azdare
-
Compteur de contenus
34 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Messages posté(e)s par azdare
-
-
Salut a tous,
Est ce que vous pouvez me rassurer en analysant mon rapport ZHPDiag qui se trouve ci dessous:
Cijoint.fr - Service gratuit de dépôt de fichiers
Merci d'avance.
-
Bonsoir lance_yien,
Merci pour tout!
-
Bonjour,
Voici le rapport je pense que cela a fonctionne, merci.
All processes killed
========== OTL ==========
Service utiwnzq2 stopped successfully!
Service utiwnzq2 deleted successfully!
C:\Windows\System32\drivers\utiwnzq2.sys moved successfully.
Prefs.js: "88.181.31.125 " removed from network.proxy.http
Prefs.js: 80 removed from network.proxy.http_port
Prefs.js: 0 removed from network.proxy.type
C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com\META-INF folder moved successfully.
C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com\chrome\skin\images folder moved successfully.
C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com\chrome\skin\css folder moved successfully.
C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com\chrome\skin folder moved successfully.
C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com\chrome\locale\en-US folder moved successfully.
C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com\chrome\locale folder moved successfully.
C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com\chrome\content\xul folder moved successfully.
C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com\chrome\content folder moved successfully.
C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com\chrome folder moved successfully.
C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com folder moved successfully.
C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\vshare@toolbar\META-INF folder moved successfully.
C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\vshare@toolbar\chrome folder moved successfully.
C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\vshare@toolbar folder moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Configuration IP de Windows
Cache de r‚solution DNS vid‚.
C:\Users\azdare\Desktop\cmd.bat deleted successfully.
C:\Users\azdare\Desktop\cmd.txt deleted successfully.
File\Folder C:\WINDOWS\tasks\*.job not found.
File\Folder C:\*.sqm not found.
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\Windows\System32\drivers\utiwnzq2.sys not found.
C:\Program Files\ESET\ESET Online Scanner\Quarantine folder moved successfully.
C:\Program Files\ESET\ESET Online Scanner\Modules\data\updfiles\temp folder moved successfully.
C:\Program Files\ESET\ESET Online Scanner\Modules\data\updfiles\oldfiles folder moved successfully.
C:\Program Files\ESET\ESET Online Scanner\Modules\data\updfiles\http_update.eset.com folder moved successfully.
C:\Program Files\ESET\ESET Online Scanner\Modules\data\updfiles\continuous folder moved successfully.
C:\Program Files\ESET\ESET Online Scanner\Modules\data\updfiles folder moved successfully.
C:\Program Files\ESET\ESET Online Scanner\Modules\data folder moved successfully.
C:\Program Files\ESET\ESET Online Scanner\Modules folder moved successfully.
C:\Program Files\ESET\ESET Online Scanner folder moved successfully.
C:\Program Files\ESET folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: azdare
->Temp folder emptied: 22746828 bytes
->Temporary Internet Files folder emptied: 2246247 bytes
->Java cache emptied: 10705577 bytes
->FireFox cache emptied: 80392338 bytes
->Flash cache emptied: 3043 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 52884 bytes
RecycleBin emptied: 409424054 bytes
Total Files Cleaned = 501,00 mb
[EMPTYFLASH]
User: All Users
User: azdare
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.24.0 log created on 06132011_190738
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
-
-
voici le rapport OTL
All processes killed
Error: Unable to interpret <:OTL
DRV - [2011/01/02 17:58:01 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\utiwnzq2.sys -- (utiwnzq2)
FF - prefs.js..network.proxy.http: "88.181.31.125 "
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.type: 0
[2011/05/27 19:05:28 | 000,000,000 | ---D | M] (ImageExchange) -- C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com
[2010/09/11 19:56:35 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\vshare@toolbar
:Services
:Reg
:Files
ipconfig /flushdns /c
C:\WINDOWS\tasks\*.job
C:\*.sqm
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\Windows\System32\drivers\utiwnzq2.sys
C:\Program Files\ESET
:Commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]> in the current context!
