxSplitter O43 - CFD:Common File Directory ----D- C:\Program Files\Media Player Classic O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Backup O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft AntiSpyware O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Baseline Security Analyzer 2 O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Money 2005 O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET O43 - CFD:Common File Directory ----D- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox O43 - CFD:Common File Directory ----D- C:\Program Files\Mp3DirectCut O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache O43 - CFD:Common File Directory ----D- C:\Program Files\MSN O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0 O43 - CFD:Common File Directory ----D- C:\Program Files\Musicalis O43 - CFD:Common File Directory ----D- C:\Program Files\MUTE O43 - CFD:Common File Directory ----D- C:\Program Files\myFairTunes O43 - CFD:Common File Directory ----D- C:\Program Files\MyVideoSoft O43 - CFD:Common File Directory ----D- C:\Program Files\NapShare O43 - CFD:Common File Directory ----D- C:\Program Files\Neat Image O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting O43 - CFD:Common File Directory ----D- C:\Program Files\Newave O43 - CFD:Common File Directory ----D- C:\Program Files\Nikon O43 - CFD:Common File Directory ----D- C:\Program Files\Omer O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express O43 - CFD:Common File Directory ----D- C:\Program Files\Pando Networks O43 - CFD:Common File Directory ----D- C:\Program Files\PDFtoMusic O43 - CFD:Common File Directory ----D- C:\Program Files\PeerGuardian2 O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre O43 - CFD:Common File Directory ----D- C:\Program Files\Pinnacle O43 - CFD:Common File Directory ----D- C:\Program Files\PixVue O43 - CFD:Common File Directory ----D- C:\Program Files\PlayPianoTODAY O43 - CFD:Common File Directory ----D- C:\Program Files\PrivacyEraser Computing O43 - CFD:Common File Directory ----D- C:\Program Files\process monitor main O43 - CFD:Common File Directory ----D- C:\Program Files\PW O43 - CFD:Common File Directory ----D- C:\Program Files\QuickPar O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime O43 - CFD:Common File Directory ----D- C:\Program Files\RadCor O43 - CFD:Common File Directory ----D- C:\Program Files\Radio Fr Solo O43 - CFD:Common File Directory ----D- C:\Program Files\Reagclean O43 - CFD:Common File Directory ----D- C:\Program Files\Real O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies O43 - CFD:Common File Directory ----D- C:\Program Files\RegClean O43 - CFD:Common File Directory ----D- C:\Program Files\RipTiger O43 - CFD:Common File Directory ----D- C:\Program Files\Sandboxie O43 - CFD:Common File Directory ----D- C:\Program Files\SanDisk O43 - CFD:Common File Directory ----D- C:\Program Files\SaverWiz O43 - CFD:Common File Directory ----D- C:\Program Files\ScummVM O43 - CFD:Common File Directory ----D- C:\Program Files\SDHelper (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\SEAF O43 - CFD:Common File Directory ----D- C:\Program Files\Sensory O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne O43 - CFD:Common File Directory ----D- C:\Program Files\Sibelius Software O43 - CFD:Common File Directory ----D- C:\Program Files\Simple Sudoku O43 - CFD:Common File Directory R---D- C:\Program Files\Skype O43 - CFD:Common File Directory ----D- C:\Program Files\SlySoft O43 - CFD:Common File Directory ----D- C:\Program Files\Smart Panel O43 - CFD:Common File Directory ----D- C:\Program Files\Smart Projects O43 - CFD:Common File Directory ----D- C:\Program Files\SmartGenealogy_2.8c O43 - CFD:Common File Directory ----D- C:\Program Files\SmartList To Go O43 - CFD:Common File Directory ----D- C:\Program Files\SoftLogica O43 - CFD:Common File Directory ----D- C:\Program Files\Sophos O43 - CFD:Common File Directory ----D- C:\Program Files\SpeedFan O43 - CFD:Common File Directory ----D- C:\Program Files\SpeedItUpFree O43 - CFD:Common File Directory ----D- C:\Program Files\SplashData O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy O43 - CFD:Common File Directory ----D- C:\Program Files\StationRipper O43 - CFD:Common File Directory ----D- C:\Program Files\StealthNet O43 - CFD:Common File Directory ----D- C:\Program Files\Steinberg O43 - CFD:Common File Directory ----D- C:\Program Files\Sudoku O43 - CFD:Common File Directory ----D- C:\Program Files\Sudoku 3D Pro O43 - CFD:Common File Directory ----D- C:\Program Files\Sunbelt Software O43 - CFD:Common File Directory ----D- C:\Program Files\SUPERAntiSpyware O43 - CFD:Common File Directory ----D- C:\Program Files\SWI O43 - CFD:Common File Directory ----D- C:\Program Files\Synaesthete O43 - CFD:Common File Directory ----D- C:\Program Files\TeamViewer O43 - CFD:Common File Directory ----D- C:\Program Files\TeaTimer (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\thinkingBytes O43 - CFD:Common File Directory ----D- C:\Program Files\TimeAdjuster O43 - CFD:Common File Directory ----D- C:\Program Files\Tweak-XP Pro 4 O43 - CFD:Common File Directory ----D- C:\Program Files\Ujihara O43 - CFD:Common File Directory ----D- C:\Program Files\Ulead Systems O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information O43 - CFD:Common File Directory ----D- C:\Program Files\Universal Extractor O43 - CFD:Common File Directory ----D- C:\Program Files\Unlocker O43 - CFD:Common File Directory ----D- C:\Program Files\URLSnooper2 O43 - CFD:Common File Directory ----D- C:\Program Files\USB-set O43 - CFD:Common File Directory ----D- C:\Program Files\uTorrent O43 - CFD:Common File Directory ----D- C:\Program Files\VDMSound O43 - CFD:Common File Directory ----D- C:\Program Files\Vg O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN O43 - CFD:Common File Directory ----D- C:\Program Files\VirtualDubMOD O43 - CFD:Common File Directory ----D- C:\Program Files\VOB O43 - CFD:Common File Directory ----D- C:\Program Files\VSO O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Installer Clean Up O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Connect 2 O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT O43 - CFD:Common File Directory --HAD- C:\Program Files\WindowsUpdate O43 - CFD:Common File Directory ----D- C:\Program Files\WinHTTrack O43 - CFD:Common File Directory ----D- C:\Program Files\WinPcap O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR O43 - CFD:Common File Directory ----D- C:\Program Files\WINTREE O43 - CFD:Common File Directory ----D- C:\Program Files\Winwap Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\WinZip O43 - CFD:Common File Directory ----D- C:\Program Files\xerox O43 - CFD:Common File Directory ----D- C:\Program Files\Xi O43 - CFD:Common File Directory ----D- C:\Program Files\Yahoo! O43 - CFD:Common File Directory ----D- C:\Program Files\ZebHelpProcess 2 O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.00000000000000000000000000000000] - 29/04/2010 - 08:10:03 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1546261] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/04/2010 - 08:09:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.00000000000000000000000000000000] - 29/04/2010 - 08:09:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.00000000000000000000000000000000] - 29/04/2010 - 08:09:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 29/04/2010 - 08:08:36 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.5D3AEDF3D2FE2A4A2EA0C41929981BFC] - 29/04/2010 - 08:02:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000000-00000000-0000000B-00001102-00000004-00401102}.rfx [3888] O44 - LFC:[MD5.5D3AEDF3D2FE2A4A2EA0C41929981BFC] - 29/04/2010 - 08:02:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\BMXCtrlState-{00000000-00000000-0000000B-00001102-00000004-00401102}.rfx [3888] O44 - LFC:[MD5.00000000000000000000000000000000] - 29/04/2010 - 08:02:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SchedLgU.Txt [32484] O44 - LFC:[MD5.829BEECB029A6E8ED6D2BB6867B33ECD] - 29/04/2010 - 07:59:52 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB976002-v5.log [3483] O44 - LFC:[MD5.23A8C23D9C43F96CAABA5102B2E9D85C] - 28/04/2010 - 20:19:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ComboFix.txt [27327] O44 - LFC:[MD5.87AFDE2B95CB0FDB8477AB22D02BFC94] - 28/04/2010 - 20:06:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system.ini [274] O44 - LFC:[MD5.6490C3F6B8336D05DE8FCAD8C94F50C8] - 28/04/2010 - 09:06:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\PDOXUSRS.NET [13030] O44 - LFC:[MD5.7F4247C03A71E65171CEBC339B37AB20] - 27/04/2010 - 19:14:37 RSHA- . (.Pas de propriétaire - Pas de description.) -- C:\boot.ini [282] O44 - LFC:[MD5.3CECCD255392A3A640830F3CF97CE162] - 27/04/2010 - 19:14:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Boot.bak [212] O44 - LFC:[MD5.48C65662EC81FBCAA110509F50C51497] - 27/04/2010 - 19:14:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\cmldr [263488] O44 - LFC:[MD5.AE72E8619CB31D84DA25E2435E55003C] - 27/04/2010 - 19:12:56 ---A- . (.NirSoft - NirCmd.) -- C:\WINDOWS\NIRCMD.exe [31232] O44 - LFC:[MD5.C5EC72A20B4C98DB5314E6C46765B148] - 27/04/2010 - 19:12:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\MBR.exe [77312] O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 27/04/2010 - 19:12:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\grep.exe [80412] O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 27/04/2010 - 19:12:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\sed.exe [98816] O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 27/04/2010 - 19:12:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\zip.exe [68096] O44 - LFC:[MD5.01D95A1F8CF13D07CC564AABB36BCC0B] - 27/04/2010 - 19:12:56 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\WINDOWS\SWREG.exe [161792] O44 - LFC:[MD5.B7517DB073B28F5696A1E5528ABEB5D0] - 27/04/2010 - 19:12:56 ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\WINDOWS\SWSC.exe [136704] O44 - LFC:[MD5.B1A9CF0B6F80611D31987C247EC630B4] - 27/04/2010 - 19:12:56 ---A- . (.SteelWerX - Freeware implementation of XCACLS.) -- C:\WINDOWS\SWXCACLS.exe [212480] O44 - LFC:[MD5.4CB377F47552A9EF7EC3CDF19DFD4F5B] - 27/04/2010 - 18:57:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupapi.log [17331] O44 - LFC:[MD5.1A6D80AA9E021EC3B094887D47202188] - 27/04/2010 - 12:26:33 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-CLEAN[1].txt [4714] O44 - LFC:[MD5.265672A002D063A3ED2D26F939E04FC3] - 27/04/2010 - 12:13:33 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-SCAN[1].txt [4046] O44 - LFC:[MD5.EC1C7B6CCFB28B096C9D514ACCF05C74] - 27/04/2010 - 09:12:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\TB.txt [3152] O44 - LFC:[MD5.03939357AC44D57533D006012F4DE2D0] - 27/04/2010 - 08:02:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ntbtlog.txt [164570] O44 - LFC:[MD5.4BB0628A9105D8C11B602E6F53470015] - 27/04/2010 - 07:59:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\drivers\fwdrv.err [1735460] O44 - LFC:[MD5.F1FBA6185A6A2BC6456970914875078E] - 26/04/2010 - 14:58:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\PEV.exe [256512] O44 - LFC:[MD5.FBFAF1C2C34F301BBE4C9407D2AC60E1] - 26/04/2010 - 11:21:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [2206] O44 - LFC:[MD5.7112190518B5AEAA05B259BBE393C9ED] - 25/04/2010 - 17:18:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\NeroDigital.ini [116] O44 - LFC:[MD5.43B537FA5AAC2FDE07A7E320E4362363] - 21/04/2010 - 06:53:57 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\3) [2133] O44 - LFC:[MD5.A9C93CE2627B78646BE5BBCB95DEC8EA] - 11/04/2010 - 12:59:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\win.ini [940] O44 - LFC:[MD5.19BC3077C98654C4F685624D8383BC2E] - 07/04/2010 - 06:10:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\Radio_Fr.ini [1208] O44 - LFC:[MD5.91BA33C14DF133FA79AFB6A92F582CDD] - 04/04/2010 - 15:41:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\d3d9caps.dat [664] O44 - LFC:[MD5.3C94558CD1705DA468C9562110F34069] - 04/04/2010 - 10:37:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\DonationCoder_urlsnooper_InstallInfo.dat [46] O44 - LFC:[MD5.7311558A1B943CED90A75E0409F5C5D9] - 04/04/2010 - 10:36:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\-1 [57] O44 - LFC:[MD5.CF236C6C37519794C8CB663FA639297D] - 03/04/2010 - 11:06:51 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\java.exe [145184] O44 - LFC:[MD5.8BB5783B22869D303B2E624947A9A52A] - 03/04/2010 - 11:06:51 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\javaw.exe [145184] O44 - LFC:[MD5.AC600895C014D245B03749CA3B5CBED4] - 03/04/2010 - 11:06:51 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\WINDOWS\System32\javaws.exe [153376] O44 - LFC:[MD5.FC1F0157B07D3FA402FC629AE9B977AE] - 03/04/2010 - 11:06:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\jupdate-1.6.0_19-b04.log [4229] O44 - LFC:[MD5.C71E8FF0D92FF876EB1C591A34AFDD03] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.INI [1395924] O44 - LFC:[MD5.842A215C78E052C380DCB2515035588F] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc009.dat [102990] O44 - LFC:[MD5.E2E8D636EFC592EB4E0383DEEC8E42F3] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [123638] O44 - LFC:[MD5.87D027A624CA713E45C12986BE94972C] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh009.dat [535828] O44 - LFC:[MD5.36A359FF2187AD2C10957403688B50CA] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [615420] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll O46 - SEH:ShellExecuteHooks - Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\PROGRA~1\WINDOW~4\MpShHook.dll ---\\ Export de clé d'application autorisée (ECAA) (O47) O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dpnsvr.exe" [Disabled] .(.Microsoft Corporation - Microsoft DirectPlay8 Server.) -- C:\WINDOWS\system32\dpnsvr.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\sessmgr.exe" [Disabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe" [Disabled] .(.http://www.emule-project.net - eMule.) -- C:\Program Files\eMule\emule.exe O47 - AAKE:Key Export SP - "C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe" [Enabled] .(.Sunbelt Software - Sunbelt Kerio Firewall GUI.) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\uTorrent.exe" [Enabled] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\msncall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\MSN Messenger\msncall.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\livecall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\MSN Messenger\livecall.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) (.not file.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) (.not file.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"VIDC.DIVX"="divx.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\divx.dll O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\xvidvfw.dll O52 - TDSD: \Drivers32\"vidc.iv41"="Ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\Ir41_32.ax O52 - TDSD: \Drivers32\"VIDC.YV12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\WINDOWS\System32\yv12vfw.dll O52 - TDSD: \Drivers32\"msacm.vorbis"="vorbis.acm" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\System32\vorbis.acm O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\System32\ac3acm.acm O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\WINDOWS\System32\lameACM.acm O52 - TDSD: \Drivers32\"msacm.divxa32"="divxa32.acm" . (.Kristal Studi - DivX WMA Audi.) -- C:\WINDOWS\System32\divxa32.acm O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ff_vfw.dll O52 - TDSD: \Drivers32\"vidc.tscc"="tsccvid.dll" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- C:\WINDOWS\System32\tsccvid.dll O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"tssoft32.acm"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \drivers.desc\"iccvid.dll"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \drivers.desc\"ir32_32.dll"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \drivers.desc\"Ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"iyvu9_32.dll"="Indeo® video Raw YVU9 by Intel" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\iyvu9_32.dll O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\Iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\Iac25_32.ax O52 - TDSD: \drivers.desc\"divx.dll"="DivX Pro 6.7.0" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec v1.2.0-dev" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.97b2" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"vorbis.acm"="Ogg Vorbis Audio Codec" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\System32\vorbis.acm O52 - TDSD: \drivers.desc\"Ir41_32.ax"="Indeo® video interactive R4.3 by Intel" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\System32\ac3acm.acm O52 - TDSD: \drivers.desc\"divxa32.acm"="DivX Audio" . (.Kristal Studi - DivX WMA Audi.) -- C:\WINDOWS\System32\divxa32.acm O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ff_vfw.dll O52 - TDSD: \drivers.desc\"tsccvid.dll"="TechSmith Screen Capture Codec" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- C:\WINDOWS\System32\tsccvid.dll ---\\ ShareTools MSconfig StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\DAEMON Tools [Key] . (.DT Soft Ltd. - Virtual DAEMON Manager.) -- C:\Program Files\DAEMON Tools\daemon.exe O53 - SMSR:HKLM\...\startupreg\LogitechQuickCamRibbon [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1 O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDrives"=0 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:[MD5.95B4FB835E28AA1336CEEB07FD5B9398] - 13/04/2008 - 19:36:39 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\drivers\amdagp.sys O58 - SDL:[MD5.116BFF96077A4A724E0AAB800525CEB5] - 28/08/2002 - 22:59:12 ---A- . (.ADMtek Incorporated. - ADMtek AN983/AN985/ADM951X NDIS5 Driver.) -- C:\WINDOWS\system32\drivers\an983.sys O58 - SDL:[MD5.875F9079CABEE679D34B49E466B61701] - 17/04/2002 - 19:27:02 ---A- . (.VOB Computersysteme GmbH - ASAPI.) -- C:\WINDOWS\system32\drivers\asapiW2k.sys O58 - SDL:[MD5.D649C57DA6FA762C64013747E5D7D2D6] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\drivers\ati1btxx.sys O58 - SDL:[MD5.60B6AA2DC1521DA343F781B70EB7895A] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec.) -- C:\WINDOWS\system32\drivers\ati1mdxx.sys O58 - SDL:[MD5.6FDC61E8E8E17F6ECC2D9A10FA8DF347] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec.) -- C:\WINDOWS\system32\drivers\ati1pdxx.sys O58 - SDL:[MD5.9D318099BF3876A4AF4BC75966D27603] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\drivers\ati1raxx.sys O58 - SDL:[MD5.BCAF267B10620F8C93F6E87AB726E145] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1rvxx.sys O58 - SDL:[MD5.DAC7D785CF62F5BD41441E9D6F5A6EFE] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1snxx.sys O58 - SDL:[MD5.F7706DAE7D101F1B19CE552D772EBFCE] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\drivers\ati1ttxx.sys O58 - SDL:[MD5.6F714B4720DD80FFA9F8D2731594EA4C] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1tuxx.sys O58 - SDL:[MD5.67FFBC158DD4D27BA3FC92C6ACD87F73] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1xbxx.sys O58 - SDL:[MD5.0D8CAB1F08F7D3C4DE228B49E12E596A] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1xsxx.sys O58 - SDL:[MD5.A2F791E99FD6EECEBCCFB1953A1D6F24] - 19/08/2004 - 14:53:40 ---A- . (.ATI Technologies Inc. - Pilote de miniport ATI RAGE 128.) -- C:\WINDOWS\system32\drivers\ati2mtaa.sys O58 - SDL:[MD5.492BD2A5F65F218D4EDE5764A3BB67E9] - 03/05/2006 - 17:50:42 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys O58 - SDL:[MD5.993E7BD6438FE989E328C6B4BCA246A9] - 03/08/2004 - 21:29:28 ---A- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\drivers\atinbtxx.sys O58 - SDL:[MD5.ED4C2BF8403F4437987C0BA09CF48716] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec RT2.) -- C:\WINDOWS\system32\drivers\atinmdxx.sys O58 - SDL:[MD5.E90AC2B14E98F1A4372E5891B4278784] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec RT2.) -- C:\WINDOWS\system32\drivers\atinpdxx.sys O58 - SDL:[MD5.DA36687D701C833430605A298731410B] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\drivers\atinraxx.sys O58 - SDL:[MD5.A7A01B907DB63898D40B0A14248FF9A2] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver RT2.) -- C:\WINDOWS\system32\drivers\atinrvxx.sys O58 - SDL:[MD5.CEDDEE2E0591894D19654D458FD3B9BE] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\drivers\atinsnxx.sys O58 - SDL:[MD5.D80A8F6C0A717446496C3A06D33B0D9C] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\drivers\atinttxx.sys O58 - SDL:[MD5.EDD66332608D27F4FD5069BCD0BC5164] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\drivers\atintuxx.sys O58 - SDL:[MD5.3E7D485CBD0B0D9F6EA2AD9442411831] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\atinxbxx.sys O58 - SDL:[MD5.77B575D7AAB35D5908AE6CE681608D62] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver RT2.) -- C:\WINDOWS\system32\drivers\atinxsxx.sys O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 13/02/2009 - 11:17:49 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 10/12/2009 - 19:28:27 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys O58 - SDL:[MD5.2DAA8CC2670720DEDDCC74A20EDE2EE9] - 13/02/2009 - 11:28:39 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys O58 - SDL:[MD5.AD9BD66A862116E79CB45BB6BE46055F] - 30/03/2009 - 09:32:47 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\WINDOWS\system32\drivers\avipbb.sys O58 - SDL:[MD5.35A301482478E97BE6E1C2748CE930E1] - 02/07/2003 - 17:41:42 ---A- . (.Pas de propriétaire - SCSI miniport.) -- C:\WINDOWS\system32\drivers\axwhisky.sys O58 - SDL:[MD5.F3B1CE696CCF6448C85E7CDC702098D8] - 02/07/2003 - 16:49:52 ---A- . (.Pas de propriétaire - Plug and Play BIOS Extension.) -- C:\WINDOWS\system32\drivers\axwskbus.sys O58 - SDL:[MD5.AABFFD787AB272FC903AFEEB336C6899] - 21/11/2006 - 00:36:58 ---A- . (.CH Products - CH Control Manager Driver 1.) -- C:\WINDOWS\system32\drivers\chdrvr01.sys O58 - SDL:[MD5.7536FB70BCBF5D10B810E67E72F68137] - 22/12/2005 - 22:41:52 ---A- . (.CH Products - CH Control Manager Driver 2.) -- C:\WINDOWS\system32\drivers\chdrvr02.sys O58 - SDL:[MD5.07E3319E5BAE758CEB83C80419681B6A] - 22/12/2005 - 22:41:44 ---A- . (.CH Products - CH Control Manager Driver 3.) -- C:\WINDOWS\system32\drivers\chdrvr03.sys O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 28/08/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 28/08/2001 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys O58 - SDL:[MD5.D653F455B176529F0427B24361139619] - 11/09/2001 - 13:10:14 R--A- . (.Creative Technology Ltd. - Creative OS Services Driver (WDM).) -- C:\WINDOWS\system32\drivers\ctoss2k.sys O58 - SDL:[MD5.5776322F93CDB91086111F5FFBFDA2A0] - 22/08/2004 - 15:31:10 ---A- . (.Pas de propriétaire - PnP BIOS Extension.) -- C:\WINDOWS\system32\drivers\d347bus.sys O58 - SDL:[MD5.B49F79ACE459763F4E0380071BE9CB45] - 22/08/2004 - 15:31:48 ---A- . (.Pas de propriétaire - SCSI miniport.) -- C:\WINDOWS\system32\drivers\d347prt.sys O58 - SDL:[MD5.EF99D8DAB9FCE9B734B40D5E0DD6ABB4] - 02/10/2001 - 16:06:30 R--A- . (.Creative Technology Ltd - Creative EMU10Kx Device Driver (WDM).) -- C:\WINDOWS\system32\drivers\e10kx2k.sys O58 - SDL:[MD5.59C9E1336A4508F059827D638E924C62] - 28/11/2002 - 15:18:04 ---A- . (.Elaborate Bytes AG - ElbyCDIO Filter Driver.) -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys O58 - SDL:[MD5.389823DB299B350F2EE830D47376EEAC] - 29/11/2002 - 12:38:16 ---A- . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys O58 - SDL:[MD5.C4143FC2F7D39A5A8B1CFE0BC4BD8A9E] - 28/11/2002 - 11:43:49 ---A- . (.Elaborate Bytes AG - VirtualCloneCD Driver.) -- C:\WINDOWS\system32\drivers\ElbyVCD.sys O58 - SDL:[MD5.1FF2EEF447A177DF2C544B80F8F7F879] - 18/07/2006 - 11:02:50 ---A- . (.Sunbelt Software - Sunbelt Kerio Firewall FWDRV.) -- C:\WINDOWS\system32\drivers\fwdrv.sys O58 - SDL:[MD5.B56EB0A2210980E76390BD670BCB618B] - 15/06/2008 - 12:14:29 ---A- . (.GMER - GMER Driver http://www.gmer.net.) -- C:\WINDOWS\system32\drivers\gmer.sys O58 - SDL:[MD5.970178E8E003EB1481293830069624B9] - 03/08/2004 - 21:41:48 ---A- . (.Conexant Systems, Inc. - HSF_HWB2 WDM driver.) -- C:\WINDOWS\system32\drivers\hsfbs2s2.sys O58 - SDL:[MD5.1225EBEA76AAC3C84DF6C54FE5E5D8BE] - 03/08/2004 - 21:41:50 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\system32\drivers\hsfcxts2.sys O58 - SDL:[MD5.EBB354438A4C5A3327FB97306260714A] - 03/08/2004 - 21:41:56 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\drivers\hsfdpsp2.sys O58 - SDL:[MD5.0A7C49B48C772591A2D362DAA00246C8] - 03/03/2004 - 21:30:54 ---A- . (.Ahead Software AG - NERO IMAGEDRIVE SCSI miniport.) -- C:\WINDOWS\system32\drivers\imagedrv.sys O58 - SDL:[MD5.549BA4F539E7B8D8129500B96DD7B27A] - 03/03/2004 - 21:30:54 ---A- . (.Ahead Software AG - Nero Image Server.) -- C:\WINDOWS\system32\drivers\imagesrv.sys O58 - SDL:[MD5.AD81C7B17A815C872881BB56F42E56F4] - 26/03/2003 - 04:25:32 R--A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\WINDOWS\system32\drivers\iteraid.sys O58 - SDL:[MD5.304CE9FB3D64CAA07B940BEF4F8C2DCD] - 18/07/2006 - 11:02:52 ---A- . (.Sunbelt Software - Sunbelt Kerio Host Intrusion Prevention Driver.) -- C:\WINDOWS\system32\drivers\khips.sys O58 - SDL:[MD5.9A3D4FC6B86E7E36473079AB76AC703D] - 06/02/2007 - 16:42:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\Lvckap.sys O58 - SDL:[MD5.0ACBC11F19320AF6C19F2E20013D9095] - 06/02/2007 - 16:44:36 ---A- . (.Logitech Inc. - Logitech Machine Vision Engine Loader.) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys O58 - SDL:[MD5.E8ACF6DD83956FB63CEB058D5F51B18A] - 03/02/2007 - 09:30:58 ---A- . (.Logitech Inc. - Logitech AudioProcessing Filter Driver.) -- C:\WINDOWS\system32\drivers\lvpopflt.sys O58 - SDL:[MD5.12866641284EBB41E627BB53C04DA959] - 06/02/2007 - 16:45:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys O58 - SDL:[MD5.6E59BC28A41F8A2B702D345A5604652F] - 23/06/2006 - 23:29:43 R--A- . (.Logitech Inc. - Logitech Selective Suspend filter Driver.) -- C:\WINDOWS\system32\drivers\lvselsus.sys O58 - SDL:[MD5.64BC29C3A0388BFC580BB8B1346F7659] - 03/02/2007 - 09:32:36 ---A- . (.Logitech Inc. - USB Statistic Driver.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys O58 - SDL:[MD5.922BE6770499220DC27B529CA236815A] - 03/02/2007 - 09:32:46 ---A- . (.Logitech Inc. - Logitech USB Video Class Driver.) -- C:\WINDOWS\system32\drivers\lvuvc.sys O58 - SDL:[MD5.5C329E2AB8DD62310213CBFAC0178539] - 03/02/2007 - 09:33:00 ---A- . (.Logitech Inc. - Logitech USB Video Class Filter Driver.) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys O58 - SDL:[MD5.F61B04F2BB5098A34817D776C59E5E7C] - 30/03/2010 - 23:45:52 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys O58 - SDL:[MD5.75B8EF2A089127E8A3B38F46CC366D79] - 30/03/2010 - 23:46:30 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys O58 - SDL:[MD5.195741AEE20369980796B557358CD774] - 03/08/2004 - 21:41:56 ---A- . (.Conexant - Diagnostic Interface DRIVER.) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys O58 - SDL:[MD5.4D2D882DAEE49B35B7B56FD9444564E9] - 11/12/2007 - 01:05:36 R--A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\WINDOWS\system32\drivers\mod7700.sys O58 - SDL:[MD5.370E88453EC0D7BEA6EB24BE8D865DBE] - 19/10/2007 - 14:32:58 R--A- . (.DiBcom S.A. - HID Infrared Remote Control minidriver.) -- C:\WINDOWS\system32\drivers\modrc.sys O58 - SDL:[MD5.C53775780148884AC87C455489A0C070] - 03/08/2004 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys O58 - SDL:[MD5.54886A652BF5685192141DF304E923FD] - 03/08/2004 - 21:41:38 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\mtlstrm.sys O58 - SDL:[MD5.6DDA78A0BE692B61B668FAB860F276CF] - 03/08/2004 - 21:29:38 ---A- . (.Matrox Graphics Inc. - Matrox Parhelia Miniport Driver.) -- C:\WINDOWS\system32\drivers\mtxparhm.sys O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys O58 - SDL:[MD5.B9730495E0CF674680121E34BD95A73B] - 20/10/2009 - 19:19:44 ---A- . (.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\WINDOWS\system32\drivers\npf.sys O58 - SDL:[MD5.576B34CEAE5B7E5D9FD2775E93B3DB53] - 03/08/2004 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys O58 - SDL:[MD5.2B298519EDBFCF451D43E0F1E8F1006D] - 03/08/2004 - 21:29:56 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys O58 - SDL:[MD5.5B6C11DE7E839C05248CED8825470FEF] - 29/11/2008 - 13:53:06 ---A- . (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\WINDOWS\system32\drivers\pcouffin.sys O58 - SDL:[MD5.EEDB845B7648D6FD632DDB8744892743] - 02/02/2007 - 16:30:34 ---A- . (.Pinnacle Systems GmbH - Virtual NDIS miniport driver.) -- C:\WINDOWS\system32\drivers\PctvVirtualNdis.sys O58 - SDL:[MD5.C3127BFDAB6200769B5A0184FAB48573] - 22/05/2002 - 00:00:00 ---A- . (.Engelmann GmbH - PrecSim SCSI miniport.) -- C:\WINDOWS\system32\drivers\precsim.sys O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 28/08/2001 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys O58 - SDL:[MD5.49452BFCEC22F36A7A9B9C2181BC3042] - 20/11/2008 - 20:19:06 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\pxhelp20.sys O58 - SDL:[MD5.E9AAA0092D74A9D371659C4C38882E12] - 03/08/2004 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\recagent.sys O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys O58 - SDL:[MD5.0DBCC071A268E0340A2BA6BDD98BACE4] - 03/08/2004 - 21:29:52 ---A- . (.S3 Graphics, Inc. - S3 ProSavage(DDR) & Twister Miniport Driver.) -- C:\WINDOWS\system32\drivers\s3gnbm.sys O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys O58 - SDL:[MD5.6B33D0EBD30DB32E27D1D78FE946A754] - 13/04/2008 - 19:36:39 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\sisagp.sys O58 - SDL:[MD5.D9673011648A71ED1E1F77B831BC85E6] - 03/08/2004 - 21:41:42 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slnt7554.sys O58 - SDL:[MD5.2C1779C0FEB1F4A6033600305EBA623A] - 03/08/2004 - 21:41:44 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slntamr.sys O58 - SDL:[MD5.F9B8E30E82EE95CF3E1D3E495599B99C] - 03/08/2004 - 21:41:46 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slnthal.sys O58 - SDL:[MD5.DB56BB2C55723815CF549D7FC50CFCEB] - 03/08/2004 - 21:41:46 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slwdmsup.sys O58 - SDL:[MD5.71E276F6D189413266EA22171806597B] - 23/08/2008 - 10:10:57 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\WINDOWS\system32\drivers\sptd.sys O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 03/10/2009 - 14:04:29 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys O58 - SDL:[MD5.465DC203AD69D56F290480DAE756A9F9] - 27/09/2005 - 08:00:02 ---A- . (.PACE Anti-Piracy, Inc. - InterLok system file.) -- C:\WINDOWS\system32\drivers\TPkd.sys O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 28/08/2001 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 28/08/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys O58 - SDL:[MD5.D956827780A0B7EAE97930116E5649F7] - 04/05/2001 - 08:24:52 ---A- . (.VIA Technologies. Inc. - VIA PFD driver.) -- C:\WINDOWS\system32\drivers\VIAPFD.SYS O58 - SDL:[MD5.0308AEF61941E4AF478FA1A0F83812F5] - 03/08/2004 - 21:29:40 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv07nt.sys O58 - SDL:[MD5.714038A8AA5DE08E12062202CD7EAEB5] - 03/08/2004 - 21:29:40 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv08nt.sys O58 - SDL:[MD5.7BB3AA595E4507A788DE1CDC63F4C8C4] - 03/08/2004 - 21:29:42 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv09nt.sys O58 - SDL:[MD5.36E6C405B6143D09687F4056FD9A0D10] - 03/08/2004 - 21:29:42 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv11nt.sys O58 - SDL:[MD5.352FA0E98BC461CE1CE5D41F64DB558D] - 03/08/2004 - 21:29:46 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\watv06nt.sys O58 - SDL:[MD5.791CC45DE6E50445BE72E8AD6401FF45] - 03/08/2004 - 21:29:46 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\watv10nt.sys O58 - SDL:[MD5.BA898B29F0DBF9307F494475A8393F03] - 05/05/2005 - 16:01:34 RSH-- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\0AA48D50C7.sys O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys O58 - SDL:[MD5.77EBF3E9386DAA51551AF429052D88D0] - 03/04/1996 - 20:33:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\giveio.sys O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 28/08/2002 - 20:23:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys O58 - SDL:[MD5.F171E6EC36928C226BB43D111C759F58] - 05/05/2005 - 16:15:39 -SHA- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\KGyGaAvL.sys O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 03/08/2004 - 21:45:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 03/08/2004 - 21:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 03/08/2004 - 21:45:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 03/08/2004 - 21:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 03/08/2004 - 21:45:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys O58 - SDL:[MD5.D703F972D23867DFD4EE9A9EF9CB767E] - 15/06/2005 - 15:55:53 ---A- . (.Windows ® 2000 DDK provider - SpeedFan Device Driver.) -- C:\WINDOWS\system32\speedfan.sys O58 - SDL:[MD5.F05028B163B92C302A74409D683AC9B0] - 27/04/2007 - 14:19:44 ---A- . (.AntiCracking - SVKP driver for NT.) -- C:\WINDOWS\system32\SVKP.sys ---\\ Alternate Data Stream File (ADS) (O62) O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\$winnt$.inf:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\0AA48D50C7.sys:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\12520437.cpx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\12520850.cpx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\aaaamon.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\acctres.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\acelpdec.ax:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\acledit.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\activeds(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\activeds.tlb:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\adptif.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\adsldpc(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\adsnds.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\advapi32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ansi.sys:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\apcups.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\append.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\apphelp(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\arp.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\asr_ldm.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\atkctrs.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\atl(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\atmpvcno.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\audiosrv(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\authz(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\autodisc.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\autoexec.nt:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\AUTOEXEC.NT.bak:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avicap.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avicap32.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avifile.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avmeter.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avtapi.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avwav.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bios1.rom:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bios4.rom:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bootok.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bootvid.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bootvrfy.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bopomofo.uce:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\browser(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cabinet(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\calc.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cards.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ccfgnt.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cdmodem.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\certcli(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\certmgr.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CF32569.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\charmap.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\Chaînes.scf:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\chcp.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\chkdsk.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\chkntfs.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciadmin.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciadv.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaResSvr20.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaSubClsSvr.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaXPFrame20.ocx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaXPRegSvr20.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaXPStatusBar20.ocx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cidaemon.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ckcnv.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clb.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clbcatq(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cliconf.chm:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cliconfg.rll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clspack.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clusapi(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmdlib.wsc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmmgr32.hlp:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmos.ram:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmpbk32.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cnetcfg.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CNMLM3q.DLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CNMVS3q.DLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cnvfat.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\colbact(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comcat.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comctl32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comdlg32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comm.drv:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\command.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\commdlg.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comp.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\compact.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\compmgmt.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\compobj.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comres(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comsvcs(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CONFIG.NT:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\console.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\control.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\convert.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\country.sys:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CPUINFO2.DLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\credui(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\crtdll.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\crypt32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cryptdll(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cryptsvc(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cryptui(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cscdll(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\csseqchk.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CtMp3.Crl:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ctype.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_037.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10000.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10006.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10007.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10010.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10017.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10029.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10079.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10081.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10082.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1026.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1250.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1251.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1252.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1253.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1254.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1255.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1256.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1257.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1258.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20127.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20261.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20866.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20905.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_21866.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28591.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28592.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28593.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\C_28594.NLS:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\C_28595.NLS:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\C_28597.NLS:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28598.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28599.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28603.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28605.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_437.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_500.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_737.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_775.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_850.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_852.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_855.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_857.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_860.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_861.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_863.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_865.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_866.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_869.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_874.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_875.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_932.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_936.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_949.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_950.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dim.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dpmesh.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dramp.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3drm.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dxof.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\davclnt(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbgeng.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbmsadsn.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbmsvinn.dLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ddeml.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\debug.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskadp.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskmon.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskperf.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\devmgmt.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dfrg.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dfrgres.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dgrpsetu.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dgsetup.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dhcpcsvc(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dhcpsapi.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diactfrm.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dimap.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskcomp.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskcopy.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskmgmt.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskperf.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\divxdec_0407.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\divxdec_040c.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\divxdec_0411.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dllhst3g.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmconfig.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmdskres.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmintf.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmocx.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmserver(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmview.ocx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dnsapi(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dnsrslvr(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\Drivers\acpiec.sys:KAVICHS ---\\ Liste des outils de nettoyage (LATC) (O63) O63 - Logiciel: Ad-Remover By C_XX - (.C_XX.) O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) O63 - Logiciel: SEAF By C_XX - (.C_XX.) O63 - Logiciel: ZHPDiag 1.25 - (.Nicolas Coolman.) O63 - Logiciel: RSIT - (.random/random.) O63 - Logiciel: Toolbar SD - (.IDN Team.) ---\\ Liste des services Legacy (LALS) (O64) O64 - Services: CurCS - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe - Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) .(.Pas de propriétaire - Pas de description.) - LEGACY_ADOBEACTIVEFILEMONITOR5.0 O64 - Services: CurCS - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe - Adobe LM Service (Adobe LM Service) .(.Adobe Systems - System Level Service Utility.) - LEGACY_ADOBE_LM_SERVICE O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\sched.exe - Avira AntiVir Planificateur (AntiVirSchedulerService) .(.Avira GmbH - Antivirus Scheduler.) - LEGACY_ANTIVIRSCHEDULERSERVICE O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avguard.exe - Avira AntiVir Guard (AntiVirService) .(.Avira GmbH - Antivirus On-Access Service.) - LEGACY_ANTIVIRSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Ati2evxx.exe - Ati HotKey Poller (Ati HotKey Poller) .(.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - LEGACY_ATI_HOTKEY_POLLER O64 - Services: CurCS - C:\WINDOWS\system32\ati2sgag.exe - ATI Smart (ATI Smart) .(.Pas de propriétaire - ATI Smart.) - LEGACY_ATI_SMART O64 - Services: CurCS - (.not file.) - Avg Anti-Rootkit Clean Driver (AvgArCln) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVGARCLN O64 - Services: CurCS - (.not file.) - AVG Anti-Spyware Clean Driver (AvgAsCln) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVGASCLN O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - (.not file.) - AVG Anti-Spyware Driver (AVG Anti-Spyware Driver) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVG_ANTI-SPYWARE_DRIVER O64 - Services: CurCS - (.not file.) - AVG Clean Driver (AVG Clean Driver) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVG_CLEAN_DRIVER O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB O64 - Services: CurCS - (.not file.) - catchme (catchme) .(.Pas de propriétaire - Pas de description.) - LEGACY_CATCHME O64 - Services: CurCS - (.not file.) - Creative AC3 Software Decoder (ctac32k) .(.Pas de propriétaire - Pas de description.) - LEGACY_CTAC32K O64 - Services: CurCS - (.not file.) - Creative Proxy Driver (ctprxy2k) .(.Pas de propriétaire - Pas de description.) - LEGACY_CTPRXY2K O64 - Services: CurCS - (.not file.) - Creative SoundFont Management Device Driver (ctsfm2k) .(.Pas de propriétaire - Pas de description.) - LEGACY_CTSFM2K O64 - Services: CurCS - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ElbyCDIO.sys - ElbyCDIO Driver (ElbyCDIO) .(.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) - LEGACY_ELBYCDIO O64 - Services: CurCS - (.not file.) - E-mu Plug-in Architecture Driver (emupia) .(.Pas de propriétaire - Pas de description.) - LEGACY_EMUPIA O64 - Services: CurCS - (.not file.) - Freenet 0.7 darknet (freenet-darknet) .(.Pas de propriétaire - Pas de description.) - LEGACY_FREENET-DARKNET O64 - Services: CurCS - C:\WINDOWS\system32\drivers\fwdrv.sys - Firewall Driver (fwdrv) .(.Sunbelt Software - Sunbelt Kerio Firewall FWDRV.) - LEGACY_FWDRV O64 - Services: CurCS - C:\WINDOWS\system32\giveio.sys - giveio (giveio) .(.Pas de propriétaire - Pas de description.) - LEGACY_GIVEIO O64 - Services: CurCS - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - Google Software Updater (gusvc) .(.Google - gusvc.) - LEGACY_GUSVC O64 - Services: CurCS - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe - InstallDriver Table Manager (IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT O64 - Services: CurCS - (.not file.) - File Security Kernel Anti-Spyware Driver (ikhfile) .(.Pas de propriétaire - Pas de description.) - LEGACY_IKHFILE O64 - Services: CurCS - (.not file.) - Kernel Anti-Spyware Driver (ikhlayer) .(.Pas de propriétaire - Pas de description.) - LEGACY_IKHLAYER O64 - Services: CurCS - (.not file.) - IsDrv118 (IsDrv118) .(.Pas de propriétaire - Pas de description.) - LEGACY_ISDRV118 O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\drivers\khips.sys - Kerio HIPS Driver (khips) .(.Sunbelt Software - Sunbelt Kerio Host Intrusion Prevention Dri.) - LEGACY_KHIPS O64 - Services: CurCS - (.not file.) - Klif (Klif) .(.Pas de propriétaire - Pas de description.) - LEGACY_KLIF O64 - Services: CurCS - (.not file.) - Klmc (Klmc) .(.Pas de propriétaire - Pas de description.) - LEGACY_KLMC O64 - Services: CurCS - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe - Sunbelt Kerio Personal Firewall 4 (KPF4) .(.Sunbelt Software - Sunbelt Kerio Firewall Service.) - LEGACY_KPF4 O64 - Services: CurCS - C:\WINDOWS\system32\drivers\LVPr2Mon.sys - Logitech LVPr2Mon Driver (LVPr2Mon) .(.Pas de propriétaire - Pas de description.) - LEGACY_LVPR2MON O64 - Services: CurCS - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe - Logitech Process Monitor (LVPrcSrv) .(.Logitech Inc. - Logitech LVPrcSrv Module..) - LEGACY_LVPRCSRV O64 - Services: CurCS - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe - LVSrvLauncher (LVSrvLauncher) .(.Logitech Inc. - LogitechService Launcher.) - LEGACY_LVSRVLAUNCHER O64 - Services: CurCS - (.not file.) - MBAMProtector (MBAMProtector) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - (.not file.) - MBAMService (MBAMService) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBAMSERVICE O64 - Services: CurCS - (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR O64 - Services: CurCS - (.not file.) - mchInjDrv (mchInjDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_MCHINJDRV O64 - Services: CurCS - (.not file.) - Network Associates McShield (McShield) .(.Pas de propriétaire - Pas de description.) - LEGACY_MCSHIELD O64 - Services: CurCS - (.not file.) - Network Associates Task Manager (McTaskManager) .(.Pas de propriétaire - Pas de description.) - LEGACY_MCTASKMANAGER O64 - Services: CurCS - (.not file.) - mountmgr (mountmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MOUNTMGR O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP O64 - Services: CurCS - (.not file.) - NaiAvFilter1 (NaiAvFilter1) .(.Pas de propriétaire - Pas de description.) - LEGACY_NAIAVFILTER1 O64 - Services: CurCS - (.not file.) - NAI Anti Virus (NaiAvFilter101) .(.Pas de propriétaire - Pas de description.) - LEGACY_NAIAVFILTER101 O64 - Services: CurCS - (.not file.) - NaiAvTdi1 (NaiAvTdi1) .(.Pas de propriétaire - Pas de description.) - LEGACY_NAIAVTDI1 O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS O64 - Services: CurCS - C:\WINDOWS\system32\drivers\npf.sys - NetGroup Packet Filter Driver (NPF) .(.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) - LEGACY_NPF O64 - Services: CurCS - C:\WINDOWS\system32\drivers\ctoss2k.sys - Creative OS Services Driver (ossrv) .(.Creative Technology Ltd. - Creative OS Services Driver (WDM).) - LEGACY_OSSRV O64 - Services: CurCS - (.not file.) - PartMgr (PartMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARTMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PFMODNT.sys - PfModNT (PfModNT) .(.Creative Technology Ltd. - PCI/ISA Device Info. Service.) - LEGACY_PFMODNT O64 - Services: CurCS - C:\Program Files\PixVue\bin\Daemon.exe - PixVue (PixVue) .(.PixVue.Com - PixVue Daemon.) - LEGACY_PIXVUE O64 - Services: CurCS - (.not file.) - PROCEXP113 (PROCEXP113) .(.Pas de propriétaire - Pas de description.) - LEGACY_PROCEXP113 O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP O64 - Services: CurCS - (.not file.) - RKREVEAL150 (RKREVEAL150) .(.Pas de propriétaire - Pas de description.) - LEGACY_RKREVEAL150 O64 - Services: CurCS - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS O64 - Services: CurCS - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys - SASDIFSV (SASDIFSV) .(.Pas de propriétaire - SASDIFSV.) - LEGACY_SASDIFSV O64 - Services: CurCS - C:\Program Files\SUPERAntiSpyware\SASENUM.sys - SASENUM (SASENUM) .(.SuperAdBlocker, Inc. - SuperAntiSpyware.) - LEGACY_SASENUM O64 - Services: CurCS - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys - SASKUTIL (SASKUTIL) .(.Pas de propriétaire - SASKUTIL.SYS.) - LEGACY_SASKUTIL O64 - Services: CurCS - (.not file.) - SAVOnAccess Control (SAVOnAccess Control) .(.Pas de propriétaire - Pas de description.) - LEGACY_SAVONACCESS_CONTROL O64 - Services: CurCS - (.not file.) - SAVOnAccess Filter (SAVOnAccess Filter) .(.Pas de propriétaire - Pas de description.) - LEGACY_SAVONACCESS_FILTER O64 - Services: CurCS - C:\Program Files\Sandboxie\SbieDrv.sys - SbieDrv (SbieDrv) .(.tzuk - Sandboxie Kernel Mode Driver.) - LEGACY_SBIEDRV O64 - Services: CurCS - C:\Program Files\Sandboxie\SbieSvc.exe - Sandboxie Service (SbieSvc) .(.tzuk - Sandboxie Service.) - LEGACY_SBIESVC O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\secdrv.sys - Secdrv (Secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - C:\WINDOWS\system32\speedfan.sys - speedfan (speedfan) .(.Windows ® 2000 DDK provider - SpeedFan Device Driver.) - LEGACY_SPEEDFAN O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\sptd.sys - sptd (sptd) .(.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) - LEGACY_SPTD O64 - Services: CurCS - (.not file.) - srescan (srescan) .(.Pas de propriétaire - Pas de description.) - LEGACY_SRESCAN O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - C:\WINDOWS\system32\SVKP.sys - SVKP (SVKP) .(.AntiCracking - SVKP driver for NT.) - LEGACY_SVKP O64 - Services: CurCS - (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\TPKD.sys - TPkd (TPkd) .(.PACE Anti-Piracy, Inc. - InterLok system file.) - LEGACY_TPKD O64 - Services: CurCS - (.not file.) - Gestionnaire de téléchargement (uploadmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_UPLOADMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VIAPFD.sys - VIAPFD (VIAPFD) .(.VIA Technologies. Inc. - VIA PFD driver.) - LEGACY_VIAPFD O64 - Services: CurCS - (.not file.) - vsdatant (vsdatant) .(.Pas de propriétaire - Pas de description.) - LEGACY_VSDATANT O64 - Services: CurCS - (.not file.) - VSOMRIXF (VSOMRIXF) .(.Pas de propriétaire - Pas de description.) - LEGACY_VSOMRIXF ---\\ Observateur d'évènement d'application (OEA) (O66) O66 - EventLog: ID=1 (JavaQuickStarterService) - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf: No such file or directory\n"}; (.not file.) ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Pas de propriétaire - Pas de description.) -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKLM\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Pas de propriétaire - Pas de description.) -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O68 - StartMenuInternet: <MSN Explorer> <>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\MSN6.exe ---\\ Search Browser Infection (SBI) (O69) ---\\ Recherche d'infection Master Boot Record (O80) Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net Run by Pascal Admin at 29/04/2010 14:36:06 device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x82F374C0]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\atapi -> 0x82f374c0 IoDeviceObjectType -> ParseProcedure -> 0x822b11b0 \Device\Harddisk0\DR0 -> ParseProcedure -> 0x822b11b0 Warning: possible MBR rootkit infection ! user & kernel MBR OK Use "Recovery Console" command "fixmbr" to clear infection ! Use "ZHPFix" command "MBRFix" to clear infection ! End of the scan (1436 lines in 02mn 43s)
- le 29 avril 2010
- 85 réponses
Infections détectée par ZHPDIAG

