Aller au contenu

azdare

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    34

  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    Francais Anglais Espagnole

azdare's Achievements

Member

Member (4/12)

0

Réputation sur la communauté

  1. azdare
    merci pour votre réponse rapide et efficace!
  2. azdare
    Salut a tous, Est ce que vous pouvez me rassurer en analysant mon rapport ZHPDiag qui se trouve ci dessous: Cijoint.fr - Service gratuit de dépôt de fichiers Merci d'avance.
  3. azdare
    Bonsoir lance_yien, Merci pour tout!
  4. azdare
    Bonjour, Voici le rapport je pense que cela a fonctionne, merci. All processes killed ========== OTL ========== Service utiwnzq2 stopped successfully! Service utiwnzq2 deleted successfully! C:\Windows\System32\drivers\utiwnzq2.sys moved successfully. Prefs.js: "88.181.31.125 " removed from network.proxy.http Prefs.js: 80 removed from network.proxy.http_port Prefs.js: 0 removed from network.proxy.type C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com\META-INF folder moved successfully. C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com\chrome\skin\images folder moved successfully. C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com\chrome\skin\css folder moved successfully. C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com\chrome\skin folder moved successfully. C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com\chrome\locale\en-US folder moved successfully. C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com\chrome\locale folder moved successfully. C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com\chrome\content\xul folder moved successfully. C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com\chrome\content folder moved successfully. C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com\chrome folder moved successfully. C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com folder moved successfully. C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\vshare@toolbar\META-INF folder moved successfully. C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\vshare@toolbar\chrome folder moved successfully. C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\vshare@toolbar folder moved successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== < ipconfig /flushdns /c > Configuration IP de Windows Cache de r‚solution DNS vid‚. C:\Users\azdare\Desktop\cmd.bat deleted successfully. C:\Users\azdare\Desktop\cmd.txt deleted successfully. File\Folder C:\WINDOWS\tasks\*.job not found. File\Folder C:\*.sqm not found. File\Folder C:\WINDOWS\System32\*.tmp not found. File\Folder C:\WINDOWS\*.tmp not found. File\Folder C:\Windows\System32\drivers\utiwnzq2.sys not found. C:\Program Files\ESET\ESET Online Scanner\Quarantine folder moved successfully. C:\Program Files\ESET\ESET Online Scanner\Modules\data\updfiles\temp folder moved successfully. C:\Program Files\ESET\ESET Online Scanner\Modules\data\updfiles\oldfiles folder moved successfully. C:\Program Files\ESET\ESET Online Scanner\Modules\data\updfiles\http_update.eset.com folder moved successfully. C:\Program Files\ESET\ESET Online Scanner\Modules\data\updfiles\continuous folder moved successfully. C:\Program Files\ESET\ESET Online Scanner\Modules\data\updfiles folder moved successfully. C:\Program Files\ESET\ESET Online Scanner\Modules\data folder moved successfully. C:\Program Files\ESET\ESET Online Scanner\Modules folder moved successfully. C:\Program Files\ESET\ESET Online Scanner folder moved successfully. C:\Program Files\ESET folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: azdare ->Temp folder emptied: 22746828 bytes ->Temporary Internet Files folder emptied: 2246247 bytes ->Java cache emptied: 10705577 bytes ->FireFox cache emptied: 80392338 bytes ->Flash cache emptied: 3043 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 52884 bytes RecycleBin emptied: 409424054 bytes Total Files Cleaned = 501,00 mb [EMPTYFLASH] User: All Users User: azdare ->Flash cache emptied: 0 bytes User: Default User: Default User User: Public Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.24.0 log created on 06132011_190738 Files\Folders moved on Reboot... Registry entries deleted on Reboot...
  5. azdare
    voici le lien URL ZHPDiag.txt Cijoint.fr - Service gratuit de dépôt de fichiers Merci!
  6. azdare
    voici le rapport OTL All processes killed Error: Unable to interpret <:OTL DRV - [2011/01/02 17:58:01 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\utiwnzq2.sys -- (utiwnzq2) FF - prefs.js..network.proxy.http: "88.181.31.125 " FF - prefs.js..network.proxy.http_port: 80 FF - prefs.js..network.proxy.type: 0 [2011/05/27 19:05:28 | 000,000,000 | ---D | M] (ImageExchange) -- C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com [2010/09/11 19:56:35 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\vshare@toolbar :Services :Reg :Files ipconfig /flushdns /c C:\WINDOWS\tasks\*.job C:\*.sqm C:\WINDOWS\System32\*.tmp C:\WINDOWS\*.tmp C:\Windows\System32\drivers\utiwnzq2.sys C:\Program Files\ESET :Commands [EMPTYTEMP] [EMPTYFLASH] [RESETHOSTS]> in the current context! OTL by OldTimer - Version 3.2.24.0 log created on 06122011_222624 Files\Folders moved on Reboot... Registry entries deleted on Reboot...
  7. azdare
    Voici le rapport Extra.txt OTL Extras logfile created on: 12/06/2011 10:51:38 - Run 1 OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\azdare\Desktop Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 764,46 Mb Total Physical Memory | 274,38 Mb Available Physical Memory | 35,89% Memory free 1,75 Gb Paging File | 1,02 Gb Available in Paging File | 57,91% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 45,90 Gb Total Space | 13,45 Gb Free Space | 29,30% Space Free | Partition Type: NTFS Drive E: | 63,88 Gb Total Space | 40,66 Gb Free Space | 63,64% Space Free | Partition Type: NTFS Computer Name: PC-DE-AZDARE | User Name: azdare | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 "" = [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2189852577-1833391480-1869350370-1000] "EnableNotifications" = 0 "EnableNotificationsRef" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "E:\Mes fichiers reçus\FlashGet\FlashGet3.exe" = E:\Mes fichiers reçus\FlashGet\FlashGet3.exe:*:Enabled:Flashget3 ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0817E560-148A-4776-BBBB-BAC7AE4E1D8D}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp | "{430F40E5-F8AE-4AB9-BCAF-39C40504A4CA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{6B299600-D91D-49FB-89CE-ED6F7AC5AC47}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{AC2914A5-3F22-48B7-B82D-CFCB806E0477}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp | "{DD1408F2-3F55-4349-8550-491A227FFDA6}" = lport=2869 | protocol=6 | dir=in | app=system | "{FBF94DD3-0033-410D-9631-824724ACA8EE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0A9BE26D-7B9B-41D6-B02A-392F3B6FF36C}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{1DF79D9B-C7F5-45DC-8D46-0FFB2A0F5ACC}" = dir=in | app=c:\program files\itunes\itunes.exe | "{751F37D7-40C2-46A9-BC49-D62C9588F32B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{CC6EC8E2-98E6-4A66-A42F-F981367244C0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{ED13C80F-4862-46CD-AA37-07532443EAA3}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "TCP Query User{071AB4AD-4BD4-4C49-91CC-F2F66C483F89}C:\program files\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\program files\spotify\spotify.exe | "TCP Query User{3FE62662-AC81-4364-B219-0D9BCE170550}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "TCP Query User{78FC08B1-8695-4144-98A8-87B113321E3E}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{C26B9D6F-7B12-4A29-A795-CAE43A4D7A0F}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{CA645644-8B05-4C78-A13B-4B92C31A9D43}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe | "TCP Query User{DCB2EACD-2191-416C-8F28-64062AA3CAB3}C:\program files\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\program files\spotify\spotify.exe | "TCP Query User{E4A7AD8C-E930-42DB-934D-CE340CFD67D0}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{2BC5DC51-3A9E-41EA-872D-7B9E27B84B02}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{7312E921-F826-4EB9-8FBD-6144C0814A8A}C:\program files\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\program files\spotify\spotify.exe | "UDP Query User{84687092-6BD3-49E8-9B1A-A01E8224DB56}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{A2546927-67E1-4116-90AA-0ADF4D673394}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{A552FBAA-8EC9-45F0-ACEA-E5360BD77317}C:\program files\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\program files\spotify\spotify.exe | "UDP Query User{B78AFAB4-536F-479B-AF8E-209A17A54CEE}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe | "UDP Query User{F7715B82-8566-47D4-9303-0DDC180D65D5}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{05653DE1-6567-40C6-B930-39D399B64369}" = OpenOffice.org 3.3 "{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{22FB6750-ADDF-4726-B67F-6901E1991036}" = Nero 7 Ultra Edition "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java 6 Update 26 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{3E789BE5-3DE0-498C-8F74-35010DACA2ED}" = Wireless LAN Driver "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{9085040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003 "{95120000-003F-0409-0000-0000000FF1CE}" = Microsoft Office Excel Viewer "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010 "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175 "{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.4 - Français "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "CCleaner" = CCleaner "CutePDF Writer Installation" = CutePDF Writer 2.8 "InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200 "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Mozilla Firefox 4.0.1 (x86 fr)" = Mozilla Firefox 4.0.1 (x86 fr) "RealPlayer 12.0" = RealPlayer "Spotify" = Spotify "SynTPDeinstKey" = Synaptics Pointing Device Driver "VLC media player" = VLC media player 1.1.10 "Winamp" = Winamp "WinLiveSuite" = Windows Live "WinRAR archiver" = Logiciel d'archivage WinRAR "ZHPDiag_is1" = ZHPDiag 1.27 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Winamp Detect" = Détection de l'application Winamp ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 01/06/2011 17:47:44 | Computer Name = PC-de-azdare | Source = Windows Search Service | ID = 3013 Description = Error - 01/06/2011 17:47:44 | Computer Name = PC-de-azdare | Source = Windows Search Service | ID = 3013 Description = Error - 01/06/2011 17:47:45 | Computer Name = PC-de-azdare | Source = Windows Search Service | ID = 3013 Description = Error - 01/06/2011 17:47:45 | Computer Name = PC-de-azdare | Source = Windows Search Service | ID = 3013 Description = Error - 01/06/2011 17:47:46 | Computer Name = PC-de-azdare | Source = Windows Search Service | ID = 3013 Description = Error - 01/06/2011 17:47:46 | Computer Name = PC-de-azdare | Source = Windows Search Service | ID = 3013 Description = Error - 05/06/2011 14:11:52 | Computer Name = PC-de-azdare | Source = EventSystem | ID = 4609 Description = Error - 05/06/2011 15:06:03 | Computer Name = PC-de-azdare | Source = Microsoft-Windows-CAPI2 | ID = 131584 Description = Error - 11/06/2011 07:06:49 | Computer Name = PC-de-azdare | Source = System Restore | ID = 8193 Description = Error - 11/06/2011 07:23:11 | Computer Name = PC-de-azdare | Source = Application Error | ID = 1000 Description = Application défaillante iexplore.exe, version 9.0.8112.16421, horodatage 0x4d76255d, module défaillant MSHTML.dll, version 9.0.8112.16421, horodatage 0x4d76266c, code d’exception 0xc0000005, décalage d’erreur 0x00440f5b, ID du processus 0x15c4, heure de début de l’application 0x01cc2827d1b49305. [ System Events ] Error - 09/06/2011 13:55:25 | Computer Name = PC-de-azdare | Source = Service Control Manager | ID = 7000 Description = Error - 09/06/2011 13:55:25 | Computer Name = PC-de-azdare | Source = Service Control Manager | ID = 7026 Description = Error - 11/06/2011 05:57:14 | Computer Name = PC-de-azdare | Source = Service Control Manager | ID = 7000 Description = Error - 11/06/2011 05:57:14 | Computer Name = PC-de-azdare | Source = Service Control Manager | ID = 7026 Description = Error - 11/06/2011 06:58:37 | Computer Name = PC-de-azdare | Source = DCOM | ID = 10010 Description = Error - 11/06/2011 09:38:33 | Computer Name = PC-de-azdare | Source = EventLog | ID = 6008 Description = L'arrêt système précédant à 14:36:16 le 11/06/2011 n'était pas prévu. Error - 11/06/2011 09:40:37 | Computer Name = PC-de-azdare | Source = Service Control Manager | ID = 7000 Description = Error - 11/06/2011 09:40:37 | Computer Name = PC-de-azdare | Source = Service Control Manager | ID = 7026 Description = Error - 12/06/2011 05:06:53 | Computer Name = PC-de-azdare | Source = Service Control Manager | ID = 7000 Description = Error - 12/06/2011 05:06:53 | Computer Name = PC-de-azdare | Source = Service Control Manager | ID = 7026 Description = < End of report >
  8. azdare
    Bonjour, Voici le rapport OTL.txt OTL logfile created on: 12/06/2011 10:51:38 - Run 1 OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\azdare\Desktop Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 764,46 Mb Total Physical Memory | 274,38 Mb Available Physical Memory | 35,89% Memory free 1,75 Gb Paging File | 1,02 Gb Available in Paging File | 57,91% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 45,90 Gb Total Space | 13,45 Gb Free Space | 29,30% Space Free | Partition Type: NTFS Drive E: | 63,88 Gb Total Space | 40,66 Gb Free Space | 63,64% Space Free | Partition Type: NTFS Computer Name: PC-DE-AZDARE | User Name: azdare | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/06/12 10:38:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\azdare\Desktop\OTL.exe PRC - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011/01/17 20:09:00 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe PRC - [2011/01/17 20:09:00 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin PRC - [2011/01/17 20:09:00 | 000,307,200 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\swriter.exe PRC - [2010/11/13 23:23:10 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- c:\program files\real\realplayer\update\realsched.exe PRC - [2010/09/10 19:59:56 | 000,340,520 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe ========== Modules (SafeList) ========== MOD - [2011/06/12 10:38:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\azdare\Desktop\OTL.exe MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2010/09/10 19:59:56 | 000,340,520 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP) SRV - [2008/01/18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011/01/02 17:58:01 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\utiwnzq2.sys -- (utiwnzq2) DRV - [2010/09/10 19:46:41 | 000,311,312 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF) DRV - [2009/11/03 16:33:40 | 000,021,520 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6) DRV - [2009/10/14 20:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\klbg.sys -- (klbg) DRV - [2009/10/02 18:39:36 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009/09/05 14:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2009/09/01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1) DRV - [2008/04/23 11:21:08 | 000,058,416 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\SISAGPX.sys -- (SISAGP) DRV - [2007/05/09 16:33:00 | 000,048,640 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.google.fr/" FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.7.5 FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..network.proxy.http: "88.181.31.125 " FF - prefs.js..network.proxy.http_port: 80 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/01 23:52:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/01 23:40:17 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010/09/10 19:48:10 | 000,000,000 | ---D | M] [2010/03/14 19:42:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\azdare\AppData\Roaming\mozilla\Extensions [2011/05/27 19:05:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions [2011/03/22 20:27:56 | 000,000,000 | ---D | M] (Session Manager) -- C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30} [2010/12/09 22:00:50 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\en-GB@dictionaries.addons.mozilla.org [2011/05/27 19:05:28 | 000,000,000 | ---D | M] (ImageExchange) -- C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com [2010/09/11 19:56:35 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\vshare@toolbar [2011/06/08 23:16:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2010/12/19 21:36:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011/02/18 11:33:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011/06/08 23:16:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2010/09/10 19:49:01 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\mozilla firefox\extensions\linkfilter@kaspersky.ru File not found (No name found) -- [2011/05/01 23:51:49 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011/03/22 19:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2011/04/14 18:36:39 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2011/04/14 18:36:39 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011/04/14 18:36:40 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2011/04/14 18:36:40 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2011/04/14 18:36:41 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2011/04/14 18:36:41 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm () O8 - Extra context menu item: 使用快车3下载 - C:\Users\azdare\AppData\Roaming\FlashGetBHO\GetUrl.htm () O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\azdare\AppData\Roaming\FlashGetBHO\GetAllUrl.htm () O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010/07/17 15:32:26 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010/07/17 15:32:26 | 000,000,000 | RHSD | M] - E:\Autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found ========== Files/Folders - Created Within 30 Days ========== [2011/06/12 10:38:06 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\azdare\Desktop\OTL.exe [2011/06/11 12:26:02 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2011/06/08 23:36:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011/06/08 23:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2011/06/08 23:16:30 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011/06/08 23:16:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011/06/08 23:16:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011/06/05 20:18:19 | 000,000,000 | ---D | C] -- C:\Users\azdare\AppData\Local\{F0E652F3-7BB0-4938-8522-30438CA6BF7F} [2011/06/03 21:49:22 | 000,000,000 | ---D | C] -- C:\Users\azdare\AppData\Local\{1F403660-290D-45CD-A8D8-E75D0869AB21} [2011/06/02 20:07:10 | 000,000,000 | ---D | C] -- C:\Users\azdare\AppData\Local\{A204D076-B851-481A-9CAD-12488661DABB} [2011/06/01 18:12:32 | 000,000,000 | ---D | C] -- C:\Users\azdare\AppData\Local\{5AC86398-546B-4329-A9BC-2C2424781FE0} [2011/05/29 23:59:19 | 000,000,000 | ---D | C] -- C:\Users\azdare\AppData\Local\{DCDB0C18-3330-49B6-AFBE-86105AD515F9} [2011/05/29 11:58:37 | 000,000,000 | ---D | C] -- C:\Users\azdare\AppData\Local\{3B3404AD-D056-4E30-ACA7-8B788EADAD1F} [2011/05/28 16:04:30 | 000,000,000 | ---D | C] -- C:\Users\azdare\AppData\Local\{53161186-4848-428B-B454-D00284FB0127} [2011/05/25 09:50:42 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\sun [2011/05/17 17:20:14 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011/05/16 18:05:53 | 000,000,000 | ---D | C] -- C:\Users\azdare\AppData\Local\{32557970-2D6B-4B80-B7C7-2D877B80FD1B} [2010/07/24 21:59:10 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\azdare\AppData\Roaming\pcouffin.sys ========== Files - Modified Within 30 Days ========== [2011/06/12 10:43:15 | 000,020,032 | ---- | M] () -- C:\Users\azdare\Desktop\OTL.odt [2011/06/12 10:43:14 | 000,000,108 | -H-- | M] () -- C:\Users\azdare\Desktop\.