OTL by OldTimer - Version 3.2.24.0 log created on 06122011_222624
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
-
Voici le rapport Extra.txt
OTL Extras logfile created on: 12/06/2011 10:51:38 - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\azdare\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
764,46 Mb Total Physical Memory | 274,38 Mb Available Physical Memory | 35,89% Memory free
1,75 Gb Paging File | 1,02 Gb Available in Paging File | 57,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 45,90 Gb Total Space | 13,45 Gb Free Space | 29,30% Space Free | Partition Type: NTFS
Drive E: | 63,88 Gb Total Space | 40,66 Gb Free Space | 63,64% Space Free | Partition Type: NTFS
Computer Name: PC-DE-AZDARE | User Name: azdare | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2189852577-1833391480-1869350370-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"E:\Mes fichiers reçus\FlashGet\FlashGet3.exe" = E:\Mes fichiers reçus\FlashGet\FlashGet3.exe:*:Enabled:Flashget3
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0817E560-148A-4776-BBBB-BAC7AE4E1D8D}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
"{430F40E5-F8AE-4AB9-BCAF-39C40504A4CA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{6B299600-D91D-49FB-89CE-ED6F7AC5AC47}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{AC2914A5-3F22-48B7-B82D-CFCB806E0477}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
"{DD1408F2-3F55-4349-8550-491A227FFDA6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FBF94DD3-0033-410D-9631-824724ACA8EE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A9BE26D-7B9B-41D6-B02A-392F3B6FF36C}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{1DF79D9B-C7F5-45DC-8D46-0FFB2A0F5ACC}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{751F37D7-40C2-46A9-BC49-D62C9588F32B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CC6EC8E2-98E6-4A66-A42F-F981367244C0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{ED13C80F-4862-46CD-AA37-07532443EAA3}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"TCP Query User{071AB4AD-4BD4-4C49-91CC-F2F66C483F89}C:\program files\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\program files\spotify\spotify.exe |
"TCP Query User{3FE62662-AC81-4364-B219-0D9BCE170550}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{78FC08B1-8695-4144-98A8-87B113321E3E}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{C26B9D6F-7B12-4A29-A795-CAE43A4D7A0F}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{CA645644-8B05-4C78-A13B-4B92C31A9D43}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{DCB2EACD-2191-416C-8F28-64062AA3CAB3}C:\program files\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\program files\spotify\spotify.exe |
"TCP Query User{E4A7AD8C-E930-42DB-934D-CE340CFD67D0}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{2BC5DC51-3A9E-41EA-872D-7B9E27B84B02}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{7312E921-F826-4EB9-8FBD-6144C0814A8A}C:\program files\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\program files\spotify\spotify.exe |
"UDP Query User{84687092-6BD3-49E8-9B1A-A01E8224DB56}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{A2546927-67E1-4116-90AA-0ADF4D673394}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{A552FBAA-8EC9-45F0-ACEA-E5360BD77317}C:\program files\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\program files\spotify\spotify.exe |
"UDP Query User{B78AFAB4-536F-479B-AF8E-209A17A54CEE}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{F7715B82-8566-47D4-9303-0DDC180D65D5}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{05653DE1-6567-40C6-B930-39D399B64369}" = OpenOffice.org 3.3
"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22FB6750-ADDF-4726-B67F-6901E1991036}" = Nero 7 Ultra Edition
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java 6 Update 26
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3E789BE5-3DE0-498C-8F74-35010DACA2ED}" = Wireless LAN Driver
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{9085040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{95120000-003F-0409-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.4 - Français