pldta a répondu à un(e) sujet de pldta dans Analyses et éradication malwares

Que dois-je finalement faire? En tout cas merci à Pear de s'occuper de nos pauvres machines aussi tard le soir.
- le 29 avril 2010
- 85 réponses
Infections détectée par ZHPDIAG

pldta a répondu à un(e) sujet de pldta dans Analyses et éradication malwares

La log combofix contient en effet toujours le même message : Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x82DDFE80]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0xf86daf28 \Driver\ACPI -> ACPI.sys @ 0xf8606cb8 \Driver\atapi -> 0x82ddfe80 IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0615 ParseProcedure -> 0x82f271b0 \Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0615 ParseProcedure -> 0x82f271b0 Warning: possible MBR rootkit infection ! user & kernel MBR OK
- le 29 avril 2010
- 85 réponses
Infections détectée par ZHPDIAG

pldta a répondu à un(e) sujet de pldta dans Analyses et éradication malwares

Je pense que combofix a du marcher avec le script. Voici le résultat. le plus simple ne serait-il pas de faire un formatage ? Je vous faire perdre beaucoup de temps. D'un autre côté c'est une énigme à résoudre. ComboFix 10-04-27.02 - Pascal Admin 28/04/2010 20:44:01.3.1 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.511.130 [GMT 2:00] Lancé depuis: c:\documents and settings\Pascal Admin\Bureau\bitruc.exe Commutateurs utilisés :: c:\documents and settings\Pascal Admin\Bureau\CFScript.txt AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} FW: Sunbelt Kerio Personal Firewall *disabled* {E659E0EE-10E6-49B7-8696-60F38D0EB174} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . --------------- FCopy --------------- c:\windows\$NtServicePackUninstall$\atapi.sys --> c:\windows\system32\drivers\atapi.sys . ((((((((((((((((((((((((((((( Fichiers créés du 2010-03-28 au 2010-04-28 )))))))))))))))))))))))))))))))))))) . 2010-04-28 14:55 . 2010-04-28 15:03 -------- d-----w- c:\program files\SEAF 2010-04-28 08:09 . 2010-04-28 08:09 -------- d-----w- c:\documents and settings\Pascal Admin\Application Data\Foxit Software 2010-04-27 10:03 . 2010-04-27 11:25 -------- d-----w- C:\Ad-Remover 2010-04-26 17:31 . 2010-04-27 08:12 -------- d-----w- C:\ToolBar SD 2010-04-04 09:37 . 2010-04-04 09:37 46 ----a-w- c:\windows\system32\DonationCoder_urlsnooper_InstallInfo.dat 2010-04-04 09:37 . 2010-04-04 09:37 -------- d-----w- c:\documents and settings\Pascal Admin\Application Data\DonationCoder 2010-04-04 09:36 . 2010-04-04 09:36 -------- d-----w- c:\program files\WinPcap 2010-04-04 09:35 . 2010-04-21 05:48 -------- d-----w- c:\program files\URLSnooper2 2010-04-04 09:35 . 2010-04-04 09:35 -------- d-----w- c:\documents and settings\All Users\Application Data\DonationCoder 2010-04-04 09:21 . 2010-04-04 09:21 -------- d-----w- c:\program files\Xi . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-04-28 07:59 . 2008-05-24 19:58 -------- d-----w- c:\program files\ZebHelpProcess 2 2010-04-28 07:56 . 2009-11-29 17:46 -------- d-----w- c:\program files\ZHPDiag 2010-04-27 08:03 . 2005-11-06 11:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-04-27 06:59 . 2006-08-08 20:23 1735460 ----a-w- c:\windows\system32\drivers\fwdrv.err 2010-04-26 17:46 . 2008-01-19 10:01 -------- d-----w- c:\documents and settings\Pascal Admin\Application Data\uTorrent 2010-04-26 10:21 . 2008-12-26 17:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-04-26 10:14 . 2009-01-10 19:45 5918776 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2010-04-26 08:40 . 2007-10-20 09:05 -------- d-----w- c:\program files\CCleaner 2010-04-25 00:29 . 2010-04-25 00:29 664 ----a-w- c:\documents and settings\Dominique\Local Settings\Application Data\d3d9caps.tmp 2010-04-17 11:50 . 2008-12-19 12:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-04-09 10:05 . 2004-11-04 18:05 -------- d-----w- c:\program files\Fichiers communs\Adobe 2010-04-07 05:43 . 2006-04-15 10:06 -------- d-----w- c:\program files\Radio Fr Solo 2010-04-05 10:24 . 2008-11-24 19:11 -------- d-----w- c:\documents and settings\Pascal Admin\Application Data\Vso 2010-04-04 14:41 . 2008-11-30 21:38 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-04-03 17:29 . 2010-04-03 17:29 503808 ----a-w- c:\documents and settings\Dominique\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6f6d9473-n\msvcp71.dll 2010-04-03 17:29 . 2010-04-03 17:29 499712 ----a-w- c:\documents and settings\Dominique\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6f6d9473-n\jmc.dll 2010-04-03 17:29 . 2010-04-03 17:29 12800 ----a-w- c:\documents and settings\Dominique\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-2524fe97-n\decora-d3d.dll 2010-04-03 17:29 . 2010-04-03 17:29 348160 ----a-w- c:\documents and settings\Dominique\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6f6d9473-n\msvcr71.dll 2010-04-03 17:29 . 2010-04-03 17:29 61440 ----a-w- c:\documents and settings\Dominique\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-2524fe97-n\decora-sse.dll 2010-04-03 10:07 . 2005-10-07 15:49 -------- d-----w- c:\program files\Fichiers communs\Java 2010-04-03 10:07 . 2010-04-03 10:07 503808 ----a-w- c:\documents and settings\Pascal Admin\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5ae4574e-n\msvcp71.dll 2010-04-03 10:07 . 2010-04-03 10:07 61440 ----a-w- c:\documents and settings\Pascal Admin\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-65ae946b-n\decora-sse.dll 2010-04-03 10:07 . 2010-04-03 10:07 499712 ----a-w- c:\documents and settings\Pascal Admin\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5ae4574e-n\jmc.dll 2010-04-03 10:07 . 2010-04-03 10:07 348160 ----a-w- c:\documents and settings\Pascal Admin\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5ae4574e-n\msvcr71.dll 2010-04-03 10:07 . 2010-04-03 10:07 12800 ----a-w- c:\documents and settings\Pascal Admin\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-65ae946b-n\decora-d3d.dll 2010-04-03 10:06 . 2009-12-20 14:11 -------- d-----w- c:\program files\Java 2010-04-03 10:05 . 2001-08-28 12:00 615420 ----a-w- c:\windows\system32\perfh00C.dat 2010-04-03 10:05 . 2001-08-28 12:00 123638 ----a-w- c:\windows\system32\perfc00C.dat 2010-03-29 22:46 . 2008-12-26 17:58 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-03-29 22:45 . 2008-12-26 17:58 20824 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-03-28 12:37 . 2010-03-06 16:20 -------- d-----w- c:\program files\USB-set 2010-03-27 12:32 . 2008-03-16 14:51 -------- d-----w- c:\documents and settings\Dominique\Application Data\Smart Panel 2010-03-26 11:17 . 2004-10-10 15:53 -------- d-----w- c:\program files\eMule 2010-03-24 13:09 . 2005-02-14 21:38 117824 ----a-w- c:\documents and settings\Olivier\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-03-24 13:05 . 2010-03-24 13:05 130 ----a-w- c:\documents and settings\Olivier\Local Settings\Application Data\fusioncache.dat 2010-03-20 13:00 . 2008-05-24 11:41 -------- d-----w- c:\documents and settings\All Users\Application Data\BSD 2010-03-13 17:28 . 2010-03-13 17:28 2734 ----a-r- c:\documents and settings\Pascal Admin\Application Data\Microsoft\Installer\{C9CE8735-F02F-4DE4-B979-04D30DFFE7C3}\_2cd672ae.exe 2010-03-13 17:28 . 2010-03-13 17:28 2734 ----a-r- c:\documents and settings\Pascal Admin\Application Data\Microsoft\Installer\{C9CE8735-F02F-4DE4-B979-04D30DFFE7C3}\_294823.exe 2010-03-13 17:28 . 2010-03-13 17:28 2734 ----a-r- c:\documents and settings\Pascal Admin\Application Data\Microsoft\Installer\{C9CE8735-F02F-4DE4-B979-04D30DFFE7C3}\_18be6784.exe 2010-03-13 17:28 . 2010-03-13 17:28 12390 ----a-r- c:\documents and settings\Pascal Admin\Application Data\Microsoft\Installer\{C9CE8735-F02F-4DE4-B979-04D30DFFE7C3}\_4ae13d6c.exe 2010-03-13 17:28 . 2010-03-13 17:28 -------- d-----w- c:\program files\Ujihara 2010-03-10 06:16 . 2002-08-29 09:45 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-03-09 02:28 . 2008-11-10 11:25 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-03-07 19:00 . 2005-05-15 08:35 -------- d-----w- c:\documents and settings\Pascal Admin\Application Data\ArcSoft 2010-02-25 06:17 . 2002-08-29 09:45 916480 ----a-w- c:\windows\system32\wininet.dll 2010-02-24 13:11 . 2005-02-12 12:06 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-02-24 08:16 . 2009-10-23 08:40 181632 ------w- c:\windows\system32\MpSigStub.exe 2010-02-19 23:47 . 2010-02-19 23:47 3604480 ----a-w- c:\windows\system32\GPhotos.scr 2010-02-17 12:07 . 2002-08-29 09:42 2192000 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-02-16 19:07 . 2002-08-29 11:42 2068864 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-02-12 04:34 . 2002-08-29 09:44 100864 ----a-w- c:\windows\system32\6to4svc.dll 2010-02-11 12:02 . 2002-08-28 23:37 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys 1999-12-02 12:54 . 2007-10-27 08:36 91648 ------w- c:\program files\xcacls.exe 2008-09-10 11:49 . 2008-09-10 11:49 5817064 ----a-w- c:\program files\mozilla firefox\plugins\ScorchPDFWrapper.dll 2005-05-30 19:37 . 2005-05-30 19:37 8192 --sha-w- c:\windows\o2cLicStore.bin 2005-05-05 15:01 . 2005-05-05 15:01 8 --sh--r- c:\windows\system32\0AA48D50C7.sys 2006-07-11 06:15 . 2006-07-11 06:15 5 --sha-w- c:\windows\system32\aebdd_s.dll 2008-04-14 02:33 . 2001-08-28 12:00 65024 --sha-w- c:\windows\system32\asycfilt.dll 2005-05-05 15:15 . 2005-05-05 15:01 1056 --sha-w- c:\windows\system32\KGyGaAvL.sys 2001-08-28 12:00 . 2001-08-28 12:00 57344 --sha-w- c:\windows\system32\mfc42loc.dll 2001-08-28 12:00 . 2001-08-28 12:00 253952 --sha-w- c:\windows\system32\msvcrt20.dll 2008-04-14 02:33 . 2002-08-29 09:44 551936 --sha-w- c:\windows\system32\oleaut32.dll 2008-04-14 02:33 . 2001-08-28 12:00 84992 --sha-w- c:\windows\system32\olepro32.dll 2008-04-14 02:33 . 2001-08-28 12:00 30749 --sha-w- c:\windows\system32\vbajet32.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{200B4767-4E46-4A4F-B2A0-D23A0E30B592}"= "c:\program files\PixVue\bin\PixVue.dll" [2005-10-02 2420736] [HKEY_CLASSES_ROOT\clsid\{200b4767-4e46-4a4f-b2a0-d23a0e30b592}] [HKEY_CLASSES_ROOT\PixVue.ExplorerBar.1] [HKEY_CLASSES_ROOT\TypeLib\{066EFA48-AC3A-4B5A-BDCE-434BA4C203C3}] [HKEY_CLASSES_ROOT\PixVue.ExplorerBar] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PixVue EXIF] @="{3E57A8B6-849B-476E-A3E9-CFCE49E3662A}" [HKEY_CLASSES_ROOT\CLSID\{3E57A8B6-849B-476E-A3E9-CFCE49E3662A}] 2005-10-02 21:13 2420736 ----a-w- c:\program files\PixVue\bin\PixVue.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PixVue EXIF & IPTC] @="{E3F36090-0540-418f-8136-074D5B255B59}" [HKEY_CLASSES_ROOT\CLSID\{E3F36090-0540-418f-8136-074D5B255B59}] 2005-10-02 21:13 2420736 ----a-w- c:\program files\PixVue\bin\PixVue.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PixVue EXIF & XMP] @="{E1C1BE26-35A8-4999-A3A6-235CB7BD558B}" [HKEY_CLASSES_ROOT\CLSID\{E1C1BE26-35A8-4999-A3A6-235CB7BD558B}] 2005-10-02 21:13 2420736 ----a-w- c:\program files\PixVue\bin\PixVue.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PixVue EXIF & XMP & IPTC] @="{2E9BD3CA-A57F-450b-B1BA-A6A58C0C1D51}" [HKEY_CLASSES_ROOT\CLSID\{2E9BD3CA-A57F-450b-B1BA-A6A58C0C1D51}] 2005-10-02 21:13 2420736 ----a-w- c:\program files\PixVue\bin\PixVue.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PixVue IPTC] @="{BCA5FB3A-9FC1-4465-ACE3-8C2072449164}" [HKEY_CLASSES_ROOT\CLSID\{BCA5FB3A-9FC1-4465-ACE3-8C2072449164}] 2005-10-02 21:13 2420736 ----a-w- c:\program files\PixVue\bin\PixVue.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PixVue XMP] @="{F0C13C81-FB8D-464e-873F-F8FF999E3EEC}" [HKEY_CLASSES_ROOT\CLSID\{F0C13C81-FB8D-464e-873F-F8FF999E3EEC}] 2005-10-02 21:13 2420736 ----a-w- c:\program files\PixVue\bin\PixVue.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PixVue XMP & IPTC] @="{0117FFFB-91FD-414E-AC34-A00531032006}" [HKEY_CLASSES_ROOT\CLSID\{0117FFFB-91FD-414E-AC34-A00531032006}] 2005-10-02 21:13 2420736 ----a-w- c:\program files\PixVue\bin\PixVue.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "PSDrvCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-08-28 396800] "CloneCDElbyCDFL"="c:\program files\SlySoft\CloneCD\ElbyCheck.exe" [2002-11-02 45056] "LogitechCommunicationsManager"="c:\program files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-02-07 488984] "LVCOMSX"="c:\program files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" [2007-02-06 252704] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Pascal Admin\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-9-9 110592] HotSync Manager.lnk - c:\palm\HOTSYNC.EXE [2004-4-13 299008] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Nikon Monitor.lnk - c:\program files\Fichiers communs\Nikon\Monitor\NkMonitor.exe [2008-8-7 479232] WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2007-1-14 122880] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2007-04-19 10:41 294912 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PixVue] 2005-09-22 22:07 45056 ----a-w- c:\program files\PixVue\bin\WinLogon.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.e\0SsiEfr.e [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^Pascal Admin^Menu Démarrer^Programmes^Démarrage^Outil de notification Live Search.lnk] backup=c:\windows\pss\Outil de notification Live Search.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools] 2006-11-12 10:48 157592 ----a-w- c:\program files\DAEMON Tools\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon] 2007-02-07 23:13 774168 ----a-w- c:\program files\Logitech\QuickCam10\QuickCam10.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\dpnsvr.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R0 axwhisky;axwhisky;c:\windows\system32\drivers\axwhisky.sys [02/07/2003 18:41 5248] R0 axwskbus;axwskbus;c:\windows\system32\drivers\axwskbus.sys [02/07/2003 17:49 124160] R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [05/10/2005 16:34 155136] R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [05/10/2005 16:34 5248] R0 ElbyVCD;ElbyVCD;c:\windows\system32\drivers\ElbyVCD.sys [28/11/2002 12:43 22016] R0 iteraid;ITERAID_Service_Install;c:\windows\system32\drivers\iteraid.sys [04/11/2004 11:55 23003] R0 PrecSim;PrecSim;c:\windows\system32\drivers\precsim.sys [22/05/2002 01:00 69600] R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [18/07/2006 12:02 284184] R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [18/07/2006 12:02 91672] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [29/02/2008 16:03 8944] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [29/02/2008 16:03 51440] R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [03/10/2009 12:04 108289] R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [20/10/2009 20:19 50704] R2 PixVue;PixVue;c:\program files\PixVue\bin\Daemon.exe [02/10/2005 23:13 151552] R2 SVKP;SVKP;c:\windows\system32\SVKP.sys [27/04/2007 15:19 2368] R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [05/10/2006 23:11 13592] R3 chdrvr01;CH Control Manager Driver 1;c:\windows\system32\drivers\chdrvr01.sys [06/01/2008 18:37 215104] R3 chdrvr02;CH Control Manager Driver 2;c:\windows\system32\drivers\chdrvr02.sys [06/01/2008 18:37 3744] R3 chdrvr03;CH Control Manager Driver 3;c:\windows\system32\drivers\chdrvr03.sys [06/01/2008 18:37 9024] R3 emu10kx;Creative EMU10K1/EMU10K2 Audio Driver (WDM);c:\windows\system32\drivers\e10kx2k.sys [01/04/2006 14:19 1757928] S2 freenet-darknet;Freenet 0.7 darknet; [x] S3 MODRC;DiBcom Infrared Receiver;c:\windows\system32\drivers\modrc.sys [28/04/2008 18:54 13824] S3 PctvVirtualNdis;Pinnacle Virtual Miniport;c:\windows\system32\drivers\PctvVirtualNdis.sys [28/04/2008 19:14 13696] S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16/02/2006 16:51 4096] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10/03/2007 16:30 717296] . Contenu du dossier 'Tâches planifiées' 2010-04-28 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-10-05 21:11] . . ------- Examen supplémentaire ------- . mWindow Title = uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Télécharger avec NetTransport - c:\program files\Xi\NetTransport 2\NTAddLink.html IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Tout t&élécharger avec NetTransport - c:\program files\Xi\NetTransport 2\NTAddList.html Trusted Zone: ahnlab.com\global Trusted Zone: cltnet.de\www Trusted Zone: gdfsuez.com\webmailfr TCP: {9548D205-C2A3-4969-BEF2-92CBB72FF227} = 192.168.0.1 DPF: DirectAnimation Java Classes DPF: Microsoft XML Parser for Java DPF: teleir_cert - hxxps://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab DPF: {0D9392CD-A784-4FCA-9342-0F75F7D7C8CB} - hxxp://www.cltnet.de/login/dplaunch.cab DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} - hxxps://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-2.0.cab FF - ProfilePath - c:\documents and settings\Pascal Admin\Application Data\Mozilla\Firefox\Profiles\ksf78zvj.default\ FF - prefs.js: browser.search.selectedEngine - Live Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q= FF - component: c:\documents and settings\Pascal Admin\Application Data\Mozilla\Firefox\Profiles\ksf78zvj.default\extensions\isadmin@vdtsoftware.ffext\components\isadmin.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npdjvu.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll ---- PARAMETRES FIREFOX ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr ef", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-04-28 21:05 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x82DDFE80]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0xf86daf28 \Driver\ACPI -> ACPI.sys @ 0xf8606cb8 \Driver\atapi -> 0x82ddfe80 IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0615 ParseProcedure -> 0x82f271b0 \Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0615 ParseProcedure -> 0x82f271b0 Warning: possible MBR rootkit infection ! user & kernel MBR OK ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-1935655697-1993962763-1343024091-1003\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(708) c:\program files\SUPERAntiSpyware\SASWINLO.dll c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(7560) c:\program files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll c:\program files\PixVue\bin\PixVueFRA.dll c:\windows\system32\webcheck.dll c:\windows\system32\eappprxy.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe c:\program files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe c:\program files\Sandboxie\SbieSvc.exe c:\windows\System32\MsPMSPSv.exe c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe c:\windows\System32\wbem\wmiapsrv.exe c:\windows\system32\Ati2evxx.exe c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe . ************************************************************************** . Heure de fin: 2010-04-28 21:18:56 - La machine a redémarré ComboFix-quarantined-files.txt 2010-04-28 19:18 ComboFix2.txt 2010-04-28 12:08 ComboFix3.txt 2010-04-27 19:24 Avant-CF: 15 656 296 448 octets libres Après-CF: 15 612 317 696 octets libres Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - ACD4AC59F6DA1D68A5CF41CC16F9EB84
- le 28 avril 2010
- 85 réponses
Infections détectée par ZHPDIAG

pldta a répondu à un(e) sujet de pldta dans Analyses et éradication malwares

Je ne suis pas sûr de bien comprendre la manip : on ouvre d'abord combofix , la fenêtre bleue s'ouvre et puis on fait le glisser déposer? Mais il me semble qu'il ouvre une autre session de combofix
- le 28 avril 2010
- 85 réponses
Infections détectée par ZHPDIAG

pldta a répondu à un(e) sujet de pldta dans Analyses et éradication malwares

Voici le 1er rapport ; 1. ========================= SEAF 1.0.0.7 - C_XX 2. 3. Commencé à: 16:57:11 le 28/04/2010 4. 5. Valeur(s) recherchée(s): 6. 7. atapi.sys 8. 9. (!) --- Affichage des ADS 10. (!) --- Informations supplémentaires 11. 12. ====== Fichier(s) (TC: Date de création, TM: Date de modification, DA, Dernier accès) ====== 13. 14. "c:\WINDOWS\system32\drivers\atapi.sys" [ ----A---- | 96512 ] 15. TC: 29/08/2002,01:27:50 | TM: 13/04/2008,20:40:30 | DA: 28/04/2010,16:48:02 16. 17. CompagnyName: Microsoft Corporation 18. ProductName: Microsoft® Windows® Operating System 19. InternalName: atapi.sys 20. OriginalFilename: atapi.sys 21. LegalCopyright: © Microsoft Corporation. All rights reserved. 22. ProductVersion: 5.1.2600.5512 23. FileVersion: 5.1.2600.5512 (xpsp.080413-2108) 24. 25. ========================= 26. 27. "c:\WINDOWS\ServicePackFiles\i386\atapi.sys" [ ----A---- | 96512 ] 28. TC: 10/10/2004,12:04:12 | TM: 13/04/2008,20:40:30 | DA: 27/04/2010,17:48:17 29. 30. CompagnyName: Microsoft Corporation 31. ProductName: Microsoft® Windows® Operating System 32. InternalName: atapi.sys 33. OriginalFilename: atapi.sys 34. LegalCopyright: © Microsoft Corporation. All rights reserved. 35. ProductVersion: 5.1.2600.5512 36. FileVersion: 5.1.2600.5512 (xpsp.080413-2108) 37. 38. ========================= 39. 40. "c:\WINDOWS\ERDNT\cache\atapi.sys" [ ----A---- | 96512 ] 41. TC: 27/04/2010,21:20:38 | TM: 13/04/2008,20:40:30 | DA: 28/04/2010,14:03:32 42. 43. CompagnyName: Microsoft Corporation 44. ProductName: Microsoft® Windows® Operating System 45. InternalName: atapi.sys 46. OriginalFilename: atapi.sys 47. LegalCopyright: © Microsoft Corporation. All rights reserved. 48. ProductVersion: 5.1.2600.5512 49. FileVersion: 5.1.2600.5512 (xpsp.080413-2108) 50. 51. ========================= 52. 53. "c:\WINDOWS\$NtServicePackUninstall$\atapi.sys" [ ----C---- | 95360 ] 54. TC: 07/10/2008,20:50:06 | TM: 03/08/2004,22:59:44 | DA: 27/04/2010,18:03:27 55. 56. CompagnyName: Microsoft Corporation 57. ProductName: Microsoft® Windows® Operating System 58. InternalName: atapi.sys 59. OriginalFilename: atapi.sys 60. LegalCopyright: © Microsoft Corporation. All rights reserved. 61. ProductVersion: 5.1.2600.2180 62. FileVersion: 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) 63. /!\ ADS: KAVICHS , 68 Byte(s) 64. 65. ========================= 66. 67. ====== Dossier(s) (TC: Date de création, TM: Date de modification, DA, Dernier accès) ====== 68. 69. Aucun dossier trouvé 70. 71. ========================= 72. 73. Fin à: 17:03:55 le 28/04/2010 ( E.O.F ) Test des fichiers sur virustotal sur les 4 fichiers mais rien de concluant Fichier 0AA48D50C7.sys reçu le 2010.04.28 15:26:29 (UTC) Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.50 2010.04.28 - AhnLab-V3 5.0.0.2 2010.04.28 - AntiVir 8.2.1.224 2010.04.28 - Antiy-AVL 2.0.3.7 2010.04.28 - Authentium 5.2.0.5 2010.04.28 - Avast 4.8.1351.0 2010.04.28 - Avast5 5.0.332.0 2010.04.28 - AVG 9.0.0.787 2010.04.28 - BitDefender 7.2 2010.04.28 - CAT-QuickHeal 10.00 2010.04.28 - ClamAV 0.96.0.3-git 2010.04.28 - Comodo 4699 2010.04.28 - DrWeb 5.0.2.03300 2010.04.28 - eSafe 7.0.17.0 2010.04.28 - eTrust-Vet 35.2.7455 2010.04.28 - F-Prot 4.5.1.85 2010.04.28 - F-Secure 9.0.15370.0 2010.04.28 - Fortinet 4.0.14.0 2010.04.27 - GData 21 2010.04.28 - Ikarus T3.1.1.80.0 2010.04.28 - Jiangmin 13.0.900 2010.04.28 - Kaspersky 7.0.0.125 2010.04.28 - McAfee 5.400.0.1158 2010.04.28 - McAfee-GW-Edition 6.8.5 2010.04.28 - Microsoft 1.5703 2010.04.28 - NOD32 5068 2010.04.28 - Norman 6.04.11 2010.04.28 - nProtect 2010-04-28.02 2010.04.28 - Panda 10.0.2.7 2010.04.27 - PCTools 7.0.3.5 2010.04.28 - Prevx 3.0 2010.04.28 - Rising 22.45.02.04 2010.04.28 - Sophos 4.53.0 2010.04.28 - Sunbelt 6231 2010.04.28 - Symantec 20091.2.0.41 2010.04.28 - TheHacker 6.5.2.0.272 2010.04.28 - TrendMicro 9.120.0.1004 2010.04.28 - TrendMicro-HouseCall 9.120.0.1004 2010.04.28 - VBA32 3.12.12.4 2010.04.28 - ViRobot 2010.4.27.2295 2010.04.27 - VirusBuster 5.0.27.0 2010.04.28 - Information additionnelle File size: 8 bytes MD5...: ba898b29f0dbf9307f494475a8393f03 SHA1..: 697fd89eba4c1d12a53190666508b9aa503bf7e9 SHA256: 6ffc24fbaa02a3dac892b71b2406b0f4756556bb38bee2b454e03814898e0083 ssdeep: 3:/ln:t PEiD..: - PEInfo: - RDS...: NSRL Reference Data Set - pdfid.: - trid..: MS Flight Simulator Aircraft Performance Info (100.0%) sigcheck: publisher....: n/a copyright....: n/a product......: n/a description..: n/a original name: n/a internal name: n/a file version.: n/a comments.....: n/a signers......: - signing date.: - verified.....: Unsigned Fichier aebdd_s.dll reçu le 2010.04.28 15:34:04 (UTC) Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.50 2010.04.28 - AhnLab-V3 5.0.0.2 2010.04.28 - AntiVir 8.2.1.224 2010.04.28 - Antiy-AVL 2.0.3.7 2010.04.28 - Authentium 5.2.0.5 2010.04.28 - Avast 4.8.1351.0 2010.04.28 - Avast5 5.0.332.0 2010.04.28 - AVG 9.0.0.787 2010.04.28 - BitDefender 7.2 2010.04.28 - CAT-QuickHeal 10.00 2010.04.28 - ClamAV 0.96.0.3-git 2010.04.28 - Comodo 4699 2010.04.28 - DrWeb 5.0.2.03300 2010.04.28 - eSafe 7.0.17.0 2010.04.28 - eTrust-Vet 35.2.7455 2010.04.28 - F-Prot 4.5.1.85 2010.04.28 - F-Secure 9.0.15370.0 2010.04.28 - Fortinet 4.0.14.0 2010.04.27 - GData 21 2010.04.28 - Ikarus T3.1.1.80.0 2010.04.28 - Jiangmin 13.0.900 2010.04.28 - Kaspersky 7.0.0.125 2010.04.28 - McAfee 5.400.0.1158 2010.04.28 - McAfee-GW-Edition 6.8.5 2010.04.28 - Microsoft 1.5703 2010.04.28 - NOD32 5068 2010.04.28 - Norman 6.04.11 2010.04.28 - nProtect 2010-04-28.02 2010.04.28 - Panda 10.0.2.7 2010.04.27 - PCTools 7.0.3.5 2010.04.28 - Prevx 3.0 2010.04.28 - Rising 22.45.02.04 2010.04.28 - Sophos 4.53.0 2010.04.28 - Sunbelt 6231 2010.04.28 - Symantec 20091.2.0.41 2010.04.28 - TheHacker 6.5.2.0.272 2010.04.28 - TrendMicro 9.120.0.1004 2010.04.28 - TrendMicro-HouseCall 9.120.0.1004 2010.04.28 - VBA32 3.12.12.4 2010.04.28 - ViRobot 2010.4.27.2295 2010.04.27 - VirusBuster 5.0.27.0 2010.04.28 - Information additionnelle File size: 5 bytes MD5...: 661d7c5b0b7537ce03fdf61e5039ab1d SHA1..: 044711e4fe508d32c0ba0240572b353679df1718 SHA256: 4c9179dfe6410ce167914cc1524847a1795a33f5ae27366b49025c76db58cdc2 ssdeep: 3:FP:9 PEiD..: - PEInfo: - RDS...: NSRL Reference Data Set - pdfid.: - trid..: Unknown! sigcheck: publisher....: n/a copyright....: n/a product......: n/a description..: n/a original name: n/a internal name: n/a file version.: n/a comments.....: n/a signers......: - signing date.: - verified.....: Unsigned Fichier 12520437.cpx reçu le 2010.04.28 15:38:54 (UTC) Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.50 2010.04.28 - AhnLab-V3 5.0.0.2 2010.04.28 - AntiVir 8.2.1.224 2010.04.28 - Antiy-AVL 2.0.3.7 2010.04.28 - Authentium 5.2.0.5 2010.04.28 - Avast 4.8.1351.0 2010.04.28 - Avast5 5.0.332.0 2010.04.28 - AVG 9.0.0.787 2010.04.28 - BitDefender 7.2 2010.04.28 - CAT-QuickHeal 10.00 2010.04.28 - ClamAV 0.96.0.3-git 2010.04.28 - Comodo 4699 2010.04.28 - DrWeb 5.0.2.03300 2010.04.28 - eSafe 7.0.17.0 2010.04.28 - eTrust-Vet 35.2.7455 2010.04.28 - F-Prot 4.5.1.85 2010.04.28 - F-Secure 9.0.15370.0 2010.04.28 - Fortinet 4.0.14.0 2010.04.27 - GData 21 2010.04.28 - Ikarus T3.1.1.80.0 2010.04.28 - Jiangmin 13.0.900 2010.04.28 - Kaspersky 7.0.0.125 2010.04.28 - McAfee 5.400.0.1158 2010.04.28 - McAfee-GW-Edition 6.8.5 2010.04.28 - Microsoft 1.5703 2010.04.28 - NOD32 5068 2010.04.28 - Norman 6.04.11 2010.04.28 - nProtect 2010-04-28.02 2010.04.28 - Panda 10.0.2.7 2010.04.27 - PCTools 7.0.3.5 2010.04.28 - Prevx 3.0 2010.04.28 - Rising 22.45.02.04 2010.04.28 - Sophos 4.53.0 2010.04.28 - Sunbelt 6231 2010.04.28 - Symantec 20091.2.0.41 2010.04.28 - TheHacker 6.5.2.0.272 2010.04.28 - TrendMicro 9.120.0.1004 2010.04.28 - TrendMicro-HouseCall 9.120.0.1004 2010.04.28 - VBA32 3.12.12.4 2010.04.28 - ViRobot 2010.4.27.2295 2010.04.27 - VirusBuster 5.0.27.0 2010.04.28 - Information additionnelle File size: 2151 bytes MD5...: 0a0feb9eb28bde8cd835716343b03b14 SHA1..: a040d440ed71ad8f699ff6b92be0b55c4d56dcb6 SHA256: 81ea3cf30a5b6db6bdfa0c71e3ed952c48fd72249e28e11465c6eb4fba49a41c ssdeep: 48:bZd1SvyLEff4azUnfzC6qoWrKOEz5zGSrJRRREy:n4oOUfqodtnrhD PEiD..: - PEInfo: - RDS...: NSRL Reference Data Set - pdfid.: - trid..: Windows codepage translator (93.7%) Generic INI configuration (6.2%) sigcheck: publisher....: n/a copyright....: n/a product......: n/a description..: n/a original name: n/a internal name: n/a file version.: n/a comments.....: n/a signers......: Microsoft Windows 2000 Publisher Microsoft Windows Verification Intermediate PCA Microsoft Root Authority signing date.: 9:05 PM 7/27/2000 verified.....: - Fichier 12520850.cpx reçu le 2010.04.28 15:40:41 (UTC) Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.50 2010.04.28 - AhnLab-V3 5.0.0.2 2010.04.28 - AntiVir 8.2.1.224 2010.04.28 - Antiy-AVL 2.0.3.7 2010.04.28 - Authentium 5.2.0.5 2010.04.28 - Avast 4.8.1351.0 2010.04.28 - Avast5 5.0.332.0 2010.04.28 - AVG 9.0.0.787 2010.04.28 - BitDefender 7.2 2010.04.28 - CAT-QuickHeal 10.00 2010.04.28 - ClamAV 0.96.0.3-git 2010.04.28 - Comodo 4699 2010.04.28 - DrWeb 5.0.2.03300 2010.04.28 - eSafe 7.0.17.0 2010.04.28 - eTrust-Vet 35.2.7455 2010.04.28 - F-Prot 4.5.1.85 2010.04.28 - F-Secure 9.0.15370.0 2010.04.28 - Fortinet 4.0.14.0 2010.04.27 - GData 21 2010.04.28 - Ikarus T3.1.1.80.0 2010.04.28 - Jiangmin 13.0.900 2010.04.28 - Kaspersky 7.0.0.125 2010.04.28 - McAfee 5.400.0.1158 2010.04.28 - McAfee-GW-Edition 6.8.5 2010.04.28 - Microsoft 1.5703 2010.04.28 - NOD32 5068 2010.04.28 - Norman 6.04.11 2010.04.28 - nProtect 2010-04-28.02 2010.04.28 - Panda 10.0.2.7 2010.04.27 - PCTools 7.0.3.5 2010.04.28 - Prevx 3.0 2010.04.28 - Rising 22.45.02.04 2010.04.28 - Sophos 4.53.0 2010.04.28 - Sunbelt 6231 2010.04.28 - Symantec 20091.2.0.41 2010.04.28 - TheHacker 6.5.2.0.272 2010.04.28 - TrendMicro 9.120.0.1004 2010.04.28 - TrendMicro-HouseCall 9.120.0.1004 2010.04.28 - VBA32 3.12.12.4 2010.04.28 - ViRobot 2010.4.27.2295 2010.04.27 - VirusBuster 5.0.27.0 2010.04.28 - Information additionnelle File size: 2233 bytes MD5...: d69ae057cd82d04ee7d311809abefb2a SHA1..: 065039ade1bcee6ba54c0d9c6527a03343098c94 SHA256: df45b91d9bdd852f49cf043cbd2408c8e139643b413071ff2fa87bfb45940216 ssdeep: 48:uZR1KndyXLMLz2nQ46qoOr2+8akAeVinWRBRw:hnAQX2iqo3JAWL6 PEiD..: - PEInfo: - RDS...: NSRL Reference Data Set - pdfid.: - trid..: Windows codepage translator (93.7%) Generic INI configuration (6.2%) sigcheck: publisher....: n/a copyright....: n/a product......: n/a description..: n/a original name: n/a internal name: n/a file version.: n/a comments.....: n/a signers......: Microsoft Windows 2000 Publisher Microsoft Windows Verification Intermediate PCA Microsoft Root Authority signing date.: 9:05 PM 7/27/2000 verified.....: - 
- le 28 avril 2010
- 85 réponses
Infections détectée par ZHPDIAG