~lock.OTL.odt# [2011/06/12 10:41:58 | 000,000,108 | -H-- | M] () -- C:\Users\azdare\Desktop\.~lock.Sans nom 1.odt# [2011/06/12 10:38:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\azdare\Desktop\OTL.exe [2011/06/12 10:22:25 | 020,001,529 | ---- | M] () -- C:\Users\azdare\Desktop\20110610_afterfoot_10.mp3 [2011/06/12 10:22:10 | 021,770,041 | ---- | M] () -- C:\Users\azdare\Desktop\20110610_afterfoot_9.mp3 [2011/06/12 10:21:30 | 024,822,073 | ---- | M] () -- C:\Users\azdare\Desktop\20110610_afterfoot_8.mp3 [2011/06/12 10:21:07 | 020,009,593 | ---- | M] () -- C:\Users\azdare\Desktop\20110610_afterfoot_7.mp3 [2011/06/12 10:05:24 | 000,001,356 | ---- | M] () -- C:\Users\azdare\AppData\Local\d3d9caps.dat [2011/06/12 10:05:22 | 000,003,776 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/06/12 10:05:22 | 000,003,776 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/06/12 10:05:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/06/11 11:42:29 | 000,678,294 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2011/06/11 11:42:29 | 000,595,584 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/06/11 11:42:29 | 000,126,248 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2011/06/11 11:42:29 | 000,103,658 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/06/11 11:38:46 | 000,028,270 | ---- | M] () -- C:\Users\azdare\Desktop\Sans nom 1.odt [2011/06/09 20:08:10 | 000,070,656 | ---- | M] () -- C:\Users\azdare\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/06/08 23:36:44 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011/06/08 23:26:39 | 000,000,814 | ---- | M] () -- C:\Users\azdare\Documents\cc_20110608_232635.reg [2011/06/08 23:20:22 | 000,003,206 | ---- | M] () -- C:\Users\azdare\Documents\cc_20110608_232009.reg [2011/06/06 20:01:56 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011/06/05 19:12:55 | 000,000,049 | ---- | M] () -- C:\Windows\NeroDigital.ini [2011/06/05 01:10:25 | 000,000,795 | ---- | M] () -- C:\Users\azdare\Desktop\MBRCheck.lnk [2011/06/05 01:10:25 | 000,000,788 | ---- | M] () -- C:\Users\azdare\Desktop\ZHPDiag.lnk [2011/06/05 01:10:25 | 000,000,783 | ---- | M] () -- C:\Users\azdare\Desktop\ZHPFix.lnk [2011/06/05 00:45:50 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin [2011/06/05 00:34:53 | 000,000,832 | ---- | M] () -- C:\Users\azdare\Documents\cc_20110605_003447.reg [2011/06/03 21:24:24 | 000,103,798 | ---- | M] () -- C:\Users\azdare\Desktop\hertz.pdf [2011/06/03 20:19:52 | 000,167,117 | ---- | M] () -- C:\Users\azdare\Desktop\Ryanair.pdf [2011/05/29 11:17:05 | 000,001,724 | ---- | M] () -- C:\Users\azdare\Documents\cc_20110529_111659.reg [2011/05/29 11:14:02 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011/05/23 17:59:34 | 000,115,369 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat ========== Files Created - No Company Name ========== [2011/06/12 10:43:14 | 000,000,108 | -H-- | C] () -- C:\Users\azdare\Desktop\.~lock.OTL.odt# [2011/06/12 10:43:12 | 000,020,032 | ---- | C] () -- C:\Users\azdare\Desktop\OTL.odt [2011/06/12 10:41:58 | 000,000,108 | -H-- | C] () -- C:\Users\azdare\Desktop\.~lock.Sans nom 1.odt# [2011/06/12 10:21:59 | 020,001,529 | ---- | C] () -- C:\Users\azdare\Desktop\20110610_afterfoot_10.mp3 [2011/06/12 10:21:27 | 021,770,041 | ---- | C] () -- C:\Users\azdare\Desktop\20110610_afterfoot_9.mp3 [2011/06/12 10:20:40 | 024,822,073 | ---- | C] () -- C:\Users\azdare\Desktop\20110610_afterfoot_8.mp3 [2011/06/12 10:20:21 | 020,009,593 | ---- | C] () -- C:\Users\azdare\Desktop\20110610_afterfoot_7.mp3 [2011/06/11 11:38:46 | 000,028,270 | ---- | C] () -- C:\Users\azdare\Desktop\Sans nom 1.odt [2011/06/08 23:36:44 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011/06/08 23:26:37 | 000,000,814 | ---- | C] () -- C:\Users\azdare\Documents\cc_20110608_232635.reg [2011/06/08 23:20:20 | 000,003,206 | ---- | C] () -- C:\Users\azdare\Documents\cc_20110608_232009.reg [2011/06/05 00:45:50 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin [2011/06/05 00:34:51 | 000,000,832 | ---- | C] () -- C:\Users\azdare\Documents\cc_20110605_003447.reg [2011/06/03 21:24:33 | 000,103,798 | ---- | C] () -- C:\Users\azdare\Desktop\hertz.pdf [2011/06/03 20:20:01 | 000,167,117 | ---- | C] () -- C:\Users\azdare\Desktop\Ryanair.pdf [2011/05/29 11:17:03 | 000,001,724 | ---- | C] () -- C:\Users\azdare\Documents\cc_20110529_111659.reg [2011/04/09 12:44:56 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini [2011/01/02 17:58:01 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\utiwnzq2.sys [2010/12/25 18:01:20 | 000,024,206 | ---- | C] () -- C:\Users\azdare\AppData\Roaming\UserTile.png [2010/10/14 18:11:36 | 000,001,057 | ---- | C] () -- C:\Users\azdare\AppData\Roaming\vso_ts_preview.xml [2010/09/10 19:48:49 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat [2010/09/10 19:48:49 | 000,097,859 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat [2010/07/24 21:59:10 | 000,087,608 | ---- | C] () -- C:\Users\azdare\AppData\Roaming\inst.exe [2010/07/24 21:59:10 | 000,007,887 | ---- | C] () -- C:\Users\azdare\AppData\Roaming\pcouffin.cat [2010/07/24 21:59:10 | 000,001,144 | ---- | C] () -- C:\Users\azdare\AppData\Roaming\pcouffin.inf [2010/07/08 23:25:15 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2010/07/08 19:11:15 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010/07/08 19:11:15 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2010/07/08 19:10:00 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2010/06/20 17:36:41 | 000,000,292 | ---- | C] () -- C:\Windows\System32\secustat.dat [2010/06/20 17:31:21 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI [2010/06/07 23:25:58 | 000,000,552 | ---- | C] () -- C:\Users\azdare\AppData\Local\d3d8caps.dat [2010/05/12 23:18:24 | 000,000,000 | ---- | C] () -- C:\Windows\lgfwup.ini [2010/05/08 14:07:42 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll [2010/03/15 03:10:22 | 000,678,294 | ---- | C] () -- C:\Windows\System32\perfh00C.dat [2010/03/15 03:10:22 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat [2010/03/15 03:10:22 | 000,126,248 | ---- | C] () -- C:\Windows\System32\perfc00C.dat [2010/03/15 03:10:22 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat [2010/03/14 19:49:47 | 000,070,656 | ---- | C] () -- C:\Users\azdare\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/03/14 19:23:09 | 000,001,356 | ---- | C] () -- C:\Users\azdare\AppData\Local\d3d9caps.dat [2009/09/09 18:01:40 | 000,027,675 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat [2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe [2006/11/02 13:56:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006/11/02 13:47:43 | 000,257,592 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006/11/02 11:33:01 | 000,595,584 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006/11/02 11:33:01 | 000,103,658 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat < End of report >
  9. azdare
    Bonjour, Voici les rapports demandes, par contre Eset je n'ai pas de rapport puisqu'il n'a rien detecte mais j'ai un rapport datant du Lundi 06 Juin 2011 Merci. Mes rapports: scan-results.txt (ESET) (pas de rapport)mais voici mon rapport du 06 juin C:\Users\azdare\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\640f9e74-6ddd049c une variante de Java/Agent.BR cheval de troie supprimé - mis en quarantaine C:\Users\azdare\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\6bd0ba18-41e889c7 une variante probable de Java/Agent.BR cheval de troie supprimé - mis en quarantaine C:\Users\azdare\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\61a815d-450fa7f3 une variante probable de Java/Agent.BR cheval de troie supprimé - mis en quarantaine C:\Users\azdare\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\10fa0cb9-19f9af3c une variante probable de Java/Agent.BR cheval de troie supprimé - mis en quarantaine Permalink.txt (Jotti) uteznza5.sys - Le scanner antivirus de Jotti Malwarebytes Anti-Malware log Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Version de la base de données: 6835 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 11/06/2011 17:18:19 mbam-log-2011-06-11 (17-18-19).txt Type d'examen: Examen rapide Elément(s) analysé(s): 147308 Temps écoulé: 8 minute(s), 12 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) checkup.txt Results of screen317's Security Check version 0.99.13 Windows Vista Service Pack 2 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: ESET Online Scanner v3 Kaspersky Internet Security 2010 WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware CCleaner Java 6 Update 26 Adobe Flash Player 10.3.181.22 Adobe Reader 9.4.4 - Français Out of date Adobe Reader installed! ```````````````````````````````` Process Check: objlist.exe by Laurent Malwarebytes' Anti-Malware mbamservice.exe Kaspersky Lab Kaspersky Internet Security 2010 avp.exe ``````````End of Log````````````
  10. azdare
    Bonsoir, Juste pour vous signaler qu’après 72 heures je n'ai pas eu de réponse donc voici ci dessous le lien vers mon message http://forum.zebulon.fr/findpost-t185817-p1556755.html Merci a vous.
  11. azdare
    Bonsoir, Voici ci dessous une demande de ma part. http://forum.zebulon.fr/findpost-t185803-p1556548.html Merci a vous!
  12. azdare
    Salut Tonton, je le fais immédiatement merci pour ta réponse.