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CCleaner" = CCleaner
"CutePDF Writer Installation" = CutePDF Writer 2.8
"InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 4.0.1 (x86 fr)" = Mozilla Firefox 4.0.1 (x86 fr)
"RealPlayer 12.0" = RealPlayer
"Spotify" = Spotify
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.1.10
"Winamp" = Winamp
"WinLiveSuite" = Windows Live
"WinRAR archiver" = Logiciel d'archivage WinRAR
"ZHPDiag_is1" = ZHPDiag 1.27
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Détection de l'application Winamp
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 01/06/2011 17:47:44 | Computer Name = PC-de-azdare | Source = Windows Search Service | ID = 3013
Description =
Error - 01/06/2011 17:47:44 | Computer Name = PC-de-azdare | Source = Windows Search Service | ID = 3013
Description =
Error - 01/06/2011 17:47:45 | Computer Name = PC-de-azdare | Source = Windows Search Service | ID = 3013
Description =
Error - 01/06/2011 17:47:45 | Computer Name = PC-de-azdare | Source = Windows Search Service | ID = 3013
Description =
Error - 01/06/2011 17:47:46 | Computer Name = PC-de-azdare | Source = Windows Search Service | ID = 3013
Description =
Error - 01/06/2011 17:47:46 | Computer Name = PC-de-azdare | Source = Windows Search Service | ID = 3013
Description =
Error - 05/06/2011 14:11:52 | Computer Name = PC-de-azdare | Source = EventSystem | ID = 4609
Description =
Error - 05/06/2011 15:06:03 | Computer Name = PC-de-azdare | Source = Microsoft-Windows-CAPI2 | ID = 131584
Description =
Error - 11/06/2011 07:06:49 | Computer Name = PC-de-azdare | Source = System Restore | ID = 8193
Description =
Error - 11/06/2011 07:23:11 | Computer Name = PC-de-azdare | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 9.0.8112.16421, horodatage
0x4d76255d, module défaillant MSHTML.dll, version 9.0.8112.16421, horodatage 0x4d76266c,
code d’exception 0xc0000005, décalage d’erreur 0x00440f5b, ID du processus 0x15c4,
heure de début de l’application 0x01cc2827d1b49305.
[ System Events ]
Error - 09/06/2011 13:55:25 | Computer Name = PC-de-azdare | Source = Service Control Manager | ID = 7000
Description =
Error - 09/06/2011 13:55:25 | Computer Name = PC-de-azdare | Source = Service Control Manager | ID = 7026
Description =
Error - 11/06/2011 05:57:14 | Computer Name = PC-de-azdare | Source = Service Control Manager | ID = 7000
Description =
Error - 11/06/2011 05:57:14 | Computer Name = PC-de-azdare | Source = Service Control Manager | ID = 7026
Description =
Error - 11/06/2011 06:58:37 | Computer Name = PC-de-azdare | Source = DCOM | ID = 10010
Description =
Error - 11/06/2011 09:38:33 | Computer Name = PC-de-azdare | Source = EventLog | ID = 6008
Description = L'arrêt système précédant à 14:36:16 le 11/06/2011 n'était pas prévu.
Error - 11/06/2011 09:40:37 | Computer Name = PC-de-azdare | Source = Service Control Manager | ID = 7000
Description =
Error - 11/06/2011 09:40:37 | Computer Name = PC-de-azdare | Source = Service Control Manager | ID = 7026
Description =
Error - 12/06/2011 05:06:53 | Computer Name = PC-de-azdare | Source = Service Control Manager | ID = 7000
Description =
Error - 12/06/2011 05:06:53 | Computer Name = PC-de-azdare | Source = Service Control Manager | ID = 7026
Description =
< End of report >
-
Bonjour,
Voici le rapport OTL.txt
OTL logfile created on: 12/06/2011 10:51:38 - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\azdare\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
764,46 Mb Total Physical Memory | 274,38 Mb Available Physical Memory | 35,89% Memory free
1,75 Gb Paging File | 1,02 Gb Available in Paging File | 57,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 45,90 Gb Total Space | 13,45 Gb Free Space | 29,30% Space Free | Partition Type: NTFS
Drive E: | 63,88 Gb Total Space | 40,66 Gb Free Space | 63,64% Space Free | Partition Type: NTFS
Computer Name: PC-DE-AZDARE | User Name: azdare | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/06/12 10:38:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\azdare\Desktop\OTL.exe
PRC - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/01/17 20:09:00 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 20:09:00 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2011/01/17 20:09:00 | 000,307,200 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\swriter.exe
