yves13

Bonsoir Toton57 Merci beaucoup pour ta réponse . Je viens de le télécharger. J'essaie dans les jours qui suivent et je te dis quoi. Bonne soirée. Yves 13.

Bonjour, Il y a 2 mois environ j'ai supprimé par erreur des fichiers World et Excel vraiment importans. J'ai cherché sur le net des logiciels gratuits pour les récupérer mais je ne trouve pas le Bon ( j'ai essayé aussi RECUVA ) Les résultats sont mauvais. Merci à celle ou celui qui peut me répondre. Bon après midi. Yves 13.

Mille merci Pear. Bonne soirée. Yves 13.

..../.....Je crois que j'ai mal fait le Copier - Coller de Conhost.exe ? - Désolé - Bon après midi. Yves 13. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware. File name: conhost.exe Submission date: 2011-03-16 11:40:22 (UTC) Current status: queued (#1) queued (#1) analysing finished Result: 0/ 43 (0.0%) VT Community not reviewed Safety score: - Compact Print results AntivirusVersionLast UpdateResultAhnLab-V32011.03.16.042011.03.16-AntiVir7.11.4.2212011.03.16-Antiy-AVL2.0.3.72011.03.16-Avast4.8.1351.02011.03.16-Avast55.0.677.02011.03.16-AVG10.0.0.11902011.03.16-BitDefender7.22011.03.16-CAT-QuickHeal11.002011.03.16-ClamAV0.96.4.02011.03.15-Commtouch5.2.11.52011.03.16-Comodo79992011.03.16-DrWeb5.0.2.033002011.03.16-Emsisoft5.1.0.22011.03.16-eSafe7.0.17.02011.03.15-eTrust-Vet36.1.82182011.03.16-F-Prot4.6.2.1172011.03.16-F-Secure9.0.16440.02011.03.14-Fortinet4.2.254.02011.03.16-GData212011.03.16-IkarusT3.1.1.97.02011.03.16-Jiangmin13.0.9002011.03.16-K7AntiVirus9.93.41222011.03.16-Kaspersky7.0.0.1252011.03.16-McAfee5.400.0.11582011.03.16-McAfee-GW-Edition2010.1C2011.03.16-Microsoft1.66032011.03.16-NOD3259572011.03.16-Norman6.07.032011.03.16-nProtect2011-02-10.012011.02.15-Panda10.0.3.52011.03.15-PCTools7.0.3.52011.03.11-Prevx3.02011.03.16-Rising23.49.02.062011.03.16-Sophos4.63.02011.03.16-SUPERAntiSpyware4.40.0.10062011.03.16-Symantec20101.3.0.1032011.03.16-TheHacker6.7.0.1.1502011.03.16-TrendMicro9.200.0.10122011.03.16-TrendMicro-HouseCall9.200.0.10122011.03.16-VBA323.12.14.32011.03.15-VIPRE87192011.03.16-ViRobot2011.3.16.43602011.03.16-VirusBuster13.6.250.02011.03.15-Additional informationShow all MD5 : 156f20e7a89573c2fd7cbc305dfc181fSHA1 : 84c10a4fb72446432c4a252b2cd43ca369017dd2SHA256: b3bbcd2ff46233d6f64776b83048f58c8459e76327ad77a2132b471d389fe04cssdeep: 6144:fUgR3OYwYXLMdj7S1m4dD3ZtfUvYRAdER8Euem:fUgtLMdjZ4dD3rg+5File size : 271360 bytesFirst seen: 2011-01-14 23:02:56Last seen : 2011-03-16 11:40:22TrID: Win 9x/ME Control Panel applet (31.8%) Windows Screen Saver (26.8%) Win32 Executable Generic (17.4%) Win32 Dynamic Link Library (generic) (15.5%) Generic Win/DOS Executable (4.1%)sigcheck: publisher....: Microsoft Corporation copyright....: © Microsoft Corporation. All rights reserved. product......: Microsoft_ Windows_ Operating System description..: Console Window Host original name: CONHOST.EXE internal name: ConHost file version.: 6.1.7601.17514 (win7sp1_rtm.101119-1850) comments.....: n/a signers......: - signing date.: - verified.....: Unsigned PEInfo: PE structure information [[ basic data ]] entrypointaddress: 0x627F timedatestamp....: 0x4CE78FCC (Sat Nov 20 09:07:24 2010) machinetype......: 0x14c (I386) [[ 5 section(s) ]] name, viradd, virsiz, rawdsiz, ntropy, md5 .text, 0x1000, 0x30D04, 0x30E00, 6.64, 4cf8e10e2b97523922d2619d82e5264b FE_TEXT, 0x32000, 0x5322, 0x5400, 6.47, 6003cc9b125e989613830879b89a7bff .data, 0x38000, 0xF30, 0x1000, 0.55, 58ace29510f35d68df7fd037bed78ffe .rsrc, 0x39000, 0x86A8, 0x8800, 4.39, 5e3ee192d4528856e0e7d16e9d3aa214 .reloc, 0x42000, 0x24FC, 0x2600, 6.73, 64655fae1f5e09e59a132a40fd76e8b3 [[ 9 import(s) ]] GDI32.dll: DeleteDC, GetDIBits, BitBlt, GetObjectW, SelectObject, CreateCompatibleDC, CreateDIBitmap, PatBlt, InvertRgn, CombineRgn, CreateRectRgn, StretchDIBits, SelectPalette, CreateCompatibleBitmap, GdiFullscreenControl, GdiFlush, PolyPatBlt, GetStockObject, SetBkColor, SetTextColor, SetDCBrushColor, GetNearestColor, DeleteObject, GetTextExtentPoint32W, GetTextMetricsW, EnumFontFamiliesExW, CreateDCW, GetTextFaceW, SetFontEnumeration, GetDeviceCaps, GetRegionData, GetRgnBox, PolyTextOutW, GetCurrentObject, SetBkMode, RealizePalette, SetSystemPaletteUse, GetStringBitmapW, CreateSolidBrush, TranslateCharsetInfo, GetCharWidth32W, CreateBitmap, SetBitmapBits, GetBitmapBits, StretchBlt, CreateFontIndirectW, SetDIBitsToDevice USER32.dll: RegisterClassExW, SetProcessDPIAware, GetForegroundWindow, SetCursor, SendMessageTimeoutW, TrackPopupMenuEx, UnpackDDElParam, CreateIconFromResourceEx, ReuseDDElParam, CreateWindowExW, GetDC, GetSystemMenu, SetActiveWindow, LoadCursorW, KillTimer, ReleaseDC, DestroyWindow, GetKeyboardLayout, SetTimer, ScrollDC, SetScrollInfo, GetWindowRect, MonitorFromRect, MapWindowPoints, GetMonitorInfoW, GetClientRect, ClientToScreen, AdjustWindowRectEx, GetCaretBlinkTime, GetWindowTextW, SetWindowTextW, SetWindowPos, NotifyWinEvent, MapVirtualKeyW, VkKeyScanW, CloseClipboard, InvalidateRect, GetClipboardData, OpenClipboard, ReleaseCapture, LoadIconW, LoadImageW, EnumDisplaySettingsW, BeginPaint, DrawIcon, EndPaint, DefWindowProcW, IsIconic, EnableMenuItem, LoadMenuW, AppendMenuW, SetMenuItemInfoW, ShowWindow, MessageBoxW, GetKeyboardState, ToUnicodeEx, GetMessageW, DispatchMessageW, UnhookWindowsHookEx, RegisterWindowMessageW, SetWindowsHookExW, GetWindowLongW, SetCapture, SetClipboardData, EmptyClipboard, GetKeyState, PrivateExtractIconExW, EnterReaderModeHelper, TranslateMessageEx, ConsoleControl, GetWindowPlacement, SetWindowPlacement, SystemParametersInfoW, ActivateKeyboardLayout, GetKeyboardLayoutNameA, GetKeyboardLayoutNameW, CopyIcon, DestroyIcon, DialogBoxParamW, EndDialog, GetDlgItemTextW, IsDlgButtonChecked, SendNotifyMessageW, SetWindowLongW, SendDlgItemMessageW, CheckRadioButton, GetSystemMetrics, SendMessageW, PtInRect, ScreenToClient, PostMessageW, LoadStringW, GetCursorPos, WindowFromPoint msvcrt.dll: malloc, free, __set_app_type, _controlfp, _except_handler4_common, __p__fmode, __p__commode, __setusermatherr, _amsg_exit, _initterm, _acmdln, exit, _ismbblead, _XcptFilter, _exit, _cexit, __getmainargs, memcpy, _local_unwind4, _vsnwprintf, wcschr, wcsncmp, wcsrchr, memset, atoi, _itoa, memmove, _terminate@@YAXXZ ntdll.dll: RtlPrefixUnicodeString, RtlIntegerToUnicodeString, RtlUnicodeToMultiByteSize, RtlInitializeCriticalSectionAndSpinCount, RtlConsoleMultiByteToUnicodeN, RtlDosSearchPath_U, ShipAssert, RtlExitUserProcess, NtReplyWaitReceivePort, NtOpenDirectoryObject, NtCreatePort, RtlOpenCurrentUser, NtEnumerateValueKey, NtQueryValueKey, RtlCreateTagHeap, NtOpenKey, NtAcceptConnectPort, NtWaitForMultipleObjects, NtSetInformationProcess, RtlReAllocateHeap, RtlInitCodePageTable, RtlUnicodeToMultiByteN, RtlMultiByteToUnicodeN, RtlCustomCPToUnicodeN, RtlOemToUnicodeN, RtlUnicodeToOemN, RtlExitUserThread, RtlInitUnicodeString, RtlUnicodeStringToInteger, NtSetEvent, NtCreateEvent, NtDuplicateObject, NtClearEvent, RtlDeleteCriticalSection, RtlInitializeCriticalSection, NtOpenProcess, NtQueryInformationProcess, NtVdmControl, NtReleaseMutant, NtWaitForSingleObject, NtCreateMutant, NtUnmapViewOfSection, NtReadVirtualMemory, RtlEnterCriticalSection, RtlLeaveCriticalSection, NtReplyPort, RtlCompareUnicodeString, RtlSizeHeap, DbgPrintEx, RtlAllocateHeap, NtCreateSection, RtlFreeHeap, NtMapViewOfSection, NtClose, RtlGetCriticalSectionRecursionCount API_MS_Win_Core_LocalRegistry_L1_1_0.dll: RegGetValueW KERNEL32.dll: GetOEMCP, GlobalSize, GlobalUnlock, GetStringTypeW, CreateFileA, GetSystemDirectoryA, GetModuleHandleW, GetACP, CreateThread, InterlockedExchange, Sleep, InterlockedCompareExchange, GetStartupInfoA, SetUnhandledExceptionFilter, GetModuleHandleA, QueryPerformanceCounter, GetTickCount, GetSystemTimeAsFileTime, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, GlobalFree, GlobalAlloc, InterlockedIncrement, InterlockedDecrement, GetVersionExW, VirtualProtect, lstrlenA, VirtualAlloc, GetSystemInfo, VirtualQuery, LocalAlloc, LocalFree, LocalReAlloc, LockResource, LoadResource, FindResourceExW, IsValidCodePage, GetCurrentProcessId, GetCurrentThreadId, GetLastError, CreateActCtxW, GetModuleFileNameW, SetEnvironmentVariableW, GetEnvironmentVariableW, CloseHandle, SetFilePointer, ReadFile, MultiByteToWideChar, FreeLibrary, LoadLibraryExW, ExpandEnvironmentStringsW, GetPrivateProfileStringW, CreateFileW, SetProcessShutdownParameters, GetProcAddress, LoadLibraryW, GetSystemDirectoryW, WideCharToMultiByte, GetCPInfo, lstrlenW, Beep, GetCurrentThread, GlobalLock IMM32.dll: ImmGetCompositionStringW, ImmGetGuideLineW, ImmGetContext, ImmGetOpenStatus, ImmGetConversionStatus, ImmReleaseContext, ImmAssociateContextEx, ImmAssociateContext, ImmTranslateMessage, ImmNotifyIME, ImmGetProperty, ImmGetCandidateListW ole32.dll: CoUninitialize, CoCreateInstance, CoInitializeEx OLEAUT32.dll: -, -, -, -, -, -, - ExifTool: file metadata CharacterSet: Unicode CodeSize: 221696 CompanyName: Microsoft Corporation EntryPoint: 0x627f FileDescription: Console Window Host FileFlagsMask: 0x003f FileOS: Windows NT 32-bit FileSize: 265 kB FileSubtype: 0 FileType: Win32 EXE FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850) FileVersionNumber: 6.1.7601.17514 ImageVersion: 6.1 InitializedDataSize: 48640 InternalName: ConHost LanguageCode: English (U.S.) LegalCopyright: Microsoft Corporation. All rights reserved. LinkerVersion: 9.0 MIMEType: application/octet-stream MachineType: Intel 386 or later, and compatibles OSVersion: 6.1 ObjectFileType: Executable application OriginalFilename: CONHOST.EXE PEType: PE32 ProductName: Microsoft Windows Operating System ProductVersion: 6.1.7601.17514 ProductVersionNumber: 6.1.7601.17514 Subsystem: Windows GUI SubsystemVersion: 6.1 TimeStamp: 2010:11:20 10:07:24+01:00 UninitializedDataSize: 0 VT Community