  13. azdare
    Bonsoir a tous, Est ce que svp vous pouvez me dire si mon rapport ZHPDiag ne présente aucun danger? Merci d'avance Rapport de ZHPDiag v1.27.223 par Nicolas Coolman, Update du 04/06/2011 Run by azdare at 05/06/2011 00:56:58 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 MFIE: Mozilla Firefox 4.0.1 v4.0.1 (Defaut) GCIE: Google Chrome ---\\ System Information Windows Vista Business Edition, 32-bit Service Pack 2 (Build 6002) Processor: x86 Family 6 Model 14 Stepping 12, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 764 MB (44% free) System Restore: Activé (Enable) System drive C: has 13 GB (27%) free of 46 GB ---\\ Logged in mode Computer Name: PC-DE-AZDARE User Name: azdare All Users Names: azdare, Administrateur, Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables %AppData%=C:\Users\azdare\AppData\Roaming %LocalAppData%=C:\Users\azdare\AppData\Local %StartMenu%=C:\Users\azdare\AppData\Roaming\Microsoft\Windows\Start Menu ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 13 Go of 46 Go) D:\ CD-ROM drive (Not Inserted) E:\ Hard drive, Flash drive, Thumb drive (Free 40 Go of 64 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK ---\\ Recherche particulière de fichiers génériques [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 06:27:36.) -- C:\Windows\Explorer.exe [2926592] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.18/01/2008 22:33:38.) -- C:\Windows\system32\Wininit.exe [96768] [MD5.A1236375B74EA63C75657D564890C436] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/04/2011 21:32:04.) -- C:\Windows\system32\wininet.dll [1126912] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 06:28:13.) -- C:\Windows\system32\Winlogon.exe [314368] [MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 06:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944] [MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 06:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880] ---\\ Processus lancés [MD5.DF9586377384DF3808D42090242CC23B] - (.Kaspersky Lab - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [340520] [MD5.638C728F21CCC7EC4F8517A212C34353] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160] [MD5.BDC7E42435FCC3328FCA2497FA6F2175] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [657920] [MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [MD5.E83508D9A0F0D0D8449317DC6A4C5E02] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) M3 - MFPP: Plugins - [azdare] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [azdare] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [azdare] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [azdare] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [azdare] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [azdare] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [azdare] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.4".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 12.0.1.609.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll P2 - FPN:Firefox Plugin Navigator . (.Nullsoft, Inc. - Winamp Application Detector.) -- C:\Program Files\Mozilla Firefox\Plugins\npwachk.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60310.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@real.com/nppl3260;version=12.0.1.609] - (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- c:\program files\real\realplayer\Netscape6\nppl3260.dll P2 - FPN: [HKLM] [@real.com/nprjplug;version=12.0.1.609] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- c:\program files\real\realplayer\Netscape6\nprjplug.dll P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=12.0.1.609] - (.RealNetworks, Inc. - RealPlayer HTML5VideoShim Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll P2 - FPN: [HKLM] [@real.com/nprpjplug;version=12.0.1.609] - (.RealNetworks, Inc. - 12.0.1.609.) -- c:\program files\real\realplayer\Netscape6\nprpjplug.dll P2 - FPN: [HKLM] [@veetle.com/vbp;version=0.9.17] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (.not file.) M0 - MFSP: prefs.js [azdare - u2881517.default] Google M2 - MFEP: prefs.js [azdare - u2881517.default\en-GB@dictionaries.addons.mozilla.org] [] British English Dictionary v1.19.1 (..) M2 - MFEP: prefs.js [azdare - u2881517.default\image-exchange@picscout.com] [] ImageExchange v2.6 (.PicScout.) M2 - MFEP: prefs.js [azdare - u2881517.default\vshare@toolbar] [] vShare Plugin v1.0.0 (.vShare.) M2 - MFEP: prefs.js [azdare - u2881517.default\{1280606b-2510-4fe0-97ef-9b5a22eafe30}] [] ç€è¦½é 組管ç†å“¡ v0.7.5 (.Morac.) ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKUS\S-1-5-21-2189852577-1833391480-1869350370-1000\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKUS\S-1-5-21-2189852577-1833391480-1869350370-1000\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\system32\ieframe.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1 ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\Userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} . (.Kaspersky Lab - IE Virtual Keyboard.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} . (.Kaspersky Lab - WebToolBar component.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll ---\\ ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [AVP] . (.Kaspersky Lab - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll ---\\ ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\azdare\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\azdare\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk . (.Spotify Ltd.) -- C:\Program Files\Spotify\spotify.exe O4 - Global Startup: C:\Users\azdare\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe O4 - Global Startup: C:\Users\azdare\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Users\azdare\Desktop\MBRCheck.lnk . (...) -- C:\Program Files\ZHPDiag\mbrcheck.exe O4 - Global Startup: C:\Users\azdare\Desktop\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Users\azdare\Desktop\Musique.lnk . (...) -- E:\Musique O4 - Global Startup: C:\Users\azdare\Desktop\Nero Express.lnk . (.Nero AG.) -- C:\Program Files\Nero\Nero 7\Core\nero.exe O4 - Global Startup: C:\Users\azdare\Desktop\Spotify.lnk . (.Spotify Ltd.) -- C:\Program Files\Spotify\spotify.exe O4 - Global Startup: C:\Users\azdare\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - Global Startup: C:\Users\azdare\Desktop\ZHPDiag.lnk . (.Nicolas Coolman.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe O4 - Global Startup: C:\Users\azdare\Desktop\ZHPFix.lnk . (.Nicolas Coolman.) -- C:\Program Files\ZHPDiag\ZHPFix.exe O4 - Global Startup: C:\Users\azdare\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\azdare\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: Add to Anti-Banner . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O8 - Extra context menu item: ????3?? . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O8 - Extra context menu item: ????3?????? . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kbrd.ico O9 - Extra button: &Virtual keyboard - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\logo.ico ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{1651F906-B6D6-4704-B8BA-FF2DB9A0A50B}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{1651F906-B6D6-4704-B8BA-FF2DB9A0A50B}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CS2\Services\Tcpip\..\{1651F906-B6D6-4704-B8BA-FF2DB9A0A50B}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CS3\Services\Tcpip\..\{1651F906-B6D6-4704-B8BA-FF2DB9A0A50B}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\..\{1651F906-B6D6-4704-B8BA-FF2DB9A0A50B}: DhcpDomain = lan O17 - HKLM\System\CS1\Services\Tcpip\..\{1651F906-B6D6-4704-B8BA-FF2DB9A0A50B}: DhcpDomain = lan O17 - HKLM\System\CS2\Services\Tcpip\..\{1651F906-B6D6-4704-B8BA-FF2DB9A0A50B}: DhcpDomain = lan O17 - HKLM\System\CS3\Services\Tcpip\..\{1651F906-B6D6-4704-B8BA-FF2DB9A0A50B}: DhcpDomain = lan O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: klogon . (.Kaspersky Lab - Logon Visualizer.) -- C:\Windows\system32\klogon.dll ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - AppInit_DLLs: . (.Kaspersky Lab - Mozilla 3 Virtual Keyboard.) - C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: (AVP) . (.Kaspersky Lab - Kaspersky Anti-Virus.) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (32-bit).) - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: (NMIndexingService) . (.Nero AG - Nero Home.) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ---\\ Tâches planifiées en automatique (O39) [MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (.Pas de propriétaire.) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [MD5.BDEE1AEE61C63AB26A8A4F6B760B7388] [APT] [RealUpgradeLogonTaskS-1-5-21-2189852577-1833391480-1869350370-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [MD5.BDEE1AEE61C63AB26A8A4F6B760B7388] [APT] [RealUpgradeScheduledTaskS-1-5-21-2189852577-1833391480-1869350370-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys O41 - Driver: (kl1) . (.Kaspersky Lab - Kaspersky Unified Driver.) - C:\Windows\System32\DRIVERS\kl1.sys O41 - Driver: (KLIF) . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_x86].) - C:\Windows\System32\DRIVERS\klif.sys O41 - Driver: (KLIM6) . (.Kaspersky Lab - Kaspersky Lab Intermediate Network Driver.) - C:\Windows\System32\DRIVERS\klim6.sys O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys ---\\ Logiciels installés (O42) O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader 9.4.4 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001} O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {853A4763-6643-4604-8D64-28BDD8925F4C} O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {CACAEB5F-174D-4C7C-AC56-A33289A807CA} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1} O42 - Logiciel: BlackBerry® Media Sync - (.Research In Motion.) [HKLM] -- {40A594D0-1490-4979-9382-D2B764F949C6} O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {C2E4B5BD-32DB-4817-A060-341AB17C3F90} O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: CutePDF Writer 2.8 - (.Pas de propriétaire.) [HKLM] -- CutePDF Writer Installation O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: Détection de l'application Winamp - (.Nullsoft, Inc.) [HKCU] -- Winamp Detect O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Java 6 Update 24 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216022FF} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} O42 - Logiciel: Kaspersky Internet Security 2010 - (.Kaspersky Lab.) [HKLM] -- InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA} O42 - Logiciel: Kaspersky Internet Security 2010 - (.Kaspersky Lab.) [HKLM] -- {9D8B0949-7C47-476F-9F06-F900D3B078EA} O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6} O42 - Logiciel: Microsoft Office Excel Viewer - (.Microsoft Corporation.) [HKLM] -- {95120000-003F-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Word Viewer 2003 - (.Microsoft Corporation.) [HKLM] -- {9085040C-6000-11D3-8CFE-0150048383C9} O42 - Logiciel: Microsoft Primary Interoperability Assemblies 2005 - (.Microsoft Corporation.) [HKLM] -- {D24DB8B9-BB6C-4334-9619-BA1C650E13D3} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - KB2467175 - (.Microsoft Corporation.) [HKLM] -- {a0fe116e-9a8a-466f-aee0-625cb7c207e3} O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE} O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: Mozilla Firefox 4.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0.1 (x86 fr) O42 - Logiciel: Nero 7 Ultra Edition - (.Nero AG.) [HKLM] -- {22FB6750-ADDF-4726-B67F-6901E1991036} O42 - Logiciel: OGA Notifier 2.0.0048.0 - (.Microsoft Corporation.) [HKLM] -- {B2544A03-10D0-4E5E-BA69-0362FFC20D18} O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM] -- {05653DE1-6567-40C6-B930-39D399B64369} O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C} O42 - Logiciel: RealNetworks - Microsoft Visual C++ 2008 Runtime - (.RealNetworks, Inc.) [HKLM] -- {7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA} O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0 O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708 O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA} O42 - Logiciel: Spotify - (.Pas de propriétaire.) [HKLM] -- Spotify O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: VLC media player 1.1.7 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729) - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27} O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01 O42 - Logiciel: Winamp - (.Nullsoft, Inc.) [HKLM] -- Winamp O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066} O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {61AD15B2-50DB-4686-A739-14FE180D4429} O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917} O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90} O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70} O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4} O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F} O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {09F56A49-A7B1-4AAB-95B9-D13094254AD1} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF} O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194} O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} O42 - Logiciel: Wireless LAN Driver - (.Generic.) [HKLM] -- {3E789BE5-3DE0-498C-8F74-35010DACA2ED} O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {353FE16B-30FE-469A-BF55-B978F4218003} O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} ---\\ HKCU & HKLM Software Keys [HKCU\Software\Acro Software Inc] [HKCU\Software\Adobe] [HKCU\Software\Ahead] [HKCU\Software\AirSnare] [HKCU\Software\AppDataLow\F-Secure] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Cygnus Solutions] [HKCU\Software\DVDVIDEOSOFT] [HKCU\Software\Dataleach] [HKCU\Software\Digital River] [HKCU\Software\DivX] [HKCU\Software\ESET] [HKCU\Software\F-Secure] [HKCU\Software\FlashGet Network] [HKCU\Software\Gabest] [HKCU\Software\IM Providers] [HKCU\Software\JavaSoft] [HKCU\Software\KasperskyLab] [HKCU\Software\Lavalys] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Moonlight Cordless] [HKCU\Software\Mozilla] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\OpenOffice.org] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\RealNetworks] [HKCU\Software\Research In Motion] [HKCU\Software\SiS] [HKCU\Software\SoftVTU] [HKCU\Software\Softonic] [HKCU\Software\Spotify] [HKCU\Software\SupportSoft] [HKCU\Software\Synaptics] [HKCU\Software\VSO] [HKCU\Software\VideoToMp3] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Winamp] [HKCU\Software\YahooPartnerToolbar] [HKLM\Software\Acro Software Inc] [HKLM\Software\Adobe] [HKLM\Software\AheadUpdate] [HKLM\Software\Ahead] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Audible] [HKLM\Software\CDDB] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Cygnus Solutions] [HKLM\Software\DVDVIDEOSOFT] [HKLM\Software\DivX] [HKLM\Software\Eset] [HKLM\Software\FlashGet Network] [HKLM\Software\Fujitsu Siemens Computers] [HKLM\Software\GEAR Software] [HKLM\Software\GPL Ghostscript] [HKLM\Software\Generic] [HKLM\Software\Google] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KasperskyLab] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Nero] [HKLM\Software\Nullsoft] [HKLM\Software\ODBC] [HKLM\Software\OpenOffice.org] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\RealNetworks] [HKLM\Software\RegisteredApplications] [HKLM\Software\Research in Motion] [HKLM\Software\RichFX] [HKLM\Software\SiS] [HKLM\Software\SupportSoft] [HKLM\Software\Synaptics] [HKLM\Software\Thraex Software] [HKLM\Software\TrendMicro] [HKLM\Software\VSO] [HKLM\Software\VideoLAN] [HKLM\Software\VideoToMp3] [HKLM\Software\WinRAR] [HKLM\Software\Windows] [HKLM\Software\Wow6432Node] [HKLM\Software\Xing Technology Corp.] [HKLM\Software\mozilla.org] ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 08/05/2010 - 14:07:42 - [299589] ----D- C:\Program Files\Acro Software O43 - CFD: 09/10/2010 - 23:34:00 - [162743158] ----D- C:\Program Files\Adobe O43 - CFD: 25/12/2010 - 12:10:18 - [2306366] ----D- C:\Program Files\Apple Software Update O43 - CFD: 21/04/2011 - 22:32:28 - [621125] ----D- C:\Program Files\Bonjour O43 - CFD: 29/05/2011 - 11:14:02 - [3753504] ----D- C:\Program Files\CCleaner O43 - CFD: 05/04/2011 - 22:48:36 - [668833465] ----D- C:\Program Files\Common Files O43 - CFD: 01/10/2010 - 23:10:42 - [487250428] ----D- C:\Program Files\ESET O43 - CFD: 14/03/2010 - 19:19:50 - [0] -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 08/05/2010 - 14:09:12 - [8075602] ----D- C:\Program Files\GPLGS O43 - CFD: 05/10/2010 - 21:00:06 - [2662316] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 06/04/2011 - 23:06:58 - [7385538] ----D- C:\Program Files\Internet Explorer O43 - CFD: 21/04/2011 - 22:40:04 - [1856627] ----D- C:\Program Files\iPod O43 - CFD: 21/04/2011 - 22:41:58 - [128144132] ----D- C:\Program Files\iTunes O43 - CFD: 30/03/2011 - 21:24:02 - [89315928] ----D- C:\Program Files\Java O43 - CFD: 10/09/2010 - 19:47:14 - [36462291] ----D- C:\Program Files\Kaspersky Lab O43 - CFD: 05/10/2010 - 20:31:32 - [54] ----D- C:\Program Files\Lavalys O43 - CFD: 11/07/2010 - 21:26:22 - [0] ----D- C:\Program Files\Lavasoft O43 - CFD: 21/12/2010 - 20:14:18 - [4941089] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 06/04/2010 - 22:44:50 - [81665294] ----D- C:\Program Files\Microsoft Office O43 - CFD: 21/04/2011 - 07:23:22 - [38388859] ----D- C:\Program Files\Microsoft Silverlight O43 - CFD: 17/07/2010 - 13:27:26 - [8167779] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 13/08/2010 - 11:09:04 - [20470054] ----D- C:\Program Files\Movie Maker O43 - CFD: 01/05/2011 - 23:54:20 - [35190005] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 02/11/2006 - 13:37:42 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 11/05/2010 - 21:04:08 - [172559848] ----D- C:\Program Files\MSECache O43 - CFD: 13/05/2010 - 23:30:58 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 10/02/2011 - 22:20:08 - [75369906] ----D- C:\Program Files\Nero O43 - CFD: 21/03/2011 - 23:03:12 - [410434848] ----D- C:\Program Files\OpenOffice.org 3 O43 - CFD: 21/03/2011 - 22:17:04 - [156389901] ----D- C:\Program Files\OpenOffice.org 3.3 (fr) Installation Files O43 - CFD: 25/12/2010 - 12:12:30 - [76322555] ----D- C:\Program Files\QuickTime O43 - CFD: 13/11/2010 - 23:25:22 - [91749362] ----D- C:\Program Files\Real O43 - CFD: 02/11/2006 - 13:37:42 - [38694657] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 05/04/2011 - 22:48:34 - [5997977] ----D- C:\Program Files\Research In Motion O43 - CFD: 14/03/2010 - 23:05:22 - [4089410] ----D- C:\Program Files\Spotify O43 - CFD: 21/07/2010 - 19:43:20 - [15544054] ----D- C:\Program Files\Synaptics O43 - CFD: 05/10/2010 - 21:00:06 - [0] --H-D- C:\Program Files\Temp O43 - CFD: 24/09/2010 - 19:25:48 - [794562] ----D- C:\Program Files\trend micro O43 - CFD: 02/11/2006 - 14:01:30 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 18/03/2010 - 19:50:56 - [82388938] ----D- C:\Program Files\VideoLAN O43 - CFD: 27/03/2011 - 00:03:32 - [32398092] ----D- C:\Program Files\Winamp O43 - CFD: 27/03/2011 - 00:02:56 - [132284] ----D- C:\Program Files\Winamp Detect O43 - CFD: 09/07/2010 - 22:26:42 - [1016832] ----D- C:\Program Files\Windows Calendar O43 - CFD: 09/07/2010 - 22:26:38 - [2737152] ----D- C:\Program Files\Windows Collaboration O43 - CFD: 09/07/2010 - 22:26:30 - [4490624] ----D- C:\Program Files\Windows Defender O43 - CFD: 09/07/2010 - 22:26:38 - [7084664] ----D- C:\Program Files\Windows Journal O43 - CFD: 30/03/2011 - 19:51:18 - [97162157] ----D- C:\Program Files\Windows Live O43 - CFD: 10/05/2011 - 23:48:40 - [9116344] ----D- C:\Program Files\Windows Mail O43 - CFD: 12/10/2010 - 21:51:12 - [4498121] ----D- C:\Program Files\Windows Media Player O43 - CFD: 14/03/2010 - 19:19:50 - [7957544] ----D- C:\Program Files\Windows NT O43 - CFD: 09/07/2010 - 22:26:34 - [8228002] ----D- C:\Program Files\Windows Photo Gallery O43 - CFD: 11/07/2010 - 23:14:20 - [134144] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 