PRC - [2010/11/13 23:23:10 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- c:\program files\real\realplayer\update\realsched.exe
PRC - [2010/09/10 19:59:56 | 000,340,520 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (SafeList) ==========
MOD - [2011/06/12 10:38:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\azdare\Desktop\OTL.exe
MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/09/10 19:59:56 | 000,340,520 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP)
SRV - [2008/01/18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/01/02 17:58:01 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\utiwnzq2.sys -- (utiwnzq2)
DRV - [2010/09/10 19:46:41 | 000,311,312 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2009/11/03 16:33:40 | 000,021,520 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009/10/14 20:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\klbg.sys -- (klbg)
DRV - [2009/10/02 18:39:36 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/09/05 14:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/09/01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2008/04/23 11:21:08 | 000,058,416 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2007/05/09 16:33:00 | 000,048,640 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.7.5
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.http: "88.181.31.125 "
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/01 23:52:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/01 23:40:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010/09/10 19:48:10 | 000,000,000 | ---D | M]
[2010/03/14 19:42:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\azdare\AppData\Roaming\mozilla\Extensions
[2011/05/27 19:05:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions
[2011/03/22 20:27:56 | 000,000,000 | ---D | M] (Session Manager) -- C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}
[2010/12/09 22:00:50 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2011/05/27 19:05:28 | 000,000,000 | ---D | M] (ImageExchange) -- C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\image-exchange@picscout.com
[2010/09/11 19:56:35 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\azdare\AppData\Roaming\mozilla\Firefox\Profiles\u2881517.default\extensions\vshare@toolbar
[2011/06/08 23:16:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2010/12/19 21:36:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/02/18 11:33:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/08 23:16:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2010/09/10 19:49:01 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\mozilla firefox\extensions\linkfilter@kaspersky.ru
File not found (No name found) --
[2011/05/01 23:51:49 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/22 19:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011/04/14 18:36:39 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2011/04/14 18:36:39 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/04/14 18:36:40 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/04/14 18:36:40 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2011/04/14 18:36:41 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/04/14 18:36:41 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Users\azdare\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\azdare\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/07/17 15:32:26 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/07/17 15:32:26 | 000,000,000 | RHSD | M] - E:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
========== Files/Folders - Created Within 30 Days ==========
[2011/06/12 10:38:06 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\azdare\Desktop\OTL.exe
[2011/06/11 12:26:02 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/06/08 23:36:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/06/08 23:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/06/08 23:16:30 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/06/08 23:16:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/06/08 23:16:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/06/05 20:18:19 | 000,000,000 | ---D | C] -- C:\Users\azdare\AppData\Local\{F0E652F3-7BB0-4938-8522-30438CA6BF7F}