pldta a répondu à un(e) sujet de pldta dans Analyses et éradication malwares

Je ne comprends rien et commence à m'inquiéter (est-ce un problème ennuyeux ou peut-on vivre avec?): quand je lance MBR.exe je n'ai pas d'onglet rootkit ni de click sur scan j'ai très fugitivement une fenêtre noire sur le bureau puis directement le mbr.log sur le bureau et quand j'exécute "%userprofile%\Bureau\mbr" -f je n'ai pas la ligne "original MBR restored successfully !" dans la log qui n'est pas modifiée. De plus c'est la version 0.3.7: Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully kernel: MBR read successfully detected MBR rootkit hooks: \Driver\atapi -> 0x82f12ef0 IoDeviceObjectType -> ParseProcedure -> 0xff9d41b0 \Device\Harddisk0\DR0 -> ParseProcedure -> 0xff9d41b0 Warning: possible MBR rootkit infection ! user & kernel MBR OK Use "Recovery Console" command "fixmbr" to clear infection !
- le 28 avril 2010
- 85 réponses
Infections détectée par ZHPDIAG

pldta a répondu à un(e) sujet de pldta dans Analyses et éradication malwares

Suite du précédent : Dois-je en conclure que ma console de récupération est vérolée? Dois-je la supprimer et refaire tourner Combofix Quand je fais retourner Combofix il ne me propose plus de la charger; Voici la nouvelle log : ComboFix 10-04-27.02 - Pascal Admin 28/04/2010 13:43:28.2.1 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.511.125 [GMT 2:00] Lancé depuis: c:\documents and settings\Pascal Admin\Bureau\bitruc.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} FW: Sunbelt Kerio Personal Firewall *disabled* {E659E0EE-10E6-49B7-8696-60F38D0EB174} . ((((((((((((((((((((((((((((( Fichiers créés du 2010-03-28 au 2010-04-28 )))))))))))))))))))))))))))))))))))) . 2010-04-28 08:09 . 2010-04-28 08:09 -------- d-----w- c:\documents and settings\Pascal Admin\Application Data\Foxit Software 2010-04-27 10:03 . 2010-04-27 11:25 -------- d-----w- C:\Ad-Remover 2010-04-26 17:31 . 2010-04-27 08:12 -------- d-----w- C:\ToolBar SD 2010-04-04 09:37 . 2010-04-04 09:37 46 ----a-w- c:\windows\system32\DonationCoder_urlsnooper_InstallInfo.dat 2010-04-04 09:37 . 2010-04-04 09:37 -------- d-----w- c:\documents and settings\Pascal Admin\Application Data\DonationCoder 2010-04-04 09:36 . 2010-04-04 09:36 -------- d-----w- c:\program files\WinPcap 2010-04-04 09:35 . 2010-04-21 05:48 -------- d-----w- c:\program files\URLSnooper2 2010-04-04 09:35 . 2010-04-04 09:35 -------- d-----w- c:\documents and settings\All Users\Application Data\DonationCoder 2010-04-04 09:21 . 2010-04-04 09:21 -------- d-----w- c:\program files\Xi . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-04-28 07:59 . 2008-05-24 19:58 -------- d-----w- c:\program files\ZebHelpProcess 2 2010-04-28 07:56 . 2009-11-29 17:46 -------- d-----w- c:\program files\ZHPDiag 2010-04-27 08:03 . 2005-11-06 11:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-04-27 06:59 . 2006-08-08 20:23 1735460 ----a-w- c:\windows\system32\drivers\fwdrv.err 2010-04-26 17:46 . 2008-01-19 10:01 -------- d-----w- c:\documents and settings\Pascal Admin\Application Data\uTorrent 2010-04-26 10:21 . 2008-12-26 17:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-04-26 10:14 . 2009-01-10 19:45 5918776 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2010-04-26 08:40 . 2007-10-20 09:05 -------- d-----w- c:\program files\CCleaner 2010-04-25 00:29 . 2010-04-25 00:29 664 ----a-w- c:\documents and settings\Dominique\Local Settings\Application Data\d3d9caps.tmp 2010-04-17 11:50 . 2008-12-19 12:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-04-09 10:05 . 2004-11-04 18:05 -------- d-----w- c:\program files\Fichiers communs\Adobe 2010-04-07 05:43 . 2006-04-15 10:06 -------- d-----w- c:\program files\Radio Fr Solo 2010-04-05 10:24 . 2008-11-24 19:11 -------- d-----w- c:\documents and settings\Pascal Admin\Application Data\Vso 2010-04-04 14:41 . 2008-11-30 21:38 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-04-03 17:29 . 2010-04-03 17:29 503808 ----a-w- c:\documents and settings\Dominique\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6f6d9473-n\msvcp71.dll 2010-04-03 17:29 . 2010-04-03 17:29 499712 ----a-w- c:\documents and settings\Dominique\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6f6d9473-n\jmc.dll 2010-04-03 17:29 . 2010-04-03 17:29 12800 ----a-w- c:\documents and settings\Dominique\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-2524fe97-n\decora-d3d.dll 2010-04-03 17:29 . 2010-04-03 17:29 348160 ----a-w- c:\documents and settings\Dominique\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6f6d9473-n\msvcr71.dll 2010-04-03 17:29 . 2010-04-03 17:29 61440 ----a-w- c:\documents and settings\Dominique\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-2524fe97-n\decora-sse.dll 2010-04-03 10:07 . 2005-10-07 15:49 -------- d-----w- c:\program files\Fichiers communs\Java 2010-04-03 10:07 . 2010-04-03 10:07 503808 ----a-w- c:\documents and settings\Pascal Admin\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5ae4574e-n\msvcp71.dll 2010-04-03 10:07 . 2010-04-03 10:07 61440 ----a-w- c:\documents and settings\Pascal Admin\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-65ae946b-n\decora-sse.dll 2010-04-03 10:07 . 2010-04-03 10:07 499712 ----a-w- c:\documents and settings\Pascal Admin\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5ae4574e-n\jmc.dll 2010-04-03 10:07 . 2010-04-03 10:07 348160 ----a-w- c:\documents and settings\Pascal Admin\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5ae4574e-n\msvcr71.dll 2010-04-03 10:07 . 2010-04-03 10:07 12800 ----a-w- c:\documents and settings\Pascal Admin\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-65ae946b-n\decora-d3d.dll 2010-04-03 10:06 . 2009-12-20 14:11 -------- d-----w- c:\program files\Java 2010-04-03 10:05 . 2001-08-28 12:00 615420 ----a-w- c:\windows\system32\perfh00C.dat 2010-04-03 10:05 . 2001-08-28 12:00 123638 ----a-w- c:\windows\system32\perfc00C.dat 2010-03-29 22:46 . 2008-12-26 17:58 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-03-29 22:45 . 2008-12-26 17:58 20824 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-03-28 12:37 . 2010-03-06 16:20 -------- d-----w- c:\program files\USB-set 2010-03-27 12:32 . 2008-03-16 14:51 -------- d-----w- c:\documents and settings\Dominique\Application Data\Smart Panel 2010-03-26 11:17 . 2004-10-10 15:53 -------- d-----w- c:\program files\eMule 2010-03-24 13:09 . 2005-02-14 21:38 117824 ----a-w- c:\documents and settings\Olivier\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-03-24 13:05 . 2010-03-24 13:05 130 ----a-w- c:\documents and settings\Olivier\Local Settings\Application Data\fusioncache.dat 2010-03-20 13:00 . 2008-05-24 11:41 -------- d-----w- c:\documents and settings\All Users\Application Data\BSD 2010-03-13 17:28 . 2010-03-13 17:28 2734 ----a-r- c:\documents and settings\Pascal Admin\Application Data\Microsoft\Installer\{C9CE8735-F02F-4DE4-B979-04D30DFFE7C3}\_2cd672ae.exe 2010-03-13 17:28 . 2010-03-13 17:28 2734 ----a-r- c:\documents and settings\Pascal Admin\Application Data\Microsoft\Installer\{C9CE8735-F02F-4DE4-B979-04D30DFFE7C3}\_294823.exe 2010-03-13 17:28 . 2010-03-13 17:28 2734 ----a-r- c:\documents and settings\Pascal Admin\Application Data\Microsoft\Installer\{C9CE8735-F02F-4DE4-B979-04D30DFFE7C3}\_18be6784.exe 2010-03-13 17:28 . 2010-03-13 17:28 12390 ----a-r- c:\documents and settings\Pascal Admin\Application Data\Microsoft\Installer\{C9CE8735-F02F-4DE4-B979-04D30DFFE7C3}\_4ae13d6c.exe 2010-03-13 17:28 . 2010-03-13 17:28 -------- d-----w- c:\program files\Ujihara 2010-03-10 06:16 . 2002-08-29 09:45 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-03-09 02:28 . 2008-11-10 11:25 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-03-07 19:00 . 2005-05-15 08:35 -------- d-----w- c:\documents and settings\Pascal Admin\Application Data\ArcSoft 2010-02-25 06:17 . 2002-08-29 09:45 916480 ----a-w- c:\windows\system32\wininet.dll 2010-02-24 13:11 . 2005-02-12 12:06 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-02-24 08:16 . 2009-10-23 08:40 181632 ------w- c:\windows\system32\MpSigStub.exe 2010-02-19 23:47 . 2010-02-19 23:47 3604480 ----a-w- c:\windows\system32\GPhotos.scr 2010-02-17 12:07 . 2002-08-29 09:42 2192000 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-02-16 19:07 . 2002-08-29 11:42 2068864 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-02-12 04:34 . 2002-08-29 09:44 100864 ----a-w- c:\windows\system32\6to4svc.dll 2010-02-11 12:02 . 2002-08-28 23:37 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys 1999-12-02 12:54 . 2007-10-27 08:36 91648 ------w- c:\program files\xcacls.exe 2008-09-10 11:49 . 2008-09-10 11:49 5817064 ----a-w- c:\program files\mozilla firefox\plugins\ScorchPDFWrapper.dll 2005-05-30 19:37 . 2005-05-30 19:37 8192 --sha-w- c:\windows\o2cLicStore.bin 2005-05-05 15:01 . 2005-05-05 15:01 8 --sh--r- c:\windows\system32\0AA48D50C7.sys 2006-07-11 06:15 . 2006-07-11 06:15 5 --sha-w- c:\windows\system32\aebdd_s.dll 2008-04-14 02:33 . 2001-08-28 12:00 65024 --sha-w- c:\windows\system32\asycfilt.dll 2005-05-05 15:15 . 2005-05-05 15:01 1056 --sha-w- c:\windows\system32\KGyGaAvL.sys 2001-08-28 12:00 . 2001-08-28 12:00 57344 --sha-w- c:\windows\system32\mfc42loc.dll 2001-08-28 12:00 . 2001-08-28 12:00 253952 --sha-w- c:\windows\system32\msvcrt20.dll 2008-04-14 02:33 . 2002-08-29 09:44 551936 --sha-w- c:\windows\system32\oleaut32.dll 2008-04-14 02:33 . 2001-08-28 12:00 84992 --sha-w- c:\windows\system32\olepro32.dll 2008-04-14 02:33 . 2001-08-28 12:00 30749 --sha-w- c:\windows\system32\vbajet32.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{200B4767-4E46-4A4F-B2A0-D23A0E30B592}"= "c:\program files\PixVue\bin\PixVue.dll" [2005-10-02 2420736] [HKEY_CLASSES_ROOT\clsid\{200b4767-4e46-4a4f-b2a0-d23a0e30b592}] [HKEY_CLASSES_ROOT\PixVue.ExplorerBar.1] [HKEY_CLASSES_ROOT\TypeLib\{066EFA48-AC3A-4B5A-BDCE-434BA4C203C3}] [HKEY_CLASSES_ROOT\PixVue.ExplorerBar] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PixVue EXIF] @="{3E57A8B6-849B-476E-A3E9-CFCE49E3662A}" [HKEY_CLASSES_ROOT\CLSID\{3E57A8B6-849B-476E-A3E9-CFCE49E3662A}] 2005-10-02 21:13 2420736 ----a-w- c:\program files\PixVue\bin\PixVue.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PixVue EXIF & IPTC] @="{E3F36090-0540-418f-8136-074D5B255B59}" [HKEY_CLASSES_ROOT\CLSID\{E3F36090-0540-418f-8136-074D5B255B59}] 2005-10-02 21:13 2420736 ----a-w- c:\program files\PixVue\bin\PixVue.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PixVue EXIF & XMP] @="{E1C1BE26-35A8-4999-A3A6-235CB7BD558B}" [HKEY_CLASSES_ROOT\CLSID\{E1C1BE26-35A8-4999-A3A6-235CB7BD558B}] 2005-10-02 21:13 2420736 ----a-w- c:\program files\PixVue\bin\PixVue.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PixVue EXIF & XMP & IPTC] @="{2E9BD3CA-A57F-450b-B1BA-A6A58C0C1D51}" [HKEY_CLASSES_ROOT\CLSID\{2E9BD3CA-A57F-450b-B1BA-A6A58C0C1D51}] 2005-10-02 21:13 2420736 ----a-w- c:\program files\PixVue\bin\PixVue.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PixVue IPTC] @="{BCA5FB3A-9FC1-4465-ACE3-8C2072449164}" [HKEY_CLASSES_ROOT\CLSID\{BCA5FB3A-9FC1-4465-ACE3-8C2072449164}] 2005-10-02 21:13 2420736 ----a-w- c:\program files\PixVue\bin\PixVue.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PixVue XMP] @="{F0C13C81-FB8D-464e-873F-F8FF999E3EEC}" [HKEY_CLASSES_ROOT\CLSID\{F0C13C81-FB8D-464e-873F-F8FF999E3EEC}] 2005-10-02 21:13 2420736 ----a-w- c:\program files\PixVue\bin\PixVue.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PixVue XMP & IPTC] @="{0117FFFB-91FD-414E-AC34-A00531032006}" [HKEY_CLASSES_ROOT\CLSID\{0117FFFB-91FD-414E-AC34-A00531032006}] 2005-10-02 21:13 2420736 ----a-w- c:\program files\PixVue\bin\PixVue.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "PSDrvCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-08-28 396800] "CloneCDElbyCDFL"="c:\program files\SlySoft\CloneCD\ElbyCheck.exe" [2002-11-02 45056] "LogitechCommunicationsManager"="c:\program files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-02-07 488984] "LVCOMSX"="c:\program files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" [2007-02-06 252704] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Pascal Admin\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-9-9 110592] HotSync Manager.lnk - c:\palm\HOTSYNC.EXE [2004-4-13 299008] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Nikon Monitor.lnk - c:\program files\Fichiers communs\Nikon\Monitor\NkMonitor.exe [2008-8-7 479232] WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2007-1-14 122880] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2007-04-19 10:41 294912 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PixVue] 2005-09-22 22:07 45056 ----a-w- c:\program files\PixVue\bin\WinLogon.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.e\0SsiEfr.e [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^Pascal Admin^Menu Démarrer^Programmes^Démarrage^Outil de notification Live Search.lnk] backup=c:\windows\pss\Outil de notification Live Search.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools] 2006-11-12 10:48 157592 ----a-w- c:\program files\DAEMON Tools\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon] 2007-02-07 23:13 774168 ----a-w- c:\program files\Logitech\QuickCam10\QuickCam10.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\dpnsvr.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R0 axwhisky;axwhisky;c:\windows\system32\drivers\axwhisky.sys [02/07/2003 18:41 5248] R0 axwskbus;axwskbus;c:\windows\system32\drivers\axwskbus.sys [02/07/2003 17:49 124160] R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [05/10/2005 16:34 155136] R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [05/10/2005 16:34 5248] R0 ElbyVCD;ElbyVCD;c:\windows\system32\drivers\ElbyVCD.sys [28/11/2002 12:43 22016] R0 iteraid;ITERAID_Service_Install;c:\windows\system32\drivers\iteraid.sys [04/11/2004 11:55 23003] R0 PrecSim;PrecSim;c:\windows\system32\drivers\precsim.sys [22/05/2002 01:00 69600] R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [18/07/2006 12:02 284184] R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [18/07/2006 12:02 91672] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [29/02/2008 16:03 8944] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [29/02/2008 16:03 51440] R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [03/10/2009 12:04 108289] R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [20/10/2009 20:19 50704] R2 PixVue;PixVue;c:\program files\PixVue\bin\Daemon.exe [02/10/2005 23:13 151552] R2 SVKP;SVKP;c:\windows\system32\SVKP.sys [27/04/2007 15:19 2368] R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [05/10/2006 23:11 13592] R3 chdrvr01;CH Control Manager Driver 1;c:\windows\system32\drivers\chdrvr01.sys [06/01/2008 18:37 215104] R3 chdrvr02;CH Control Manager Driver 2;c:\windows\system32\drivers\chdrvr02.sys [06/01/2008 18:37 3744] R3 chdrvr03;CH Control Manager Driver 3;c:\windows\system32\drivers\chdrvr03.sys [06/01/2008 18:37 9024] R3 emu10kx;Creative EMU10K1/EMU10K2 Audio Driver (WDM);c:\windows\system32\drivers\e10kx2k.sys [01/04/2006 14:19 1757928] S2 freenet-darknet;Freenet 0.7 darknet; [x] S3 MODRC;DiBcom Infrared Receiver;c:\windows\system32\drivers\modrc.sys [28/04/2008 18:54 13824] S3 PctvVirtualNdis;Pinnacle Virtual Miniport;c:\windows\system32\drivers\PctvVirtualNdis.sys [28/04/2008 19:14 13696] S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16/02/2006 16:51 4096] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10/03/2007 16:30 717296] . Contenu du dossier 'Tâches planifiées' 2010-04-28 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-10-05 21:11] . . ------- Examen supplémentaire ------- . mWindow Title = uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Télécharger avec NetTransport - c:\program files\Xi\NetTransport 2\NTAddLink.html IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Tout t&élécharger avec NetTransport - c:\program files\Xi\NetTransport 2\NTAddList.html Trusted Zone: ahnlab.com\global Trusted Zone: cltnet.de\www Trusted Zone: gdfsuez.com\webmailfr TCP: {9548D205-C2A3-4969-BEF2-92CBB72FF227} = 192.168.0.1 DPF: DirectAnimation Java Classes DPF: Microsoft XML Parser for Java DPF: teleir_cert - hxxps://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab DPF: {0D9392CD-A784-4FCA-9342-0F75F7D7C8CB} - hxxp://www.cltnet.de/login/dplaunch.cab DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} - hxxps://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-2.0.cab FF - ProfilePath - c:\documents and settings\Pascal Admin\Application Data\Mozilla\Firefox\Profiles\ksf78zvj.default\ FF - prefs.js: browser.search.selectedEngine - Live Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q= FF - component: c:\documents and settings\Pascal Admin\Application Data\Mozilla\Firefox\Profiles\ksf78zvj.default\extensions\isadmin@vdtsoftware.ffext\components\isadmin.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npdjvu.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll ---- PARAMETRES FIREFOX ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr ef", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-04-28 13:57 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe catchme.sys CLASSPNP.SYS disk.sys >>UNKNOWN [0x82F478A8]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0xf86daf28 \Driver\ACPI -> ACPI.sys @ 0xf8606cb8 \Driver\atapi -> 0x82f478a8 IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0615 ParseProcedure -> 0x830771b0 \Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0615 ParseProcedure -> 0x830771b0 Warning: possible MBR rootkit infection ! user & kernel MBR OK ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-1935655697-1993962763-1343024091-1003\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(688) c:\program files\SUPERAntiSpyware\SASWINLO.dll c:\windows\system32\Ati2evxx.dll . Heure de fin: 2010-04-28 14:08:11 ComboFix-quarantined-files.txt 2010-04-28 12:08 ComboFix2.txt 2010-04-27 19:24 Avant-CF: 15 703 588 864 octets libres Après-CF: 15 659 134 976 octets libres Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - 5F3AFE7F4D27F110D85C8403A00998AA
- le 28 avril 2010
- 85 réponses
Infections détectée par ZHPDIAG