Bonjour Pear - Merci de ta réponse. Je t'envoie les rapports de Conhost.exe de l'adresse que tu m'as indiquée. Je t'avoue que c'est du " chinois " pour moi mais cela m'interresse beaucoup. Peux-tu me résumer en une phrase - merci - Par acquis de conscience , j'en profite pour te poster en fin un rapport HJT de ce midi. Yves 13. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware. File name: conhost.exe Submission date: 2011-03-16 11:08:39 (UTC) Current status: queued (#5) queued (#5) analysing finished Result: 0/ 43 (0.0%) VT Community not reviewed Safety score: - Compact Print results AntivirusVersionLast UpdateResultAhnLab-V32011.03.16.042011.03.16-AntiVir7.11.4.2212011.03.16-Antiy-AVL2.0.3.72011.03.16-Avast4.8.1351.02011.03.16-Avast55.0.677.02011.03.16-AVG10.0.0.11902011.03.16-BitDefender7.22011.03.16-CAT-QuickHeal11.002011.03.16-ClamAV0.96.4.02011.03.15-Commtouch5.2.11.52011.03.16-Comodo79992011.03.16-DrWeb5.0.2.033002011.03.16-Emsisoft5.1.0.22011.03.16-eSafe7.0.17.02011.03.15-eTrust-Vet36.1.82182011.03.16-F-Prot4.6.2.1172011.03.16-F-Secure9.0.16440.02011.03.14-Fortinet4.2.254.02011.03.16-GData212011.03.16-IkarusT3.1.1.97.02011.03.16-Jiangmin13.0.9002011.03.16-K7AntiVirus9.93.41222011.03.16-Kaspersky7.0.0.1252011.03.16-McAfee5.400.0.11582011.03.16-McAfee-GW-Edition2010.1C2011.03.16-Microsoft1.66032011.03.16-NOD3259572011.03.16-Norman6.07.032011.03.16-nProtect2011-02-10.012011.02.15-Panda10.0.3.52011.03.15-PCTools7.0.3.52011.03.11-Prevx3.02011.03.16-Rising23.49.02.062011.03.16-Sophos4.63.02011.03.16-SUPERAntiSpyware4.40.0.10062011.03.16-Symantec20101.3.0.1032011.03.16-TheHacker6.7.0.1.1502011.03.16-TrendMicro9.200.0.10122011.03.16-TrendMicro-HouseCall9.200.0.10122011.03.16-VBA323.12.14.32011.03.15-VIPRE87192011.03.16-ViRobot2011.3.16.43602011.03.16-VirusBuster13.6.250.02011.03.15-Additional informationShow all MD5 : 156f20e7a89573c2fd7cbc305dfc181fSHA1 : 84c10a4fb72446432c4a252b2cd43ca369017dd2SHA256: b3bbcd2ff46233d6f64776b83048f58c8459e76327ad77a2132b471d389fe04cssdeep: 6144:fUgR3OYwYXLMdj7S1m4dD3ZtfUvYRAdER8Euem:fUgtLMdjZ4dD3rg+5File size : 271360 bytesFirst seen: 2011-01-14 23:02:56Last seen : 2011-03-16 11:08:39TrID: Win 9x/ME Control Panel applet (31.8%) Windows Screen Saver (26.8%) Win32 Executable Generic (17.4%) Win32 Dynamic Link Library (generic) (15.5%) Generic Win/DOS Executable (4.1%)sigcheck: publisher....: Microsoft Corporation copyright....: © Microsoft Corporation. All rights reserved. product......: Microsoft_ Windows_ Operating System description..: Console Window Host original name: CONHOST.EXE internal name: ConHost file version.: 6.1.7601.17514 (win7sp1_rtm.101119-1850) comments.....: n/a signers......: - signing date.: - verified.....: Unsigned PEInfo: PE structure information [[ basic data ]] entrypointaddress: 0x627F timedatestamp....: 0x4CE78FCC (Sat Nov 20 09:07:24 2010) machinetype......: 0x14c (I386) [[ 5 section(s) ]] name, viradd, virsiz, rawdsiz, ntropy, md5 .text, 0x1000, 0x30D04, 0x30E00, 6.64, 4cf8e10e2b97523922d2619d82e5264b FE_TEXT, 0x32000, 0x5322, 0x5400, 6.47, 6003cc9b125e989613830879b89a7bff .data, 0x38000, 0xF30, 0x1000, 0.55, 58ace29510f35d68df7fd037bed78ffe .rsrc, 0x39000, 0x86A8, 0x8800, 4.39, 5e3ee192d4528856e0e7d16e9d3aa214 .reloc, 0x42000, 0x24FC, 0x2600, 6.73, 64655fae1f5e09e59a132a40fd76e8b3 [[ 9 import(s) ]] GDI32.dll: DeleteDC, GetDIBits, BitBlt, GetObjectW, SelectObject, CreateCompatibleDC, CreateDIBitmap, PatBlt, InvertRgn, CombineRgn, CreateRectRgn, StretchDIBits, SelectPalette, CreateCompatibleBitmap, GdiFullscreenControl, GdiFlush, PolyPatBlt, GetStockObject, SetBkColor, SetTextColor, SetDCBrushColor, GetNearestColor, DeleteObject, GetTextExtentPoint32W, GetTextMetricsW, EnumFontFamiliesExW, CreateDCW, GetTextFaceW, SetFontEnumeration, GetDeviceCaps, GetRegionData, GetRgnBox, PolyTextOutW, GetCurrentObject, SetBkMode, RealizePalette, SetSystemPaletteUse, GetStringBitmapW, CreateSolidBrush, TranslateCharsetInfo, GetCharWidth32W, CreateBitmap, SetBitmapBits, GetBitmapBits, StretchBlt, CreateFontIndirectW, SetDIBitsToDevice USER32.dll: RegisterClassExW, SetProcessDPIAware, GetForegroundWindow, SetCursor, SendMessageTimeoutW, TrackPopupMenuEx, UnpackDDElParam, CreateIconFromResourceEx, ReuseDDElParam, CreateWindowExW, GetDC, GetSystemMenu, SetActiveWindow, LoadCursorW, KillTimer, ReleaseDC, DestroyWindow, GetKeyboardLayout, SetTimer, ScrollDC, SetScrollInfo, GetWindowRect, MonitorFromRect, MapWindowPoints, GetMonitorInfoW, GetClientRect, ClientToScreen, AdjustWindowRectEx, GetCaretBlinkTime, GetWindowTextW, SetWindowTextW, SetWindowPos, NotifyWinEvent, MapVirtualKeyW, VkKeyScanW, CloseClipboard, InvalidateRect, GetClipboardData, OpenClipboard, ReleaseCapture, LoadIconW, LoadImageW, EnumDisplaySettingsW, BeginPaint, DrawIcon, EndPaint, DefWindowProcW, IsIconic, EnableMenuItem, LoadMenuW, AppendMenuW, SetMenuItemInfoW, ShowWindow, MessageBoxW, GetKeyboardState, ToUnicodeEx, GetMessageW, DispatchMessageW, UnhookWindowsHookEx, RegisterWindowMessageW, SetWindowsHookExW, GetWindowLongW, SetCapture, SetClipboardData, EmptyClipboard, GetKeyState, PrivateExtractIconExW, EnterReaderModeHelper, TranslateMessageEx, ConsoleControl, GetWindowPlacement, SetWindowPlacement, SystemParametersInfoW, ActivateKeyboardLayout, GetKeyboardLayoutNameA, GetKeyboardLayoutNameW, CopyIcon, DestroyIcon, DialogBoxParamW, EndDialog, GetDlgItemTextW, IsDlgButtonChecked, SendNotifyMessageW, SetWindowLongW, SendDlgItemMessageW, CheckRadioButton, GetSystemMetrics, SendMessageW, PtInRect, ScreenToClient, PostMessageW, LoadStringW, GetCursorPos, WindowFromPoint msvcrt.dll: malloc, free, __set_app_type, _controlfp, _except_handler4_common, __p__fmode, __p__commode, __setusermatherr, _amsg_exit, _initterm, _acmdln, exit, _ismbblead, _XcptFilter, _exit, _cexit, __getmainargs, memcpy, _local_unwind4, _vsnwprintf, wcschr, wcsncmp, wcsrchr, memset, atoi, _itoa, memmove, _terminate@@YAXXZ ntdll.dll: RtlPrefixUnicodeString, RtlIntegerToUnicodeString, RtlUnicodeToMultiByteSize, RtlInitializeCriticalSectionAndSpinCount, RtlConsoleMultiByteToUnicodeN, RtlDosSearchPath_U, ShipAssert, RtlExitUserProcess, NtReplyWaitReceivePort, NtOpenDirectoryObject, NtCreatePort, RtlOpenCurrentUser, NtEnumerateValueKey, NtQueryValueKey, RtlCreateTagHeap, NtOpenKey, NtAcceptConnectPort, NtWaitForMultipleObjects, NtSetInformationProcess, RtlReAllocateHeap, RtlInitCodePageTable, RtlUnicodeToMultiByteN, RtlMultiByteToUnicodeN, RtlCustomCPToUnicodeN, RtlOemToUnicodeN, RtlUnicodeToOemN, RtlExitUserThread, RtlInitUnicodeString, RtlUnicodeStringToInteger, NtSetEvent, NtCreateEvent, NtDuplicateObject, NtClearEvent, RtlDeleteCriticalSection, RtlInitializeCriticalSection, NtOpenProcess, NtQueryInformationProcess, NtVdmControl, NtReleaseMutant, NtWaitForSingleObject, NtCreateMutant, NtUnmapViewOfSection, NtReadVirtualMemory, RtlEnterCriticalSection, RtlLeaveCriticalSection, NtReplyPort, RtlCompareUnicodeString, RtlSizeHeap, DbgPrintEx, RtlAllocateHeap, NtCreateSection, RtlFreeHeap, NtMapViewOfSection, NtClose, RtlGetCriticalSectionRecursionCount API_MS_Win_Core_LocalRegistry_L1_1_0.dll: RegGetValueW KERNEL32.dll: GetOEMCP, GlobalSize, GlobalUnlock, GetStringTypeW, CreateFileA, GetSystemDirectoryA, GetModuleHandleW, GetACP, CreateThread, InterlockedExchange, Sleep, InterlockedCompareExchange, GetStartupInfoA, SetUnhandledExceptionFilter, GetModuleHandleA, QueryPerformanceCounter, GetTickCount, GetSystemTimeAsFileTime, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, GlobalFree, GlobalAlloc, InterlockedIncrement, InterlockedDecrement, GetVersionExW, VirtualProtect, lstrlenA, VirtualAlloc, GetSystemInfo, VirtualQuery, LocalAlloc, LocalFree, LocalReAlloc, LockResource, LoadResource, FindResourceExW, IsValidCodePage, GetCurrentProcessId, GetCurrentThreadId, GetLastError, CreateActCtxW, GetModuleFileNameW, SetEnvironmentVariableW, GetEnvironmentVariableW, CloseHandle, SetFilePointer, ReadFile, MultiByteToWideChar, FreeLibrary, LoadLibraryExW, ExpandEnvironmentStringsW, GetPrivateProfileStringW, CreateFileW, SetProcessShutdownParameters, GetProcAddress, LoadLibraryW, GetSystemDirectoryW, WideCharToMultiByte, GetCPInfo, lstrlenW, Beep, GetCurrentThread, GlobalLock IMM32.dll: ImmGetCompositionStringW, ImmGetGuideLineW, ImmGetContext, ImmGetOpenStatus, ImmGetConversionStatus, ImmReleaseContext, ImmAssociateContextEx, ImmAssociateContext, ImmTranslateMessage, ImmNotifyIME, ImmGetProperty, ImmGetCandidateListW ole32.dll: CoUninitialize, CoCreateInstance, CoInitializeEx OLEAUT32.dll: -, -, -, -, -, -, - ExifTool: file metadata CharacterSet: Unicode CodeSize: 221696 CompanyName: Microsoft Corporation EntryPoint: 0x627f FileDescription: Console Window Host FileFlagsMask: 0x003f FileOS: Windows NT 32-bit FileSize: 265 kB FileSubtype: 0 FileType: Win32 EXE FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850) FileVersionNumber: 6.1.7601.17514 ImageVersion: 6.1 InitializedDataSize: 48640 InternalName: ConHost LanguageCode: English (U.S.) LegalCopyright: Microsoft Corporation. All rights reserved. LinkerVersion: 9.0 MIMEType: application/octet-stream MachineType: Intel 386 or later, and compatibles OSVersion: 6.1 ObjectFileType: Executable application OriginalFilename: CONHOST.EXE PEType: PE32 ProductName: Microsoft Windows Operating System ProductVersion: 6.1.7601.17514 ProductVersionNumber: 6.1.7601.17514 Subsystem: Windows GUI SubsystemVersion: 6.1 TimeStamp: 2010:11:20 10:07:24+01:00 UninitializedDataSize: 0 VT Community Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:30:53, on 16/03/2011 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: NormalRunning processes: C:\windows\system32\taskhost.exe C:\windows\Explorer.EXE C:\windows\system32\Dwm.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE C:\Program Files\Microsoft Office\Office\FINDFAST.EXE C:\Windows\System32\conhost.exe C:\Windows\System32\conhost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\windows\system32\Macromed\Flash\FlashUtil9f.exe C:\Users\Yves\Downloads\HiJackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - Global Startup: Gestionnaire Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O13 - Gopher Prefix: O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe-- End of file - 5005 bytes

Désolé Pear, il me semble avoir oublié ce rapport que je te joins. A toute à l'heure. Yves 13. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware. File name: PhysicalMBR.bin Submission date: 2011-03-15 18:07:49 (UTC) Current status: queued (#10) queued (#1) analysing finished Result: 1/ 43 (2.3%) VT Community not reviewed Safety score: - Compact Print results AntivirusVersionLast UpdateResultAhnLab-V32011.03.15.022011.03.15-AntiVir7.11.4.2162011.03.15-Antiy-AVL2.0.3.72011.03.15-Avast4.8.1351.02011.03.15-Avast55.0.677.02011.03.15-AVG10.0.0.11902011.03.15-BitDefender7.22011.03.15-CAT-QuickHeal11.002011.03.15-ClamAV0.96.4.02011.03.15-Commtouch5.2.11.52011.03.15-Comodo79902011.03.15-DrWeb5.0.2.033002011.03.15-Emsisoft5.1.0.22011.03.15-eSafe7.0.17.02011.03.15-eTrust-Vet36.1.82162011.03.15-F-Prot4.6.2.1172011.03.15-F-Secure9.0.16440.02011.03.14-Fortinet4.2.254.02011.03.15-GData212011.03.15-IkarusT3.1.1.97.02011.03.15-Jiangmin13.0.9002011.03.15-K7AntiVirus9.93.41162011.03.15-Kaspersky7.0.0.1252011.03.15-McAfee5.400.0.11582011.03.15-McAfee-GW-Edition2010.1C2011.03.15-Microsoft1.66032011.03.15-NOD3259552011.03.15-Norman6.07.032011.03.15-nProtect2011-02-10.012011.02.15-Panda10.0.3.52011.03.15-PCTools7.0.3.52011.03.11-Prevx3.02011.03.15-Rising23.49.01.052011.03.15-Sophos4.63.02011.03.15-SUPERAntiSpyware4.40.0.10062011.03.15-Symantec20101.3.0.1032011.03.15-TheHacker6.7.0.1.1502011.03.15-TrendMicro9.200.0.10122011.03.15-TrendMicro-HouseCall9.200.0.10122011.03.15-VBA323.12.14.32011.03.15suspected of Unknown.BootVirusVIPRE87132011.03.15-ViRobot2011.3.15.43582011.03.15-VirusBuster13.6.250.02011.03.15-Additional informationShow all MD5 : b819b71cd046fc7bb7d48828657be500SHA1 : cdea8c3ff50deb3bdcb6a0616bc2f7d5e30a038dSHA256: 5f048ed1aa924e6aed9a3ab9386fc6e248e319e7c6f053950d4b62802f06272fssdeep: 12:D6RUrZis1hrW35FluO0OYBVm09HQQqla3usF7un:DY8Zv1VWpFeO8Vm09HQQqiusEnFile size : 512 bytesFirst seen: 2011-03-15 18:07:49Last seen : 2011-03-15 18:07:49TrID: Unknown!sigcheck: publisher....: n/a copyright....: n/a product......: n/a description..: n/a original name: n/a internal name: n/a file version.: n/a comments.....: n/a signers......: - signing date.: - verified.....: Unsigned VT Community 0 Thi s file ha s never been reviewed by any VT Community member. Be the fir s t one to comment on it! VirusTotal Team Add your comment... Remember that when you write comments as an anonymous user they receive the lowest possible reputation. So if you have not signed in yet don't forget to do so. How to markup your comments? You can add basic styles to your comments using the following accepted bbcode tags: text -- bold text -- italics text -- underline text -- strikethrough text -- preformatted text You can also address comments to particular users using the "@" twitter-like mode. By prepending a "#" symbol to a word you can add custom tags to your comment, tags that can then be searched for. Goodware Malware Spam attachment/link P2P download Propagating via IM Network worm Drive-by-download Anonymous limit exceeded: anonymous users can only make one comment per file or URL, either sign in or register in order to continue making reviews on this item. Note that anonymous user discrimination is based on IP addresses, hence, it may be possible that another user behind your same proxy or NAT connection already made a review.