[2011/06/03 21:49:22 | 000,000,000 | ---D | C] -- C:\Users\azdare\AppData\Local\{1F403660-290D-45CD-A8D8-E75D0869AB21}
[2011/06/02 20:07:10 | 000,000,000 | ---D | C] -- C:\Users\azdare\AppData\Local\{A204D076-B851-481A-9CAD-12488661DABB}
[2011/06/01 18:12:32 | 000,000,000 | ---D | C] -- C:\Users\azdare\AppData\Local\{5AC86398-546B-4329-A9BC-2C2424781FE0}
[2011/05/29 23:59:19 | 000,000,000 | ---D | C] -- C:\Users\azdare\AppData\Local\{DCDB0C18-3330-49B6-AFBE-86105AD515F9}
[2011/05/29 11:58:37 | 000,000,000 | ---D | C] -- C:\Users\azdare\AppData\Local\{3B3404AD-D056-4E30-ACA7-8B788EADAD1F}
[2011/05/28 16:04:30 | 000,000,000 | ---D | C] -- C:\Users\azdare\AppData\Local\{53161186-4848-428B-B454-D00284FB0127}
[2011/05/25 09:50:42 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\sun
[2011/05/17 17:20:14 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/05/16 18:05:53 | 000,000,000 | ---D | C] -- C:\Users\azdare\AppData\Local\{32557970-2D6B-4B80-B7C7-2D877B80FD1B}
[2010/07/24 21:59:10 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\azdare\AppData\Roaming\pcouffin.sys
========== Files - Modified Within 30 Days ==========
[2011/06/12 10:43:15 | 000,020,032 | ---- | M] () -- C:\Users\azdare\Desktop\OTL.odt
[2011/06/12 10:43:14 | 000,000,108 | -H-- | M] () -- C:\Users\azdare\Desktop\.~lock.OTL.odt#
[2011/06/12 10:41:58 | 000,000,108 | -H-- | M] () -- C:\Users\azdare\Desktop\.~lock.Sans nom 1.odt#
[2011/06/12 10:38:08 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\azdare\Desktop\OTL.exe
[2011/06/12 10:22:25 | 020,001,529 | ---- | M] () -- C:\Users\azdare\Desktop\20110610_afterfoot_10.mp3
[2011/06/12 10:22:10 | 021,770,041 | ---- | M] () -- C:\Users\azdare\Desktop\20110610_afterfoot_9.mp3
[2011/06/12 10:21:30 | 024,822,073 | ---- | M] () -- C:\Users\azdare\Desktop\20110610_afterfoot_8.mp3
[2011/06/12 10:21:07 | 020,009,593 | ---- | M] () -- C:\Users\azdare\Desktop\20110610_afterfoot_7.mp3
[2011/06/12 10:05:24 | 000,001,356 | ---- | M] () -- C:\Users\azdare\AppData\Local\d3d9caps.dat
[2011/06/12 10:05:22 | 000,003,776 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/12 10:05:22 | 000,003,776 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/12 10:05:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/11 11:42:29 | 000,678,294 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2011/06/11 11:42:29 | 000,595,584 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/11 11:42:29 | 000,126,248 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2011/06/11 11:42:29 | 000,103,658 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/11 11:38:46 | 000,028,270 | ---- | M] () -- C:\Users\azdare\Desktop\Sans nom 1.odt
[2011/06/09 20:08:10 | 000,070,656 | ---- | M] () -- C:\Users\azdare\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/08 23:36:44 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/06/08 23:26:39 | 000,000,814 | ---- | M] () -- C:\Users\azdare\Documents\cc_20110608_232635.reg
[2011/06/08 23:20:22 | 000,003,206 | ---- | M] () -- C:\Users\azdare\Documents\cc_20110608_232009.reg
[2011/06/06 20:01:56 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/06/05 19:12:55 | 000,000,049 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011/06/05 01:10:25 | 000,000,795 | ---- | M] () -- C:\Users\azdare\Desktop\MBRCheck.lnk
[2011/06/05 01:10:25 | 000,000,788 | ---- | M] () -- C:\Users\azdare\Desktop\ZHPDiag.lnk
[2011/06/05 01:10:25 | 000,000,783 | ---- | M] () -- C:\Users\azdare\Desktop\ZHPFix.lnk
[2011/06/05 00:45:50 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin
[2011/06/05 00:34:53 | 000,000,832 | ---- | M] () -- C:\Users\azdare\Documents\cc_20110605_003447.reg
[2011/06/03 21:24:24 | 000,103,798 | ---- | M] () -- C:\Users\azdare\Desktop\hertz.pdf
[2011/06/03 20:19:52 | 000,167,117 | ---- | M] () -- C:\Users\azdare\Desktop\Ryanair.pdf
[2011/05/29 11:17:05 | 000,001,724 | ---- | M] () -- C:\Users\azdare\Documents\cc_20110529_111659.reg
[2011/05/29 11:14:02 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/05/23 17:59:34 | 000,115,369 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