pldta a répondu à un(e) sujet de pldta dans Analyses et éradication malwares

J'avais installé la console de récupération avec combofix qui a effectivement tourné mais sans toutes les clés usb et disques externes .Faut-il que je recommence? voici la log : ComboFix 10-04-26.05 - Pascal Admin 27/04/2010 20:49:02.1.1 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.511.66 [GMT 2:00] Lancé depuis: c:\documents and settings\Pascal Admin\Bureau\ComboFix.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} FW: Sunbelt Kerio Personal Firewall *disabled* {E659E0EE-10E6-49B7-8696-60F38D0EB174} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Pascal Admin\Application Data\inst.exe c:\program files\INSTALL.LOG c:\windows\patch.exe c:\windows\system32\Data c:\windows\system32\SHELLLNK.TLB c:\windows\system32\tmp.reg . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_BOONTY_GAMES ((((((((((((((((((((((((((((( Fichiers créés du 2010-03-27 au 2010-04-27 )))))))))))))))))))))))))))))))))))) . 2010-04-27 10:03 . 2010-04-27 11:25 -------- d-----w- C:\Ad-Remover 2010-04-26 17:31 . 2010-04-27 08:12 -------- d-----w- C:\ToolBar SD 2010-04-04 09:37 . 2010-04-04 09:37 46 ----a-w- c:\windows\system32\DonationCoder_urlsnooper_InstallInfo.dat 2010-04-04 09:37 . 2010-04-04 09:37 -------- d-----w- c:\documents and settings\Pascal Admin\Application Data\DonationCoder 2010-04-04 09:36 . 2010-04-04 09:36 -------- d-----w- c:\program files\WinPcap 2010-04-04 09:35 . 2010-04-21 05:48 -------- d-----w- c:\program files\URLSnooper2 2010-04-04 09:35 . 2010-04-04 09:35 -------- d-----w- c:\documents and settings\All Users\Application Data\DonationCoder 2010-04-04 09:21 . 2010-04-04 09:21 -------- d-----w- c:\program files\Xi . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-04-27 13:38 . 2009-11-29 17:46 -------- d-----w- c:\program files\ZHPDiag 2010-04-27 08:03 . 2005-11-06 11:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-04-27 06:59 . 2006-08-08 20:23 1735460 ----a-w- c:\windows\system32\drivers\fwdrv.err 2010-04-26 17:46 . 2008-01-19 10:01 -------- d-----w- c:\documents and settings\Pascal Admin\Application Data\uTorrent 2010-04-26 16:55 . 2008-05-24 19:58 -------- d-----w- c:\program files\ZebHelpProcess 2 2010-04-26 10:21 . 2008-12-26 17:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-04-26 10:14 . 2009-01-10 19:45 5918776 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2010-04-26 08:40 . 2007-10-20 09:05 -------- d-----w- c:\program files\CCleaner 2010-04-25 00:29 . 2010-04-25 00:29 664 ----a-w- c:\documents and settings\Dominique\Local Settings\Application Data\d3d9caps.tmp 2010-04-17 11:50 . 2008-12-19 12:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-04-09 10:05 . 2004-11-04 18:05 -------- d-----w- c:\program files\Fichiers communs\Adobe 2010-04-07 05:43 . 2006-04-15 10:06 -------- d-----w- c:\program files\Radio Fr Solo 2010-04-05 10:24 . 2008-11-24 19:11 -------- d-----w- c:\documents and settings\Pascal Admin\Application Data\Vso 2010-04-04 14:41 . 2008-11-30 21:38 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-04-03 17:29 . 2010-04-03 17:29 503808 ----a-w- c:\documents and settings\Dominique\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6f6d9473-n\msvcp71.dll 2010-04-03 17:29 . 2010-04-03 17:29 499712 ----a-w- c:\documents and settings\Dominique\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6f6d9473-n\jmc.dll 2010-04-03 17:29 . 2010-04-03 17:29 12800 ----a-w- c:\documents and settings\Dominique\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-2524fe97-n\decora-d3d.dll 2010-04-03 17:29 . 2010-04-03 17:29 348160 ----a-w- c:\documents and settings\Dominique\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6f6d9473-n\msvcr71.dll 2010-04-03 17:29 . 2010-04-03 17:29 61440 ----a-w- c:\documents and settings\Dominique\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-2524fe97-n\decora-sse.dll 2010-04-03 10:07 . 2005-10-07 15:49 -------- d-----w- c:\program files\Fichiers communs\Java 2010-04-03 10:07 . 2010-04-03 10:07 503808 ----a-w- c:\documents and settings\Pascal Admin\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5ae4574e-n\msvcp71.dll 2010-04-03 10:07 . 2010-04-03 10:07 61440 ----a-w- c:\documents and settings\Pascal Admin\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-65ae946b-n\decora-sse.dll 2010-04-03 10:07 . 2010-04-03 10:07 499712 ----a-w- c:\documents and settings\Pascal Admin\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5ae4574e-n\jmc.dll 2010-04-03 10:07 . 2010-04-03 10:07 348160 ----a-w- c:\documents and settings\Pascal Admin\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5ae4574e-n\msvcr71.dll 2010-04-03 10:07 . 2010-04-03 10:07 12800 ----a-w- c:\documents and settings\Pascal Admin\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-65ae946b-n\decora-d3d.dll 2010-04-03 10:06 . 2009-12-20 14:11 -------- d-----w- c:\program files\Java 2010-04-03 10:05 . 2001-08-28 12:00 615420 ----a-w- c:\windows\system32\perfh00C.dat 2010-04-03 10:05 . 2001-08-28 12:00 123638 ----a-w- c:\windows\system32\perfc00C.dat 2010-03-29 22:46 . 2008-12-26 17:58 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-03-29 22:45 . 2008-12-26 17:58 20824 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-03-28 12:37 . 2010-03-06 16:20 -------- d-----w- c:\program files\USB-set 2010-03-27 12:32 . 2008-03-16 14:51 -------- d-----w- c:\documents and settings\Dominique\Application Data\Smart Panel 2010-03-26 11:17 . 2004-10-10 15:53 -------- d-----w- c:\program files\eMule 2010-03-24 13:09 . 2005-02-14 21:38 117824 ----a-w- c:\documents and settings\Olivier\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-03-24 13:05 . 2010-03-24 13:05 130 ----a-w- c:\documents and settings\Olivier\Local Settings\Application Data\fusioncache.dat 2010-03-20 13:00 . 2008-05-24 11:41 -------- d-----w- c:\documents and settings\All Users\Application Data\BSD 2010-03-13 17:28 . 2010-03-13 17:28 2734 ----a-r- c:\documents and settings\Pascal Admin\Application Data\Microsoft\Installer\{C9CE8735-F02F-4DE4-B979-04D30DFFE7C3}\_2cd672ae.exe 2010-03-13 17:28 . 2010-03-13 17:28 2734 ----a-r- c:\documents and settings\Pascal Admin\Application Data\Microsoft\Installer\{C9CE8735-F02F-4DE4-B979-04D30DFFE7C3}\_294823.exe 2010-03-13 17:28 . 2010-03-13 17:28 2734 ----a-r- c:\documents and settings\Pascal Admin\Application Data\Microsoft\Installer\{C9CE8735-F02F-4DE4-B979-04D30DFFE7C3}\_18be6784.exe 2010-03-13 17:28 . 2010-03-13 17:28 12390 ----a-r- c:\documents and settings\Pascal Admin\Application Data\Microsoft\Installer\{C9CE8735-F02F-4DE4-B979-04D30DFFE7C3}\_4ae13d6c.exe 2010-03-13 17:28 . 2010-03-13 17:28 -------- d-----w- c:\program files\Ujihara 2010-03-10 06:16 . 2002-08-29 09:45 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-03-09 02:28 . 2008-11-10 11:25 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-03-07 19:00 . 2005-05-15 08:35 -------- d-----w- c:\documents and settings\Pascal Admin\Application Data\ArcSoft 2010-02-25 06:17 . 2002-08-29 09:45 916480 ----a-w- c:\windows\system32\wininet.dll 2010-02-24 13:11 . 2005-02-12 12:06 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-02-24 08:16 . 2009-10-23 08:40 181632 ------w- c:\windows\system32\MpSigStub.exe 2010-02-19 23:47 . 2010-02-19 23:47 3604480 ----a-w- c:\windows\system32\GPhotos.scr 2010-02-17 12:07 . 2002-08-29 09:42 2192000 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-02-16 19:07 . 2002-08-29 11:42 2068864 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-02-12 04:34 . 2002-08-29 09:44 100864 ----a-w- c:\windows\system32\6to4svc.dll 2010-02-11 12:02 . 2002-08-28 23:37 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys 1999-12-02 12:54 . 2007-10-27 08:36 91648 ------w- c:\program files\xcacls.exe 2008-09-10 11:49 . 2008-09-10 11:49 5817064 ----a-w- c:\program files\mozilla firefox\plugins\ScorchPDFWrapper.dll 2005-05-30 19:37 . 2005-05-30 19:37 8192 --sha-w- c:\windows\o2cLicStore.bin 2005-05-05 15:01 . 2005-05-05 15:01 8 --sh--r- c:\windows\system32\0AA48D50C7.sys 2006-07-11 06:15 . 2006-07-11 06:15 5 --sha-w- c:\windows\system32\aebdd_s.dll 2008-04-14 02:33 . 2001-08-28 12:00 65024 --sha-w- c:\windows\system32\asycfilt.dll 2008-04-14 02:33 . 2002-08-29 09:44 617472 --sha-w- c:\windows\system32\comctl32.dll 2005-05-05 15:15 . 2005-05-05 15:01 1056 --sha-w- c:\windows\system32\KGyGaAvL.sys 2001-08-28 12:00 . 2001-08-28 12:00 57344 --sha-w- c:\windows\system32\mfc42loc.dll 2008-04-14 02:33 . 2002-08-29 09:44 343040 --sha-w- c:\windows\system32\msvcrt.dll 2001-08-28 12:00 . 2001-08-28 12:00 253952 --sha-w- c:\windows\system32\msvcrt20.dll 2008-04-14 02:33 . 2002-08-29 09:44 551936 --sha-w- c:\windows\system32\oleaut32.dll 2008-04-14 02:33 . 2001-08-28 12:00 84992 --sha-w- c:\windows\system32\olepro32.dll 2008-04-14 02:33 . 2001-08-28 12:00 30749 --sha-w- c:\windows\system32\vbajet32.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{200B4767-4E46-4A4F-B2A0-D23A0E30B592}"= "c:\program files\PixVue\bin\PixVue.dll" [2005-10-02 2420736] [HKEY_CLASSES_ROOT\clsid\{200b4767-4e46-4a4f-b2a0-d23a0e30b592}] [HKEY_CLASSES_ROOT\PixVue.ExplorerBar.1] [HKEY_CLASSES_ROOT\TypeLib\{066EFA48-AC3A-4B5A-BDCE-434BA4C203C3}] [HKEY_CLASSES_ROOT\PixVue.ExplorerBar] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PixVue EXIF] @="{3E57A8B6-849B-476E-A3E9-CFCE49E3662A}" [HKEY_CLASSES_ROOT\CLSID\{3E57A8B6-849B-476E-A3E9-CFCE49E3662A}] 2005-10-02 21:13 2420736 ----a-w- c:\program files\PixVue\bin\PixVue.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PixVue EXIF & IPTC] @="{E3F36090-0540-418f-8136-074D5B255B59}" [HKEY_CLASSES_ROOT\CLSID\{E3F36090-0540-418f-8136-074D5B255B59}] 2005-10-02 21:13 2420736 ----a-w- c:\program files\PixVue\bin\PixVue.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PixVue EXIF & XMP] @="{E1C1BE26-35A8-4999-A3A6-235CB7BD558B}" [HKEY_CLASSES_ROOT\CLSID\{E1C1BE26-35A8-4999-A3A6-235CB7BD558B}] 2005-10-02 21:13 2420736 ----a-w- c:\program files\PixVue\bin\PixVue.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PixVue EXIF & XMP & IPTC] @="{2E9BD3CA-A57F-450b-B1BA-A6A58C0C1D51}" [HKEY_CLASSES_ROOT\CLSID\{2E9BD3CA-A57F-450b-B1BA-A6A58C0C1D51}] 2005-10-02 21:13 2420736 ----a-w- c:\program files\PixVue\bin\PixVue.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PixVue IPTC] @="{BCA5FB3A-9FC1-4465-ACE3-8C2072449164}" [HKEY_CLASSES_ROOT\CLSID\{BCA5FB3A-9FC1-4465-ACE3-8C2072449164}] 2005-10-02 21:13 2420736 ----a-w- c:\program files\PixVue\bin\PixVue.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PixVue XMP] @="{F0C13C81-FB8D-464e-873F-F8FF999E3EEC}" [HKEY_CLASSES_ROOT\CLSID\{F0C13C81-FB8D-464e-873F-F8FF999E3EEC}] 2005-10-02 21:13 2420736 ----a-w- c:\program files\PixVue\bin\PixVue.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\PixVue XMP & IPTC] @="{0117FFFB-91FD-414E-AC34-A00531032006}" [HKEY_CLASSES_ROOT\CLSID\{0117FFFB-91FD-414E-AC34-A00531032006}] 2005-10-02 21:13 2420736 ----a-w- c:\program files\PixVue\bin\PixVue.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2006-11-12 157592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "PSDrvCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-08-28 396800] "CloneCDElbyCDFL"="c:\program files\SlySoft\CloneCD\ElbyCheck.exe" [2002-11-02 45056] "CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2002-12-02 73728] "LogitechCommunicationsManager"="c:\program files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-02-07 488984] "LVCOMSX"="c:\program files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" [2007-02-06 252704] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Pascal Admin\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-9-9 110592] HotSync Manager.lnk - c:\palm\HOTSYNC.EXE [2004-4-13 299008] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Nikon Monitor.lnk - c:\program files\Fichiers communs\Nikon\Monitor\NkMonitor.exe [2008-8-7 479232] WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2007-1-14 122880] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2007-04-19 10:41 294912 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PixVue] 2005-09-22 22:07 45056 ----a-w- c:\program files\PixVue\bin\WinLogon.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.e\0SsiEfr.e [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^Pascal Admin^Menu Démarrer^Programmes^Démarrage^Outil de notification Live Search.lnk] backup=c:\windows\pss\Outil de notification Live Search.lnkStartup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon] 2007-02-07 23:13 774168 ----a-w- c:\program files\Logitech\QuickCam10\QuickCam10.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\dpnsvr.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R0 axwhisky;axwhisky;c:\windows\system32\drivers\axwhisky.sys [02/07/2003 18:41 5248] R0 axwskbus;axwskbus;c:\windows\system32\drivers\axwskbus.sys [02/07/2003 17:49 124160] R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [05/10/2005 16:34 155136] R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [05/10/2005 16:34 5248] R0 ElbyVCD;ElbyVCD;c:\windows\system32\drivers\ElbyVCD.sys [28/11/2002 12:43 22016] R0 iteraid;ITERAID_Service_Install;c:\windows\system32\drivers\iteraid.sys [04/11/2004 11:55 23003] R0 PrecSim;PrecSim;c:\windows\system32\drivers\precsim.sys [22/05/2002 01:00 69600] R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [18/07/2006 12:02 284184] R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [18/07/2006 12:02 91672] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [29/02/2008 16:03 8944] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [29/02/2008 16:03 51440] R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [03/10/2009 12:04 108289] R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [20/10/2009 20:19 50704] R2 PixVue;PixVue;c:\program files\PixVue\bin\Daemon.exe [02/10/2005 23:13 151552] R2 SVKP;SVKP;c:\windows\system32\SVKP.sys [27/04/2007 15:19 2368] R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [05/10/2006 23:11 13592] R3 chdrvr01;CH Control Manager Driver 1;c:\windows\system32\drivers\chdrvr01.sys [06/01/2008 18:37 215104] R3 chdrvr02;CH Control Manager Driver 2;c:\windows\system32\drivers\chdrvr02.sys [06/01/2008 18:37 3744] R3 chdrvr03;CH Control Manager Driver 3;c:\windows\system32\drivers\chdrvr03.sys [06/01/2008 18:37 9024] R3 emu10kx;Creative EMU10K1/EMU10K2 Audio Driver (WDM);c:\windows\system32\drivers\e10kx2k.sys [01/04/2006 14:19 1757928] S2 freenet-darknet;Freenet 0.7 darknet; [x] S3 MODRC;DiBcom Infrared Receiver;c:\windows\system32\drivers\modrc.sys [28/04/2008 18:54 13824] S3 PctvVirtualNdis;Pinnacle Virtual Miniport;c:\windows\system32\drivers\PctvVirtualNdis.sys [28/04/2008 19:14 13696] S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16/02/2006 16:51 4096] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10/03/2007 16:30 717296] . Contenu du dossier 'Tâches planifiées' 2010-04-27 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-10-05 21:11] . . ------- Examen supplémentaire ------- . mWindow Title = uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Télécharger avec NetTransport - c:\program files\Xi\NetTransport 2\NTAddLink.html IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Tout t&élécharger avec NetTransport - c:\program files\Xi\NetTransport 2\NTAddList.html Trusted Zone: ahnlab.com\global Trusted Zone: cltnet.de\www Trusted Zone: gdfsuez.com\webmailfr TCP: {9548D205-C2A3-4969-BEF2-92CBB72FF227} = 192.168.0.1 DPF: DirectAnimation Java Classes DPF: Microsoft XML Parser for Java DPF: teleir_cert - hxxps://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab DPF: {0D9392CD-A784-4FCA-9342-0F75F7D7C8CB} - hxxp://www.cltnet.de/login/dplaunch.cab DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} - hxxps://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-2.0.cab FF - ProfilePath - c:\documents and settings\Pascal Admin\Application Data\Mozilla\Firefox\Profiles\ksf78zvj.default\ FF - prefs.js: browser.search.selectedEngine - Live Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q= FF - component: c:\documents and settings\Pascal Admin\Application Data\Mozilla\Firefox\Profiles\ksf78zvj.default\extensions\isadmin@vdtsoftware.ffext\components\isadmin.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npdjvu.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll ---- PARAMETRES FIREFOX ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr ef", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); . - - - - ORPHELINS SUPPRIMES - - - - SafeBoot-AVG Anti-Spyware Driver SafeBoot-AVG Anti-Spyware Guard ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-04-27 21:09 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x82FC9758]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0xf8702f28 \Driver\ACPI -> ACPI.sys @ 0xf862ecb8 \Driver\atapi -> 0x82fc9758 IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0615 ParseProcedure -> 0x822ec1b0 \Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0615 ParseProcedure -> 0x822ec1b0 Warning: possible MBR rootkit infection ! user & kernel MBR OK ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-1935655697-1993962763-1343024091-1003\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(696) c:\program files\SUPERAntiSpyware\SASWINLO.dll c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(7828) c:\program files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe c:\windows\system32\Ati2evxx.exe c:\program files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe c:\program files\Sandboxie\SbieSvc.exe c:\windows\System32\MsPMSPSv.exe c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe c:\windows\System32\wbem\wmiapsrv.exe c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe c:\windows\system32\wscntfy.exe c:\windows\ECONOM~1.SCR c:\windows\ECONOM~1.exe . ************************************************************************** . Heure de fin: 2010-04-27 21:24:21 - La machine a redémarré ComboFix-quarantined-files.txt 2010-04-27 19:24 Avant-CF: 15 775 113 216 octets libres Après-CF: 15 704 539 136 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /NoExecute=OptIn Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - 57D9C665BBF282E298F4BB99895A2DA8
- le 28 avril 2010
- 85 réponses
Infections détectée par ZHPDIAG

pldta a répondu à un(e) sujet de pldta dans Analyses et éradication malwares

J'ai suivi toute la procédure (console de récupération, fixboot, fixmbr...) mais j'ai toujours ce satané message : ---\\ Recherche d'infection Master Boot Record (O80) Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x830F0380]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\atapi -> 0x830f0380 IoDeviceObjectType -> ParseProcedure -> 0x822a41b0 \Device\Harddisk0\DR0 -> ParseProcedure -> 0x822a41b0 Warning: possible MBR rootkit infection ! user & kernel MBR OK Use "Recovery Console" command "fixmbr" to clear infection ! Use "ZHPFix" command "MBRFix" to clear infection ! Que puis-je faire?
- le 28 avril 2010
- 85 réponses
Infections détectée par ZHPDIAG

pldta a répondu à un(e) sujet de pldta dans Analyses et éradication malwares

Ils sont dans le message du dessus C'est celui de 16h02
- le 27 avril 2010
- 85 réponses
Infections détectée par ZHPDIAG

pldta a répondu à un(e) sujet de pldta dans Analyses et éradication malwares

MBAM ne détecte rien, j'ai donc passé les 3 procédures : Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Version de la base de données: 3930 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 27/04/2010 18:51:29 mbam-log-2010-04-27 (18-51-29).txt Type d'examen: Examen complet (C:\|D:\|E:\|F:\|N:\|) Elément(s) analysé(s): 344472 Temps écoulé: 1 heure(s), 43 minute(s), 42 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
- le 27 avril 2010
- 85 réponses
Infections détectée par ZHPDIAG

pldta a répondu à un(e) sujet de pldta dans Analyses et éradication malwares

Je ne pense pas avoir la console de récupération mais j'ai le cd de windows Le fichier bootverify a l'air correct: Fichier bootvrfy.exe reçu le 2010.04.27 09:57:09 (UTC) Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE Résultat: 0/41 (0%) Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.50 2010.04.27 - AhnLab-V3 5.0.0.2 2010.04.27 - AntiVir 8.2.1.224 2010.04.26 - Antiy-AVL 2.0.3.7 2010.04.27 - Authentium 5.2.0.5 2010.04.27 - Avast 4.8.1351.0 2010.04.26 - Avast5 5.0.332.0 2010.04.26 - AVG 9.0.0.787 2010.04.26 - BitDefender 7.2 2010.04.27 - CAT-QuickHeal 10.00 2010.04.27 - ClamAV 0.96.0.3-git 2010.04.27 - Comodo 4687 2010.04.27 - DrWeb 5.0.2.03300 2010.04.27 - eSafe 7.0.17.0 2010.04.26 - eTrust-Vet 35.2.7453 2010.04.27 - F-Prot 4.5.1.85 2010.04.26 - F-Secure 9.0.15370.0 2010.04.27 - Fortinet 4.0.14.0 2010.04.27 - GData 21 2010.04.27 - Ikarus T3.1.1.80.0 2010.04.27 - Jiangmin 13.0.900 2010.04.27 - Kaspersky 7.0.0.125 2010.04.27 - McAfee 5.400.0.1158 2010.04.27 - McAfee-GW-Edition 6.8.5 2010.04.26 - Microsoft 1.5703 2010.04.27 - NOD32 5063 2010.04.26 - Norman 6.04.11 2010.04.27 - nProtect 2010-04-27.01 2010.04.27 - Panda 10.0.2.7 2010.04.26 - PCTools 7.0.3.5 2010.04.27 - Prevx 3.0 2010.04.27 - Rising 22.45.01.04 2010.04.27 - Sophos 4.53.0 2010.04.27 - Sunbelt 6226 2010.04.27 - Symantec 20091.2.0.41 2010.04.27 - TheHacker 6.5.2.0.270 2010.04.27 - TrendMicro 9.120.0.1004 2010.04.27 - TrendMicro-HouseCall 9.120.0.1004 2010.04.27 - VBA32 3.12.12.4 2010.04.27 - ViRobot 2010.4.26.2294 2010.04.26 - VirusBuster 5.0.27.0 2010.04.26 - Information additionnelle File size: 5120 bytes MD5...: ab5fa3eef701c7b3ad926e1aefca68fd SHA1..: 34d3eb9e918d292b4e8caafa7488126e6040a22c SHA256: 3e1e31ea44ef5ccf24c2c988fd8350fd2d713d5f5571d53d6ece15a17863f419 ssdeep: 48:qSKgMYK1MbXZC9/03H4TlWu7p/QiNmpMlpQSytkBtdIZWD5WUE5WwG:CNYx4/ 6sWu1/fqMkS+kZEWoUYWw PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x1270 timedatestamp.....: 0x3b7d8563 (Fri Aug 17 20:58:11 2001) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x73c 0x800 5.50 50793dea01f422d2b05d2e6c75f3935e .data 0x2000 0x6c 0x200 0.02 9475a59226943a3ad422e18169989f66 .rsrc 0x3000 0x408 0x600 2.46 53b0a23aac27a76de63e28bd36bfe891 ( 3 imports ) > msvcrt.dll: _controlfp, __set_app_type, __p__fmode, __p__commode, _adjust_fdiv, __setusermatherr, _initterm, __getmainargs, __initenv, exit, _cexit, _XcptFilter, _exit, _except_handler3, _c_exit > ADVAPI32.dll: ControlService, OpenServiceW, OpenSCManagerW, NotifyBootConfigStatus, RegisterServiceCtrlHandlerW, StartServiceCtrlDispatcherW, SetServiceStatus > KERNEL32.dll: SetEvent, ExitThread, WaitForSingleObject, ExitProcess, CreateEventA, GetLastError, GetModuleHandleA ( 0 exports ) RDS...: NSRL Reference Data Set - pdfid.: - trid..: Win64 Executable Generic (80.9%) Win32 Executable Generic (8.0%) Win32 Dynamic Link Library (generic) (7.1%) Generic Win/DOS Executable (1.8%) DOS Executable Generic (1.8%) sigcheck: publisher....: Microsoft Corporation copyright....: © Microsoft Corporation. All rights reserved. product......: Microsoft_ Windows_ Operating System description..: Boot Verify Application for Registry original name: bootvrfy.exe internal name: bootvrfy.exe file version.: 5.1.2600.0 (xpclient.010817-1148) comments.....: n/a signers......: - signing date.: - verified.....: Unsigned j'ai passé ad remover : . ======= RAPPORT D'AD-REMOVER 2.0.0.0,C | UNIQUEMENT XP/VISTA/7 ======= . Mis à jour par C_XX le 24/04/10 à 20:50 Contact: AdRemover.contact@gmail.com Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html . Lancé à: 13:18:59 le 27/04/2010 | Mode normal | Option: CLEAN Exécuté de: C:\Ad-Remover\ADR.exe SE: Microsoft® Windows XP™ Service Pack 3 - X86 Nom du PC: PCPASCAL Utilisateur actuel: Pascal Admin (Administrateur) . ============== ÉLÉMENT(S) NEUTRALISÉ(S) ============== . . C:\Documents and Settings\Pascal Admin\Application Data\DesktopIcon C:\Program Files\DaemonTools_WhenUSave_Installer C:\WINDOWS\pack.epk (!) -- Fichiers temporaires supprimés. . HKLM\Software\Freeze.com . (Orpheline) BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} (CLSID manquant) (Orpheline) HKLM,Uninstall - Ear Training 101 v3.4 plus Rhythmic Patterns Demo3.0 - C:\WINDOWS\iun6002.exe (Fichier manquant) (Orpheline) HKLM,Uninstall - SpeedItupFree4.01 - C:\WINDOWS\iun6002.exe (Fichier manquant) (Orpheline) HKLM,Uninstall - Tweak-XP Pro 4 - C:\WINDOWS\iun6002.exe (Fichier manquant) . ============== SCAN ADDITIONNEL ============== . * Mozilla FireFox Version 3.6.3 (fr) * . C:\Documents and Settings\Pascal Admin\..\ksf78zvj.default\prefs.js - browser.download.dir: D:\\Documents de Pascal\\Provi C:\Documents and Settings\Pascal Admin\..\ksf78zvj.default\prefs.js - browser.download.lastDir: C:\\Documents and Settings\\Pascal Admin\\Bureau C:\Documents and Settings\Pascal Admin\..\ksf78zvj.default\prefs.js - browser.search.selectedEngine: Live Search C:\Documents and Settings\Pascal Admin\..\ksf78zvj.default\prefs.js - browser.startup.homepage: hxxp://www.google.fr C:\Documents and Settings\Pascal Admin\..\ksf78zvj.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2.3 C:\Documents and Settings\Pascal Admin\..\ksf78zvj.default\prefs.js - keyword.URL: hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q= C:\Documents and Settings\Dominique\..\v6x4e8vx.default\prefs.js - browser.download.lastDir: C:\\Documents and Settings\\Dominique\\Bureau C:\Documents and Settings\Dominique\..\v6x4e8vx.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2.3 C:\Documents and Settings\Olivier\..\7zo2nzk7.default\prefs.js - browser.search.selectedEngine: Google C:\Documents and Settings\Olivier\..\7zo2nzk7.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2 . . * Internet Explorer Version 8.0.6001.18702 * . [HKCU\Software\Microsoft\Internet Explorer\Main] . Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ . [HKLM\Software\Microsoft\Internet Explorer\Main] . Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ . [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] . Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm . ============== SUSPECT(S) ============== . C:\Documents and Settings\Pascal Admin\Application Data\.ABC\torrent\NikonCapture44withserial170042.Demonoid.com.torrent C:\Documents and Settings\Pascal Admin\Bureau\Favoris\Informatique\Creative labs Europe TechKnowZone drivers - patches.url C:\Documents and Settings\Pascal Admin\Favoris\informatique\Serials & keys - unlocks the world.URL C:\Documents and Settings\Pascal Admin\Favoris\Marque-pages non classés\TelechargementZ Telechargement Gratuit Télécharger gratuitement Films Music mp3 jeux PC livres magazines logiciels crack sur rapidshare megaupload [RS][MU][Free][FF].URL C:\Documents and Settings\Pascal Admin\Favoris\Serials & keys - unlocks the world.url . ======================================== . C:\DOCUME~1\PASCAL~1\LOCALS~1\Temp: 5 Fichier(s), 181 Dossier(s) C:\WINDOWS\temp: 4 Fichier(s), 2 Dossier(s) Temporary Internet Files: 2 Fichier(s), 7 Dossier(s) . C:\Ad-Remover\Quarantine: 1 Fichier(s) C:\Ad-Remover\Backup: 14 Fichier(s) . C:\Ad-Report-CLEAN[1].txt - 4546 Octet(s) C:\Ad-Report-SCAN[1].txt - 4046 Octet(s) . Fin à: 13:26:33, 27/04/2010 . ============== E.O.F - CLEAN[1] ============== J'ai passé navilog1 Fix Navipromo version 4.0.8 commencé le 27/04/2010 14:45:34,34 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! Outil exécuté depuis C:\navilog1 Mise à jour le 09.03.2010 à 18h00 par IL-MAFIOSO Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon XP 1800+ ) BIOS : v1.0 ~ USER : Pascal Admin ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.32 (Not Activated) Firewall : Sunbelt Kerio Personal Firewall 4.3.268 T (Not Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:39 Go (Free:14 Go) D:\ (Local Disk) - NTFS - Total:75 Go (Free:5 Go) E:\ (Local Disk) - NTFS - Total:189 Go (Free:12 Go) F:\ (Local Disk) - NTFS - Total:37 Go (Free:0 Go) G:\ (CD or DVD) H:\ (CD or DVD) J:\ (CD or DVD) K:\ (CD or DVD) M:\ (CD or DVD) Recherche executée en mode normal Nettoyage exécuté au redémarrage de l'ordinateur Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\Pascal Admin\locals~1\Temp effectué ! *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok Il ne me reste que çà dans zpdiag : O64 - Services: CurCS - (.not file.) - Boonty Games (Boonty Games) .(.Pas de propriétaire - Pas de description.) - LEGACY_BOONTY_GAMES ---\\ Recherche d'infection Master Boot Record (O80) Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x83043218]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\atapi -> 0x83043218 IoDeviceObjectType -> ParseProcedure -> 0x823771b0 \Device\Harddisk0\DR0 -> ParseProcedure -> 0x823771b0 Warning: possible MBR rootkit infection ! user & kernel MBR OK Use "Recovery Console" command "fixmbr" to clear infection ! Use "ZHPFix" command "MBRFix" to clear infection !
- le 27 avril 2010
- 85 réponses
Infections détectée par ZHPDIAG