Bonsoir PEAR et merci de beaucoup de ta réponse. J'ai suivi toutes tes instrcutions et je t'envoie les 2 rapports . Je dois partir 2 heures mais j'attend ta réponse avec un grand intêret. A toute à l'heure. Yves 13. OTL logfile created on: 3/15/2011 7:01:27 PM - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Yves\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000409 | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 71.00% Memory free 6.00 Gb Paging File | 5.00 Gb Available in Paging File | 83.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 240.54 Gb Total Space | 220.10 Gb Free Space | 91.50% Space Free | Partition Type: NTFS Drive D: | 42.45 Gb Total Space | 41.83 Gb Free Space | 98.54% Space Free | Partition Type: NTFS Drive F: | 372.52 Gb Total Space | 363.09 Gb Free Space | 97.47% Space Free | Partition Type: FAT32 Computer Name: YVES-PC | User Name: Yves | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days ========== Custom Scans ========== < >%systemdrive%\vt.bat echo @echo off /raw /c > < >>%systemdrive%\vt.bat echo start IEXPLORE.EXE VirusTotal - Free Online Virus, Malware and URL Scanner /raw /c > < >>%systemdrive%\vt.bat echo exit /raw /c > < call %systemdrive%\vt.bat /c > < del %systemdrive%\vt.bat /c > < > < End of report > File already submitted: The file sent has already been analysed by VirusTotal in the past. This is same basic info regarding the sample itself and its last analysis: MD5:156f20e7a89573c2fd7cbc305dfc181fDate first seen:2011-01-14 23:02:56 (UTC)Date last seen:2011-03-15 10:11:24 (UTC)Detection ratio:0/43What do you wish to do? Reanalyse View last report