========== Files Created - No Company Name ==========
[2011/06/12 10:43:14 | 000,000,108 | -H-- | C] () -- C:\Users\azdare\Desktop\.~lock.OTL.odt#
[2011/06/12 10:43:12 | 000,020,032 | ---- | C] () -- C:\Users\azdare\Desktop\OTL.odt
[2011/06/12 10:41:58 | 000,000,108 | -H-- | C] () -- C:\Users\azdare\Desktop\.~lock.Sans nom 1.odt#
[2011/06/12 10:21:59 | 020,001,529 | ---- | C] () -- C:\Users\azdare\Desktop\20110610_afterfoot_10.mp3
[2011/06/12 10:21:27 | 021,770,041 | ---- | C] () -- C:\Users\azdare\Desktop\20110610_afterfoot_9.mp3
[2011/06/12 10:20:40 | 024,822,073 | ---- | C] () -- C:\Users\azdare\Desktop\20110610_afterfoot_8.mp3
[2011/06/12 10:20:21 | 020,009,593 | ---- | C] () -- C:\Users\azdare\Desktop\20110610_afterfoot_7.mp3
[2011/06/11 11:38:46 | 000,028,270 | ---- | C] () -- C:\Users\azdare\Desktop\Sans nom 1.odt
[2011/06/08 23:36:44 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/06/08 23:26:37 | 000,000,814 | ---- | C] () -- C:\Users\azdare\Documents\cc_20110608_232635.reg
[2011/06/08 23:20:20 | 000,003,206 | ---- | C] () -- C:\Users\azdare\Documents\cc_20110608_232009.reg
[2011/06/05 00:45:50 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin
[2011/06/05 00:34:51 | 000,000,832 | ---- | C] () -- C:\Users\azdare\Documents\cc_20110605_003447.reg
[2011/06/03 21:24:33 | 000,103,798 | ---- | C] () -- C:\Users\azdare\Desktop\hertz.pdf
[2011/06/03 20:20:01 | 000,167,117 | ---- | C] () -- C:\Users\azdare\Desktop\Ryanair.pdf
[2011/05/29 11:17:03 | 000,001,724 | ---- | C] () -- C:\Users\azdare\Documents\cc_20110529_111659.reg
[2011/04/09 12:44:56 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011/01/02 17:58:01 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\utiwnzq2.sys
[2010/12/25 18:01:20 | 000,024,206 | ---- | C] () -- C:\Users\azdare\AppData\Roaming\UserTile.png
[2010/10/14 18:11:36 | 000,001,057 | ---- | C] () -- C:\Users\azdare\AppData\Roaming\vso_ts_preview.xml
[2010/09/10 19:48:49 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2010/09/10 19:48:49 | 000,097,859 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2010/07/24 21:59:10 | 000,087,608 | ---- | C] () -- C:\Users\azdare\AppData\Roaming\inst.exe
[2010/07/24 21:59:10 | 000,007,887 | ---- | C] () -- C:\Users\azdare\AppData\Roaming\pcouffin.cat
[2010/07/24 21:59:10 | 000,001,144 | ---- | C] () -- C:\Users\azdare\AppData\Roaming\pcouffin.inf
[2010/07/08 23:25:15 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/07/08 19:11:15 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/07/08 19:11:15 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/07/08 19:10:00 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2010/06/20 17:36:41 | 000,000,292 | ---- | C] () -- C:\Windows\System32\secustat.dat
[2010/06/20 17:31:21 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010/06/07 23:25:58 | 000,000,552 | ---- | C] () -- C:\Users\azdare\AppData\Local\d3d8caps.dat
[2010/05/12 23:18:24 | 000,000,000 | ---- | C] () -- C:\Windows\lgfwup.ini
[2010/05/08 14:07:42 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2010/03/15 03:10:22 | 000,678,294 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2010/03/15 03:10:22 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2010/03/15 03:10:22 | 000,126,248 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2010/03/15 03:10:22 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2010/03/14 19:49:47 | 000,070,656 | ---- | C] () -- C:\Users\azdare\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/14 19:23:09 | 000,001,356 | ---- | C] () -- C:\Users\azdare\AppData\Local\d3d9caps.dat
[2009/09/09 18:01:40 | 000,027,675 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2006/11/02 13:56:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:43 | 000,257,592 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 11:33:01 | 000,595,584 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,103,658 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
< End of report >
-
Bonjour,
Voici les rapports demandes, par contre Eset je n'ai pas de rapport puisqu'il n'a rien detecte mais j'ai un rapport datant du Lundi 06 Juin 2011
Merci.