09/07/2010 - 22:26:40 - [6527558] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 20/03/2010 - 16:45:38 - [3887659] ----D- C:\Program Files\WinRAR O43 - CFD: 05/06/2011 - 00:57:10 - [9831630] ----D- C:\Program Files\ZHPDiag O43 - CFD: 09/10/2010 - 23:34:48 - [6281214] ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 13/02/2011 - 15:23:36 - [89830288] ----D- C:\Program Files\Common Files\Ahead O43 - CFD: 21/04/2011 - 22:40:04 - [104109595] ----D- C:\Program Files\Common Files\Apple O43 - CFD: 31/01/2011 - 21:39:50 - [81920] ----D- C:\Program Files\Common Files\Canon O43 - CFD: 20/06/2010 - 16:55:48 - [4674088] ----D- C:\Program Files\Common Files\DVDVIDEOSOFT O43 - CFD: 05/10/2010 - 21:00:08 - [614532] ----D- C:\Program Files\Common Files\InstallShield O43 - CFD: 18/02/2011 - 11:33:36 - [1247175] ----D- C:\Program Files\Common Files\Java O43 - CFD: 21/10/2010 - 18:19:44 - [275601759] ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD: 27/03/2011 - 00:01:06 - [4780336] ----D- C:\Program Files\Common Files\PX Storage Engine O43 - CFD: 13/11/2010 - 23:22:12 - [863] ----D- C:\Program Files\Common Files\Real O43 - CFD: 05/04/2011 - 22:48:36 - [704206] ----D- C:\Program Files\Common Files\Research In Motion O43 - CFD: 02/11/2006 - 12:18:34 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 02/11/2006 - 12:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 31/03/2010 - 19:49:24 - [2488320] ----D- C:\Program Files\Common Files\SupportSoft O43 - CFD: 09/07/2010 - 22:26:34 - [8737810] ----D- C:\Program Files\Common Files\System O43 - CFD: 17/03/2010 - 20:01:02 - [116558746] ----D- C:\Program Files\Common Files\Windows Live O43 - CFD: 21/07/2010 - 22:35:20 - [11665920] ----D- C:\Program Files\Common Files\Wise Installation Wizard O43 - CFD: 13/11/2010 - 23:25:14 - [352256] ----D- C:\Program Files\Common Files\xing shared O43 - CFD: 09/10/2010 - 23:34:46 - [763] ----D- C:\ProgramData\Adobe O43 - CFD: 25/12/2010 - 12:28:28 - [92790583] ----D- C:\ProgramData\Apple O43 - CFD: 25/12/2010 - 12:16:44 - [67007504] ----D- C:\ProgramData\Apple Computer O43 - CFD: 02/11/2006 - 14:02:26 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 14/03/2010 - 19:19:50 - [0] -SH-D- C:\ProgramData\Bureau O43 - CFD: 02/11/2006 - 14:02:26 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 14/08/2010 - 23:13:48 - [76588] ----D- C:\ProgramData\DivX O43 - CFD: 02/11/2006 - 14:02:26 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 04/07/2010 - 20:33:38 - [1211] ----D- C:\ProgramData\F-Secure O43 - CFD: 14/03/2010 - 19:19:50 - [0] -SH-D- C:\ProgramData\Favoris O43 - CFD: 02/11/2006 - 14:02:26 - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 04/06/2011 - 22:49:56 - [443150477] ----D- C:\ProgramData\Kaspersky Lab O43 - CFD: 10/09/2010 - 19:44:54 - [83065134] ----D- C:\ProgramData\Kaspersky Lab Setup Files O43 - CFD: 10/09/2010 - 19:04:54 - [72] ----D- C:\ProgramData\Lavasoft O43 - CFD: 18/07/2010 - 16:19:40 - [14486951] ----D- C:\ProgramData\Malwarebytes O43 - CFD: 14/03/2010 - 19:19:50 - [0] -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 21/10/2010 - 18:22:50 - [141332737] -S--D- C:\ProgramData\Microsoft O43 - CFD: 14/03/2010 - 19:19:50 - [0] -SH-D- C:\ProgramData\Modèles O43 - CFD: 13/02/2011 - 15:22:38 - [389742750] ----D- C:\ProgramData\Nero O43 - CFD: 27/03/2010 - 11:10:46 - [540] ----D- C:\ProgramData\Office Genuine Advantage O43 - CFD: 17/10/2010 - 17:36:32 - [1341762] ----D- C:\ProgramData\Real O43 - CFD: 05/04/2011 - 22:48:34 - [911761] ----D- C:\ProgramData\Research In Motion O43 - CFD: 02/11/2006 - 14:02:26 - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 03/05/2010 - 09:45:52 - [224] ----D- C:\ProgramData\Sun O43 - CFD: 02/11/2006 - 14:02:26 - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 24/07/2010 - 22:34:20 - [492] ----D- C:\ProgramData\Vso O43 - CFD: 09/07/2010 - 11:07:28 - [0] ----D- C:\ProgramData\WindowsSearch O43 - CFD: 25/12/2010 - 12:18:36 - [541235] ----D- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} O43 - CFD: 21/03/2010 - 23:34:44 - [6251252] ----D- C:\Users\azdare\AppData\Roaming\Adobe O43 - CFD: 10/02/2011 - 22:32:44 - [133049] ----D- C:\Users\azdare\AppData\Roaming\Ahead O43 - CFD: 25/12/2010 - 12:29:14 - [1727760363] ----D- C:\Users\azdare\AppData\Roaming\Apple Computer O43 - CFD: 20/06/2010 - 17:36:42 - [5995] ----D- C:\Users\azdare\AppData\Roaming\BITS O43 - CFD: 21/07/2010 - 23:05:30 - [199] ----D- C:\Users\azdare\AppData\Roaming\dvdcss O43 - CFD: 20/06/2010 - 17:31:18 - [9430] ----D- C:\Users\azdare\AppData\Roaming\FlashGet O43 - CFD: 20/06/2010 - 17:31:08 - [478841] ----D- C:\Users\azdare\AppData\Roaming\FlashGetBHO O43 - CFD: 14/03/2010 - 19:23:16 - [0] ----D- C:\Users\azdare\AppData\Roaming\Identities O43 - CFD: 14/03/2010 - 19:25:18 - [0] ----D- C:\Users\azdare\AppData\Roaming\InstallShield O43 - CFD: 14/03/2010 - 19:29:22 - [487] ----D- C:\Users\azdare\AppData\Roaming\Macromedia O43 - CFD: 18/07/2010 - 16:20:00 - [35784] ----D- C:\Users\azdare\AppData\Roaming\Malwarebytes O43 - CFD: 11/05/2010 - 21:11:22 - [143327] -S--D- C:\Users\azdare\AppData\Roaming\Microsoft O43 - CFD: 14/03/2010 - 19:42:08 - [54724922] ----D- C:\Users\azdare\AppData\Roaming\Mozilla O43 - CFD: 14/11/2010 - 17:37:56 - [93593] ----D- C:\Users\azdare\AppData\Roaming\Nero O43 - CFD: 14/11/2010 - 18:00:22 - [2441905] ----D- C:\Users\azdare\AppData\Roaming\OpenOffice.org O43 - CFD: 13/11/2010 - 23:28:52 - [769474186] ----D- C:\Users\azdare\AppData\Roaming\Real O43 - CFD: 05/04/2011 - 22:47:46 - [1638885] ----D- C:\Users\azdare\AppData\Roaming\Research in Motion O43 - CFD: 14/05/2011 - 16:24:28 - [1237415] ----D- C:\Users\azdare\AppData\Roaming\Spotify O43 - CFD: 07/05/2011 - 19:53:30 - [1038170] ----D- C:\Users\azdare\AppData\Roaming\vlc O43 - CFD: 17/10/2010 - 17:45:48 - [18182] ----D- C:\Users\azdare\AppData\Roaming\Vso O43 - CFD: 05/06/2011 - 00:32:48 - [95117] ----D- C:\Users\azdare\AppData\Roaming\Winamp O43 - CFD: 20/03/2010 - 16:44:56 - [12] ----D- C:\Users\azdare\AppData\Roaming\WinRAR O43 - CFD: 09/10/2010 - 23:30:44 - [229216] ----D- C:\Users\azdare\Appdata\Local\Adobe O43 - CFD: 10/02/2011 - 22:31:56 - [106922] ----D- C:\Users\azdare\Appdata\Local\Ahead O43 - CFD: 25/12/2010 - 12:10:34 - [17837568] ----D- C:\Users\azdare\Appdata\Local\Apple O43 - CFD: 31/01/2011 - 23:59:14 - [89542434] ----D- C:\Users\azdare\Appdata\Local\Apple Computer O43 - CFD: 14/03/2010 - 19:23:08 - [0] -SH-D- C:\Users\azdare\Appdata\Local\Application Data O43 - CFD: 03/06/2011 - 21:24:36 - [0] ----D- C:\Users\azdare\Appdata\Local\CutePDF Writer O43 - CFD: 05/10/2010 - 21:18:12 - [19456] ----D- C:\Users\azdare\Appdata\Local\eSupport.com O43 - CFD: 14/03/2010 - 19:23:08 - [0] -SH-D- C:\Users\azdare\Appdata\Local\Historique O43 - CFD: 21/10/2010 - 22:29:22 - [258268023] ----D- C:\Users\azdare\Appdata\Local\Microsoft O43 - CFD: 14/03/2010 - 19:42:00 - [46358052] ----D- C:\Users\azdare\Appdata\Local\Mozilla O43 - CFD: 13/11/2010 - 23:26:52 - [0] ----D- C:\Users\azdare\Appdata\Local\Real O43 - CFD: 14/05/2011 - 15:29:36 - [1048222214] ----D- C:\Users\azdare\Appdata\Local\Spotify O43 - CFD: 11/07/2010 - 21:30:24 - [0] ----D- C:\Users\azdare\Appdata\Local\Sunbelt Software O43 - CFD: 31/03/2010 - 19:49:32 - [1580] ----D- C:\Users\azdare\Appdata\Local\SupportSoft O43 - CFD: 05/06/2011 - 00:57:24 - [31832] ----D- C:\Users\azdare\Appdata\Local\Temp O43 - CFD: 14/03/2010 - 19:23:08 - [0] -SH-D- C:\Users\azdare\Appdata\Local\Temporary Internet Files O43 - CFD: 17/10/2010 - 17:40:38 - [34948] ----D- C:\Users\azdare\Appdata\Local\VirtualStore O43 - CFD: 03/06/2011 - 21:49:54 - [65536] ----D- C:\Users\azdare\Appdata\Local\Windows Live O43 - CFD: 09/04/2011 - 12:09:18 - [0] ----D- C:\Users\azdare\Appdata\Local\{10BBD91C-9F4E-4223-A2CF-1BE17FC83EE0} O43 - CFD: 08/04/2011 - 19:26:44 - [0] ----D- C:\Users\azdare\Appdata\Local\{111027B6-8BCC-45D5-B2FA-11E03E0BA9FD} O43 - CFD: 03/06/2011 - 21:49:36 - [0] ----D- C:\Users\azdare\Appdata\Local\{1F403660-290D-45CD-A8D8-E75D0869AB21} O43 - CFD: 16/05/2011 - 18:06:08 - [0] ----D- C:\Users\azdare\Appdata\Local\{32557970-2D6B-4B80-B7C7-2D877B80FD1B} O43 - CFD: 29/05/2011 - 11:58:48 - [0] ----D- C:\Users\azdare\Appdata\Local\{3B3404AD-D056-4E30-ACA7-8B788EADAD1F} O43 - CFD: 15/04/2011 - 21:52:24 - [0] ----D- C:\Users\azdare\Appdata\Local\{408DD47B-3004-42FB-8F4F-35A0FDBEEE66} O43 - CFD: 28/05/2011 - 16:04:46 - [0] ----D- C:\Users\azdare\Appdata\Local\{53161186-4848-428B-B454-D00284FB0127} O43 - CFD: 01/06/2011 - 18:12:46 - [0] ----D- C:\Users\azdare\Appdata\Local\{5AC86398-546B-4329-A9BC-2C2424781FE0} O43 - CFD: 01/04/2011 - 19:30:12 - [0] ----D- C:\Users\azdare\Appdata\Local\{952E5CF0-2B8B-45E5-9148-9858B3792FCF} O43 - CFD: 11/04/2011 - 18:14:48 - [0] ----D- C:\Users\azdare\Appdata\Local\{98902A12-A5C6-4C0C-9D58-24590E50DFE2} O43 - CFD: 02/06/2011 - 20:07:22 - [0] ----D- C:\Users\azdare\Appdata\Local\{A204D076-B851-481A-9CAD-12488661DABB} O43 - CFD: 14/04/2011 - 18:53:20 - [0] ----D- C:\Users\azdare\Appdata\Local\{AB05E3E9-004E-4F44-90C3-FAC25555D6CA} O43 - CFD: 06/05/2011 - 21:26:38 - [0] ----D- C:\Users\azdare\Appdata\Local\{C1AC97A3-6B84-443F-9F4F-FB5F46D1EF99} O43 - CFD: 25/04/2011 - 20:59:40 - [0] ----D- C:\Users\azdare\Appdata\Local\{D3F2E284-357F-4F88-B789-F16EB96B1D6D} O43 - CFD: 29/05/2011 - 23:59:32 - [0] ----D- C:\Users\azdare\Appdata\Local\{DCDB0C18-3330-49B6-AFBE-86105AD515F9} ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.2EBD88E0E11F327F2302D10F5F577706] - 04/06/2011 - 23:45:50 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.E16852ED09657A5B7EB9372D11ED8C57] - 04/06/2011 - 21:48:10 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.2DD4ECC07979DBFC956DAA858C3644E9] - 31/05/2011 - 20:46:29 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [404640] O44 - LFC:[MD5.2DEB2F34AC9C07B8231A88214D86907C] - 25/05/2011 - 21:38:20 ---A- . (...) -- C:\Windows\System32\perfc009.dat [103658] O44 - LFC:[MD5.372AE0092CB04BCA6B26B8ACCCFF000E] - 25/05/2011 - 21:38:20 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [126248] O44 - LFC:[MD5.10578F7384AD305AE009788211031EAB] - 25/05/2011 - 21:38:20 ---A- . (...) -- C:\Windows\System32\perfh009.dat [595584] O44 - LFC:[MD5.67BA415429DBA591DAA310EB79A16802] - 25/05/2011 - 21:38:20 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [678294] O44 - LFC:[MD5.6A8067EDBE96B565C7D15DF5D3A2AFBD] - 25/05/2011 - 21:38:19 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1495948] O44 - LFC:[MD5.6307CD66CB3F4C4A13D0FF5995872E1F] - 23/05/2011 - 16:59:34 ---A- . (...) -- C:\Windows\System32\drivers\klin.dat [115369] ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "E:\Mes fichiers reçus\FlashGet\FlashGet3.