pldta a répondu à un(e) sujet de pldta dans Analyses et éradication malwares

J'ai effectué tout ce qui précède MBR me met la log suivante : Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully kernel: MBR read successfully detected MBR rootkit hooks: \Driver\atapi -> 0x830ac4a8 IoDeviceObjectType -> ParseProcedure -> 0x823281b0 \Device\Harddisk0\DR0 -> ParseProcedure -> 0x823281b0 Warning: possible MBR rootkit infection ! user & kernel MBR OK Use "Recovery Console" command "fixmbr" to clear infection ! Toolbarsd me met avant nettoyage : -----------\\ ToolBar S&D 1.2.9 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon XP 1800+ ) BIOS : v1.0 ~ USER : Pascal Admin ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.32 (Activated) Firewall : Sunbelt Kerio Personal Firewall 4.3.268 T (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:39 Go (Free:12 Go) D:\ (Local Disk) - NTFS - Total:75 Go (Free:4 Go) E:\ (Local Disk) - NTFS - Total:189 Go (Free:12 Go) F:\ (Local Disk) - NTFS - Total:37 Go (Free:0 Go) G:\ (CD or DVD) H:\ (CD or DVD) J:\ (CD or DVD) K:\ (CD or DVD) M:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 ) Option : [1] ( 26/04/2010|20:24 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\WINDOWS\iun6002.exe -----------\\ Extensions (Pascal Admin) - {37E4D8EA-8BDA-4831-8EA1-89053939A250} => pdfdownload (Pascal Admin) - {71328583-3CA7-4809-B4BA-570A85818FBB} => cacheviewer (Pascal Admin) - {73a6fe31-595d-460b-a920-fcc0f8843232} => noscript (Pascal Admin) - {73a6fe31-595d-460b-a920-fcc0f8843232} => noscript (Pascal Admin) - {73a6fe31-595d-460b-a920-fcc0f8843232} => noscript (Pascal Admin) - {73a6fe31-595d-460b-a920-fcc0f8843232} => noscript (Pascal Admin) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper (Pascal Admin) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/"'>http://www.google.com/"'>http://www.google.com/"'>http://www.google.com/" "Search Page"="http://www.google.com"'>http://www.google.com"'>http://www.google.com"'>http://www.google.com" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Search Bar"="http://www.google.com/ie"'>http://www.google.com/ie"'>http://www.google.com/ie"'>http://www.google.com/ie"'>http://www.google.com/ie"'>http://www.google.com/ie"'>http://www.google.com/ie"'>http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" --------------------\\ Recherche d'autres infections C:\WINDOWS\Pack.epk ==> EGDACCESS <== --------------------\\ ROGUES .. C:\PROGRA~1\PrivacyEraser Computing --------------------\\ Cracks & Keygens .. C:\DOCUME~1\PASCAL~1\Favoris\Marque-pages non class‚s\TelechargementZ Telechargement Gratuit T‚l‚charger gratuitement Films Music mp3 jeux PC livres magazines logiciels crack sur rapidshare megaupload [RS][MU][Free][FF].URL et après nettoyage : -----------\\ ToolBar S&D 1.2.9 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon XP 1800+ ) BIOS : v1.0 ~ USER : Pascal Admin ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.32 (Activated) Firewall : Sunbelt Kerio Personal Firewall 4.3.268 T (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:39 Go (Free:12 Go) D:\ (Local Disk) - NTFS - Total:75 Go (Free:4 Go) E:\ (Local Disk) - NTFS - Total:189 Go (Free:12 Go) F:\ (Local Disk) - NTFS - Total:37 Go (Free:0 Go) G:\ (CD or DVD) H:\ (CD or DVD) I:\ (USB) - FAT32 - Total:3927 Mo (Free:0 Go) J:\ (CD or DVD) K:\ (CD or DVD) L:\ (USB) - FAT32 - Total:30516 Mo (Free:8 Go) M:\ (CD or DVD) N:\ (Local Disk) - NTFS - Total:279 Go (Free:3 Go) "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 ) Option : [2] ( 26/04/2010|20:29 ) -----------\\ SUPPRESSION Supprime! - C:\WINDOWS\iun6002.exe -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ Extensions (Pascal Admin) - {37E4D8EA-8BDA-4831-8EA1-89053939A250} => pdfdownload (Pascal Admin) - {71328583-3CA7-4809-B4BA-570A85818FBB} => cacheviewer (Pascal Admin) - {73a6fe31-595d-460b-a920-fcc0f8843232} => noscript (Pascal Admin) - {73a6fe31-595d-460b-a920-fcc0f8843232} => noscript (Pascal Admin) - {73a6fe31-595d-460b-a920-fcc0f8843232} => noscript (Pascal Admin) - {73a6fe31-595d-460b-a920-fcc0f8843232} => noscript (Pascal Admin) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper (Pascal Admin) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" "Search Page"="http://www.google.com" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Search Bar"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.msn.com/"'>http://www.msn.com/" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" --------------------\\ Recherche d'autres infections C:\WINDOWS\Pack.epk ==> EGDACCESS <== --------------------\\ ROGUES .. C:\PROGRA~1\PrivacyEraser Computing --------------------\\ Cracks & Keygens .. C:\DOCUME~1\PASCAL~1\Favoris\Marque-pages non class‚s\TelechargementZ Telechargement Gratuit T‚l‚charger gratuitement Films Music mp3 jeux PC livres magazines logiciels crack sur rapidshare megaupload [RS][MU][Free][FF].URL MBAM n'a rien trouvé ZHP me signale encore (j'ai fait un extrait: [HKLM\Software\Freeze.com] O43 - CFD:Common File Directory ----D- C:\Program Files\DaemonTools_WhenUSave_Installer ---\\ Recherche heuristique Magic.control (HSMI) (O59) O59 - HSMI:Heuristic Search MagicControl Infection - C:\windows\pack.epk O64 - Services: CurCS - (.not file.) - Boonty Games (Boonty Games) .(.Pas de propriétaire - Pas de description.) - LEGACY_BOONTY_GAMES ---\\ Recherche d'infection Master Boot Record (O80) Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x830AC4A8]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\atapi -> 0x830ac4a8 IoDeviceObjectType -> ParseProcedure -> 0x823281b0 \Device\Harddisk0\DR0 -> ParseProcedure -> 0x823281b0 Warning: possible MBR rootkit infection ! user & kernel MBR OK Use "Recovery Console" command "fixmbr" to clear infection ! Use "ZHPFix" command "MBRFix" to clear infection ! J'ai effectué tout ce qui précède MBR me met la log suivante : Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully kernel: MBR read successfully detected MBR rootkit hooks: \Driver\atapi -> 0x830ac4a8 IoDeviceObjectType -> ParseProcedure -> 0x823281b0 \Device\Harddisk0\DR0 -> ParseProcedure -> 0x823281b0 Warning: possible MBR rootkit infection ! user & kernel MBR OK Use "Recovery Console" command "fixmbr" to clear infection ! Toolbarsd me met avant nettoyage : -----------\\ ToolBar S&D 1.2.9 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon XP 1800+ ) BIOS : v1.0 ~ USER : Pascal Admin ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.32 (Activated) Firewall : Sunbelt Kerio Personal Firewall 4.3.268 T (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:39 Go (Free:12 Go) D:\ (Local Disk) - NTFS - Total:75 Go (Free:4 Go) E:\ (Local Disk) - NTFS - Total:189 Go (Free:12 Go) F:\ (Local Disk) - NTFS - Total:37 Go (Free:0 Go) G:\ (CD or DVD) H:\ (CD or DVD) J:\ (CD or DVD) K:\ (CD or DVD) M:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 ) Option : [1] ( 26/04/2010|20:24 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\WINDOWS\iun6002.exe -----------\\ Extensions (Pascal Admin) - {37E4D8EA-8BDA-4831-8EA1-89053939A250} => pdfdownload (Pascal Admin) - {71328583-3CA7-4809-B4BA-570A85818FBB} => cacheviewer (Pascal Admin) - {73a6fe31-595d-460b-a920-fcc0f8843232} => noscript (Pascal Admin) - {73a6fe31-595d-460b-a920-fcc0f8843232} => noscript (Pascal Admin) - {73a6fe31-595d-460b-a920-fcc0f8843232} => noscript (Pascal Admin) - {73a6fe31-595d-460b-a920-fcc0f8843232} => noscript (Pascal Admin) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper (Pascal Admin) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" "Search Page"="http://www.google.com" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Search Bar"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" --------------------\\ Recherche d'autres infections C:\WINDOWS\Pack.epk ==> EGDACCESS <== --------------------\\ ROGUES .. C:\PROGRA~1\PrivacyEraser Computing --------------------\\ Cracks & Keygens .. C:\DOCUME~1\PASCAL~1\Favoris\Marque-pages non class‚s\TelechargementZ Telechargement Gratuit T‚l‚charger gratuitement Films Music mp3 jeux PC livres magazines logiciels crack sur rapidshare megaupload [RS][MU][Free][FF].URL et après nettoyage : -----------\\ ToolBar S&D 1.2.9 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon XP 1800+ ) BIOS : v1.0 ~ USER : Pascal Admin ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.32 (Activated) Firewall : Sunbelt Kerio Personal Firewall 4.3.268 T (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:39 Go (Free:12 Go) D:\ (Local Disk) - NTFS - Total:75 Go (Free:4 Go) E:\ (Local Disk) - NTFS - Total:189 Go (Free:12 Go) F:\ (Local Disk) - NTFS - Total:37 Go (Free:0 Go) G:\ (CD or DVD) H:\ (CD or DVD) I:\ (USB) - FAT32 - Total:3927 Mo (Free:0 Go) J:\ (CD or DVD) K:\ (CD or DVD) L:\ (USB) - FAT32 - Total:30516 Mo (Free:8 Go) M:\ (CD or DVD) N:\ (Local Disk) - NTFS - Total:279 Go (Free:3 Go) "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 ) Option : [2] ( 26/04/2010|20:29 ) -----------\\ SUPPRESSION Supprime! - C:\WINDOWS\iun6002.exe -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ Extensions (Pascal Admin) - {37E4D8EA-8BDA-4831-8EA1-89053939A250} => pdfdownload (Pascal Admin) - {71328583-3CA7-4809-B4BA-570A85818FBB} => cacheviewer (Pascal Admin) - {73a6fe31-595d-460b-a920-fcc0f8843232} => noscript (Pascal Admin) - {73a6fe31-595d-460b-a920-fcc0f8843232} => noscript (Pascal Admin) - {73a6fe31-595d-460b-a920-fcc0f8843232} => noscript (Pascal Admin) - {73a6fe31-595d-460b-a920-fcc0f8843232} => noscript (Pascal Admin) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper (Pascal Admin) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" "Search Page"="http://www.google.com" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Search Bar"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.msn.com/" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" --------------------\\ Recherche d'autres infections C:\WINDOWS\Pack.epk ==> EGDACCESS <== --------------------\\ ROGUES .. C:\PROGRA~1\PrivacyEraser Computing --------------------\\ Cracks & Keygens .. C:\DOCUME~1\PASCAL~1\Favoris\Marque-pages non class‚s\TelechargementZ Telechargement Gratuit T‚l‚charger gratuitement Films Music mp3 jeux PC livres magazines logiciels crack sur rapidshare megaupload [RS][MU][Free][FF].URL MBAM n'a rien trouvé ZHP me signale encore (j'ai fa: [HKLM\Software\Freeze.com] O43 - CFD:Common File Directory ----D- C:\Program Files\DaemonTools_WhenUSave_Installer ---\\ Recherche heuristique Magic.control (HSMI) (O59) O59 - HSMI:Heuristic Search MagicControl Infection - C:\windows\pack.epk O64 - Services: CurCS - (.not file.) - Boonty Games (Boonty Games) .(.Pas de propriétaire - Pas de description.) - LEGACY_BOONTY_GAMES ---\\ Recherche d'infection Master Boot Record (O80) Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x830AC4A8]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\atapi -> 0x830ac4a8 IoDeviceObjectType -> ParseProcedure -> 0x823281b0 \Device\Harddisk0\DR0 -> ParseProcedure -> 0x823281b0 Warning: possible MBR rootkit infection ! user & kernel MBR OK Use "Recovery Console" command "fixmbr" to clear infection ! Use "ZHPFix" command "MBRFix" to clear infection !
- le 27 avril 2010
- 85 réponses
Infections détectée par ZHPDIAG

pldta a répondu à un(e) sujet de pldta dans Analyses et éradication malwares

Voici la suite c'est surtout la fin qui me tracasse O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_775.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_850.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_852.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_855.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_857.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_860.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_861.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_863.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_865.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_866.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_869.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_874.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_875.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_932.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_936.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_949.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_950.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dim.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dpmesh.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dramp.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3drm.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dxof.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\davclnt(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbgeng.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbmsadsn.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbmsvinn.dLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ddeml.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\debug.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskadp.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskmon.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskperf.dll:KAVICHS O62 - ADS:Alternate Da Voici la suite c'est surtout la fin qui me tracasse O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_775.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_850.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_852.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_855.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_857.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_860.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_861.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_863.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_865.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_866.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_869.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_874.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_875.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_932.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_936.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_949.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_950.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dim.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dpmesh.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dramp.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3drm.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dxof.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\davclnt(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbgeng.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbmsadsn.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbmsvinn.dLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ddeml.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\debug.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskadp.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskmon.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskperf.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\devmgmt.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dfrg.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dfrgres.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dgrpsetu.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dgsetup.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dhcpcsvc(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dhcpsapi.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diactfrm.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dimap.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskcomp.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskcopy.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskmgmt.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\diskperf.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\divxdec_0407.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\divxdec_040c.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\divxdec_0411.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dllhst3g.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmconfig.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmdskres.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmintf.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmocx.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmserver(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dmview.ocx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dnsapi(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dnsrslvr(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\Drivers\acpiec.sys:KAVICHS ---\\ Liste des outils de nettoyage (LATC) (O63) O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) O63 - Logiciel: ZHPDiag 1.25 - (.Nicolas Coolman.) O63 - Logiciel: RSIT - (.random/random.) ---\\ Liste des services Legacy (LALS) (O64) O64 - Services: CurCS - C:\Program Files\Adobe\Photosh
- le 26 avril 2010
- 85 réponses
Infections détectée par ZHPDIAG

pldta a répondu à un(e) sujet de pldta dans Analyses et éradication malwares

Voici la suite c'est surtout la fin qui me tracasse O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_775.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_850.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_852.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_855.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_857.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_860.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_861.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_863.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_865.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_866.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_869.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_874.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_875.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_932.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_936.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_949.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_950.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dim.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dpmesh.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dramp.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3drm.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\d3dxof.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\davclnt(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbgeng.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbmsadsn.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dbmsvinn.dLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ddeml.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\debug.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskadp.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskmon.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\deskperf.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOW
- le 26 avril 2010
- 85 réponses
Infections détectée par ZHPDIAG