J' ai oublié de joindre un rapport MBRCheck - désolé - Yves 13. MBRCheck, version 1.2.3 © 2010, AD Command-line: Windows Version: Windows 7 Home Premium Edition Windows Information: Service Pack 1 (build 7601), 32-bit Base Board Manufacturer: SAMSUNG ELECTRONICS CO., LTD. BIOS Manufacturer: Phoenix Technologies Ltd. System Manufacturer: SAMSUNG ELECTRONICS CO., LTD. System Product Name: R530/R730 Logical Drives Mask: 0x0000001c Kernel Drivers (total 187): 0x83045000 \SystemRoot\system32\ntoskrnl.exe 0x8300E000 \SystemRoot\system32\halmacpi.dll 0x80BCC000 \SystemRoot\system32\kdcom.dll 0x8B813000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x8B898000 \SystemRoot\system32\PSHED.dll 0x8B8A9000 \SystemRoot\system32\BOOTVID.dll 0x8B8B1000 \SystemRoot\system32\CLFS.SYS 0x8B8F3000 \SystemRoot\system32\CI.dll 0x8B99E000 \SystemRoot\system32\drivers\Wdf01000.sys 0x8BA0F000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x8BA1D000 \SystemRoot\system32\drivers\ACPI.sys 0x8BA65000 \SystemRoot\system32\drivers\WMILIB.SYS 0x8BA6E000 \SystemRoot\system32\drivers\msisadrv.sys 0x8BA76000 \SystemRoot\system32\drivers\pci.sys 0x8BAA0000 \SystemRoot\system32\drivers\vdrvroot.sys 0x8BAAB000 \SystemRoot\System32\drivers\partmgr.sys 0x8BABC000 \SystemRoot\system32\DRIVERS\compbatt.sys 0x8BAC4000 \SystemRoot\system32\DRIVERS\BATTC.SYS 0x8BACF000 \SystemRoot\system32\drivers\volmgr.sys 0x8BADF000 \SystemRoot\System32\drivers\volmgrx.sys 0x8BB2A000 \SystemRoot\System32\drivers\mountmgr.sys 0x8BC01000 \SystemRoot\system32\DRIVERS\iaStor.sys 0x8BCDB000 \SystemRoot\system32\drivers\atapi.sys 0x8BCE4000 \SystemRoot\system32\drivers\ataport.SYS 0x8BD07000 \SystemRoot\system32\drivers\msahci.sys 0x8BD11000 \SystemRoot\system32\drivers\PCIIDEX.SYS 0x8BD1F000 \SystemRoot\system32\drivers\amdxata.sys 0x8BD28000 \SystemRoot\system32\drivers\fltmgr.sys 0x8BD5C000 \SystemRoot\system32\drivers\fileinfo.sys 0x8BD6D000 \SystemRoot\System32\Drivers\Ntfs.sys 0x8BE9C000 \SystemRoot\System32\Drivers\msrpc.sys 0x8BEC7000 \SystemRoot\System32\Drivers\ksecdd.sys 0x8BEDA000 \SystemRoot\System32\Drivers\cng.sys 0x8BF37000 \SystemRoot\System32\drivers\pcw.sys 0x8BF45000 \SystemRoot\System32\Drivers\Fs_Rec.sys 0x8BB40000 \SystemRoot\system32\drivers\ndis.sys 0x8BF4E000 \SystemRoot\system32\drivers\NETIO.SYS 0x8BF8C000 \SystemRoot\System32\Drivers\ksecpkg.sys 0x8C038000 \SystemRoot\System32\drivers\tcpip.sys 0x8C182000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x8C1B3000 \SystemRoot\system32\drivers\volsnap.sys 0x8C1F2000 \SystemRoot\System32\Drivers\spldr.sys 0x8C1FA000 \SystemRoot\System32\drivers\rdyboost.sys 0x8C227000 \SystemRoot\System32\Drivers\mup.sys 0x8C237000 \SystemRoot\System32\drivers\hwpolicy.sys 0x8C23F000 \SystemRoot\System32\DRIVERS\fvevol.sys 0x8C271000 \SystemRoot\system32\DRIVERS\disk.sys 0x8C282000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS 0x8C39F000 \SystemRoot\system32\drivers\cdrom.sys 0x8C3BE000 \SystemRoot\System32\Drivers\Null.SYS 0x8C3C5000 \SystemRoot\System32\Drivers\Beep.SYS 0x8C3CC000 \SystemRoot\System32\drivers\vga.sys 0x8C3D8000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x8C000000 \SystemRoot\System32\drivers\watchdog.sys 0x8C00D000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x8C015000 \SystemRoot\system32\drivers\rdpencdd.sys 0x8C01D000 \SystemRoot\system32\drivers\rdprefmp.sys 0x8C025000 \SystemRoot\System32\Drivers\Msfs.SYS 0x8BFB1000 \SystemRoot\System32\Drivers\Npfs.SYS 0x8BFBF000 \SystemRoot\system32\DRIVERS\tdx.sys 0x8BFD6000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x92C06000 \SystemRoot\system32\drivers\afd.sys 0x92C60000 \SystemRoot\System32\DRIVERS\netbt.sys 0x92C92000 \SystemRoot\system32\DRIVERS\wfplwf.sys 0x92C99000 \SystemRoot\system32\DRIVERS\pacer.sys 0x92CB8000 \SystemRoot\system32\DRIVERS\vwififlt.sys 0x92CC9000 \SystemRoot\system32\DRIVERS\netbios.sys 0x92CD7000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x92CEA000 \SystemRoot\system32\drivers\termdd.sys 0x92CFB000 \SystemRoot\system32\DRIVERS\ssmdrv.sys 0x92D01000 \??\C:\windows\system32\Drivers\SABI.sys 0x92D09000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x92D4A000 \SystemRoot\system32\drivers\nsiproxy.sys 0x92D54000 \SystemRoot\system32\drivers\mssmbios.sys 0x92D5E000 \SystemRoot\System32\drivers\discache.sys 0x92D6A000 \SystemRoot\System32\Drivers\dfsc.sys 0x92D82000 \SystemRoot\system32\DRIVERS\blbdrive.sys 0x92D90000 \SystemRoot\system32\DRIVERS\avipbb.sys 0x92DB6000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x93839000 \SystemRoot\system32\DRIVERS\igdkmd32.sys 0x94156000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x9420D000 \SystemRoot\System32\drivers\dxgmms1.sys 0x94246000 \SystemRoot\system32\DRIVERS\usbuhci.sys 0x94251000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x9429C000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x942AB000 \SystemRoot\system32\drivers\HDAudBus.sys 0x942CA000 \SystemRoot\system32\DRIVERS\athr.sys 0x93800000 \SystemRoot\system32\DRIVERS\vwifibus.sys 0x92DD7000 \SystemRoot\system32\DRIVERS\yk62x86.sys 0x9380A000 \SystemRoot\system32\DRIVERS\CmBatt.sys 0x9380E000 \SystemRoot\system32\drivers\i8042prt.sys 0x93826000 \SystemRoot\system32\drivers\kbdclass.sys 0x92E28000 \SystemRoot\system32\DRIVERS\SynTP.sys 0x93833000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x92E5F000 \SystemRoot\system32\drivers\mouclass.sys 0x943F9000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys 0x92E6C000 \SystemRoot\system32\DRIVERS\intelppm.sys 0x92E7E000 \SystemRoot\system32\drivers\CompositeBus.sys 0x92E8B000 \SystemRoot\system32\DRIVERS\AgileVpn.sys 0x92E9D000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x92EB5000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x92EC0000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x92EE2000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x92EFA000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x92F11000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x93835000 \SystemRoot\system32\drivers\swenum.sys 0x92F28000 \SystemRoot\system32\drivers\ks.sys 0x92F5C000 \SystemRoot\system32\drivers\umbus.sys 0x92F6A000 \SystemRoot\system32\drivers\usbhub.sys 0x92FAE000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x96803000 \SystemRoot\system32\drivers\RTKVHDA.sys 0x96AB0000 \SystemRoot\system32\drivers\portcls.sys 0x96ADF000 \SystemRoot\system32\drivers\drmk.sys 0x96AF8000 \SystemRoot\system32\drivers\IntcHdmi.sys 0x96B1B000 \SystemRoot\System32\Drivers\crashdmp.sys 0x8C2A7000 \SystemRoot\System32\Drivers\dump_iaStor.sys 0x96B28000 \SystemRoot\System32\Drivers\dump_dumpfve.sys 0x97450000 \SystemRoot\System32\win32k.sys 0x96B39000 \SystemRoot\System32\drivers\Dxapi.sys 0x96B43000 \SystemRoot\system32\DRIVERS\monitor.sys 0x976B0000 \SystemRoot\System32\TSDDD.dll 0x96B4E000 \SystemRoot\system32\drivers\usbccgp.sys 0x976E0000 \SystemRoot\System32\cdd.dll 0x96B65000 \SystemRoot\System32\Drivers\usbvideo.sys 0x96B89000 \SystemRoot\system32\drivers\luafv.sys 0x96BA4000 \SystemRoot\system32\DRIVERS\avgntflt.sys 0x96BB9000 \SystemRoot\system32\drivers\WudfPf.sys 0x96BD3000 \SystemRoot\system32\drivers\hidusb.sys 0x96BDE000 \SystemRoot\system32\drivers\HIDCLASS.SYS 0x96BF1000 \SystemRoot\system32\drivers\HIDPARSE.SYS 0x92FBF000 \SystemRoot\system32\DRIVERS\mouhid.sys 0x92FCA000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x9142F000 \SystemRoot\system32\DRIVERS\nwifi.sys 0x91475000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0x91485000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x91498000 \SystemRoot\system32\drivers\HTTP.sys 0x9151D000 \SystemRoot\system32\DRIVERS\bowser.sys 0x91536000 \SystemRoot\System32\drivers\mpsdrv.sys 0x91548000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x9156B000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x915A6000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x915D9000 \SystemRoot\system32\drivers\peauth.sys 0x91670000 \SystemRoot\System32\Drivers\secdrv.SYS 0x9167A000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x9169B000 \SystemRoot\System32\drivers\tcpipreg.sys 0x916A8000 \SystemRoot\System32\DRIVERS\srv2.sys 0x916F7000 \SystemRoot\System32\DRIVERS\srv.sys 0x917B2000 \??\C:\Users\Yves\AppData\Local\Temp\mbr.sys 0x77600000 \Windows\System32\ntdll.dll 0x483D0000 \Windows\System32\smss.exe 0x77840000 \Windows\System32\apisetschema.dll 0x002E0000 \Windows\System32\autochk.exe 0x77820000 \Windows\System32\normaliz.dll 0x77790000 \Windows\System32\oleaut32.dll 0x77550000 \Windows\System32\rpcrt4.dll 0x774A0000 \Windows\System32\msvcrt.dll 0x77420000 \Windows\System32\comdlg32.dll 0x77220000 \Windows\System32\iertutil.dll 0x77080000 \Windows\System32\setupapi.dll 0x77020000 \Windows\System32\difxapi.dll 0x77770000 \Windows\System32\imm32.dll 0x77740000 \Windows\System32\imagehlp.dll 0x76F80000 \Windows\System32\advapi32.dll 0x76F70000 \Windows\System32\nsi.dll 0x76ED0000 \Windows\System32\usp10.dll 0x76EC0000 \Windows\System32\lpk.dll 0x76270000 \Windows\System32\shell32.dll 0x761A0000 \Windows\System32\user32.dll 0x760A0000 \Windows\System32\wininet.dll 0x76050000 \Windows\System32\Wldap32.dll 0x76010000 \Windows\System32\ws2_32.dll 0x75EB0000 \Windows\System32\ole32.dll 0x75E60000 \Windows\System32\gdi32.dll 0x75E50000 \Windows\System32\psapi.dll 0x75DF0000 \Windows\System32\shlwapi.dll 0x75D10000 \Windows\System32\kernel32.dll 0x75CF0000 \Windows\System32\sechost.dll 0x75C60000 \Windows\System32\clbcatq.dll 0x75B20000 \Windows\System32\urlmon.dll 0x75A50000 \Windows\System32\msctf.dll 0x75A20000 \Windows\System32\wintrust.dll 0x75900000 \Windows\System32\crypt32.dll 0x758D0000 \Windows\System32\cfgmgr32.dll 0x75880000 \Windows\System32\KernelBase.dll 0x75860000 \Windows\System32\devobj.dll 0x757D0000 \Windows\System32\comctl32.dll 0x757C0000 \Windows\System32\msasn1.dll Processes (total 64): 0 System Idle Process 4 System 300 C:\Windows\System32\smss.exe 428 csrss.exe 480 C:\Windows\System32\wininit.exe 492 csrss.exe 528 C:\Windows\System32\services.exe 544 C:\Windows\System32\lsass.exe 556 C:\Windows\System32\lsm.exe 664 C:\Windows\System32\svchost.exe 764 C:\Windows\System32\winlogon.exe 796 C:\Windows\System32\svchost.exe 864 C:\Windows\System32\svchost.exe 956 C:\Windows\System32\svchost.exe 1000 C:\Windows\System32\svchost.exe 1092 C:\Windows\System32\svchost.exe 1180 C:\Windows\System32\svchost.exe 1352 C:\Windows\System32\spoolsv.exe 1404 C:\Program Files\Avira\AntiVir Desktop\sched.exe 1464 C:\Windows\System32\svchost.exe 1568 C:\Program Files\Avira\AntiVir Desktop\avguard.exe 1604 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 1620 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe 1652 C:\Windows\System32\conhost.exe 1716 C:\Program Files\Bonjour\mDNSResponder.exe 1752 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE 1792 C:\Windows\System32\svchost.exe 1948 C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe 272 C:\Program Files\CyberLink\Shared files\RichVideo.exe 436 C:\Windows\System32\svchost.exe 2528 C:\Windows\System32\taskhost.exe 2540 C:\Windows\System32\taskeng.exe 2556 C:\Windows\System32\dwm.exe 2688 C:\Windows\explorer.exe 2740 C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe 2760 C:\Program Files\AnyPC Client\APLanMgrC.exe 2828 C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe 2840 C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe 2860 C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe 2872 C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe 2912 C:\Windows\System32\rundll32.exe 3104 C:\Windows\System32\igfxext.exe 3144 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 3152 C:\Windows\System32\igfxsrvc.exe 3188 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 3212 C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE 3228 C:\Program Files\Microsoft Office\Office\FINDFAST.EXE 3628 C:\Windows\System32\SearchIndexer.exe 3736 C:\Program Files\Windows Media Player\wmpnetwk.exe 2512 C:\Windows\System32\svchost.exe 3072 C:\Windows\System32\taskhost.exe 3184 C:\Program Files\Internet Explorer\iexplore.exe 1456 C:\Program Files\Internet Explorer\iexplore.exe 3032 C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe 1292 C:\Windows\System32\Macromed\Flash\FlashUtil9f.exe 1768 C:\Windows\System32\svchost.exe 1220 C:\Windows\System32\audiodg.exe 3036 C:\Program Files\Windows Media Player\wmplayer.exe 1380 C:\Windows\System32\SearchFilterHost.exe 3304 C:\Windows\System32\SearchProtocolHost.exe 2160 dllhost.exe 2264 dllhost.exe 4016 C:\Program Files\ZHPDiag\mbrcheck.exe 2104 C:\Windows\System32\conhost.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`c6500000 (NTFS) \\.\D: --> \\.\PhysicalDrive0 at offset 0x0000003f`e8f00000 (NTFS) PhysicalDrive0 Model Number: SAMSUNGHM321HI, Rev: 2AJ10002 Size Device Name MBR Status -------------------------------------------- 298 GB \\.\PhysicalDrive0 Unknown MBR code SHA1: F5C09ACABD4A5370BDD907E8EDFE0C1DA0F9D3F5 Found non-standard or infected MBR. Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Bonsoir à tous, J'ai fait l'acquisation d'un Pc Samsung R730. Pour la 1er fois je me suis servi du logiciel ZHPDiac téléchargé sur ce Forum. Je ne suis pas capable d'interprêter le résultat du rapport : si tout est OK. ou non.? le rapport HTJ ne montre aucune anomalie depuis que j'ai supprimé Partner.dll. Merci à celle ou à celui qui peut me répondre. Bonne soirée. Yves 13. Rapport de ZHPDiag v1.27.1421 par Nicolas Coolman, Update du 16/12/2010 Run by Yves at 3/14/2011 9:13:34 PM Web site : ZHPDiag Outil de diagnostic Contact : nicolascoolman@yahoo.fr ---\\ Web Browser MSIE: Internet Explorer v8.0.7601.17514 (Defaut) ---\\ System Information Windows 7 Home Premium Edition, 32-bit Service Pack 1 (Build 7601) Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3004.6 MB (70% free) System drive C: has 220 GB (91%) free of 241 GB ---\\ Logged in mode Computer Name: YVES-PC User Name: Yves All Users Names: Yves, HomeGroupUser$, Administrateur, Unselected Option: O1,O45,O61,O62,O65,O82 Logged in as Administrator ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 220 Go of 241 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 42 Go of 42 Go) E:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK ---\\ Recherche particulière de fichiers génériques [MD5.40D777B7A95E00593EB1568C68514493] - (.Microsoft Corporation - Explorateur Windows.) (.11/20/2010 1:17:09 PM.) -- C:\Windows\Explorer.exe [2616320] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.7/14/2009 2:14:45 AM.) -- C:\Windows\System32\Wininit.exe [96256] [MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/20/2010 1:17:54 PM.) -- C:\Windows\System32\Winlogon.exe [286720] [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.7/14/2009 2:26:15 AM.) -- C:\Windows\System32\drivers\atapi.sys [21584] [MD5.33C3093D09017CFE2E219F2472BFF6EB] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/20/2010 1:30:06 PM.) -- C:\Windows\System32\drivers\ntfs.sys [1211264] ---\\ Processus lancés [MD5.091A0924AC02AE0A04F3D03BCCDE2712] - (.SEC - Samsung Recovery Solution 4.) -- C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2246144] [MD5.06F7D67EC4D15F11A2923268BAA937D3] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [300912] [MD5.E3735DC796E5183D63F35921B058934C] - (.Samsung Electronics Co., Ltd. - EasySpeedUpManager.) -- C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [716800] [MD5.A46796CCF032D35720347262998D1F90] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [835072] [MD5.8A0B0E4102C2CCA25DA3134FE12FCC3E] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [91136] [MD5.51138BEEA3E2C21EC44D0932C71762A8] - (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\rundll32.exe [44544] [MD5.F2F3617C63B87AA2DE139DC9E37420B5] - (.Intel Corporation - igfxext Module.) -- C:\windows\system32\igfxext.exe [179224] [MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768] [MD5.B9AA850CDA55097EB13E03698C8F5828] - (.Intel Corporation - igfxsrvc Module.) -- C:\windows\system32\igfxsrvc.exe [266776] [MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [MD5.1FC324874D391F8CBF51AE8321B9D141] - (.Microsoft Corporation - Gestionnaire Microsoft Office.) -- C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE [340480] [MD5.11CABF7B4139F7A1D757689A7D69C5FB] - (.Microsoft Corporation - Microsoft Recherche accélérée.) -- C:\Program Files\Microsoft Office\Office\FINDFAST.EXE [111376] [MD5.C613E69C3B191BB02C7A191741A1D024] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [673040] [MD5.88C44CA9A052AEAEC0C91A57CE5AB41A] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe [304304] [MD5.5ABE08EEB790D2322565DBD11BF70A19] - (.Adobe Systems, Inc. - Adobe Flash Player Helper 9.0 r124.) -- C:\windows\system32\Macromed\Flash\FlashUtil9f.exe [218496] [MD5.A80C173AC5C75706BB74AE4D78F2A53D] - (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe [164864] [MD5.806A8E35707BEA615B209001E544F0F0] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [620544] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2) P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 3.0.40624.0.) -- C:\Program Files\Microsoft Silverlight\3.0.40624.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.13\npGoogleOneClick8.dll ---\\ Internet Explorer, Démarrage,Recherche,URSearchHook (R0,R1,R3) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-1871111397-3539990770-1974983793-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Gestionnaire Microsoft Office.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Recherche accélérée.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office\FINDFAST.EXE ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\Yves\Desktop\Snipping Tool.lnk . (.Microsoft Corporation.) -- C:\windows\system32\SnippingTool.exe O4 - Global Startup: C:\Users\Yves\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Yves\Desktop\Snipping Tool.lnk . (.Microsoft Corporation.) -- C:\windows\system32\SnippingTool.exe O4 - Global Startup: C:\Users\Yves\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Yves\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk . (.Nero AG.) -- C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe O4 - Global Startup: C:\Users\Yves\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SecurDisc Viewer.lnk . (.Nero AG.) -- C:\Program Files\Nero\Nero 7\SecurDisc Viewer\SecurDisc Viewer.exe O4 - Global Startup: C:\Users\Yves\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline O4 - Global Startup: C:\Users\Yves\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\windows\system32\mswsock.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\system32\winrnr.dll ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{F18BB94D-1015-4890-8990-CF43D822CB83}: DhcpNameServer = 192.168.1.1 0.0.0.0 O17 - HKLM\System\CS1\Services\Tcpip\..\{F18BB94D-1015-4890-8990-CF43D822CB83}: DhcpNameServer = 192.168.1.1 0.0.0.0 O17 - HKLM\System\CS2\Services\Tcpip\..\{F18BB94D-1015-4890-8990-CF43D822CB83}: DhcpNameServer = 192.168.1.1 0.0.0.0 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0 ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: (EPSON_PM_RPCV4_01) . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.exe O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: (OberonGameConsoleService) . (.Pas de propriétaire - OberonGameConsoleService.) - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe O23 - Service: (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared files\RichVideo.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.) ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\windows\Tasks\GoogleUpdateTaskMachineUA.job [MD5.091A0924AC02AE0A04F3D03BCCDE2712] [APT] [advSRS4] (.SEC.) -- C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [MD5.081DBA7C93F21B61DF1C5CE9E8AD0522] [APT] [APSchedulerC] (.DoctorSoft.) -- C:\Program Files\AnyPC Client\APLanMgrC.exe [MD5.21E26DC6538C0C255467312559BEB107] [APT] [batteryLifeExtender] (.Samsung Electronics. Co. Ltd..) -- C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [MD5.A46796CCF032D35720347262998D1F90] [APT] [EasyDisplayMgr] (.Samsung Electronics Co., Ltd..) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Windows Mail\WinMail.exe O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 9.0 r124.) -- C:\windows\system32\Macromed\Flash\Flash9f.ocx ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\windows\system32\drivers\afd.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\windows\system32\drivers\cdrom.sys O41 - Driver: C:\windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\windows\system32\drivers\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: (SABI) . (.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) - C:\windows\system32\Drivers\SABI.sys O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys O41 - Driver: C:\windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\windows\system32\drivers\vga.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys O41 - Driver: C:\windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys ---\\ Logiciels installés (O42) O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07} O42 - Logiciel: Adobe Flash Player ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Reader 9.1 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A91000000001} O42 - Logiciel: Alice Greenfingers - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767} O42 - Logiciel: AnyPC Client - (.Doctorsoft.) [HKLM] -- {1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2} O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {EE6097DD-05F4-4178-9719-D3170BF098E8} O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {308B6AEA-DE50-4666-996D-0FA461719D6B} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1} O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7} O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] -- {D1434266-0486-4469-B338-A60082CC04E1} O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: BatteryLifeExtender - (.Samsung.) [HKLM] -- {853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7} O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {2A981294-F14C-4F0F-9627-D793270922F8} O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Camera RAW Plug-In for EPSON Creativity Suite - (.SEIKO EPSON CORPORATION.) [HKLM] -- {93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD} O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658} O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658} O42 - Logiciel: CyberLink PowerDVD 8 - (.CyberLink Corp..) [HKLM] -- InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47} O42 - Logiciel: CyberLink PowerDVD 8 - (.CyberLink Corp..) [HKLM] -- {2BF2E31F-B8BB-40A7-B650-98D28E0F7D47} O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: CyberLink PowerProducer - (.CyberLink Corp..) [HKLM] -- InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861} O42 - Logiciel: CyberLink PowerProducer - (.CyberLink Corp..) [HKLM] -- {B7A0CE06-068E-11D6-97FD-0050BACBF861} O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D} O42 - Logiciel: Dairy Dash - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100} O42 - Logiciel: EPSON Attach To Email - (.SEIKO EPSON.) [HKLM] -- InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5} O42 - Logiciel: EPSON Copy Utility 3 - (.Pas de propriétaire.) [HKLM] -- {67EDD823-135A-4D59-87BD-950616D6E857} O42 - Logiciel: EPSON Easy Photo Print - (.SEIKO EPSON CORPORATION.) [HKLM] -- {3D78F2A2-C893-4ABD-B5FE-AD7011837755} O42 - Logiciel: EPSON File Manager - (.Pas de propriétaire.) [HKLM] -- {2EB81825-E9EE-44F4-8F51-1240C3898DC6} O42 - Logiciel: EPSON Logiciel imprimante - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON Printer and Utilities O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner O42 - Logiciel: EPSON Scan Assistant - (.Pas de propriétaire.) [HKLM] -- {2A88F1BF-7041-4E42-84B1-6B4ACB83AC64} O42 - Logiciel: EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuel - (.Pas de propriétaire.) [HKLM] -- EPSON Stylus CX7300_CX8300_DX7400_DX8400 Guide d'utilisation O42 - Logiciel: Easy Display Manager - (.Samsung Electronics Co., Ltd..) [HKLM] -- {17283B95-21A8-4996-97DA-547A48DB266F} O42 - Logiciel: Easy Network Manager - (.Samsung.) [HKLM] -- {A5675A9E-F073-414A-9A04-F9BCD50459D7} O42 - Logiciel: Easy SpeedUp Manager - (.Samsung Electronics Co.,Ltd..) [HKLM] -- {EF367AA4-070B-493C-9575-85BE59D789C9} O42 - Logiciel: EasyBatteryManager - (.Samsung.) [HKLM] -- {178EE5F4-0F86-4BF0-A0D1-9790AFF409D1} O42 - Logiciel: Farm Frenzy 2 - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173} O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {B131E59D-202C-43C6-84C9-68F0C37541F1} O42 - Logiciel: Game Pack - (.Oberon Media, Inc..) [HKLM] -- {63eafc52-b963-4297-a7eb-d412944e7065}_is1 O42 - Logiciel: Go-Go Gourmet - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31} O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Marvell Miniport Driver - (.Marvell.) [HKLM] -- Marvell Miniport Driver O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} O42 - Logiciel: Microsoft Office 97 Professional - (.Pas de propriétaire.) [HKLM] -- Office8.0 O42 - Logiciel: Microsoft Office Live Add-in 1.3 - (.Microsoft Corporation.) [HKLM] -- {57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E} O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE} O42 - Logiciel: Nero 7 Essentials - (.Nero AG.) [HKLM] -- {45B3A3BD-F90D-48FE-A147-D74878A51036} O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238} O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {E7004147-2CCA-431C-AA05-2AB166B9785D} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Samsung Recovery Solution 4 - (.Samsung.) [HKLM] -- {145DE957-0679-4A2A-BB5C-1D3E9808FAB2} O42 - Logiciel: Samsung Support Center - (.Samsung.) [HKLM] -- {CCC2B140-B47A-45FA-AAE3-BD60DA41AE00} O42 - Logiciel: Samsung Update Plus - (.Samsung Electronics Co., Ltd..) [HKLM] -- {D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5} O42 - Logiciel: SecurDisc Viewer - (.Nero