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- E:\Mes fichiers reçus\FlashGet\FlashGet3.exe (.not file.) ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O53 - SMSR:HKLM\...\startupreg\AppleSyncNotifier [Key] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O53 - SMSR:HKLM\...\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} [Key] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe O53 - SMSR:HKLM\...\startupreg\Malwarebytes Anti-Malware (reboot) [Key] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe O53 - SMSR:HKLM\...\startupreg\NeroFilterCheck [Key] . (.Nero AG - NeroCheck.) -- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe O53 - SMSR:HKLM\...\startupreg\SiSTray [Key] . (...) -- C:\Program Files\SiS VGA Utilities\SiSTray.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe O53 - SMSR:HKLM\...\startupreg\SynTPEnh [Key] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O53 - SMSR:HKLM\...\startupreg\TkBellExe [Key] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- c:\program files\real\realplayer\Update\realsched.exe O53 - SMSR:HKLM\...\startupreg\Windows Defender [Key] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe O53 - SMSR:HKLM\...\startupreg\WMPNSCFG [Key] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0 ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 09:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [420968] O58 - SDL:[MD5.B84088CA3CDCA97DA44A984C6CE1CCAD] - 02/11/2006 - 09:51:32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297576] O58 - SDL:[MD5.7880C67BCCC27C86FD05AA2AFB5EA469] - 02/11/2006 - 09:50:35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [98408] O58 - SDL:[MD5.9AE713F8E30EFC2ABCCD84904333DF4D] - 02/11/2006 - 09:51:00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [147048] O58 - SDL:[MD5.496EDA16A127AC9A38BB285BEF17DBB5] - 30/05/2007 - 18:07:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17592] O58 - SDL:[MD5.5F673180268BB1FDB69C99B6619FE379] - 02/11/2006 - 09:50:09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [67688] O58 - SDL:[MD5.957F7540B5E7F602E44648C7DE5A1C05] - 02/11/2006 - 09:50:10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [67688] O58 - SDL:[MD5.2846F5EE802889D500FCF5CC48B28381] - 05/09/2009 - 13:25:36 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athr.sys [1183744] O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 15/03/2010 - 18:34:18 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [56816] O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 08:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568] O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 08:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248] O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 08:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808] O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 08:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336] O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 08:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160] O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 08:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904] O58 - SDL:[MD5.59172A0724F2AB769F31D61B0571D75B] - 30/05/2007 - 18:07:15 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19128] O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 09:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272] O58 - SDL:[MD5.F88FB26547FD2CE6D0A5AF2985892C48] - 02/11/2006 - 07:30:54 ---A- . (.Intel Corporation - Intel® PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G60I32.sys [117760] O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 09:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [316520] O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 18/05/2009 - 13:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [26600] O58 - SDL:[MD5.DF353B401001246853763C4B7AAA6F50] - 02/11/2006 - 09:50:10 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [37480] O58 - SDL:[MD5.C957BF4B5D80B46C5017BF0101E6C906] - 02/11/2006 - 09:51:25 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [232040] O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 09:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576] O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 09:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944] O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 09:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944] O58 - SDL:[MD5.222E263CC06E47BDA386FE19B88E8583] - 09/05/2007 - 15:33:00 ---A- . (.JMicron Technology Corp. - JMicron JMB36X RAID Driver.) -- C:\Windows\system32\drivers\jraid.sys [48640] O58 - SDL:[MD5.CE3958F58547454884E97BDA78CD7040] - 01/09/2009 - 13:29:50 ---A- . (.Kaspersky Lab - Kaspersky Unified Driver.) -- C:\Windows\system32\drivers\kl1.sys [128016] O58 - SDL:[MD5.53EEDAB3F0511321AC3AE8BC968B158C] - 14/10/2009 - 19:18:34 ---A- . (.Kaspersky Lab - Kaspersky Lab Boot Guard Driver.) -- C:\Windows\system32\drivers\klbg.sys [36880] O58 - SDL:[MD5.DE6C14FB8438EF932D9F58F269A19B85] - 10/09/2010 - 18:46:41 ---A- . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_x86].) -- C:\Windows\system32\drivers\klif.sys [311312] O58 - SDL:[MD5.00D1A61B38982EF12F0CBBFE98648F83] - 03/11/2009 - 15:33:40 ---A- . (.Kaspersky Lab - Kaspersky Lab Intermediate Network Driver.) -- C:\Windows\system32\drivers\klim6.sys [21520] O58 - SDL:[MD5.AA63A815876A76987B5DBCE6AF7478E9] - 02/10/2009 - 17:39:36 ---A- . (.Kaspersky Lab - KLMOUFLT Mouse Device Filter [fre_wlh_x86].) -- C:\Windows\system32\drivers\klmouflt.sys [19472] O58 - SDL:[MD5.A2262FB9F28935E862B4DB46438C80D2] - 02/11/2006 - 09:50:04 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [65640] O58 - SDL:[MD5.30D73327D390F72A62F32C103DAF1D6D] - 02/11/2006 - 09:50:05 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [65640] O58 - SDL:[MD5.E1E36FEFD45849A95F1AB81DE0159FE3] - 02/11/2006 - 09:50:10 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [65640] O58 - SDL:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 20/12/2010 - 18:08:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [20952] O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 20/12/2010 - 18:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [38224] O58 - SDL:[MD5.D153B14FC6598EAE8422A2037553ADCE] - 02/11/2006 - 09:49:53 ---A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [28776] O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 09:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384] O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 09:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160] O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 07:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608] O58 - SDL:[MD5.6F785DB62A6D8F3FAFD3E5695277E849] - 05/01/2007 - 20:59:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [86096] O58 - SDL:[MD5.4A5FCAB82D9BF6AF8A023A66802FE9E9] - 05/01/2007 - 20:59:42 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [35920] O58 - SDL:[MD5.5B6C11DE7E839C05248CED8825470FEF] - 24/07/2010 - 20:59:10 ---A- . (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Windows\system32\drivers\pcouffin.sys [47360] O58 - SDL:[MD5.CCDAC889326317792480C0A67156A1EC] - 02/11/2006 - 09:51:45 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [900712] O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 09:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088] O58 - SDL:[MD5.F17713D108ACA124A139FDE877EEF68A] - 20/05/2008 - 17:33:50 ---A- . (.Research In Motion Limited - BlackBerry Device Driver.) -- C:\Windows\system32\drivers\RimUsb.sys [22784] O58 - SDL:[MD5.4019149E4E296072831C8855605D9FDC] - 27/03/2010 - 15:41:46 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\Windows\system32\drivers\SBREDrv.sys [95024] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 06:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.C735CBBBC26C1D33C6D7AEB2AA65A52A] - 23/04/2008 - 10:21:08 ---A- . (.Silicon Integrated Systems Corporation - SiS AGPv3.5 Filter.) -- C:\Windows\system32\drivers\SISAGPX.SYS [58416] O58 - SDL:[MD5.CEDD6F4E7D84E9F98B34B3FE988373AA] - 02/11/2006 - 09:50:10 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [38504] O58 - SDL:[MD5.DF843C528C4F69D12CE41CE462E973A7] - 02/11/2006 - 09:50:16 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [71784] O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 09:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944] O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 09:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848] O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 09:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920] O58 - SDL:[MD5.70534D1E4F9AC990536D5FB5B550B3DE] - 14/08/2008 - 09:40:40 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [203312] O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 09:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [235112] O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 09:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408] O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 09:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816] O58 - SDL:[MD5.D4FB6ECC60A428564BA8768B0E23C0FC] - 18/02/2011 - 16:36:58 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl.sys [41984] O58 - SDL:[MD5.524D8D450622DB4A7875B111C299A76B] - 