pldta a posté un sujet dans Analyses et éradication malwares

La nouvelle version de ZHPDIAG me détecte plusieurs malwares dont éventuellement un rootkit : voici de que le résumé ZHP sur les malwares : HKLM\Software\Freeze.com] => Infection BT O43 - CFD:Common File Directory ----D- C:\Program Files\DaemonTools_WhenUSave_Installer => Infection BT O59 - HSMI:Heuristic Search MagicControl Infection - C:\windows\pack.epk => Infection Diverse O64 - Services: CurCS - (.not file.) - Boonty Games (Boonty Games) .(.Pas de propriétaire - Pas de description.) - LEGACY_BOONTY_GAMES => Infection Diverse (Legacy.Troj) detected MBR rootkit hooks: Warning: possible MBR rootkit infection ! => Infection Rootkit et éventuellement une ligne "variable" O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bootvrfy.exe:KAVICHS => Microsoft or malware Que dois-je faire ? Merci pour votre réponse. et le rapport complet : Rapport de ZHPDiag v1.25.1408 par Nicolas Coolman Run by Pascal Admin at 26/04/2010 12:05:36 Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 MFIE: Mozilla Firefox (3.6.3) ---\\ System Information Platform : Microsoft Windows XP (5.1.2600) Service Pack 3 Processor: x86 Family 6 Model 6 Stepping 2, AuthenticAMD Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 511 MB (33% free) System drive C: has 11 GB (29%) free of 39 GB ---\\ DOS/Devices A:\ Floppy drive, Flash card reader, USB Key (Not Inserted) C:\ Hard drive, Flash drive, Thumb drive (Free 11 Go of 39 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 5 Go of 75 Go) E:\ Hard drive, Flash drive, Thumb drive (Free 12 Go of 190 Go) F:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 37 Go) G:\ CD-ROM drive (Not Inserted) H:\ CD-ROM drive (Not Inserted) J:\ CD-ROM drive (Not Inserted) K:\ CD-ROM drive (Not Inserted) M:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK ---\\ Processus lancés [MD5.3E4C03CEFAD8DE135263236B61A49C90] - (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe [155648] [MD5.D552D5BC4E24373E0FFD9464E72493C6] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\PSDrvCheck.exe [396800] [MD5.56193BCE4DFD8879AEDEB26B71A0A583] - (.Elaborate Bytes AG - ElbyCheck.) -- C:\Program Files\SlySoft\CloneCD\ElbyCheck.exe [45056] [MD5.3B50055972861DA5D5625CAD1B11007E] - (.Elaborate Bytes AG - CloneCD Tray.) -- C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [73728] [MD5.022DB38BECB5A44DA6F7E27923457624] - (.Logitech Inc. - Communications Manager.) -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe [488984] [MD5.AD7503D6857DBFFC7E5F2E96BC9CC283] - (.Logitech Inc. - LVCom Server.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe [252704] [MD5.64C4C17BF6A40FF1CD21205E6FD415B8] - (.ATI Technologies Inc. - CLI Application (Command Line Interface).) -- C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [45056] [MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153] [MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [248040] [MD5.F91F52F4EA5D88DAB6245682A16F3A72] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [36272] [MD5.DB1DB28467111A24664933AB8908CBCE] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [952768] [MD5.59DC5BB82E4C8E0B3EADCFDBC44BA6E4] - (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe [15360] [MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [MD5.4323A5EE3EBC7F5681CD41B69360D2D4] - (.DT Soft Ltd. - Virtual DAEMON Manager.) -- C:\Program Files\DAEMON Tools\daemon.exe [157592] [MD5.177FF6608B48638D4066726F3A3F8444] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [102400] [MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289] [MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089] [MD5.A2EAEB497CA29ECAEAF0DF66AD85C57D] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [413696] [MD5.312A17DFF710A0F4E6D4DD1D52EAD1A8] - (.Pas de propriétaire - ATI Smart.) -- C:\WINDOWS\system32\ati2sgag.exe [520192] [MD5.E4BDF223CD75478BF44567B4D5C2634D] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) -- C:\WINDOWS\System32\svchost.exe [14336] [MD5.C3FB1D70CB88722267949694BA51759E] - (.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\WINDOWS\system32\services.exe [111104] [MD5.74E30A41CDCF331C74BC4D97BE40CC5B] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [MD5.9EF600C64435CCFDEA01C991289E76EC] - (.Sunbelt Software - Sunbelt Kerio Firewall Service.) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [1205784] [MD5.995D0B52870C7A5CAF3EA165FD674A35] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe [109344] [MD5.A005CEE9BE199C5E375FAA559CA9A7A9] - (.Logitech Inc. - LogitechService Launcher.) -- C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [105248] [MD5.CDF8AFB439D8CE182DB19E4D6B67FF63] - (.PixVue.Com - PixVue Daemon.) -- C:\Program Files\PixVue\bin\Daemon.exe [151552] [MD5.91E6024D6D4DCDECDB36C43ECF9BBECB] - (.Microsoft Corporation - LSA Shell (Export Version).) -- C:\WINDOWS\System32\lsass.exe [13312] [MD5.2B2B6189DC47F44D7549519AA7519777] - (.tzuk - Sandboxie Service.) -- C:\Program Files\Sandboxie\SbieSvc.exe [52224] [MD5.460E4CE148BD07218DA0B6A3D31885A9] - (.Microsoft Corporation - Spooler SubSystem App.) -- C:\WINDOWS\system32\spoolsv.exe [57856] [MD5.581061776E1B7C4C7771E97AE5EAF377] - (.Microsoft Corporation - Service Executable.) -- C:\Program Files\Windows Defender\MsMpEng.exe [13592] [MD5.581176F60885AEF8F78C6E38DCC3CDF9] - (.Microsoft Corporation - WMDM PMSP Service.) -- C:\WINDOWS\System32\MsPMSPSv.exe [53520] ---\\ Pages de recherche d'Internet Explorer (R1) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ---\\ Internet Explorer URLSearchHook (R3) R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18904 (longhorn_ie8_gdr.100222-1700)) -- C:\WINDOWS\system32\ieframe.dll R3 - URLSearchHook: Microsoft Url Search Hook - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Pas de propriétaire - Pas de description.) (No version) -- (.not file.) ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} . (.Pas de propriétaire - Pas de description.) -- (.not file.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} . (.Xi - Net Transport IE Helper Module.) -- C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: &PixVue - {B28B4479-D9C2-41D1-B74D-74A1827037CD} . (.Pas de propriétaire - PixVue.) -- C:\Program Files\PixVue\bin\PixVue.dll ---\\ Applications démarrées automatiquement par le registre (O4) O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [PSDrvCheck] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\PSDrvCheck.exe O4 - HKLM\..\Run: [CloneCDElbyCDFL] . (.Elaborate Bytes AG - ElbyCheck.) -- C:\Program Files\SlySoft\CloneCD\ElbyCheck.exe O4 - HKLM\..\Run: [CloneCDTray] . (.Elaborate Bytes AG - CloneCD Tray.) -- C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe O4 - HKLM\..\Run: [LogitechCommunicationsManager] . (.Logitech Inc. - Communications Manager.) -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe O4 - HKLM\..\Run: [LVCOMSX] . (.Logitech Inc. - LVCom Server.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe O4 - HKLM\..\Run: [ATICCC] . (.ATI Technologies Inc. - CLI Application (Command Line Interface).) -- C:\Program Files\ATI Technologies\ATI.ACE\cli.exe O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - HKCU\..\Run: [DAEMON Tools] . (.DT Soft Ltd. - Virtual DAEMON Manager.) -- C:\Program Files\DAEMON Tools\daemon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - Global Startup: Nikon Monitor.lnk . (.Nikon Corporation - Nikon Transfer Monitor.) -- C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe O4 - Global Startup: WinZip Quick Pick.lnk . (.WinZip Computing LP - WinZip Executable.) -- C:\Program Files\WinZip\WZQKPICK.EXE O4 - Global Startup: Adobe Gamma.lnk . (.Adobe Systems, Inc. - Adobe Gamma Loader.) -- C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HotSync Manager.lnk . (.Palm, Inc. - HotSync® Manager Application.) -- C:\Palm\HOTSYNC.EXE ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: &Télécharger avec NetTransport . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Xi\NetTransport 2\NTAddLink.html O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\WINDOWS\system32\GPhotos.scr O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe O8 - Extra context menu item: Tout t&élécharger avec NetTransport . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Xi\NetTransport 2\NTAddList.html ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ---\\ Site dans la Zone de confiance d'Internet Explorer (O15) O15 - Trusted Zone: [HKCU\...\Domains\www] http.cltnet.de ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: DirectAnimation Java Classes (DirectAnimation Java Classes) - (.not file.) - O16 - DPF: Microsoft XML Parser for Java (Microsoft XML Parser for Java) - (.not file.) - O16 - DPF: teleir_cert (teleir_cert) - (.not file.) - https:\\static.ir.dgi.minefi.gouv.fr\secure\connexion\archives\ie4n4\teleir_cert.cab O16 - DPF: {0D9392CD-A784-4FCA-9342-0F75F7D7C8CB} (Corporate Language Training Interface) - http://www.cltnet.de/login/dplaunch.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/get/shock...director/sw.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/housec...ivex/hcImpl.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1155398021206 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - (.not file.) - https:\\static.impots.gouv.fr\tdir\static\adpform\AdSignerADP-2.0.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 O17 - HKLM\System\CS4\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: !SASWinLogon . (.SUPERAntiSpyware.com - SUPERAntiSpyware WinLogon Processor.) -- C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\System32\Ati2evxx.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: PixVue . (.PixVue.Com - WinLogon Dynamic Link Library.) -- C:\Program Files\PixVue\bin\WinLogon.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Windows Genuine Advantage - Meddelande.) -- C:\WINDOWS\System32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier . (.Pas de propriétaire - Pas de description.) -- WRLogonNTF.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\System32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart (ATI Smart) . (.Pas de propriétaire - ATI Smart.) - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) . (.Sunbelt Software - Sunbelt Kerio Firewall Service.) - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) . (.Logitech Inc. - Logitech LVPrcSrv Module..) - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher (LVSrvLauncher) . (.Logitech Inc. - LogitechService Launcher.) - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: PixVue (PixVue) . (.PixVue.Com - PixVue Daemon.) - C:\Program Files\PixVue\bin\Daemon.exe O23 - Service: Sandboxie Service (SbieSvc) . (.tzuk - Sandboxie Service.) - C:\Program Files\Sandboxie\SbieSvc.exe ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MP Scheduled Scan.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\XoftSpy.job ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP O40 - ASIC: YInstStarterUpgrade Class - {0291E591-EA41-4c82-8106-3DC6CE7F7664} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll O40 - ASIC: Macromedia Shockwave Director 10.1 - {166B1BCA-3F9C-11CF-8075-444553540000} . (.Macromedia, Inc. - Shockwave ActiveX Control.) -- C:\WINDOWS\system32\Macromed\Director\SwDir.dll O40 - ASIC: YInstStarter Class - {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll O40 - ASIC: YSearchSetting2 Class - {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp11.inf O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 9.0 r124.) -- C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: avgio (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys O41 - Driver: avipbb (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\WINDOWS\system32\DRIVERS\avipbb.sys O41 - Driver: Firewall Driver (fwdrv) . (.Sunbelt Software - Sunbelt Kerio Firewall FWDRV.) - C:\WINDOWS\system32\drivers\fwdrv.sys O41 - Driver: Kerio HIPS Driver (khips) . (.Sunbelt Software - Sunbelt Kerio Host Intrusion Prevention Dri.) - C:\WINDOWS\system32\drivers\khips.sys O41 - Driver: SASDIFSV (SASDIFSV) . (.Pas de propriétaire - SASDIFSV.) - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys O41 - Driver: SASKUTIL (SASKUTIL) . (.Pas de propriétaire - SASKUTIL.SYS.) - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys O41 - Driver: (VIAPFD) . (.VIA Technologies. Inc. - VIA PFD driver.) - C:\WINDOWS\system32\Drivers\VIAPFD.sys O41 - Driver: AVG Anti-Spyware Driver (AVG Anti-Spyware Driver) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\AVG Anti-Spyware 7.5\guard.sys O41 - Driver: AVG Anti-Spyware Clean Driver (AvgAsCln) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\DRIVERS\AvgAsCln.sys O41 - Driver: (NaiAvTdi1) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\drivers\mvstdi5x.sys ---\\ Logiciels installés (O42) O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] O42 - Logiciel: ASAPI Update - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ATI - Software Uninstall Utility - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: AVI/MPEG/RM/WMV Joiner 4.81 - (.Boilsoft, Inc..) [HKLM] O42 - Logiciel: Adobe Common File Installer - (.Adobe System Incorporated.) [HKLM] O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Adobe Flash Player ActiveX - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Adobe Help Center 2.1 - (.Adobe Systems.) [HKLM] O42 - Logiciel: Adobe Photoshop CS2 - (.Adobe Systems, Inc..) [HKLM] O42 - Logiciel: Adobe Photoshop Elements 5.0 - (.Adobe Systems, Inc..) [HKLM] O42 - Logiciel: Adobe Stock Photos 1.0 - (.Adobe Systems.) [HKLM] O42 - Logiciel: Advanced IRC - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Audacity 1.2.4 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Avi2Dvd 0.4.5 beta - (.TrustFm.) [HKLM] O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] O42 - Logiciel: BackupBuddy for Windows - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] O42 - Logiciel: CH Control Manager - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Clean 5 - (.Pinnacle Systems GmbH / Steinberg Media Technologies GmbH.) [HKLM] O42 - Logiciel: CloneCD - (.Elaborate Bytes.) [HKLM] O42 - Logiciel: Cobian Backup 9 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ConvertHelper 2.1 - (.DownloadHelper.) [HKLM] O42 - Logiciel: ConvertXtoDVD 3.2.9.94c - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] O42 - Logiciel: DoublePics v2.3.2(.4) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EPSON Smart Panel - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EVEREST Ultimate Edition v5.00 - (.Lavalys, Inc..) [HKLM] O42 - Logiciel: Ear Training 101 v3.4 plus Rhythmic Patterns Demo - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EarMaster Pro 5 - (.EarMaster ApS.) [HKLM] O42 - Logiciel: Exifer - (.Friedemann Schmidt.) [HKLM] O42 - Logiciel: File Uploader - (.Nikon.) [HKLM] O42 - Logiciel: Foxit Reader - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: GHCS Software GedStar for PalmOS - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: GNU Solfege 3.14.7 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: GedCom-Vision version 2.0e - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Greeting Card Creator - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Handy Recovery 1.0 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Harmony Assistant - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Helicon Filter 2.02 - (.Helicon Co..) [HKLM] O42 - Logiciel: Heredis 9 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: IFOEdit 0.971 Fr - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: IsoBuster 1.9.1 - (.Smart Projects.) [HKLM] O42 - Logiciel: J'apprends le piano - (.Musicalis.) [HKLM] O42 - Logiciel: Java 6 Update 19 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: K-Lite Mega Codec Pack 3.5.0 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Kaspersky Online Scanner - (.Kaspersky Lab.) [HKLM] O42 - Logiciel: Kommute - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Label Editor - (.Steinberg.) [HKLM] O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Lizardtech DjVu Control - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Logitech QuickCam - (.Logitech Inc..) [HKLM] O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 Parser and SDK - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MVision - (.Logitech Inc..) [HKLM] O42 - Logiciel: Macromedia Flash Player - (.Macromedia, Inc..) [HKLM] O42 - Logiciel: Macromedia Shockwave Player - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] O42 - Logiciel: MaxSplitter v1.53 Free Edition - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Media Player Classic fr - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB953297) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Baseline Security Analyzer 2.1 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Flight Simulator 2004 Un siècle d'aviation - (.Microsoft.) [HKLM] O42 - Logiciel: Microsoft Money - (.Microsoft.) [HKLM] O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Mozilla Firefox (3.6.3) - (.Mozilla.) [HKLM] O42 - Logiciel: Mp3DirectCut - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Neat Image v5 Demo (with plug-in) - (.Neat Image team, ABSoft.) [HKLM] O42 - Logiciel: Nero 6 Enterprise Edition - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Nero BurnRights (Ahead Software) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Net Transport 1.94.282 - (.Xi.) [HKLM] O42 - Logiciel: NikonCapture - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Notification Live Search - (.Pas de propriétaire.) [HKCU] O42 - Logiciel: OMeR - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: P2400P Guide de référence - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: PDFtoMusic - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: PTLens - (.ePaperPress.) [HKLM] O42 - Logiciel: PeerGuardian 2.0 - (.Methlabs Productions.) [HKLM] O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] O42 - Logiciel: Picture Control Utility - (.Nikon.) [HKLM] O42 - Logiciel: Planète Généalogie - (.BSD Concept.) [HKLM] O42 - Logiciel: Programme de gestion Camera de Logitech® - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: QuickPar 0.9 - (.Peter B. Clements.) [HKLM] O42 - Logiciel: QuickTime - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: RadCor 2.04 - (.TUVSW.) [HKLM] O42 - Logiciel: Radio Fr Solo 2.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: SanDisk SD Wi-Fi Card - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Sandboxie 3.34 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: SaverWiz - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ScummVM 1.0.0rc1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB978380) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB978382) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Outlook 2007 (KB972363) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB957789) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB980470) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB969604) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB969613) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] O42 - Logiciel: Sibelius 5 Demo - (.Sibelius Software.) [HKLM] O42 - Logiciel: Sibelius Scorch (Firefox, Opera, Netscape only) - (.Sibelius Software.) [HKLM] O42 - Logiciel: Simple Sudoku 4.2 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Skype™ 4.0 - (.Skype Technologies S.A..) [HKLM] O42 - Logiciel: SmartList To Go - (.DataViz, Inc..) [HKLM] O42 - Logiciel: Sophos Anti-Rootkit 1.3 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: SpeedFan (remove only) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Speeditup Free 4.01 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Spybot - Search & Destroy 1.4 - (.Safer Networking Limited.) [HKLM] O42 - Logiciel: StationRipper 2.71 - (.Ratajik Software.) [HKLM] O42 - Logiciel: StealthNet 0.8.7.2 - (.The StealthNet Team.) [HKLM] O42 - Logiciel: Sudoku 3D Pro - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Sudoku V 3.0 - (.Olivier RAVET.) [HKLM] O42 - Logiciel: TeamViewer 4 - (.TeamViewer GmbH.) [HKLM] O42 - Logiciel: Tous les Noms de Famille de France V.6.5.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Tweak-XP Pro 4 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: UMVPLStandalone - (.Logitech Inc..) [HKLM] O42 - Logiciel: URL Snooper v2.26.01 - (.DonationCoder.com.) [HKLM] O42 - Logiciel: Universal Extractor 1.6 - (.Jared Breland.) [HKLM] O42 - Logiciel: Unlocker 1.8.6 - (.Cedrick Collomb.) [HKLM] O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] O42 - Logiciel: Update for 2007 Microsoft Office System (KB981715) - (.Microsoft.) [HKLM] O42 - Logiciel: Update for Microsoft Office InfoPath 2007 (KB976416) - (.Microsoft.) [HKLM] O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb981433) - (.Microsoft.) [HKLM] O42 - Logiciel: VDMSound - (.Vlad Romascanu.) [HKLM] O42 - Logiciel: VobEdit 0.6 Fr - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: WaveLab Lite - (.Steinberg.) [HKLM] O42 - Logiciel: WinHTTrack Website Copier 3.30 - (.HTTrack.) [HKLM] O42 - Logiciel: WinPcap 4.1.1 - (.CACE Technologies.) [HKLM] O42 - Logiciel: WinWAP for Windows 3.2 - (.Winwap Technologies Oy.) [HKLM] O42 - Logiciel: WinZip - (.WinZip Computing LP.) [HKLM] O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Installer Clean Up - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Wintree Version 3.0 d - (.Decrock.) [HKLM] O42 - Logiciel: ZebHelpProcess 2.34 - (.Nicolas Coolman.) [HKLM] O42 - Logiciel: dBpowerAMP Wavpack Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp FLAC Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Monkeys Audio Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Musepack Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Ogg Vorbis Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpoweramp Windows Media Audio 10 Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dMC Power Pack - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: jv16 PowerTools 1.3 - (.Pas de propriétaire.) [HKLM] ---\\ HKCU & HKLM Software Keys [HKCU\Software\ABSoft] [HKCU\Software\AC3filter] [HKCU\Software\ASProtect] [HKCU\Software\ATI] [HKCU\Software\Adobe] [HKCU\Software\Advanced IRC] [HKCU\Software\Ahead] [HKCU\Software\Alcohol Soft] [HKCU\Software\Angus Johnson] [HKCU\Software\Anuman Interactive] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\ApplianTechnologies] [HKCU\Software\ArcSoft] [HKCU\Software\Audacity] [HKCU\Software\Auralis] [HKCU\Software\Avira] [HKCU\Software\BITSoft] [HKCU\Software\BitTorrent] [HKCU\Software\Borland] [HKCU\Software\Bsd Concept] [HKCU\Software\CDIP] [HKCU\Software\CDRWIN 5] [HKCU\Software\Clients] [HKCU\Software\Cobian] [HKCU\Software\CoreVorbis] [HKCU\Software\Creative Tech] [HKCU\Software\Cyberlink] [HKCU\Software\DATA BECKER] [HKCU\Software\DDH Software] [HKCU\Software\DPSoftware] [HKCU\Software\DSP-worx] [HKCU\Software\DVD Shrink] [HKCU\Software\DataViz] [HKCU\Software\DefaultID] [HKCU\Software\Digital River] [HKCU\Software\DivXNetworks] [HKCU\Software\DxO Optics Pro] [HKCU\Software\DxO] [HKCU\Software\EMCO MSI Package Builder] [HKCU\Software\EMME] [HKCU\Software\EPSON] [HKCU\Software\EditHexa] [HKCU\Software\Elaborate Bytes] [HKCU\Software\Elcom] [HKCU\Software\Exifer] [HKCU\Software\Foxit Software Company] [HKCU\Software\Foxit Software] [HKCU\Software\FreeDownloadManager.ORG] [HKCU\Software\Freeware] [HKCU\Software\FreshDevices] [HKCU\Software\Fridgesoft] [HKCU\Software\GHCS] [HKCU\Software\GIANTCompany] [HKCU\Software\Gabest] [HKCU\Software\Genie-Soft] [HKCU\Software\GlarySoft] [HKCU\Software\decrock] [HKCU\Software\digital publishing] [HKCU\Software\e-merge] [HKCU\Software\eMule] [HKCU\Software\ePaperPress] [HKCU\Software\ej-technologies] [HKLM\Software\ABSoft] [HKLM\Software\ACE Compression Software] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Adobe Systems] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\America Online] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Avira] [HKLM\Software\BigScott27] [HKLM\Software\Boonty] [HKLM\Software\Borland] [HKLM\Software\C07ft5Y] [HKLM\Software\CDDB] [HKLM\Software\CDRWIN5] [HKLM\Software\Canon] [HKLM\Software\Carpet] [HKLM\Software\Chilkat Software, Inc.] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Cobian] [HKLM\Software\Codec Tweak Tool] [HKLM\Software\Creative Tech] [HKLM\Software\Cyberlink] [HKLM\Software\D-Tools] [HKLM\Software\DDH Software] [HKLM\Software\DECROCK] [HKLM\Software\DIOC] [HKLM\Software\Debug] [HKLM\Software\DivXNetworks] [HKLM\Software\DownloadHelper] [HKLM\Software\EMCO MSI Package Builder] [HKLM\Software\EPSON Photo Print] [HKLM\Software\EPSON] [HKLM\Software\Elaborate Bytes] [HKLM\Software\Elcom] [HKLM\Software\Foxit Software] [HKLM\Software\Freeze.com] [HKLM\Software\FreshDevices] [HKLM\Software\GIANTCompany] [HKLM\Software\GNU] [HKLM\Software\Gabest] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\Gravity Soft] [HKLM\Software\HaaliMkx] [HKLM\Software\Hemera Products] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\Internet Download Manager] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KLCodecPack] [HKLM\Software\Licenses] [HKLM\Software\LizardTech] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Micro Application] [HKLM\Software\MicroQuill] [HKLM\Software\MidiTec] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\MyHeritage.com] [HKLM\Software\Myriad Software] [HKLM\Software\NCSoft] [HKLM\Software\Network Associates] [HKLM\Software\Nico Mak Computing] [HKLM\Software\Nikon] [HKLM\Software\ODBC] [HKLM\Software\Orium Software] [HKLM\Software\PACE Anti-Piracy] [HKLM\Software\PepiMK Software] [HKLM\Software\Pinnacle Systems] [HKLM\Software\PixVue.Com] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\Protexis] [HKLM\Software\Python] [HKLM\Software\QuEnc] [HKLM\Software\Ratajik Software] [HKLM\Software\RealNetworks] [HKLM\Software\RegisteredApplications] [HKLM\Software\RjH Software] [HKLM\Software\S3R521] [HKLM\Software\SUPERAntiSpyware.com] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Schlumberger] [HKLM\Software\Sibelius Software] [HKLM\Software\Skype] [HKLM\Software\Smart Panel] [HKLM\Software\Soeperman Enterprises Ltd.] [HKLM\Software\SoftLogica] [HKLM\Software\Sonic] [HKLM\Software\Sophos] [HKLM\Software\SplashData] [HKLM\Software\Sports] [HKLM\Software\Std] [HKLM\Software\Steinberg] [HKLM\Software\String Comparison] [HKLM\Software\Sunbelt Software] [HKLM\Software\TG Byte Software] [HKLM\Software\TeamViewer] [HKLM\Software\TorrentSearcher] [HKLM\Software\Totalidea Software] [HKLM\Software\Trad-FR] [HKLM\Software\TrendMicro] [HKLM\Software\Ulead Systems] [HKLM\Software\Uniblue] [HKLM\Software\VEGA] [HKLM\Software\VOB] [HKLM\Software\VSO] [HKLM\Software\Via4in1Driver] [HKLM\Software\Voice] [HKLM\Software\Wheel] [HKLM\Software\WinLicense] [HKLM\Software\WinPcap] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Windows] [HKLM\Software\Winzip FR] [HKLM\Software\Wise Solutions] [HKLM\Software\X-AVCSD] [HKLM\Software\Xi] [HKLM\Software\Yahoo] [HKLM\Software\Zone Labs] [HKLM\Software\ePaperPress] [HKLM\Software\mozilla.org] ---\\ Contenu des dossiers Fichiers Communs (O43) O43 - CFD:Common File Directory ----D- C:\Program Files\3D Photo Browser O43 - CFD:Common File Directory ----D- C:\Program Files\3M O43 - CFD:Common File Directory ----D- C:\Program Files\3M Littmann O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Advanced IRC O43 - CFD:Common File Directory ----D- C:\Program Files\Ahead O43 - CFD:Common File Directory ----D- C:\Program Files\Alcohol Soft O43 - CFD:Common File Directory ----D- C:\Program Files\ANtsP2P O43 - CFD:Common File Directory ----D- C:\Program Files\Anuman Interactive O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\Audacity O43 - CFD:Common File Directory ----D- C:\Program Files\AVG Anti-Spyware 7.5 O43 - CFD:Common File Directory ----D- C:\Program Files\AVI MPEG RM WMV Joiner O43 - CFD:Common File Directory ----D- C:\Program Files\Avi2Dvd O43 - CFD:Common File Directory ----D- C:\Program Files\Avira O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5 O43 - CFD:Common File Directory ----D- C:\Program Files\BackupBuddy O43 - CFD:Common File Directory ----D- C:\Program Files\Blues for Piano and Keyboard 10.0 O43 - CFD:Common File Directory ----D- C:\Program Files\BSD Concept O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner O43 - CFD:Common File Directory ----D- C:\Program Files\CDRWIN5 O43 - CFD:Common File Directory ----D- C:\Program Files\CH Products O43 - CFD:Common File Directory ----D- C:\Program Files\Cobian Backup 8 O43 - CFD:Common File Directory ----D- C:\Program Files\Cobian Backup 9 O43 - CFD:Common File Directory ----D- C:\Program Files\Common~1 O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications O43 - CFD:Common File Directory ----D- C:\Program Files\ConvertHelper O43 - CFD:Common File Directory ----D- C:\Program Files\Creative O43 - CFD:Common File Directory ----D- C:\Program Files\D-Tools O43 - CFD:Common File Directory ----D- C:\Program Files\DAEMON Tools O43 - CFD:Common File Directory ----D- C:\Program Files\DaemonTools_WhenUSave_Installer O43 - CFD:Common File Directory ----D- C:\Program Files\dBpowerAMP O43 - CFD:Common File Directory ----D- C:\Program Files\DivX O43 - CFD:Common File Directory ----D- C:\Program Files\Documents To Go O43 - CFD:Common File Directory ----D- C:\Program Files\DoublePics O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Shrink O43 - CFD:Common File Directory ----D- C:\Program Files\DxO Labs O43 - CFD:Common File Directory ----D- C:\Program Files\EarMaster Pro 5 O43 - CFD:Common File Directory ----D- C:\Program Files\EasyCleaner O43 - CFD:Common File Directory ----D- C:\Program Files\eMule O43 - CFD:Common File Directory ----D- C:\Program Files\ePaperPress O43 - CFD:Common File Directory ----D- C:\Program Files\EPSON O43 - CFD:Common File Directory ----D- C:\Program Files\Exifer O43 - CFD:Common File Directory ----D- C:\Program Files\FamilySearch O43 - CFD:Common File Directory R---D- C:\Program Files\Fichiers communs O43 - CFD:Common File Directory ----D- C:\Program Files\File Scanner Library (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\Foxit Software O43 - CFD:Common File Directory ----D- C:\Program Files\GedCom-Vision O43 - CFD:Common File Directory ----D- C:\Program Files\GedStar O43 - CFD:Common File Directory ----D- C:\Program Files\GNU O43 - CFD:Common File Directory ----D- C:\Program Files\GNU Solfege O43 - CFD:Common File Directory ----D- C:\Program Files\Google O43 - CFD:Common File Directory ----D- C:\Program Files\GrabIt O43 - CFD:Common File Directory ----D- C:\Program Files\Greeting Card Creator O43 - CFD:Common File Directory ----D- C:\Program Files\GRISOFT O43 - CFD:Common File Directory ----D- C:\Program Files\Guitar Pro 4 O43 - CFD:Common File Directory ----D- C:\Program Files\HanDBase3 O43 - CFD:Common File Directory ----D- C:\Program Files\HardwareDetection O43 - CFD:Common File Directory ----D- C:\Program Files\Harmony Assistant O43 - CFD:Common File Directory ----D- C:\Program Files\Helicon Software O43 - CFD:Common File Directory ----D- C:\Program Files\Hijackthis O43 - CFD:Common File Directory ----D- C:\Program Files\i2p O43 - CFD:Common File Directory ----D- C:\Program Files\icesword O43 - CFD:Common File Directory ----D- C:\Program Files\IfoEdit O43 - CFD:Common File Directory ----D- C:\Program Files\IKEA HomePlanner O43 - CFD:Common File Directory ----D- C:\Program Files\Illustrate O43 - CFD:Common File Directory ----D- C:\Program Files\iMule-1.4.5 O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer O43 - CFD:Common File Directory ----D- C:\Program Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\Java(2) O43 - CFD:Common File Directory ----D- C:\Program Files\jv16 PowerTools O43 - CFD:Common File Directory ----D- C:\Program Files\K-Lite Codec Pack O43 - CFD:Common File Directory ----D- C:\Program Files\Kommute O43 - CFD:Common File Directory ----D- C:\Program Files\Lavalys O43 - CFD:Common File Directory ----D- C:\Program Files\LizardTech O43 - CFD:Common File Directory ----D- C:\Program Files\Logitech O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com O43 - CFD:Common File Directory ----D- C:\Program Files\MagicISO O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD:Common File Directory ----D- C:\Program Files\Managed DirectX (0901) O43 - CFD:Common File Directory ----D- C:\Program Files\MaxSplitter O43 - CFD:Common File Directory ----D- C:\Program Files\Media Player Classic O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Backup O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft AntiSpyware O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Baseline Security Analyzer 2 O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Money 2005 O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET O43 - CFD:Common File Directory ----D- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox O43 - CFD:Common File Directory ----D- C:\Program Files\Mp3DirectCut O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache O43 - CFD:Common File Directory ----D- C:\Program Files\MSN O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0 O43 - CFD:Common File Directory ----D- C:\Program Files\Musicalis O43 - CFD:Common File Directory ----D- C:\Program Files\MUTE O43 - CFD:Common File Directory ----D- C:\Program Files\myFairTunes O43 - CFD:Common File Directory ----D- C:\Program Files\MyVideoSoft O43 - CFD:Common File Directory ----D- C:\Program Files\NapShare O43 - CFD:Common File Directory ----D- C:\Program Files\Neat Image O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting O43 - CFD:Common File Directory ----D- C:\Program Files\Newave O43 - CFD:Common File Directory ----D- C:\Program Files\Nikon O43 - CFD:Common File Directory ----D- C:\Program Files\Omer O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express O43 - CFD:Common File Directory ----D- C:\Program Files\Pando Networks O43 - CFD:Common File Directory ----D- C:\Program Files\PDFtoMusic O43 - CFD:Common File Directory ----D- C:\Program Files\PeerGuardian2 O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre O43 - CFD:Common File Directory ----D- C:\Program Files\Pinnacle O43 - CFD:Common File Directory ----D- C:\Program Files\PixVue O43 - CFD:Common File Directory ----D- C:\Program Files\PlayPianoTODAY O43 - CFD:Common File Directory ----D- C:\Program Files\PrivacyEraser Computing O43 - CFD:Common File Directory ----D- C:\Program Files\process monitor main O43 - CFD:Common File Directory ----D- C:\Program Files\PW O43 - CFD:Common File Directory ----D- C:\Program Files\QuickPar O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime O43 - CFD:Common File Directory ----D- C:\Program Files\RadCor O43 - CFD:Common File Directory ----D- C:\Program Files\Radio Fr Solo O43 - CFD:Common File Directory ----D- C:\Program Files\Reagclean O43 - CFD:Common File Directory ----D- C:\Program Files\Real O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies O43 - CFD:Common File Directory ----D- C:\Program Files\RegClean O43 - CFD:Common File Directory ----D- C:\Program Files\RipTiger O43 - CFD:Common File Directory ----D- C:\Program Files\Sandboxie O43 - CFD:Common File Directory ----D- C:\Program Files\SanDisk O43 - CFD:Common File Directory ----D- C:\Program Files\SaverWiz O43 - CFD:Common File Directory ----D- C:\Program Files\ScummVM O43 - CFD:Common File Directory ----D- C:\Program Files\SDHelper (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\Sensory O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne O43 - CFD:Common File Directory ----D- C:\Program Files\Sibelius Software O43 - CFD:Common File Directory ----D- C:\Program Files\Simple Sudoku O43 - CFD:Common File Directory R---D- C:\Program Files\Skype O43 - CFD:Common File Directory ----D- C:\Program Files\SlySoft O43 - CFD:Common File Directory ----D- C:\Program Files\Smart Panel O43 - CFD:Common File Directory ----D- C:\Program Files\Smart Projects O43 - CFD:Common File Directory ----D- C:\Program Files\SmartGenealogy_2.8c O43 - CFD:Common File Directory ----D- C:\Program Files\SmartList To Go O43 - CFD:Common File Directory ----D- C:\Program Files\SoftLogica O43 - CFD:Common File Directory ----D- C:\Program Files\Sophos O43 - CFD:Common File Directory ----D- C:\Program Files\SpeedFan O43 - CFD:Common File Directory ----D- C:\Program Files\SpeedItUpFree O43 - CFD:Common File Directory ----D- C:\Program Files\SplashData O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy O43 - CFD:Common File Directory ----D- C:\Program Files\StationRipper O43 - CFD:Common File Directory ----D- C:\Program Files\StealthNet O43 - CFD:Common File Directory ----D- C:\Program Files\Steinberg O43 - CFD:Common File Directory ----D- C:\Program Files\Sudoku O43 - CFD:Common File Directory ----D- C:\Program Files\Sudoku 3D Pro O43 - CFD:Common File Directory ----D- C:\Program Files\Sunbelt Software O43 - CFD:Common File Directory ----D- C:\Program Files\SUPERAntiSpyware O43 - CFD:Common File Directory ----D- C:\Program Files\SWI O43 - CFD:Common File Directory ----D- C:\Program Files\Synaesthete O43 - CFD:Common File Directory ----D- C:\Program Files\TeamViewer O43 - CFD:Common File Directory ----D- C:\Program Files\TeaTimer (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\thinkingBytes O43 - CFD:Common File Directory ----D- C:\Program Files\TimeAdjuster O43 - CFD:Common File Directory ----D- C:\Program Files\Tweak-XP Pro 4 O43 - CFD:Common File Directory ----D- C:\Program Files\Ujihara O43 - CFD:Common File Directory ----D- C:\Program Files\Ulead Systems O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information O43 - CFD:Common File Directory ----D- C:\Program Files\Universal Extractor O43 - CFD:Common File Directory ----D- C:\Program Files\Unlocker O43 - CFD:Common File Directory ----D- C:\Program Files\URLSnooper2 O43 - CFD:Common File Directory ----D- C:\Program Files\USB-set O43 - CFD:Common File Directory ----D- C:\Program Files\uTorrent O43 - CFD:Common File Directory ----D- C:\Program Files\VDMSound O43 - CFD:Common File Directory ----D- C:\Program Files\Vg O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN O43 - CFD:Common File Directory ----D- C:\Program Files\VirtualDubMOD O43 - CFD:Common File Directory ----D- C:\Program Files\VOB O43 - CFD:Common File Directory ----D- C:\Program Files\VSO O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Installer Clean Up O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Connect 2 O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT O43 - CFD:Common File Directory --HAD- C:\Program Files\WindowsUpdate O43 - CFD:Common File Directory ----D- C:\Program Files\WinHTTrack O43 - CFD:Common File Directory ----D- C:\Program Files\WinPcap O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR O43 - CFD:Common File Directory ----D- C:\Program Files\WINTREE O43 - CFD:Common File Directory ----D- C:\Program Files\Winwap Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\WinZip O43 - CFD:Common File Directory ----D- C:\Program Files\xerox O43 - CFD:Common File Directory ----D- C:\Program Files\Xi O43 - CFD:Common File Directory ----D- C:\Program Files\Yahoo! O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.C1531CA1D6A52AE3F4B05C5D1A4C0C06] - 26/04/2010 - 11:05:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\PDOXUSRS.NET [13030] O44 - LFC:[MD5.00000000000000000000000000000000] - 26/04/2010 - 10:19:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1080367] O44 - LFC:[MD5.7112190518B5AEAA05B259BBE393C9ED] - 25/04/2010 - 17:18:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\NeroDigital.ini [116] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 24/04/2010 - 20:25:26 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.608D18B5309815F2DBF7DD0898346BB0] - 24/04/2010 - 13:43:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000000-00000000-0000000B-00001102-00000004-00401102}.rfx [3888] O44 - LFC:[MD5.608D18B5309815F2DBF7DD0898346BB0] - 24/04/2010 - 13:43:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\BMXCtrlState-{00000000-00000000-0000000B-00001102-00000004-00401102}.rfx [3888] O44 - LFC:[MD5.81F71337203F080FBAEF1F79713BA7CB] - 24/04/2010 - 11:13:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system.ini [278] O44 - LFC:[MD5.C3F8E368EDCC84FA4EDE315E678C0BE3] - 23/04/2010 - 09:16:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [2206] O44 - LFC:[MD5.408F54079257BB69ACB222A90E2B5B2A] - 21/04/2010 - 06:56:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\1-32k.mp3&t=1271829324 [3415] O44 - LFC:[MD5.288092B392C9080151E03690EE9AF7C2] - 21/04/2010 - 06:55:33 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\1-32k.mp3&t=Nuit spÃ©ciale Ravi Shankar (1 [2121] O44 - LFC:[MD5.408F54079257BB69ACB222A90E2B5B2A] - 21/04/2010 - 06:55:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\1-32k.mp3&t=1271829229 [3415] O44 - LFC:[MD5.43B537FA5AAC2FDE07A7E320E4362363] - 21/04/2010 - 06:53:57 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\3) [2133] O44 - LFC:[MD5.A9C93CE2627B78646BE5BBCB95DEC8EA] - 11/04/2010 - 12:59:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\win.ini [940] O44 - LFC:[MD5.19BC3077C98654C4F685624D8383BC2E] - 07/04/2010 - 06:10:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\Radio_Fr.ini [1208] O44 - LFC:[MD5.91BA33C14DF133FA79AFB6A92F582CDD] - 04/04/2010 - 15:41:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\d3d9caps.dat [664] O44 - LFC:[MD5.3C94558CD1705DA468C9562110F34069] - 04/04/2010 - 10:37:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\DonationCoder_urlsnooper_InstallInfo.dat [46] O44 - LFC:[MD5.7311558A1B943CED90A75E0409F5C5D9] - 04/04/2010 - 10:36:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\-1 [57] O44 - LFC:[MD5.024064F4D44A206D8F9A4DE8CD9D1644] - 03/04/2010 - 22:04:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\SHANKAR 1_FR.wmv [358629423] O44 - LFC:[MD5.CF236C6C37519794C8CB663FA639297D] - 03/04/2010 - 11:06:51 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\java.exe [145184] O44 - LFC:[MD5.8BB5783B22869D303B2E624947A9A52A] - 03/04/2010 - 11:06:51 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\javaw.exe [145184] O44 - LFC:[MD5.AC600895C014D245B03749CA3B5CBED4] - 03/04/2010 - 11:06:51 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\WINDOWS\System32\javaws.exe [153376] O44 - LFC:[MD5.FC1F0157B07D3FA402FC629AE9B977AE] - 03/04/2010 - 11:06:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\jupdate-1.6.0_19-b04.log [4229] O44 - LFC:[MD5.C71E8FF0D92FF876EB1C591A34AFDD03] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.INI [1395924] O44 - LFC:[MD5.842A215C78E052C380DCB2515035588F] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc009.dat [102990] O44 - LFC:[MD5.E2E8D636EFC592EB4E0383DEEC8E42F3] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [123638] O44 - LFC:[MD5.87D027A624CA713E45C12986BE94972C] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh009.dat [535828] O44 - LFC:[MD5.36A359FF2187AD2C10957403688B50CA] - 03/04/2010 - 11:05:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [615420] O44 - LFC:[MD5.F74BDB5A39373C14BAF65385B85F6B66] - 29/03/2010 - 13:29:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\SHANKAR 2.wmv [359045533] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll O46 - SEH:ShellExecuteHooks - Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\PROGRA~1\WINDOW~4\MpShHook.dll ---\\ Export de clé d'application autorisée (ECAA) (O47) O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dpnsvr.exe" [Disabled] .(.Microsoft Corporation - Microsoft DirectPlay8 Server.) -- C:\WINDOWS\system32\dpnsvr.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\sessmgr.exe" [Disabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe" [Disabled] .(.http://www.emule-project.net - eMule.) -- C:\Program Files\eMule\emule.exe O47 - AAKE:Key Export SP - "C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe" [Enabled] .(.Sunbelt Software - Sunbelt Kerio Firewall GUI.) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe O47 - AAKE:Key Export SP - "C:\Program Files\MSN Messenger\msncall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\MSN Messenger\msncall.exe O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\uTorrent.exe" [Enabled] .(.BitTorrent, Inc. - µTorrent.) (.not file.) -- C:\Program Files\uTorrent\uTorrent.exe O47 - AAKE:Key Export SP - "C:\Program Files\Piolet\Piolet.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\Piolet\Piolet.exe O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) (.not file.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\MSN Messenger\livecall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\MSN Messenger\livecall.exe O47 - AAKE:Key Export SP - "C:\Program Files\ma-config.com\maconfservice.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\ma-config.com\maconfservice.exe O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A. - Skype.) (.not file.) -- C:\Program Files\Skype\Phone\Skype.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) (.not file.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) (.not file.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\msncall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\MSN Messenger\msncall.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\livecall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\MSN Messenger\livecall.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) (.not file.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) (.not file.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"VIDC.DIVX"="divx.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\divx.dll O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\xvidvfw.dll O52 - TDSD: \Drivers32\"vidc.iv41"="Ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\Ir41_32.ax O52 - TDSD: \Drivers32\"VIDC.YV12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\WINDOWS\System32\yv12vfw.dll O52 - TDSD: \Drivers32\"msacm.vorbis"="vorbis.acm" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\System32\vorbis.acm O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\System32\ac3acm.acm O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\WINDOWS\System32\lameACM.acm O52 - TDSD: \Drivers32\"msacm.divxa32"="divxa32.acm" . (.Kristal Studi - DivX WMA Audi.) -- C:\WINDOWS\System32\divxa32.acm O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ff_vfw.dll O52 - TDSD: \Drivers32\"vidc.tscc"="tsccvid.dll" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- C:\WINDOWS\System32\tsccvid.dll O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"tssoft32.acm"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \drivers.desc\"iccvid.dll"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \drivers.desc\"ir32_32.dll"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \drivers.desc\"Ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"iyvu9_32.dll"="Indeo® video Raw YVU9 by Intel" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\iyvu9_32.dll O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\Iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\Iac25_32.ax O52 - TDSD: \drivers.desc\"divx.dll"="DivX Pro 6.7.0" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec v1.2.0-dev" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.97b2" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"vorbis.acm"="Ogg Vorbis Audio Codec" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\System32\vorbis.acm O52 - TDSD: \drivers.desc\"Ir41_32.ax"="Indeo® video interactive R4.3 by Intel" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\System32\ac3acm.acm O52 - TDSD: \drivers.desc\"divxa32.acm"="DivX Audio" . (.Kristal Studi - DivX WMA Audi.) -- C:\WINDOWS\System32\divxa32.acm O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ff_vfw.dll O52 - TDSD: \drivers.desc\"tsccvid.dll"="TechSmith Screen Capture Codec" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- C:\WINDOWS\System32\tsccvid.dll ---\\ ShareTools MSconfig StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\LogitechQuickCamRibbon [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Logitech\QuickCam10\QuickCam10.exe O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=149 O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1 O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=149 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:[MD5.95B4FB835E28AA1336CEEB07FD5B9398] - 13/04/2008 - 19:36:39 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\drivers\amdagp.sys O58 - SDL:[MD5.116BFF96077A4A724E0AAB800525CEB5] - 28/08/2002 - 22:59:12 ---A- . (.ADMtek Incorporated. - ADMtek AN983/AN985/ADM951X NDIS5 Driver.) -- C:\WINDOWS\system32\drivers\an983.sys O58 - SDL:[MD5.875F9079CABEE679D34B49E466B61701] - 17/04/2002 - 19:27:02 ---A- . (.VOB Computersysteme GmbH - ASAPI.) -- C:\WINDOWS\system32\drivers\asapiW2k.sys O58 - SDL:[MD5.D649C57DA6FA762C64013747E5D7D2D6] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\drivers\ati1btxx.sys O58 - SDL:[MD5.60B6AA2DC1521DA343F781B70EB7895A] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec.) -- C:\WINDOWS\system32\drivers\ati1mdxx.sys O58 - SDL:[MD5.6FDC61E8E8E17F6ECC2D9A10FA8DF347] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec.) -- C:\WINDOWS\system32\drivers\ati1pdxx.sys O58 - SDL:[MD5.9D318099BF3876A4AF4BC75966D27603] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\drivers\ati1raxx.sys O58 - SDL:[MD5.BCAF267B10620F8C93F6E87AB726E145] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1rvxx.sys O58 - SDL:[MD5.DAC7D785CF62F5BD41441E9D6F5A6EFE] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1snxx.sys O58 - SDL:[MD5.F7706DAE7D101F1B19CE552D772EBFCE] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\drivers\ati1ttxx.sys O58 - SDL:[MD5.6F714B4720DD80FFA9F8D2731594EA4C] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1tuxx.sys O58 - SDL:[MD5.67FFBC158DD4D27BA3FC92C6ACD87F73] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1xbxx.sys O58 - SDL:[MD5.0D8CAB1F08F7D3C4DE228B49E12E596A] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1xsxx.sys O58 - SDL:[MD5.A2F791E99FD6EECEBCCFB1953A1D6F24] - 19/08/2004 - 14:53:40 ---A- . (.ATI Technologies Inc. - Pilote de miniport ATI RAGE 128.) -- C:\WINDOWS\system32\drivers\ati2mtaa.sys O58 - SDL:[MD5.492BD2A5F65F218D4EDE5764A3BB67E9] - 03/05/2006 - 17:50:42 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys O58 - SDL:[MD5.993E7BD6438FE989E328C6B4BCA246A9] - 03/08/2004 - 21:29:28 ---A- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\drivers\atinbtxx.sys O58 - SDL:[MD5.ED4C2BF8403F4437987C0BA09CF48716] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec RT2.) -- C:\WINDOWS\system32\drivers\atinmdxx.sys O58 - SDL:[MD5.E90AC2B14E98F1A4372E5891B4278784] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec RT2.) -- C:\WINDOWS\system32\drivers\atinpdxx.sys O58 - SDL:[MD5.DA36687D701C833430605A298731410B] - 03/08/2004 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\drivers\atinraxx.sys O58 - SDL:[MD5.A7A01B907DB63898D40B0A14248FF9A2] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver RT2.) -- C:\WINDOWS\system32\drivers\atinrvxx.sys O58 - SDL:[MD5.CEDDEE2E0591894D19654D458FD3B9BE] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\drivers\atinsnxx.sys O58 - SDL:[MD5.D80A8F6C0A717446496C3A06D33B0D9C] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\drivers\atinttxx.sys O58 - SDL:[MD5.EDD66332608D27F4FD5069BCD0BC5164] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\drivers\atintuxx.sys O58 - SDL:[MD5.3E7D485CBD0B0D9F6EA2AD9442411831] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\atinxbxx.sys O58 - SDL:[MD5.77B575D7AAB35D5908AE6CE681608D62] - 03/08/2004 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver RT2.) -- C:\WINDOWS\system32\drivers\atinxsxx.sys O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 13/02/2009 - 11:17:49 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 10/12/2009 - 19:28:27 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys O58 - SDL:[MD5.2DAA8CC2670720DEDDCC74A20EDE2EE9] - 13/02/2009 - 11:28:39 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys O58 - SDL:[MD5.AD9BD66A862116E79CB45BB6BE46055F] - 30/03/2009 - 09:32:47 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\WINDOWS\system32\drivers\avipbb.sys O58 - SDL:[MD5.35A301482478E97BE6E1C2748CE930E1] - 02/07/2003 - 17:41:42 ---A- . (.Pas de propriétaire - SCSI miniport.) -- C:\WINDOWS\system32\drivers\axwhisky.sys O58 - SDL:[MD5.F3B1CE696CCF6448C85E7CDC702098D8] - 02/07/2003 - 16:49:52 ---A- . (.Pas de propriétaire - Plug and Play BIOS Extension.) -- C:\WINDOWS\system32\drivers\axwskbus.sys O58 - SDL:[MD5.AABFFD787AB272FC903AFEEB336C6899] - 21/11/2006 - 00:36:58 ---A- . (.CH Products - CH Control Manager Driver 1.) -- C:\WINDOWS\system32\drivers\chdrvr01.sys O58 - SDL:[MD5.7536FB70BCBF5D10B810E67E72F68137] - 22/12/2005 - 22:41:52 ---A- . (.CH Products - CH Control Manager Driver 2.) -- C:\WINDOWS\system32\drivers\chdrvr02.sys O58 - SDL:[MD5.07E3319E5BAE758CEB83C80419681B6A] - 22/12/2005 - 22:41:44 ---A- . (.CH Products - CH Control Manager Driver 3.) -- C:\WINDOWS\system32\drivers\chdrvr03.sys O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 28/08/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 28/08/2001 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys O58 - SDL:[MD5.D653F455B176529F0427B24361139619] - 11/09/2001 - 13:10:14 R--A- . (.Creative Technology Ltd. - Creative OS Services Driver (WDM).) -- C:\WINDOWS\system32\drivers\ctoss2k.sys O58 - SDL:[MD5.5776322F93CDB91086111F5FFBFDA2A0] - 22/08/2004 - 15:31:10 ---A- . (.Pas de propriétaire - PnP BIOS Extension.) -- C:\WINDOWS\system32\drivers\d347bus.sys O58 - SDL:[MD5.B49F79ACE459763F4E0380071BE9CB45] - 22/08/2004 - 15:31:48 ---A- . (.Pas de propriétaire - SCSI miniport.) -- C:\WINDOWS\system32\drivers\d347prt.sys O58 - SDL:[MD5.EF99D8DAB9FCE9B734B40D5E0DD6ABB4] - 02/10/2001 - 16:06:30 R--A- . (.Creative Technology Ltd - Creative EMU10Kx Device Driver (WDM).) -- C:\WINDOWS\system32\drivers\e10kx2k.sys O58 - SDL:[MD5.59C9E1336A4508F059827D638E924C62] - 28/11/2002 - 15:18:04 ---A- . (.Elaborate Bytes AG - ElbyCDIO Filter Driver.) -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys O58 - SDL:[MD5.389823DB299B350F2EE830D47376EEAC] - 29/11/2002 - 12:38:16 ---A- . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys O58 - SDL:[MD5.C4143FC2F7D39A5A8B1CFE0BC4BD8A9E] - 28/11/2002 - 11:43:49 ---A- . (.Elaborate Bytes AG - VirtualCloneCD Driver.) -- C:\WINDOWS\system32\drivers\ElbyVCD.sys O58 - SDL:[MD5.1FF2EEF447A177DF2C544B80F8F7F879] - 18/07/2006 - 11:02:50 ---A- . (.Sunbelt Software - Sunbelt Kerio Firewall FWDRV.) -- C:\WINDOWS\system32\drivers\fwdrv.sys O58 - SDL:[MD5.B56EB0A2210980E76390BD670BCB618B] - 15/06/2008 - 12:14:29 ---A- . (.GMER - GMER Driver http://www.gmer.net.) -- C:\WINDOWS\system32\drivers\gmer.sys O58 - SDL:[MD5.970178E8E003EB1481293830069624B9] - 03/08/2004 - 21:41:48 ---A- . (.Conexant Systems, Inc. - HSF_HWB2 WDM driver.) -- C:\WINDOWS\system32\drivers\hsfbs2s2.sys O58 - SDL:[MD5.1225EBEA76AAC3C84DF6C54FE5E5D8BE] - 03/08/2004 - 21:41:50 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\system32\drivers\hsfcxts2.sys O58 - SDL:[MD5.EBB354438A4C5A3327FB97306260714A] - 03/08/2004 - 21:41:56 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\drivers\hsfdpsp2.sys O58 - SDL:[MD5.0A7C49B48C772591A2D362DAA00246C8] - 03/03/2004 - 21:30:54 ---A- . (.Ahead Software AG - NERO IMAGEDRIVE SCSI miniport.) -- C:\WINDOWS\system32\drivers\imagedrv.sys O58 - SDL:[MD5.549BA4F539E7B8D8129500B96DD7B27A] - 03/03/2004 - 21:30:54 ---A- . (.Ahead Software AG - Nero Image Server.) -- C:\WINDOWS\system32\drivers\imagesrv.sys O58 - SDL:[MD5.AD81C7B17A815C872881BB56F42E56F4] - 26/03/2003 - 04:25:32 R--A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\WINDOWS\system32\drivers\iteraid.sys O58 - SDL:[MD5.304CE9FB3D64CAA07B940BEF4F8C2DCD] - 18/07/2006 - 11:02:52 ---A- . (.Sunbelt Software - Sunbelt Kerio Host Intrusion Prevention Driver.) -- C:\WINDOWS\system32\drivers\khips.sys O58 - SDL:[MD5.9A3D4FC6B86E7E36473079AB76AC703D] - 06/02/2007 - 16:42:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\Lvckap.sys O58 - SDL:[MD5.0ACBC11F19320AF6C19F2E20013D9095] - 06/02/2007 - 16:44:36 ---A- . (.Logitech Inc. - Logitech Machine Vision Engine Loader.) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys O58 - SDL:[MD5.E8ACF6DD83956FB63CEB058D5F51B18A] - 03/02/2007 - 09:30:58 ---A- . (.Logitech Inc. - Logitech AudioProcessing Filter Driver.) -- C:\WINDOWS\system32\drivers\lvpopflt.sys O58 - SDL:[MD5.12866641284EBB41E627BB53C04DA959] - 06/02/2007 - 16:45:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys O58 - SDL:[MD5.6E59BC28A41F8A2B702D345A5604652F] - 23/06/2006 - 23:29:43 R--A- . (.Logitech Inc. - Logitech Selective Suspend filter Driver.) -- C:\WINDOWS\system32\drivers\lvselsus.sys O58 - SDL:[MD5.64BC29C3A0388BFC580BB8B1346F7659] - 03/02/2007 - 09:32:36 ---A- . (.Logitech Inc. - USB Statistic Driver.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys O58 - SDL:[MD5.922BE6770499220DC27B529CA236815A] - 03/02/2007 - 09:32:46 ---A- . (.Logitech Inc. - Logitech USB Video Class Driver.) -- C:\WINDOWS\system32\drivers\lvuvc.sys O58 - SDL:[MD5.5C329E2AB8DD62310213CBFAC0178539] - 03/02/2007 - 09:33:00 ---A- . (.Logitech Inc. - Logitech USB Video Class Filter Driver.) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys O58 - SDL:[MD5.2A292EBC65745181352F514FA55AA177] - 03/12/2009 - 16:13:56 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys O58 - SDL:[MD5.376C6F143BDC33456F49D881742D663C] - 03/12/2009 - 16:14:06 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys O58 - SDL:[MD5.195741AEE20369980796B557358CD774] - 03/08/2004 - 21:41:56 ---A- . (.Conexant - Diagnostic Interface DRIVER.) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys O58 - SDL:[MD5.4D2D882DAEE49B35B7B56FD9444564E9] - 11/12/2007 - 01:05:36 R--A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\WINDOWS\system32\drivers\mod7700.sys O58 - SDL:[MD5.370E88453EC0D7BEA6EB24BE8D865DBE] - 19/10/2007 - 14:32:58 R--A- . (.DiBcom S.A. - HID Infrared Remote Control minidriver.) -- C:\WINDOWS\system32\drivers\modrc.sys O58 - SDL:[MD5.C53775780148884AC87C455489A0C070] - 03/08/2004 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys O58 - SDL:[MD5.54886A652BF5685192141DF304E923FD] - 03/08/2004 - 21:41:38 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\mtlstrm.sys O58 - SDL:[MD5.6DDA78A0BE692B61B668FAB860F276CF] - 03/08/2004 - 21:29:38 ---A- . (.Matrox Graphics Inc. - Matrox Parhelia Miniport Driver.) -- C:\WINDOWS\system32\drivers\mtxparhm.sys O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys O58 - SDL:[MD5.B9730495E0CF674680121E34BD95A73B] - 20/10/2009 - 19:19:44 ---A- . (.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\WINDOWS\system32\drivers\npf.sys O58 - SDL:[MD5.576B34CEAE5B7E5D9FD2775E93B3DB53] - 03/08/2004 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys O58 - SDL:[MD5.2B298519EDBFCF451D43E0F1E8F1006D] - 03/08/2004 - 21:29:56 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys O58 - SDL:[MD5.5B6C11DE7E839C05248CED8825470FEF] - 29/11/2008 - 13:53:06 ---A- . (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\WINDOWS\system32\drivers\pcouffin.sys O58 - SDL:[MD5.EEDB845B7648D6FD632DDB8744892743] - 02/02/2007 - 16:30:34 ---A- . (.Pinnacle Systems GmbH - Virtual NDIS miniport driver.) -- C:\WINDOWS\system32\drivers\PctvVirtualNdis.sys O58 - SDL:[MD5.C3127BFDAB6200769B5A0184FAB48573] - 22/05/2002 - 00:00:00 ---A- . (.Engelmann GmbH - PrecSim SCSI miniport.) -- C:\WINDOWS\system32\drivers\precsim.sys O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 28/08/2001 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys O58 - SDL:[MD5.49452BFCEC22F36A7A9B9C2181BC3042] - 20/11/2008 - 20:19:06 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\pxhelp20.sys O58 - SDL:[MD5.E9AAA0092D74A9D371659C4C38882E12] - 03/08/2004 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\recagent.sys O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys O58 - SDL:[MD5.0DBCC071A268E0340A2BA6BDD98BACE4] - 03/08/2004 - 21:29:52 ---A- . (.S3 Graphics, Inc. - S3 ProSavage(DDR) & Twister Miniport Driver.) -- C:\WINDOWS\system32\drivers\s3gnbm.sys O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys O58 - SDL:[MD5.6B33D0EBD30DB32E27D1D78FE946A754] - 13/04/2008 - 19:36:39 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\sisagp.sys O58 - SDL:[MD5.D9673011648A71ED1E1F77B831BC85E6] - 03/08/2004 - 21:41:42 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slnt7554.sys O58 - SDL:[MD5.2C1779C0FEB1F4A6033600305EBA623A] - 03/08/2004 - 21:41:44 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slntamr.sys O58 - SDL:[MD5.F9B8E30E82EE95CF3E1D3E495599B99C] - 03/08/2004 - 21:41:46 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slnthal.sys O58 - SDL:[MD5.DB56BB2C55723815CF549D7FC50CFCEB] - 03/08/2004 - 21:41:46 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slwdmsup.sys O58 - SDL:[MD5.00000000000000000000000000000000] - 23/08/2008 - 02:50:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\sptd.sys O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 03/10/2009 - 14:04:29 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys O58 - SDL:[MD5.465DC203AD69D56F290480DAE756A9F9] - 27/09/2005 - 08:00:02 ---A- . (.PACE Anti-Piracy, Inc. - InterLok system file.) -- C:\WINDOWS\system32\drivers\TPkd.sys O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 28/08/2001 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 28/08/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys O58 - SDL:[MD5.D956827780A0B7EAE97930116E5649F7] - 04/05/2001 - 08:24:52 ---A- . (.VIA Technologies. Inc. - VIA PFD driver.) -- C:\WINDOWS\system32\drivers\VIAPFD.SYS O58 - SDL:[MD5.0308AEF61941E4AF478FA1A0F83812F5] - 03/08/2004 - 21:29:40 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv07nt.sys O58 - SDL:[MD5.714038A8AA5DE08E12062202CD7EAEB5] - 03/08/2004 - 21:29:40 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv08nt.sys O58 - SDL:[MD5.7BB3AA595E4507A788DE1CDC63F4C8C4] - 03/08/2004 - 21:29:42 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv09nt.sys O58 - SDL:[MD5.36E6C405B6143D09687F4056FD9A0D10] - 03/08/2004 - 21:29:42 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv11nt.sys O58 - SDL:[MD5.352FA0E98BC461CE1CE5D41F64DB558D] - 03/08/2004 - 21:29:46 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\watv06nt.sys O58 - SDL:[MD5.791CC45DE6E50445BE72E8AD6401FF45] - 03/08/2004 - 21:29:46 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\watv10nt.sys O58 - SDL:[MD5.BA898B29F0DBF9307F494475A8393F03] - 05/05/2005 - 16:01:34 RSH-- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\0AA48D50C7.sys O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys O58 - SDL:[MD5.77EBF3E9386DAA51551AF429052D88D0] - 03/04/1996 - 20:33:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\giveio.sys O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 28/08/2002 - 20:23:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys O58 - SDL:[MD5.F171E6EC36928C226BB43D111C759F58] - 05/05/2005 - 16:15:39 -SHA- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\KGyGaAvL.sys O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 03/08/2004 - 21:45:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 03/08/2004 - 21:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 03/08/2004 - 21:45:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 03/08/2004 - 21:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 03/08/2004 - 21:45:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys O58 - SDL:[MD5.D703F972D23867DFD4EE9A9EF9CB767E] - 15/06/2005 - 15:55:53 ---A- . (.Windows ® 2000 DDK provider - SpeedFan Device Driver.) -- C:\WINDOWS\system32\speedfan.sys O58 - SDL:[MD5.F05028B163B92C302A74409D683AC9B0] - 27/04/2007 - 14:19:44 ---A- . (.AntiCracking - SVKP driver for NT.) -- C:\WINDOWS\system32\SVKP.sys ---\\ Recherche heuristique Magic.control (HSMI) (O59) O59 - HSMI:Heuristic Search MagicControl Infection - C:\windows\pack.epk ---\\ Alternate Data Stream File (ADS) (O62) O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\$winnt$.inf:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\0AA48D50C7.sys:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\12520437.cpx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\12520850.cpx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\aaaamon.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\acctres.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\acelpdec.ax:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\acledit.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\activeds(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\activeds.tlb:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\adptif.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\adsldpc(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\adsnds.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\advapi32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ansi.sys:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\apcups.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\append.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\apphelp(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\arp.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\asr_ldm.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\atkctrs.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\atl(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\atmpvcno.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\audiosrv(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\authz(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\autodisc.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\autoexec.nt:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\AUTOEXEC.NT.bak:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avicap.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avicap32.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avifile.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avmeter.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avtapi.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\avwav.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bios1.rom:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bios4.rom:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bootok.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bootvid.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bootvrfy.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\bopomofo.uce:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\browser(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cabinet(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\calc.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cards.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ccfgnt.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cdmodem.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\certcli(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\certmgr.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CF32569.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\charmap.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\Chaînes.scf:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\chcp.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\chkdsk.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\chkntfs.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciadmin.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciadv.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaResSvr20.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaSubClsSvr.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaXPFrame20.ocx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaXPRegSvr20.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ciaXPStatusBar20.ocx:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cidaemon.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ckcnv.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clb.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clbcatq(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cliconf.chm:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cliconfg.rll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clspack.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clusapi(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmdlib.wsc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmmgr32.hlp:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmos.ram:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cmpbk32.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cnetcfg.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CNMLM3q.DLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CNMVS3q.DLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cnvfat.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\colbact(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comcat.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comctl32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comdlg32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comm.drv:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\command.com:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\commdlg.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comp.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\compact.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\compmgmt.msc:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\compobj.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comres(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\comsvcs(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CONFIG.NT:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\console.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\control.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\convert.exe:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\country.sys:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CPUINFO2.DLL:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\credui(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\crtdll.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\crypt32(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cryptdll(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cryptsvc(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cryptui(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\cscdll(2).dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\csseqchk.dll:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\CtMp3.Crl:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ctype.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_037.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10000.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10006.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10007.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10010.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10017.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10029.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10079.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10081.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_10082.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1026.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1250.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1251.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1252.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1253.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1254.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1255.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1256.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1257.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_1258.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20127.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20261.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20866.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_20905.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_21866.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28591.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28592.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28593.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\C_28594.NLS:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\C_28595.NLS:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\C_28597.NLS:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28598.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28599.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28603.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_28605.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_437.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_500.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\c_737.nls:KAVICHS O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System
- le 26 avril 2010
- 85 réponses
Divers problèmes Windows : virus?