AG.) [HKLM] -- {BE90CE58-41DE-4708-9291-A9D1D49B1036} O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey O42 - Logiciel: User Guide - (.Pas de propriétaire.) [HKLM] -- {BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA} O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52} O42 - Logiciel: Windows Live Contrôle parental - (.Microsoft Corporation.) [HKLM] -- {D5D81435-B8DE-4CAF-867F-7998F2B92CFC} O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {53B20C18-D8D4-4588-8737-9BBFE303C354} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA} O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {FAE36873-1941-4076-A9A5-48812B5EA0B7} O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} ---\\ HKCU & HKLM Software Keys [HKCU\Software\ABBYY] [HKCU\Software\Adobe] [HKCU\Software\Ahead] [HKCU\Software\AppDataLow\Software\Google] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\Avira] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CyberLink] [HKCU\Software\EPSON] [HKCU\Software\Google] [HKCU\Software\Intel] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\Oberon Media] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Realtek] [HKCU\Software\SEIKO EPSON] [HKCU\Software\Samsung] [HKCU\Software\Synaptics] [HKLM\Software\ABBYY] [HKLM\Software\ASK] [HKLM\Software\ATI Technologies] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\America Online] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Atheros] [HKLM\Software\Audible] [HKLM\Software\Avira] [HKLM\Software\BrowserChoice] [HKLM\Software\CHECKINSTALLER] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\Digital River] [HKLM\Software\Dr.Soft] [HKLM\Software\EPSON] [HKLM\Software\GEAR Software] [HKLM\Software\Google] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\Lake] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\Marvell] [HKLM\Software\McAfeeInstaller] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Nero] [HKLM\Software\ODBC] [HKLM\Software\Oberon Media] [HKLM\Software\OldTimer Tools] [HKLM\Software\Phoenix Technologies] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\Samsung Electronics Co., Ltd.] [HKLM\Software\Samsung] [HKLM\Software\Sonic] [HKLM\Software\Synaptics] [HKLM\Software\Uniblue] [HKLM\Software\Volatile] [HKLM\Software\Waves Audio] [HKLM\Software\Wow6432Node] [HKLM\Software\X-AVCSD] ---\\ Contenu des dossiers ProgramFiles/ProgramData (O43) O43 - CFD: 3/12/2011 - 3:32:52 PM ----D- C:\Program Files\ABBYY FineReader 6.0 Sprint O43 - CFD: 8/11/2010 - 11:39:28 PM ----D- C:\Program Files\Adobe O43 - CFD: 12/5/2009 - 3:52:44 AM ----D- C:\Program Files\AnyPC Client O43 - CFD: 3/12/2011 - 3:37:58 PM ----D- C:\Program Files\Apple Software Update O43 - CFD: 12/5/2009 - 3:44:10 AM ----D- C:\Program Files\Atheros Client Installation Program O43 - CFD: 3/12/2011 - 2:41:20 PM ----D- C:\Program Files\Avira O43 - CFD: 3/12/2011 - 3:37:40 PM ----D- C:\Program Files\Bonjour O43 - CFD: 3/12/2011 - 3:10:28 PM ----D- C:\Program Files\CCleaner O43 - CFD: 3/12/2011 - 3:37:04 PM ----D- C:\Program Files\Common Files O43 - CFD: 8/11/2010 - 5:55:42 PM ----D- C:\Program Files\CyberLink O43 - CFD: 3/13/2011 - 11:56:46 AM ----D- C:\Program Files\DVD Maker O43 - CFD: 3/12/2011 - 3:33:04 PM ----D- C:\Program Files\epson O43 - CFD: 3/12/2011 - 3:49:42 PM ----D- C:\Program Files\Google O43 - CFD: 3/12/2011 - 3:38:56 PM --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 12/5/2009 - 3:37:50 AM ----D- C:\Program Files\Intel O43 - CFD: 3/13/2011 - 11:56:46 AM ----D- C:\Program Files\Internet Explorer O43 - CFD: 3/12/2011 - 3:38:50 PM ----D- C:\Program Files\iPod O43 - CFD: 3/12/2011 - 3:39:44 PM ----D- C:\Program Files\iTunes O43 - CFD: 3/12/2011 - 4:54:36 PM ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 12/5/2009 - 3:42:26 AM ----D- C:\Program Files\Marvell O43 - CFD: 8/11/2010 - 5:54:44 PM ----D- C:\Program Files\Microsoft O43 - CFD: 12/5/2009 - 9:11:16 PM ----D- C:\Program Files\Microsoft Games O43 - CFD: 3/12/2011 - 3:05:50 PM ----D- C:\Program Files\Microsoft Office O43 - CFD: 8/11/2010 - 5:50:34 PM ----D- C:\Program Files\Microsoft Office Suite Activation Assistant O43 - CFD: 8/11/2010 - 5:54:48 PM ----D- C:\Program Files\Microsoft Silverlight O43 - CFD: 8/11/2010 - 5:53:28 PM ----D- C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 3/12/2011 - 2:55:50 PM ----D- C:\Program Files\Microsoft Works O43 - CFD: 7/14/2009 - 5:52:32 AM ----D- C:\Program Files\MSBuild O43 - CFD: 3/13/2011 - 11:49:00 AM ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 3/12/2011 - 2:45:00 PM ----D- C:\Program Files\Nero O43 - CFD: 12/5/2009 - 4:02:24 AM ----D- C:\Program Files\Phoenix Technologies Ltd O43 - CFD: 3/12/2011 - 3:38:26 PM ----D- C:\Program Files\QuickTime O43 - CFD: 12/5/2009 - 3:41:48 AM ----D- C:\Program Files\Realtek O43 - CFD: 7/14/2009 - 5:52:32 AM ----D- C:\Program Files\Reference Assemblies O43 - CFD: 12/5/2009 - 3:55:38 AM ----D- C:\Program Files\Samsung O43 - CFD: 8/11/2010 - 11:41:48 PM ----D- C:\Program Files\Samsung Casual Games O43 - CFD: 12/5/2009 - 3:44:24 AM ----D- C:\Program Files\Synaptics O43 - CFD: 12/5/2009 - 3:42:24 AM --H-D- C:\Program Files\Temp O43 - CFD: 7/14/2009 - 5:53:24 AM --H-D- C:\Program Files\Uninstall Information O43 - CFD: 3/13/2011 - 11:56:44 AM ----D- C:\Program Files\Windows Defender O43 - CFD: 3/13/2011 - 11:56:46 AM ----D- C:\Program Files\Windows Journal O43 - CFD: 8/11/2010 - 5:54:38 PM ----D- C:\Program Files\Windows Live O43 - CFD: 8/11/2010 - 5:52:20 PM ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD: 3/13/2011 - 11:56:46 AM ----D- C:\Program Files\Windows Mail O43 - CFD: 3/13/2011 - 11:56:46 AM ----D- C:\Program Files\Windows Media Player O43 - CFD: 3/12/2011 - 3:04:10 PM ----D- C:\Program Files\Windows Messaging O43 - CFD: 7/14/2009 - 5:52:32 AM ----D- C:\Program Files\Windows NT O43 - CFD: 3/13/2011 - 11:56:46 AM ----D- C:\Program Files\Windows Photo Viewer O43 - CFD: 3/13/2011 - 11:56:46 AM ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 3/13/2011 - 11:56:46 AM ----D- C:\Program Files\Windows Sidebar O43 - CFD: 3/14/2011 - 9:13:40 PM ----D- C:\Program Files\ZHPDiag O43 - CFD: 8/11/2010 - 11:39:32 PM ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 3/12/2011 - 2:49:14 PM ----D- C:\Program Files\Common Files\Ahead O43 - CFD: 3/12/2011 - 3:38:48 PM ----D- C:\Program Files\Common Files\Apple O43 - CFD: 12/5/2009 - 3:50:52 AM ----D- C:\Program Files\Common Files\CyberLink O43 - CFD: 3/12/2011 - 3:37:08 PM ----D- C:\Program Files\Common Files\InstallShield O43 - CFD: 3/12/2011 - 3:05:50 PM ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD: 8/11/2010 - 11:39:48 PM ----D- C:\Program Files\Common Files\Oberon Media O43 - CFD: 12/5/2009 - 3:55:18 AM ----D- C:\Program Files\Common Files\Samsung O43 - CFD: 7/14/2009 - 3:37:06 AM ----D- C:\Program Files\Common Files\Services O43 - CFD: 7/14/2009 - 3:37:06 AM ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 3/12/2011 - 11:41:50 PM ----D- C:\Program Files\Common Files\System O43 - CFD: 8/11/2010 - 5:51:04 PM ----D- C:\Program Files\Common Files\Windows Live O43 - CFD: 8/11/2010 - 11:39:42 PM ----D- C:\ProgramData\Adobe O43 - CFD: 3/12/2011 - 2:49:26 PM ----D- C:\ProgramData\Ahead O43 - CFD: 3/12/2011 - 3:37:04 PM ----D- C:\ProgramData\Apple O43 - CFD: 3/12/2011 - 3:38:48 PM ----D- C:\ProgramData\Apple Computer O43 - CFD: 7/14/2009 - 5:53:56 AM -SH-D- C:\ProgramData\Application Data O43 - CFD: 3/12/2011 - 2:41:20 PM ----D- C:\ProgramData\Avira O43 - CFD: 12/5/2009 - 3:47:36 AM ----D- C:\ProgramData\CyberLink O43 - CFD: 7/14/2009 - 5:53:56 AM -SH-D- C:\ProgramData\Desktop O43 - CFD: 7/14/2009 - 5:53:56 AM -SH-D- C:\ProgramData\Documents O43 - CFD: 3/12/2011 - 3:29:22 PM ----D- C:\ProgramData\EPSON O43 - CFD: 7/14/2009 - 5:53:56 AM -SH-D- C:\ProgramData\Favorites O43 - CFD: 12/5/2009 - 4:02:22 AM ----D- C:\ProgramData\Google O43 - CFD: 3/12/2011 - 3:11:48 PM ----D- C:\ProgramData\Malwarebytes O43 - CFD: 3/12/2011 - 2:52:20 PM -S--D- C:\ProgramData\Microsoft O43 - CFD: 3/12/2011 - 2:52:34 PM ----D- C:\ProgramData\Microsoft Help O43 - CFD: 3/12/2011 - 2:47:28 PM ----D- C:\ProgramData\Nero O43 - CFD: 12/5/2009 - 4:18:16 AM ----D- C:\ProgramData\SAMSUNG O43 - CFD: 12/5/2009 - 4:01:30 AM ----D- C:\ProgramData\SiteAdvisor O43 - CFD: 7/14/2009 - 5:53:56 AM -SH-D- C:\ProgramData\Start Menu O43 - CFD: 8/11/2010 - 5:55:26 PM ----D- C:\ProgramData\Temp O43 - CFD: 7/14/2009 - 5:53:56 AM -SH-D- C:\ProgramData\Templates O43 - CFD: 3/12/2011 - 3:34:56 PM ----D- C:\ProgramData\UDL O43 - CFD: 3/13/2011 - 12:34:50 AM ----D- C:\ProgramData\WinClon O43 - CFD: 8/11/2010 - 11:39:32 PM ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 3/12/2011 - 2:49:14 PM ----D- C:\Program Files\Common Files\Ahead O43 - CFD: 3/12/2011 - 3:38:48 PM ----D- C:\Program Files\Common Files\Apple O43 - CFD: 12/5/2009 - 3:50:52 AM ----D- C:\Program Files\Common Files\CyberLink O43 - CFD: 3/12/2011 - 3:37:08 PM ----D- C:\Program Files\Common Files\InstallShield O43 - CFD: 3/12/2011 - 3:05:50 PM ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD: 8/11/2010 - 11:39:48 PM ----D- C:\Program Files\Common Files\Oberon Media O43 - CFD: 12/5/2009 - 3:55:18 AM ----D- C:\Program Files\Common Files\Samsung O43 - CFD: 7/14/2009 - 3:37:06 AM ----D- C:\Program Files\Common Files\Services O43 - CFD: 7/14/2009 - 3:37:06 AM ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 3/12/2011 - 11:41:50 PM ----D- C:\Program Files\Common Files\System O43 - CFD: 8/11/2010 - 5:51:04 PM ----D- C:\Program Files\Common Files\Windows Live ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 3/12/2011 - 2:36:09 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\setuperr.log [0] O44 - LFC:[MD5.A36EE93698802CD899F98BFD553D8185] - 3/12/2011 - 2:41:19 PM ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\windows\System32\drivers\ssmdrv.sys [28520] O44 - LFC:[MD5.C306F96B5EAC2D58774780EC4AF5467B] - 3/12/2011 - 2:41:19 PM ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\windows\System32\drivers\avipbb.sys [135096] O44 - LFC:[MD5.47B879406246FFDCED59E18D331A0E7D] - 3/12/2011 - 2:41:19 PM ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\windows\System32\drivers\avgntflt.sys [61960] O44 - LFC:[MD5.EA9E8F8133C8C5DA8F04BF7C33FE9826] - 3/12/2011 - 2:46:49 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\DirectX.log [56700] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 3/12/2011 - 3:01:42 PM RSHA- . (.Pas de propriétaire - Pas de description.) -- C:\IO.SYS [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 3/12/2011 - 3:01:42 PM RSHA- . (.Pas de propriétaire - Pas de description.) -- C:\MSDOS.SYS [0] O44 - LFC:[MD5.DB5621F0450DD8092F8A3AB0CF12A43D] - 3/12/2011 - 3:05:24 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\system.mdw [69632] O44 - LFC:[MD5.24AF843AC6B2828CD5CDB157121EBAC7] - 3/12/2011 - 3:05:28 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\ODBC.INI [611] O44 - LFC:[MD5.DF3DD857C25918421EB5E51FD3D8E885] - 3/12/2011 - 3:05:28 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\ODBCINST.INI [957] O44 - LFC:[MD5.A55A7A823EBCD9DC4624672F55490BB2] - 3/12/2011 - 3:05:28 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\exchng.ini [22] O44 - LFC:[MD5.37429EC29C828C095B00AC940AFB253A] - 3/12/2011 - 3:05:28 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\win.ini [531] O44 - LFC:[MD5.726B6B429BC1BD02FB82E6FE1A0D5D6A] - 3/12/2011 - 3:05:29 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\mapisvc.inf [6850] O44 - LFC:[MD5.818FBFFD270EA95139CBE6D98E71E770] - 3/12/2011 - 3:05:49 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\FFASTLOG.TXT [510] O44 - LFC:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 3/12/2011 - 3:11:47 PM ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\windows\System32\drivers\mbam.sys [20952] O44 - LFC:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 3/12/2011 - 3:11:49 PM ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\windows\System32\drivers\mbamswissarmy.sys [38224] O44 - LFC:[MD5.40FDF3546B2DD93413C2223169683979] - 3/12/2011 - 3:27:32 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\CDE DX8400DEFGIPS.ini [25] O44 - LFC:[MD5.6AD752B19D3ADB1CF23D62A9D7C27811] - 3/12/2011 - 3:27:46 PM ---A- . (.SEIKO EPSON CORP. - EPSON WIA Module.) -- C:\windows\System32\escwiad.dll [67072] O44 - LFC:[MD5.E3D843A6EE42420425393A99C646A76F] - 3/12/2011 - 3:28:08 PM ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\windows\System32\atmlib.dll [34304] O44 - LFC:[MD5.144C5FC98697BCFD95FA02E2AEF5088D] - 3/12/2011 - 3:28:08 PM ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\windows\System32\atmfd.dll [294400] O44 - LFC:[MD5.8EB50EB111D161708B899A6AF6A8F860] - 3/12/2011 - 3:28:19 PM ---A- . (.SEIKO EPSON CORPORATION - ECBTEGB.) -- C:\windows\System32\E_FD4BCEE.DLL [62976] O44 - LFC:[MD5.1129871724A26B1DD6678DE88B7FE941] - 3/12/2011 - 3:28:20 PM ---A- . (.SEIKO EPSON CORP. - E_DCINST.) -- C:\windows\System32\E_DCINST.DLL [49152] O44 - LFC:[MD5.A4EC6B9766E2A7FAA77283697BC5C307] - 3/12/2011 - 3:28:20 PM ---A- . (.SEIKO EPSON CORPORATION - EPSON Bi-directional Monitor.) -- C:\windows\System32\E_FLBCEE.DLL [76800] O44 - LFC:[MD5.8C5D98825C4A3F840290D3000BCBD751] - 3/12/2011 - 3:29:48 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICLocal_BP.cfg [6347] O44 - LFC:[MD5.4522750EA97E574F092B463A5072F5D3] - 3/12/2011 - 3:29:48 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICLocal_CF.cfg [6195] O44 - LFC:[MD5.3B085599D53A8E49A02B42316167791D] - 3/12/2011 - 3:29:48 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICLocal_DU.cfg [6122] O44 - LFC:[MD5.87CC3262E60487AC2A7DF54E7A94405E] - 3/12/2011 - 3:29:48 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICLocal_EN.cfg [13732] O44 - LFC:[MD5.D74F30976FC27C4134AC650747E141F6] - 3/12/2011 - 3:29:48 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICLocal_ES.cfg [6103] O44 - LFC:[MD5.4522750EA97E574F092B463A5072F5D3] - 3/12/2011 - 3:29:48 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICLocal_FR.cfg [6195] O44 - LFC:[MD5.5AF012AA8CF511EBA96E1FB620800406] - 3/12/2011 - 3:29:48 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICLocal_GE.cfg [6335] O44 - LFC:[MD5.C97F01641F82529F811750CC8BA8F6BE] - 3/12/2011 - 3:29:48 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICLocal_IT.cfg [6442] O44 - LFC:[MD5.EFBB67A52E13B74D9504C72A7FFBAC66] - 3/12/2011 - 3:29:48 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICLocal_KO.cfg [5817] O44 - LFC:[MD5.8C5D98825C4A3F840290D3000BCBD751] - 3/12/2011 - 3:29:48 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICLocal_PT.cfg [6347] O44 - LFC:[MD5.3310F4A726ABF152C54C6AEF9FF6A73C] - 3/12/2011 - 3:29:48 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICLocal_RU.cfg [2889] O44 - LFC:[MD5.6CD8BBC5EFB7F458A8FE3AC3F566D48E] - 3/12/2011 - 3:29:48 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICLocal_SC.cfg [5436] O44 - LFC:[MD5.01BDBCEABF472323F62D879A7A2AACF9] - 3/12/2011 - 3:29:48 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICLocal_TC.cfg [2426] O44 - LFC:[MD5.11CEF97EC383B4A9268CEBCAFDA1C0BF] - 3/12/2011 - 3:29:48 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICPattern1.dat [26154] O44 - LFC:[MD5.99B39A991604A09125A63D1F83A1668F] - 3/12/2011 - 3:29:48 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICPattern121.dat [27417] O44 - LFC:[MD5.C35D83EF6773F875E85A37CD389FC98A] - 3/12/2011 - 3:29:48 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICPattern131.dat [31053] O44 - LFC:[MD5.AED88E22D1F234668E0FF2F1C6D80AD1] - 3/12/2011 - 3:29:48 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICPattern2.dat [20148] O44 - LFC:[MD5.EA23048F088AAC681C4FE4EC051A8663] - 3/12/2011 - 3:29:48 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICPattern3.dat [24903] O44 - LFC:[MD5.8C1013EAF95FF2CEC2391EB0E8B04B31] - 3/12/2011 - 3:29:48 PM ---A- . (.SEIKO EPSON CORPORATION - EPSON PIC SDK 1.10.) -- C:\windows\System32\EPPicMgr.dll [71840] O44 - LFC:[MD5.DAEF4897E14EFB7050F7E0FC6887379F] - 3/12/2011 - 3:29:49 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICPattern4.dat [11811] O44 - LFC:[MD5.7124C6AA586A840A5AE1F2972D4F6E12] - 3/12/2011 - 3:29:49 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICPattern5.dat [21390] O44 - LFC:[MD5.E000BC718432CBB8F8AF9A2DD4EBCC59] - 3/12/2011 - 3:29:49 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICPattern6.dat [4943] O44 - LFC:[MD5.17252792B6016C58F15C9A04AC834147] - 3/12/2011 - 3:29:49 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICPresetData_BP.dat [1139] O44 - LFC:[MD5.EC10E010C637383D566C95CEA4307737] - 3/12/2011 - 3:29:49 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICPresetData_CF.dat [1129] O44 - LFC:[MD5.7C52CC8596D832C902FD194EBBB2CB2E] - 3/12/2011 - 3:29:49 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICPresetData_DU.dat [1146] O44 - LFC:[MD5.4843A0BA0A20A81373086ACCAD81725B] - 3/12/2011 - 3:29:49 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICPresetData_EN.dat [1104] O44 - LFC:[MD5.A40E9AED5BB4DF99EEC5C973DA0C0B42] - 3/12/2011 - 3:29:49 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICPresetData_ES.dat [1136] O44 - LFC:[MD5.EC10E010C637383D566C95CEA4307737] - 3/12/2011 - 3:29:49 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICPresetData_FR.dat [1129] O44 - LFC:[MD5.968070015D107F9353471E2CCA8F432E] - 3/12/2011 - 3:29:49 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICPresetData_GE.dat [1107] O44 - LFC:[MD5.1E58B11A525A5C324F4BCF86E62E1826] - 3/12/2011 - 3:29:49 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICPresetData_IT.dat [1120] O44 - LFC:[MD5.17252792B6016C58F15C9A04AC834147] - 3/12/2011 - 3:29:49 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICPresetData_PT.dat [1139] O44 - LFC:[MD5.7AA6FCF74FEA8DE3F1E71CF579E9BCB9] - 3/12/2011 - 3:29:49 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\EPPICPrinterDB.dat [111932] O44 - LFC:[MD5.0F23634D5375EBC97A1D77838730A55D] - 3/12/2011 - 3:29:49 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\PICSDK.ini [97] O44 - LFC:[MD5.2E409416D32024870A2D841B157A8E19] - 3/12/2011 - 3:29:49 PM ---A- . (.SEIKO EPSON CORPORATION - EPSON PIC SDK 1.10.) -- C:\windows\System32\EpPicPrt.dll [120992] O44 - LFC:[MD5.68D2DE06776BEC0409AF80D26C2FD42E] - 3/12/2011 - 3:29:49 PM ---A- . (.SEIKO EPSON CORPORATION - EPSON PIC SDK 3.0.) -- C:\windows\System32\PICEntry.dll [108704] O44 - LFC:[MD5.93C3E9EE30280A8ED2D56DCEDA0FAF3F] - 3/12/2011 - 3:29:49 PM ---A- . (.SEIKO EPSON CORPORATION - EPSON PIC SDK 3.0.) -- C:\windows\System32\PICSDK.dll [80024] O44 - LFC:[MD5.17152A7F21C9802E7826DE63D2DF184C] - 3/12/2011 - 3:29:49 PM ---A- . (.SEIKO EPSON CORPORATION - EPSON PIC SDK 3.0.) -- C:\windows\System32\PICSDK2.dll [501912] O44 - LFC:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 3/12/2011 - 3:39:44 PM ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\windows\System32\drivers\GEARAspiWDM.sys [26600] O44 - LFC:[MD5.005EE82BABF1D2D32188A75BEDF500A4] - 3/12/2011 - 3:39:44 PM ---A- . (.GEAR Software Inc. - GEARAspi (x86).) -- C:\windows\System32\GEARAspi.dll [107368] O44 - LFC:[MD5.C236A8735A48B165A2A7724357DBE332] - 3/13/2011 - 11:45:55 AM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\RacRules.xml [105559] O44 - LFC:[MD5.5C18CD22BE4628865FCB63337A6E5EF6] - 3/13/2011 - 11:45:59 AM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\ScavengeSpace.xml [10429] O44 - LFC:[MD5.03783D0840B2C54D7665248425C74417] - 3/13/2011 - 11:46:00 AM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\dosx.exe [53600] O44 - LFC:[MD5.1DE21EC4A2232FF4F5298ADCAE7B3690] - 3/13/2011 - 11:46:00 AM ---A- . (.Radius Inc. - Codec Cinepak®.) -- C:\windows\System32\iccvid.dll [82944] O44 - LFC:[MD5.163A95975E1D8819E653AA3E961371CA] - 3/13/2011 - 11:46:06 AM ---A- . (.Twain Working Group - Gestionnaire de sources Twain_32 (Image Acq.) -- C:\windows\twain_32.dll [51200] O44 - LFC:[MD5.737AFC772243C75E6AD17A7A8E8E23F9] - 3/13/2011 - 11:46:07 AM ---A- . (.Windows ® Codename Longhorn DDK provider - Services de gestion des polices.) -- C:\windows\System32\fms.dll [93696] O44 - LFC:[MD5.A3CAE5D281DB4CFF7CFF8233507EE5AD] - 3/13/2011 - 11:46:15 AM ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\windows\System32\drivers\iaStorV.sys [332160] O44 - LFC:[MD5.39B9273CA01364E115B464416CFB729B] - 3/13/2011 - 11:46:16 AM ---A- . (.Microsoft - robocopy.) -- C:\windows\System32\Robocopy.exe [98816] O44 - LFC:[MD5.146459D2B08BFDCBFA856D9947043C81] - 3/13/2011 - 11:46:25 AM ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\windows\System32\drivers\amdxata.sys [22400] O44 - LFC:[MD5.E7F4D42D8076EC60E21715CD11743A0D] - 3/13/2011 - 11:46:31 AM ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\windows\System32\drivers\amdsata.sys [80256] O44 - LFC:[MD5.C9FB8C3D650EF8BD76865EC20A19A5BC] - 3/13/2011 - 11:46:39 AM ---A- . (.Microsoft - Filtre du convertisseur RDP (redirecteur).) -- C:\windows\System32\DShowRdpFilter.dll [252928] O44 - LFC:[MD5.AF2EEC9580C1D32FB7EAF105D9784061] - 3/13/2011 - 11:46:40 AM ---A- . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) -- C:\windows\System32\drivers\nvraid.sys [117120] O44 - LFC:[MD5.9283C58EBAA2618F93482EB5DABCEC82] - 3/13/2011 - 11:46:43 AM ---A- . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) -- C:\windows\System32\drivers\nvstor.sys [143744] O44 - LFC:[MD5.C5DEA5B95AF9AA981C88CAB94A58213E] - 3/13/2011 - 11:46:47 AM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\locale.nls [419880] O44 - LFC:[MD5.B8CBB46B42570D373C9933FBDF25EBCE] - 3/13/2011 - 11:46:51 AM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\systemsf.ebd [146852] O44 - LFC:[MD5.CD4089E09174E7EF2E5B237C2035C1AC] - 3/13/2011 - 11:49:11 AM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\msxml4-KB973688-enu.LOG [290890] O44 - LFC:[MD5.AE7CD87D91E048AE65A125658D8B0CFA] - 3/13/2011 - 11:49:19 AM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\msxml4-KB954430-enu.LOG [284344] O44 - LFC:[MD5.764B4E40E8633904CEA020F6C46D20ED] - 3/13/2011 - 11:58:44 AM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\FNTCACHE.DAT [347704] O44 - LFC:[MD5.EAB7432EF9F9A22E3FAA25B96EFB2DCB] - 3/13/2011 - 1:44:36 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\PFRO.log [655156] O44 - LFC:[MD5.F550B7F523A9EB7143F4D9C04FBCACA1] - 3/14/2011 - 9:00:53 PM -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\bootstat.dat [67584] O44 - LFC:[MD5.25E8BE34331D93B6A1139D6B727E85D8] - 3/14/2011 - 9:00:54 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\setupact.log [42474] O44 - LFC:[MD5.53000000000000000000000004EF1200] - 3/14/2011 - 9:02:27 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\WindowsUpdate.log [1116075] O44 - LFC:[MD5.3AFB7BAD0967EACE8D3ED16CF2A8FD8A] - 3/14/2011 - 9:05:09 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\PerfStringBackup.INI [1524562] O44 - LFC:[MD5.EED51D56C1041D48C08D31CFC0876496] - 3/14/2011 - 9:05:09 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\perfc009.dat [103568] O44 - LFC:[MD5.FF7FA933B2ABBB07373BDCD201A1ABA9] - 3/14/2011 - 9:05:09 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\perfc00C.dat [127684] O44 - LFC:[MD5.EE946017F68304658A20B6732CE5F8B8] - 3/14/2011 - 9:05:09 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\perfh009.dat [607190] O44 - LFC:[MD5.E4468BFBF99A521D733AA7B7BB2359F4] - 3/14/2011 - 9:05:09 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\perfh00C.dat [695004] O44 - LFC:[MD5.F5A7732F9B00F9E7DC1049C7A315C980] - 3/14/2011 - 9:06:48 PM --HA- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [14736] O44 - LFC:[MD5.F5A7732F9B00F9E7DC1049C7A315C980] - 3/14/2011 - 9:06:48 PM --HA- . (.Pas de propriétaire - Pas de description.) -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [14736] ---\\ Déni du service (Local Security Authority) (LSA) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\windows\System32\msv1_0.dll ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\windows\System32\iccvid.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ---\\ ShareTools MSconfig StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O53 - SMSR:HKLM\...\startupreg\APLangApp [Key] . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\AnyPC Client\APLangApp.exe O53 - SMSR:HKLM\...\startupreg\BrowserChoice [Key] . (.Pas de propriétaire - Pas de description.) -- "C:\Windows\System32\browserchoice.exe O53 - SMSR:HKLM\...\startupreg\CLMLServer [Key] . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe O53 - SMSR:HKLM\...\startupreg\EPSON Stylus DX8400 Series [Key] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.exe O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\iTunes\iTunesHelper.exe O53 - SMSR:HKLM\...\startupreg\NeroFilterCheck [Key] . (.Nero AG - NeroCheck.) -- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O53 - SMSR:HKLM\...\startupreg\PDVD8LanguageShortcut [Key] . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe O53 - SMSR:HKLM\...\startupreg\Persistence [Key] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\QuickTime\QTTask.exe O53 - SMSR:HKLM\...\startupreg\RemoteControl8 [Key] . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe O53 - SMSR:HKLM\...\startupreg\RtHDVCpl [Key] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O53 - SMSR:HKLM\...\startupreg\SynTPEnh [Key] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O53 - SMSR:HKLM\...\startupreg\UCam_Menu [Key] . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe O53 - SMSR:HKLM\...\startupreg\UpdateLBPShortCut [Key] . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe O53 - SMSR:HKLM\...\startupreg\UpdateP2GoShortCut [Key] . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe O53 - SMSR:HKLM\...\startupreg\UpdatePDRShortCut [Key] . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe O53 - SMSR:HKLM\...\startupreg\UpdatePPShortCut [Key] . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\windows\system32\credssp.