02/01/2011 - 16:58:01 ---A- . (.Pas de propriétaire - AVZ Driver.) -- C:\Windows\system32\drivers\utiwnzq2.sys [7168] O58 - SDL:[MD5.7AA7EC9A08DC2C39649C413B1A26E298] - 30/05/2007 - 18:07:15 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20152] O58 - SDL:[MD5.D984439746D42B30FC65A4C3546C6829] - 02/11/2006 - 09:50:41 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\system32\drivers\vsmraid.sys [112232] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 07:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 07:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097] O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 07:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768] O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 07:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 07:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537] O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 07:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 07:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 07:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 07:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 07:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146] O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 07:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952] O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 07:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672] O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 07:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776] O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 07:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536] O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 07:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672] ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - (.not file.) - 20901201 (20901201) .(...) - LEGACY_20901201 O64 - Services: CurCS - (.not file.) - 20901202 Boot Guard Driver (20901202) .(...) - LEGACY_20901202 O64 - Services: CurCS - C:\Windows\system32\Drivers\AVGNTFLT.sys - avgntflt (avgntflt) .(...) - LEGACY_AVGNTFLT O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(...) - LEGACY_BEEP O64 - Services: CurCS - (.not file.) - DrvAgent32 (DrvAgent32) .(...) - LEGACY_DRVAGENT32 O64 - Services: CurCS - (.not file.) - F-Secure Standalone Minifilter (F-Secure Standalone Minifilter) .(...) - LEGACY_F-SECURE_STANDALONE_MINIFILTER O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(...) - LEGACY_FASTFAT O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC O64 - Services: CurCS - 01/09/2009 - C:\Windows\System32\DRIVERS\kl1.sys - kl1(kl1) .(.Kaspersky Lab - Kaspersky Unified Driver.) - LEGACY_KL1 O64 - Services: CurCS - 14/10/2009 - C:\Windows\System32\drivers\klbg.sys - Kaspersky Lab Boot Guard Driver(klbg) .(.Kaspersky Lab - Kaspersky Lab Boot Guard Driver.) - LEGACY_KLBG O64 - Services: CurCS - 10/09/2010 - C:\Windows\System32\DRIVERS\klif.sys - Kaspersky Lab Driver(KLIF) .(.Kaspersky Lab - Klif Mini-Filter [fre_wlh_x86].) - LEGACY_KLIF O64 - Services: CurCS - 03/11/2009 - C:\Windows\System32\DRIVERS\klim6.sys - Kaspersky Anti-Virus NDIS 6 Filter(KLIM6) .(.Kaspersky Lab - Kaspersky Lab Intermediate Network Driver.) - LEGACY_KLIM6 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\Lbd.sys (.not file.) - Lbd (Lbd) .(...) - LEGACY_LBD O64 - Services: CurCS - C:\Users\azdare\AppData\Local\Temp\mbr.sys (.not file.) - mbr (mbr) .(...) - LEGACY_MBR O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(...) - LEGACY_NTFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(...) - LEGACY_SECDRV O64 - Services: CurCS - (.not file.) - setup_9.0.0.722_02.10.2010_14-31drv (setup_9.0.0.722_02.10.2010_14-31drv) .(...) - LEGACY_SETUP_9.0.0.722_02.10.2010_14-31DRV O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - Bing ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.254FBCA565E049648B0CCE2CEADF05D2] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\azdare\AppData\Roaming\inst.exe [87608] [MD5.5B6C11DE7E839C05248CED8825470FEF] [sPRF] (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Users\azdare\AppData\Roaming\pcouffin.sys [47360] ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "SLSVC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\slsvc.exe O87 - FAEL: "SLSVC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\slsvc.exe O87 - FAEL: "WinCollab-DFSR-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe O87 - FAEL: "WinCollab-DFSR-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe O87 - FAEL: "WinCollab-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "WinCollab-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "WinCollab-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "WinCollab-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "TCP Query User{071AB4AD-4BD4-4C49-91CC-F2F66C483F89}C:\program files\spotify\spotify.exe" | In - Public - P6 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\program files\spotify\spotify.exe O87 - FAEL: "UDP Query User{7312E921-F826-4EB9-8FBD-6144C0814A8A}C:\program files\spotify\spotify.exe" | In - Public - P17 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\program files\spotify\spotify.exe O87 - FAEL: "TCP Query User{C26B9D6F-7B12-4A29-A795-CAE43A4D7A0F}C:\program files\internet explorer\iexplore.exe" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files\internet explorer\iexplore.exe O87 - FAEL: "UDP Query User{A2546927-67E1-4116-90AA-0ADF4D673394}C:\program files\internet explorer\iexplore.exe" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files\internet explorer\iexplore.exe O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus de l’autorité de sécurité locale.) -- C:\Windows\system32\lsass.exe O87 - FAEL: "{ED13C80F-4862-46CD-AA37-07532443EAA3}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O87 - FAEL: "TCP Query User{DCB2EACD-2191-416C-8F28-64062AA3CAB3}C:\program files\spotify\spotify.exe" | In - Private - P6 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\program files\spotify\spotify.exe O87 - FAEL: "UDP Query User{A552FBAA-8EC9-45F0-ACEA-E5360BD77317}C:\program files\spotify\spotify.exe" | In - Private - P17 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\program files\spotify\spotify.exe O87 - FAEL: "TCP Query User{78FC08B1-8695-4144-98A8-87B113321E3E}C:\program files\mozilla firefox\firefox.exe" | In - Private - P6 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe O87 - FAEL: "UDP Query User{2BC5DC51-3A9E-41EA-872D-7B9E27B84B02}C:\program files\mozilla firefox\firefox.exe" | In - Private - P17 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe O87 - FAEL: "TCP Query User{E4A7AD8C-E930-42DB-934D-CE340CFD67D0}C:\program files\mozilla firefox\firefox.exe" | In - Public - P6 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe O87 - FAEL: "UDP Query User{84687092-6BD3-49E8-9B1A-A01E8224DB56}C:\program files\mozilla firefox\firefox.exe" | In - Public - P17 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe O87 - FAEL: "TCP Query User{CA645644-8B05-4C78-A13B-4B92C31A9D43}C:\program files\real\realplayer\realplay.exe" | In - Private - P6 - TRUE | .(.RealNetworks, Inc. - RealPlayer.) -- C:\program files\real\realplayer\realplay.exe O87 - FAEL: "UDP Query User{B78AFAB4-536F-479B-AF8E-209A17A54CEE}C:\program files\real\realplayer\realplay.exe" | In - Private - P17 - TRUE | .(.RealNetworks, Inc. - RealPlayer.) -- C:\program files\real\realplayer\realplay.exe O87 - FAEL: "TCP Query User{3FE62662-AC81-4364-B219-0D9BCE170550}C:\program files\java\jre6\bin\javaw.exe" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\program files\java\jre6\bin\javaw.exe O87 - FAEL: "UDP Query User{F7715B82-8566-47D4-9303-0DDC180D65D5}C:\program files\java\jre6\bin\javaw.exe" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\program files\java\jre6\bin\javaw.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "{1A7E82A5-1177-48B6-8A72-A79D3F286F78}" | In - Private - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "{751F37D7-40C2-46A9-BC49-D62C9588F32B}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O87 - FAEL: "{CC6EC8E2-98E6-4A66-A42F-F981367244C0}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O87 - FAEL: "{1DF79D9B-C7F5-45DC-8D46-0FFB2A0F5ACC}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 18/02/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 10/09/2010 340520 | (AVP) . (.Kaspersky Lab.) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe SR - | Auto 06/04/2011 349472 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Demand 14/04/2011 820520 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SS - | Demand 22/01/2008 275752 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe SR - | Auto 18/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by azdare at 05/06/2011 00:58:45 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys ndis.sys athr.sys rdbss.sys tcpip.sys NETIO.SYS USBPORT.SYS usbehci.sys usbohci.sys C:\Windows\system32\DRIVERS\athr.sys Atheros Communications, Inc. Driver for Atheros CB42/CB43/MB42/MB43 Network Adapter 1 ntkrnlpa!IofCallDriver[0x82C5F912] -> \Device\Harddisk0\DR0[0x85723528] 3 CLASSPNP[0x83FD18B3] -> ntkrnlpa!IofCallDriver[0x82C5F912] -> [0x85510538] 5 acpi[0x806956BC] -> ntkrnlpa!IofCallDriver[0x82C5F912] -> \Device\Ide\IdeDeviceP1T0L0-1[0x855106C0] kernel: MBR read successfully user & kernel MBR OK ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by azdare at 05/06/2011 00:58:47 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ---\\ Liste des émulateurs de CD/DVD (Hook du MBR) O58 - SDL:[MD5.5B6C11DE7E839C05248CED8825470FEF] - 24/07/2010 - 20:59:10 ---A- . (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Windows\system32\drivers\pcouffin.sys [47360] End of the scan (974 lines in 01mn 49s)(0)
  14. azdare
    merci pour ta reponse! tout est a jour bizarement, tout a ete fait mais je pense que c'est un probleme de avira
  15. azdare
    ca dit rien à personne ce problème?? Merci
×
×
  • Créer...