pldta a posté un sujet dans Analyses et éradication malwares

Bonjour, J'ai depuis une semaine des dysfonctionnements sur mon PC : - Problèmes d'affichage (l'affichage s'éteint ou se fait sur un demi écran avec des couleurs verdâtres j'ai cru que ma carte était en panne mais ça marche en VGA en mode sans échec ) : j'ai réinstallé les drivers et l'affichage a l'air de remarcherl - Pb avec Antivir l'option Guard ne s'activait plus. Je l'ai réinstallé entièrement. Ça refonctionne. Je l'ai ensuite passé en mode sans échec il ne détecte rien. Avant de reformater tout , c'est peut-être dû après tout à un Windows un peu vieux et un peu chargé, voyons s'il n'y a pas de sale bête cachée. voici le rapport Hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:07:46, on 05/09/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\PixVue\bin\Daemon.exe C:\Program Files\Sandboxie\SbieSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Documents and Settings\Pascal Admin\Bureau\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &PixVue - {B28B4479-D9C2-41D1-B74D-74A1827037CD} - C:\Program Files\PixVue\bin\PixVue.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [PSDrvCheck] C:\WINDOWS\system32\PSDrvCheck.exe O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\SlySoft\CloneCD\ElbyCheck.exe" /L ElbyCDFL O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE O4 - Global Startup: Nikon Monitor.lnk = C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O15 - Trusted Zone: http://global.ahnlab.com O15 - Trusted Zone: http://www.cltnet.de O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O16 - DPF: {0D9392CD-A784-4FCA-9342-0F75F7D7C8CB} (Corporate Language Training Interface) - http://www.cltnet.de/login/dplaunch.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1155398021206 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://drivers1.free.fr/hardwaredetection.cab O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-2.0.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9548D205-C2A3-4969-BEF2-92CBB72FF227}: NameServer = 192.168.0.1 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Service Google Update (gupdate1c9c6561b08c7e0) (gupdate1c9c6561b08c7e0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: PixVue - PixVue.Com - C:\Program Files\PixVue\bin\Daemon.exe O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe -- End of file - 9492 bytes Merci pour votre réponse.
- le 5 septembre 2009
Malwares détectés par ZHP Diag

pldta a répondu à un(e) sujet de pldta dans Analyses et éradication malwares

Ca m'a supprimé trois lignes. Il ne m'en reste plus qu'une qu'il me signale comme malware : ---\\ Recherche d'infection de Base de Registres (O71) O71 - BDRI:[hkcu\software\microsoft\windows\currentversion\run]:msmsgs sachant qu'il y a une deuxième ligne qu'il signale comme légitime et générique : O71 - BDRI:[hkcu\software\microsoft\windows\currentversion\run]:ctfmon.exe - C:\WINDOWS\system32\ctfmon.exe
- le 14 avril 2009
- 7 réponses
Malwares détectés par ZHP Diag

pldta a répondu à un(e) sujet de pldta dans Analyses et éradication malwares

C'est quoi cette toolbar de ask.com? Il me semble ne pas avoir utilisé ça. En tout cas merci pour la vérification qui me rassure car ZHP me signalait des trucs bizarres à la fin.
- le 14 avril 2009
- 7 réponses

Connexion

pldta

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par pldta

Infections détectée par ZHPDIAG

Infections détectée par ZHPDIAG

Infections détectée par ZHPDIAG

Infections détectée par ZHPDIAG

Infections détectée par ZHPDIAG

Infections détectée par ZHPDIAG

Infections détectée par ZHPDIAG

Infections détectée par ZHPDIAG

Infections détectée par ZHPDIAG

Infections détectée par ZHPDIAG

Infections détectée par ZHPDIAG

Infections détectée par ZHPDIAG

Infections détectée par ZHPDIAG

Infections détectée par ZHPDIAG

Infections détectée par ZHPDIAG

Infections détectée par ZHPDIAG

Infections détectée par ZHPDIAG

Infections détectée par ZHPDIAG

Infections détectée par ZHPDIAG

Infections détectée par ZHPDIAG

Infections détectée par ZHPDIAG

Infections détectée par ZHPDIAG

Divers problèmes Windows : virus?

Malwares détectés par ZHP Diag

Malwares détectés par ZHP Diag

Zebulon

Outils en ligne

Naviguer