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 7/14/2009 - 2:26:15 AM ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\windows\system32\drivers\adp94xx.sys [422976] O58 - SDL:[MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - 7/14/2009 - 2:26:17 AM ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\windows\system32\drivers\adpahci.sys [297552] O58 - SDL:[MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - 7/14/2009 - 2:26:15 AM ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\windows\system32\drivers\adpu320.sys [146512] O58 - SDL:[MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - 7/14/2009 - 2:26:15 AM ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\windows\system32\drivers\aliide.sys [14400] O58 - SDL:[MD5.E7F4D42D8076EC60E21715CD11743A0D] - 11/20/2010 - 1:29:13 PM ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\windows\system32\drivers\amdsata.sys [80256] O58 - SDL:[MD5.EA43AF0C423FF267355F74E7A53BDABA] - 7/14/2009 - 2:26:15 AM ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\windows\system32\drivers\amdsbs.sys [159312] O58 - SDL:[MD5.146459D2B08BFDCBFA856D9947043C81] - 11/20/2010 - 1:29:15 PM ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\windows\system32\drivers\amdxata.sys [22400] O58 - SDL:[MD5.2932004F49677BD84DBC72EDB754FFB3] - 7/14/2009 - 2:26:15 AM ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\windows\system32\drivers\arc.sys [76368] O58 - SDL:[MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - 7/14/2009 - 2:26:15 AM ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\windows\system32\drivers\arcsas.sys [86608] O58 - SDL:[MD5.0F4B6B99D6CDC1D93DF1FA690796B2F7] - 11/6/2009 - 9:53:58 PM ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\windows\system32\drivers\athr.sys [1227776] O58 - SDL:[MD5.47B879406246FFDCED59E18D331A0E7D] - 12/6/2010 - 8:48:06 AM ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\windows\system32\drivers\avgntflt.sys [61960] O58 - SDL:[MD5.C306F96B5EAC2D58774780EC4AF5467B] - 12/6/2010 - 8:48:06 AM ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\windows\system32\drivers\avipbb.sys [135096] O58 - SDL:[MD5.BD8869EB9CDE6BBE4508D869929869EE] - 7/13/2009 - 11:02:49 PM ---A- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\windows\system32\drivers\b57nd60x.sys [229888] O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 7/13/2009 - 11:53:28 PM ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\windows\system32\drivers\BrFiltLo.sys [13568] O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 7/13/2009 - 11:53:28 PM ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\windows\system32\drivers\BrFiltUp.sys [5248] O58 - SDL:[MD5.845B8CE732E67F3B4133164868C666EA] - 7/14/2009 - 1:57:25 AM ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\windows\system32\drivers\BrSerId.sys [272128] O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 7/13/2009 - 11:53:32 PM ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\windows\system32\drivers\BrSerWdm.sys [62336] O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 7/13/2009 - 11:53:33 PM ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\windows\system32\drivers\BrUsbMdm.sys [12160] O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 7/13/2009 - 11:53:33 PM ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\windows\system32\drivers\BrUsbSer.sys [11904] O58 - SDL:[MD5.1A231ABEC60FD316EC54C66715543CEC] - 7/13/2009 - 11:02:48 PM ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\windows\system32\drivers\bxvbdx.sys [430080] O58 - SDL:[MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - 7/14/2009 - 2:26:21 AM ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\windows\system32\drivers\cmdide.sys [15952] O58 - SDL:[MD5.8B30250D573A8F6B4BD23195160D8707] - 7/14/2009 - 2:20:28 AM ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\windows\system32\drivers\djsvs.sys [70720] O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 7/14/2009 - 2:20:28 AM ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\windows\system32\drivers\elxstor.sys [453712] O58 - SDL:[MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - 7/13/2009 - 11:02:48 PM ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\windows\system32\drivers\evbdx.sys [3100160] O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 5/18/2009 - 1:17:00 PM ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\windows\system32\drivers\GEARAspiWDM.sys [26600] O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 7/13/2009 - 11:54:14 PM ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\windows\system32\drivers\hcw85cir.sys [26624] O58 - SDL:[MD5.295FDC419039090EB8B49FFDBB374549] - 7/14/2009 - 2:20:28 AM ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\windows\system32\drivers\HpSAMD.sys [67152] O58 - SDL:[MD5.0BAA4115DFFFD6A6D809A89D65E1281A] - 10/13/2009 - 3:09:36 AM ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\windows\system32\drivers\iaStor.sys [331288] O58 - SDL:[MD5.A3CAE5D281DB4CFF7CFF8233507EE5AD] - 11/20/2010 - 1:29:54 PM ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\windows\system32\drivers\iaStorV.sys [332160] O58 - SDL:[MD5.8266AE06DF974E5BA047B3E9E9E70B3F] - 8/25/2010 - 7:31:30 PM ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\windows\system32\drivers\igdkmd32.sys [9024512] O58 - SDL:[MD5.4173FF5708F3236CF25195FECD742915] - 7/14/2009 - 2:20:36 AM ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\windows\system32\drivers\iirsp.sys [41040] O58 - SDL:[MD5.264632ADE8127B7BAA2190CF6FAD435B] - 7/10/2009 - 2:44:52 PM ---A- . (.Intel® Corporation - Intel® High Definition Audio HDMI.) -- C:\windows\system32\drivers\IntcHdmi.sys [122880] O58 - SDL:[MD5.EB119A53CCF2ACC000AC71B065B78FEF] - 7/14/2009 - 2:20:36 AM ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\windows\system32\drivers\lsi_fc.sys [95824] O58 - SDL:[MD5.8ADE1C877256A22E49B75D1CC9161F9C] - 7/14/2009 - 2:20:37 AM ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\windows\system32\drivers\lsi_sas.sys [89168] O58 - SDL:[MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - 7/14/2009 - 2:20:36 AM ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\windows\system32\drivers\lsi_sas2.sys [54864] O58 - SDL:[MD5.0A036C7D7CAB643A7F07135AC47E0524] - 7/14/2009 - 2:20:36 AM ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\windows\system32\drivers\lsi_scsi.sys [96848] O58 - SDL:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 12/20/2010 - 6:08:40 PM ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\windows\system32\drivers\mbam.sys [20952] O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 12/20/2010 - 6:09:00 PM ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\windows\system32\drivers\mbamswissarmy.sys [38224] O58 - SDL:[MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - 7/14/2009 - 2:20:36 AM ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\windows\system32\drivers\megasas.sys [30800] O58 - SDL:[MD5.DCBAB2920C75F390CAF1D29F675D03D6] - 7/14/2009 - 2:20:36 AM ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\windows\system32\drivers\MegaSR.sys [235584] O58 - SDL:[MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - 7/14/2009 - 2:20:44 AM ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\windows\system32\drivers\nfrd960.sys [44624] O58 - SDL:[MD5.AF2EEC9580C1D32FB7EAF105D9784061] - 11/20/2010 - 1:30:06 PM ---A- . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) -- C:\windows\system32\drivers\nvraid.sys [117120] O58 - SDL:[MD5.9283C58EBAA2618F93482EB5DABCEC82] - 11/20/2010 - 1:30:06 PM ---A- . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) -- C:\windows\system32\drivers\nvstor.sys [143744] O58 - SDL:[MD5.AB95ECF1F6659A60DDC166D8315B0751] - 7/14/2009 - 2:19:04 AM ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\windows\system32\drivers\ql2300.sys [1383488] O58 - SDL:[MD5.B4DD51DD25182244B86737DC51AF2270] - 7/14/2009 - 2:19:04 AM ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\windows\system32\drivers\ql40xx.sys [106064] O58 - SDL:[MD5.7DFD48E24479B68B258D8770121155A0] - 7/13/2009 - 11:02:52 PM ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver.) -- C:\windows\system32\drivers\Rt86win7.sys [139776] O58 - SDL:[MD5.3202E26501E5E18C35DC2CC74709A704] - 11/21/2009 - 3:33:28 AM ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\windows\system32\drivers\RTKVHDA.sys [2811296] O58 - SDL:[MD5.41CE6B172542A9A227E34A45881E1D2A] - 6/26/2010 - 10:53:57 AM ---A- . (.Windows ® 2003 DDK 3790 provider - Generic Port I/O for Win32.) -- C:\windows\system32\drivers\rtport.sys [15656] O58 - SDL:[MD5.6E5FBB7CBAEC47038B945D5E9B144A64] - 5/28/2009 - 7:38:12 AM ---A- . (.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) -- C:\windows\system32\drivers\SABI.sys [10752] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 7/13/2009 - 9:50:20 PM ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\windows\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.5FB7FCEA0490D821F26F39CC5EA3D1E2] - 7/14/2009 - 12:45:33 AM ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\windows\system32\drivers\serial.sys [83456] O58 - SDL:[MD5.A9F0486851BECB6DDA1D89D381E71055] - 7/14/2009 - 2:19:04 AM ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\windows\system32\drivers\sisraid2.sys [40016] O58 - SDL:[MD5.3727097B55738E2F554972C3BE5BC1AA] - 7/14/2009 - 2:19:04 AM ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\windows\system32\drivers\sisraid4.sys [77888] O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 6/17/2010 - 2:28:02 PM ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\windows\system32\drivers\ssmdrv.sys [28520] O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 7/14/2009 - 2:19:04 AM ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\windows\system32\drivers\stexstor.sys [21072] O58 - SDL:[MD5.215A45246C6E2D0A9C263CE1786C8D8A] - 10/10/2009 - 4:16:30 AM ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\windows\system32\drivers\SynTP.sys [229424] O58 - SDL:[MD5.E43574F6A56A0EE11809B48C09E4FD3C] - 7/14/2009 - 2:19:10 AM ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\windows\system32\drivers\viaide.sys [16976] O58 - SDL:[MD5.9DFA0CC2F8855A04816729651175B631] - 7/14/2009 - 2:19:11 AM ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\windows\system32\drivers\vsmraid.sys [141904] O58 - SDL:[MD5.30B73EB97218A16CBC6DE535782A1B35] - 9/28/2009 - 10:22:00 AM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\system32\drivers\yk62x86.sys [315392] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 7/13/2009 - 10:40:41 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\system32\ANSI.SYS [9029] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 7/13/2009 - 10:40:44 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\system32\country.sys [27097] O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 7/13/2009 - 10:40:40 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\system32\HIMEM.SYS [4768] O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 7/13/2009 - 10:40:43 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\system32\KEY01.SYS [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 7/13/2009 - 10:40:43 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\system32\KEYBOARD.SYS [42537] O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 7/13/2009 - 10:40:23 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\system32\NTDOS.SYS [27866] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 7/13/2009 - 10:40:31 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\system32\NTDOS404.SYS [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 7/13/2009 - 10:40:35 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\system32\NTDOS411.SYS [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 7/13/2009 - 10:40:39 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\system32\NTDOS412.SYS [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 7/13/2009 - 10:40:27 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\system32\NTDOS804.SYS [29146] O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 7/13/2009 - 10:40:11 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\system32\NTIO.SYS [33952] O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 7/13/2009 - 10:40:15 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\system32\NTIO404.SYS [34672] O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 7/13/2009 - 10:40:17 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\system32\NTIO411.SYS [35776] O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 7/13/2009 - 10:40:19 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\system32\NTIO412.SYS [35536] O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 7/13/2009 - 10:40:13 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\windows\system32\NTIO804.SYS [34672] ---\\ Liste des outils de nettoyage (LATC) (O63) O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ---\\ Liste des services Legacy (LALS) (O64) O64 - Services: CurCS - C:\windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - C:\Windows\System32\drivers\atapi.sys - IDE Channel (atapi) .(.Microsoft Corporation - ATAPI IDE Miniport Driver.) - LEGACY_ATAPI O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB O64 - Services: CurCS - C:\windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP O64 - Services: CurCS - C:\windows\system32\browser.dll (bowser) .(.Microsoft Corporation - DLL du service Explorateur d'ordinateurs.) - LEGACY_BOWSER O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS O64 - Services: CurCS - C:\windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS O64 - Services: CurCS - C:\Windows\System32\Drivers\cng.sys - CNG (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG O64 - Services: CurCS - C:\windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC O64 - Services: CurCS - C:\windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE O64 - Services: CurCS - C:\windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL O64 - Services: CurCS - C:\windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT O64 - Services: CurCS - C:\windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO O64 - Services: CurCS - C:\windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR O64 - Services: CurCS - C:\windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC O64 - Services: CurCS - C:\windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL O64 - Services: CurCS - C:\windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP O64 - Services: CurCS - C:\windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY O64 - Services: CurCS - C:\windows\system32\rascfg.dll (IpFilterDriver) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_IPFILTERDRIVER O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecpkg.sys - KSecPkg (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG O64 - Services: CurCS - C:\Windows\System32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO O64 - Services: CurCS - C:\windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV O64 - Services: CurCS - (.not file.) - McAfee Inc. mfeavfk (mfeavfk) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFEAVFK O64 - Services: CurCS - (.not file.) - McAfee Inc. mfebopk (mfebopk) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFEBOPK O64 - Services: CurCS - (.not file.) - McAfee Inc. mfehidk (mfehidk) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFEHIDK O64 - Services: CurCS - (.not file.) - McAfee Inc. mfesmfk (mfesmfk) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFESMFK O64 - Services: CurCS - C:\windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR O64 - Services: CurCS - (.not file.) - MPFP (MPFP) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPFP O64 - Services: CurCS - C:\windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV O64 - Services: CurCS - C:\windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB O64 - Services: CurCS - C:\windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10 O64 - Services: CurCS - C:\windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20 O64 - Services: CurCS - C:\Windows\System32\drivers\msahci.sys - msahci (msahci) .(.Microsoft Corporation - MS AHCI 1.0 Standard Driver.) - LEGACY_MSAHCI O64 - Services: CurCS - C:\windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS O64 - Services: CurCS - C:\Windows\System32\drivers\msisadrv.sys - msisadrv (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV O64 - Services: CurCS - C:\windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP O64 - Services: CurCS - C:\Windows\System32\DRIVERS\nwifi.sys - NativeWiFi Filter (NativeWifiP) .(.Microsoft Corporation - Pilote de miniport WiFi natif.) - LEGACY_NATIVEWIFIP O64 - Services: CurCS - C:\windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndisuio.sys - NDIS Usermode I/O Protocol (Ndisuio) .(.Microsoft Corporation - Pilote d'E/S du mode utilisateur NDIS.) - LEGACY_NDISUIO O64 - Services: CurCS - C:\windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - C:\windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - C:\windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS O64 - Services: CurCS - C:\windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY O64 - Services: CurCS - C:\windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS O64 - Services: CurCS - C:\windows\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL O64 - Services: CurCS - C:\windows\system32\DRIVERS\parvdm.sys - Parvdm (Parvdm) .(.Microsoft Corporation - Pilote parallèle VDM.) - LEGACY_PARVDM O64 - Services: CurCS - C:\Windows\System32\drivers\pcw.sys - Performance Counters for Windows Driver (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW O64 - Services: CurCS - C:\Windows\System32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH O64 - Services: CurCS - C:\windows\system32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED O64 - Services: CurCS - C:\windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS O64 - Services: CurCS - C:\windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - C:\windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD O64 - Services: CurCS - C:\windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR O64 - Services: CurCS - C:\windows\system32\drivers\rtport.sys - rtport (rtport) .(.Windows ® 2003 DDK 3790 provider - Generic Port I/O for Win32.) - LEGACY_RTPORT O64 - Services: CurCS - C:\windows\system32\Drivers\SABI.sys - SAMSUNG Kernel Driver For Windows 7 (SABI) .(.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) - LEGACY_SABI O64 - Services: CurCS - C:\windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV O64 - Services: CurCS - C:\windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR O64 - Services: CurCS - C:\windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV O64 - Services: CurCS - C:\windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - C:\windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP O64 - Services: CurCS - C:\Windows\System32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG O64 - Services: CurCS - C:\windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX O64 - Services: CurCS - C:\windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - C:\windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Pilote d'extension du gestionnaire de volum.) - LEGACY_VOLMGRX O64 - Services: CurCS - C:\Windows\System32\drivers\volsnap.sys - Storage volumes (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP O64 - Services: CurCS - C:\Windows\System32\DRIVERS\vwififlt.sys - Virtual WiFi Filter Driver (vwififlt) .(.Microsoft Corporation - Virtual WiFi Filter Driver.) - LEGACY_VWIFIFLT O64 - Services: CurCS - C:\windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6 O64 - Services: CurCS - C:\Windows\System32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - Runtime de l'infrastructure de pilotes en m.) - LEGACY_WDF01000 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wfplwf.sys - WFP Lightweight Filter (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF O64 - Services: CurCS - C:\Windows\System32\drivers\WudfPf.sys - User Mode Driver Frameworks Platform Driver (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\windows\regedit.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\windows\regedit.exe ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - {searchTerms} - Bing O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} [DefaultScope] - (Google) - {searchTerms} - Recherche Google O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - {searchTerms} - Recherche Google ---\\ Recherche des services démarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d'application.) -- C:\windows\System32\aelupsvc.dll [62464] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\windows\System32\certprop.dll [67584] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\windows\System32\certprop.dll [67584] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\windows\system32\srvsvc.dll [168960] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\windows\System32\gpsvc.dll [593408] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\windows\System32\ikeext.dll [674304] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\windows\System32\Audiosrv.dll [473600] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d'accès distant.) -- C:\windows\System32\rasauto.dll [90624] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\windows\System32\rasmans.dll [286208] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d'interface dynamique.) -- C:\windows\System32\mprdim.dll [75264] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d'événements système (SENS).) -- C:\windows\System32\sens.dll [49664] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\windows\System32\ipnathlp.dll [300544] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows™.) -- C:\windows\System32\tapisrv.dll [242176] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\windows\System32\termsrv.dll [521216] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\windows\system32\wuaueng.dll [1914368] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\windows\System32\qmgr.dll [585728] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\windows\System32\shsvcs.dll [328192] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\windows\System32\iphlpsvc.dll [499712] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\windows\system32\seclogon.dll [21504] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d'application.) -- C:\windows\System32\appinfo.dll [47104] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\windows\system32\iscsiexe.dll [114688] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\windows\system32\mmcss.dll [49664] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\windows\System32\wercplsupport.dll [61440] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\windows\System32\eapsvc.dll [98304] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\windows\system32\profsvc.dll [164352] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\windows\system32\schedsvc.dll [750592] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\windows\system32\kmsvc.dll [71168] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\windows\system32\sessenv.dll [113664] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\windows\system32\wbem\WMIsvc.dll [168960] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d'ordinateurs.) -- C:\windows\System32\browser.dll [102400] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\windows\system32\themeservice.dll [37376] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\windows\System32\bdesvc.dll [76800] ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 12/6/2010 135336 | "C:\Program Files\Avira\AntiVir Desktop\sched.exe (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe SR - | Auto 12/6/2010 267944 | "C:\Program Files\Avira\AntiVir Desktop\avguard.exe (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe SR - | Auto 10/16/2010 37664 | "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 10/7/2010 345376 | "C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 1/11/2007 113664 | C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.exe (EPSON_PM_RPCV4_01) . (.SEIKO EPSON CORPORATION.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.exe SS - | Auto 3/12/2011 135664 | "C:\Program Files\Google\Update\GoogleUpdate.exe (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 12/5/2009 182768 | "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Demand 11/17/2010 820008 | "C:\Program Files\iPod\bin\iPodService.exe (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SS - | Demand 9/17/2007 800040 | C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe SS - | Demand 6/27/2007 279848 | "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe SR - | Auto 8/13/2009 44312 | "C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe (OberonGameConsoleService) . (.Pas de propriétaire.) - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe SR - | Auto 7/7/2009 247152 | "C:\Program Files\CyberLink\Shared files\RichVideo.exe (RichVideo) . (.Pas de propriétaire.) - C:\Program Files\CyberLink\Shared files\RichVideo.exe SS - | Demand 7/14/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\windows\System32\svchost.exe SR - | Auto 7/14/2009 20992 | C:\windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\windows\system32\svchost.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover Run by Yves at 3/14/2011 9:14:26 PM device: opened successfully user: MBR read successfully Disk trace: called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll C:\windows\system32\DRIVERS\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver 1 nt!IofCallDriver[0x83073FE3] -> \Device\Harddisk0\DR0[0x86D6D820] 3 CLASSPNP[0x8C28659E] -> nt!IofCallDriver[0x83073FE3] -> \Device\Ide\IAAStorageDevice-1[0x85F29028] kernel: MBR read successfully user & kernel MBR OK ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, Run by Yves at 3/14/2011 9:14:26 PM Use the desktop link 'MBRCheck' to have full report End of the scan (924 lines in 52mn AMs)(0)

Bonsoir Thorgal, Je me suis référé au forum Sécurité et au sujet BHO PARTNER : Malware ou Espion Google à la 1er page. J'ai suivi exactement les instructions d 'Appolo. PARTNER.DLL a complétement disparu. Je te joins le rapport HJT pour que tu contastes. Merci de ton aide. Bonne soirée. Yves 13. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:25:04, on 18/02/2011 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16722) Boot mode: Normal Running processes: C:\windows\system32\Dwm.exe C:\windows\system32\taskhost.exe C:\windows\Explorer.EXE C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Office 97\Office\OSA.EXE C:\Program Files\Office 97\Office\MSOFFICE.EXE C:\Program Files\Office 97\Office\FINDFAST.EXE C:\Program Files\iTunes\iTunes.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\windows\system32\conhost.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\windows\system32\conhost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\windows\system32\Macromed\Flash\FlashUtil9f.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Yves\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file) O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Office 97\Office\OSA.EXE O4 - Global Startup: Gestionnaire Microsoft Office.lnk = C:\Program Files\Office 97\Office\MSOFFICE.EXE O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Office 97\Office\FINDFAST.EXE O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O13 - Gopher Prefix: O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe -- End of file - 5536 bytes

Meri de votre aide. Bonne journéee. Yves 13.

Je vous poste un rapport HJT fait à l'instant comme me le demande Thorgal . Merci. Yves 13. ogfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:30:40, on 14/02/2011 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16722) Boot mode: Normal Running processes: C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Office 97\Office\OSA.EXE C:\Program Files\Office 97\Office\MSOFFICE.EXE C:\Program Files\Office 97\Office\FINDFAST.EXE c:\program files\avira\antivir desktop\avgnt.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\windows\system32\SearchProtocolHost.exe C:\Users\Yves\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: (no name) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - (no file) O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file) O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Office 97\Office\OSA.EXE O4 - Global Startup: Gestionnaire Microsoft Office.lnk = C:\Program Files\Office 97\Office\MSOFFICE.EXE O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Office 97\Office\FINDFAST.EXE O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O13 - Gopher Prefix: O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe O23 - Service: Partner Service - Unknown owner - C:\ProgramData\Partner\Partner.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe -- End of file - 5436 bytes

Rebonjour C'est peut-être comme cela : j'ai fait un clic droit sur le bureau - Nouveau Document Texte - Copier - Coller dessus les 4 lignes en dessous - et je l'ai renommé Serv. Bat ? @echo Suppression du Service sc stop "Partner Service" sc delete "Partner Service" A mon avis ce n'est pas comme cela que je dois faire ? Sinon pouvez vous me dire comment créer un Document Texte avec le Bloc Note windows. Merci beaucoup. Yves 13;

Merci, Vraiment désolé de ma nullité je ne comprend pas à partir de : Double clic pour lancer. @echo Suppression du Service sc stop "Partner Service" sc delete "Partner Service"

Merci de votre réponse : voici le résultat : All processes killed Error: Unable to interpret <services> in the current context! Error: Unable to interpret <"Partner Service"> in the current context! ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: Yves ->Temp folder emptied: 262528 bytes ->Temporary Internet Files folder emptied: 95143199 bytes ->Flash cache emptied: 405 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 22736 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 91,00 mb OTM by OldTimer - Version 3.1.17.2 log created on 02142011_113656

Merci Thorgal , J'ai vu quoi avec ton lien. Je te dirais ce qu'il en est dans les jourss qui suivent. A bientôt. Yves 13.

Merci de votre réponse, Je vous joins le Copier - Coller demandé et le nouveau rapport HJT Il reste beaucoup de dossiers nouveaux que je n'arrive pas à supprimer. All processes killed Error: Unable to interpret <services> in the current context! Error: Unable to interpret <Partner Service> in the current context! ========== FILES ========== File/Folder C:\ProgramData\Partner not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: Yves ->Temp folder emptied: 49035594 bytes ->Temporary Internet Files folder emptied: 42156044 bytes ->Flash cache emptied: 907 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 519184 bytes RecycleBin emptied: 108121142 bytes Total Files Cleaned = 191.00 mb OTM by OldTimer - Version 3.1.17.2 log created on 02132011_221902 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:32:44, on 13/02/2011 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16722) Boot mode: Normal Running processes: C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\windows\system32\taskhost.exe C:\windows\System32\rundll32.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Office 97\Office\OSA.EXE C:\Program Files\Office 97\Office\MSOFFICE.EXE C:\Program Files\Office 97\Office\FINDFAST.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\windows\system32\NOTEPAD.EXE C:\Users\Yves\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: (no name) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - (no file) O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Office 97\Office\OSA.EXE O4 - Global Startup: Gestionnaire Microsoft Office.lnk = C:\Program Files\Office 97\Office\MSOFFICE.EXE O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Office 97\Office\FINDFAST.EXE O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O13 - Gopher Prefix: O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe O23 - Service: Partner Service - Unknown owner - C:\ProgramData\Partner\Partner.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe -- End of file - 5723 bytes

Bonjour Thorgal, Je n'ai pas eu de réponses dans le forum Sécurité. J'ai coché AFFICHER les Dossiers Fichiers et Lecteurs cachés. Partner.dll est apparu et je l'ai donc supprimé. Je te joins un rapport HJT de ce matin - il reste la ligne 023 que je n'arrive pas à supprimer. Avira et Malwarebytes n'indiquent aucun résultat positif. Je reste comme cela à ton avis ? Bonne journée. Yves 13. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:38:10, on 13/02/2011 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16722) Boot mode: Normal Running processes: C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Office 97\Office\OSA.EXE C:\Program Files\Office 97\Office\MSOFFICE.EXE C:\Program Files\Office 97\Office\FINDFAST.EXE C:\windows\system32\wuauclt.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\windows\system32\conhost.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\windows\system32\conhost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\windows\system32\Macromed\Flash\FlashUtil9f.exe C:\Users\Yves\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: (no name) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Office 97\Office\OSA.EXE O4 - Global Startup: Gestionnaire Microsoft Office.lnk = C:\Program Files\Office 97\Office\MSOFFICE.EXE O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Office 97\Office\FINDFAST.EXE O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O13 - Gopher Prefix: O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe O23 - Service: Partner Service - Unknown owner - C:\ProgramData\Partner\Partner.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe -- End of file - 5656 bytes

Bonjour à tous, Une question simple : dans Options des dossiers, faut - il oui ou non AFFICHER les Dossiers et Fichiers cachés ? Je pose cette simple question car lorsque la case NE PAS AFFICHER les Dossiers et Fichiers cochés est cochée réapparait le fameux Partner.dll. Je joins un rapport HJT après une Restauration complète du Pc faite aujourdd'hui .... Merci à celle ou celui qui peut me répondre. Yves 13. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:14:20, on 12/02/2011 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16722) Boot mode: Normal Running processes: C:\windows\system32\Dwm.exe C:\windows\system32\taskhost.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\System32\spool\drivers\w32x86\3\E_FATICEE.EXE C:\Program Files\Office 97\Office\OSA.EXE C:\Program Files\Office 97\Office\MSOFFICE.EXE C:\Program Files\Office 97\Office\FINDFAST.EXE C:\windows\Explorer.EXE C:\Program Files\iTunes\iTunes.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\windows\system32\conhost.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\windows\system32\conhost.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Users\Yves\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware (registration)] regsvr32.exe /s "C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKLM\..\RunOnce: [innoSetupRegFile.0000000001] "C:\windows\is-BTU83.exe" /REG /REGSVRMODE O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Office 97\Office\OSA.EXE O4 - Global Startup: Gestionnaire Microsoft Office.lnk = C:\Program Files\Office 97\Office\MSOFFICE.EXE O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Office 97\Office\FINDFAST.EXE O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O13 - Gopher Prefix: O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe -- End of file - 6105 bytes Ce message a été modifié par yves13 - Aujourd'hui, 18:25 .

Merci beaucoup pour ta réponse - je déplace le sujet dans la rubrique Sécurité Pc . Bonne soirée. Yves 13.

Bonjour à tous, Une question simple : dans Options des dossiers, faut - il oui ou non AFFICHER les Dossiers et Fichiers cachés ? Je pose cette simple question car lorsque la case NE PAS AFFICHER les Dossiers et Fichiers cochés est cochée réapparait le fameux Partner.dll. Je joins un rapport HJT après une Restauration complète du Pc faite aujourdd'hui .... Merci à celle ou celui qui peut me répondre. Yves 13. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:14:20, on 12/02/2011 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16722) Boot mode: Normal Running processes: C:\windows\system32\Dwm.exe C:\windows\system32\taskhost.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\System32\spool\drivers\w32x86\3\E_FATICEE.EXE C:\Program Files\Office 97\Office\OSA.EXE C:\Program Files\Office 97\Office\MSOFFICE.EXE C:\Program Files\Office 97\Office\FINDFAST.EXE C:\windows\Explorer.EXE C:\Program Files\iTunes\iTunes.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\windows\system32\conhost.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\windows\system32\conhost.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Users\Yves\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware (registration)] regsvr32.exe /s "C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKLM\..\RunOnce: [innoSetupRegFile.0000000001] "C:\windows\is-BTU83.exe" /REG /REGSVRMODE O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Office 97\Office\OSA.EXE O4 - Global Startup: Gestionnaire Microsoft Office.lnk = C:\Program Files\Office 97\Office\MSOFFICE.EXE O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Office 97\Office\FINDFAST.EXE O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O13 - Gopher Prefix: O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe -- End of file - 6105 bytes

Merci Ticlou, Amicalement. Yves 13.

Bonsoir à tous et à Ticlou, Je reviens sur ce sujet puisque par le pur des hasards ce fameux fichier RE.HST ( 23849 Ko ) a disparu aujourd'hui comme il est apparu par hasard aussi. ! C'est curieux parfois l'Informatique quand on est néophyte comme moi et que l'on cherche à comprendre. Je ne modifie donc pas le sujet en : Résolu. Yves13.

Bonjour Ticlou, Merci beaucoup de ta réponse. Je reste comme cela et je cherche. Je reviendrais sur ce sujet s'il y a du nouveau sur le Pc et je te dis quoi , ou je te redemande de l'aide . Amicalement. Yves.

Bonjour à tous, Depuis le 30 octobre un fichier RE.HST 23849 Ko est venu se loger par hasard dans " Documents " . J'ai cherché sur la toile ce qu'est ce genre de fichiers sans trouver aucune réponse. Je voudrais savoir ce que s'est exactement , si je peux le supprimer et ou comment le lire ? ( je l'ai laissé dans la poubelle quelques jours sans trouver de probléme sur les programmes du Pc ) Merci beaucoup à celle ou celui qui peut me donner une réponse. Bonne journée. Yves 13.