Mes rapports:
scan-results.txt (ESET) (pas de rapport)mais voici mon rapport du 06 juin
C:\Users\azdare\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\640f9e74-6ddd049c une variante de Java/Agent.BR cheval de troie supprimé - mis en quarantaine
C:\Users\azdare\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\6bd0ba18-41e889c7 une variante probable de Java/Agent.BR cheval de troie supprimé - mis en quarantaine
C:\Users\azdare\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\61a815d-450fa7f3 une variante probable de Java/Agent.BR cheval de troie supprimé - mis en quarantaine
C:\Users\azdare\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\10fa0cb9-19f9af3c une variante probable de Java/Agent.BR cheval de troie supprimé - mis en quarantaine
Permalink.txt (Jotti)
uteznza5.sys - Le scanner antivirus de Jotti
Malwarebytes Anti-Malware log
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org
Version de la base de données: 6835
Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421
11/06/2011 17:18:19
mbam-log-2011-06-11 (17-18-19).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 147308
Temps écoulé: 8 minute(s), 12 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
checkup.txt
Results of screen317's Security Check version 0.99.13
Windows Vista Service Pack 2 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
ESET Online Scanner v3
Kaspersky Internet Security 2010
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
CCleaner
Java 6 Update 26
Adobe Flash Player 10.3.181.22
Adobe Reader 9.4.4 - Français
Out of date Adobe Reader installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Malwarebytes' Anti-Malware mbamservice.exe
Kaspersky Lab Kaspersky Internet Security 2010 avp.exe
``````````End of Log````````````
-
Bonsoir,
Juste pour vous signaler qu’après 72 heures je n'ai pas eu de réponse donc voici ci dessous le lien vers mon message
http://forum.zebulon.fr/findpost-t185817-p1556755.html
Merci a vous.
-
Bonsoir,
Voici ci dessous une demande de ma part.
http://forum.zebulon.fr/findpost-t185803-p1556548.html
Merci a vous!
-
Salut Tonton,
je le fais immédiatement merci pour ta réponse.
-
Bonsoir a tous,
Est ce que svp vous pouvez me dire si mon rapport ZHPDiag ne présente aucun danger?
Merci d'avance
Rapport de ZHPDiag v1.27.223 par Nicolas Coolman, Update du 04/06/2011
Run by azdare at 05/06/2011 00:56:58
Web site : ZHPDiag Outil de diagnostic
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 4.0.1 v4.0.1 (Defaut)
GCIE: Google Chrome
---\\ System Information
Windows Vista Business Edition, 32-bit Service Pack 2 (Build 6002)
Processor: x86 Family 6 Model 14 Stepping 12, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 764 MB (44% free)
System Restore: Activé (Enable)
System drive C: has 13 GB (27%) free of 46 GB
---\\ Logged in mode
Computer Name: PC-DE-AZDARE
User Name: azdare
All Users Names: azdare, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
%AppData%=C:\Users\azdare\AppData\Roaming
%LocalAppData%=C:\Users\azdare\AppData\Local
%StartMenu%=C:\Users\azdare\AppData\Roaming\Microsoft\Windows\Start Menu
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 13 Go of 46 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ Hard drive, Flash drive, Thumb drive (Free 40 Go of 64 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 06:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.18/01/2008 22:33:38.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.A1236375B74EA63C75657D564890C436] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/04/2011 21:32:04.) -- C:\Windows\system32\wininet.dll [1126912]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 06:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 06:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 06:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880]
---\\ Processus lancés
[MD5.DF9586377384DF3808D42090242CC23B] - (.Kaspersky Lab - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [340520]
[MD5.638C728F21CCC7EC4F8517A212C34353] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160]
[MD5.BDC7E42435FCC3328FCA2497FA6F2175] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [657920]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120]
[MD5.E83508D9A0F0D0D8449317DC6A4C5E02] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632]
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [azdare] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [azdare] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [azdare] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [azdare] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [azdare] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [azdare] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [azdare] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.4".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 12.0.1.609.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll
P2 - FPN:Firefox Plugin Navigator . (.Nullsoft, Inc. - Winamp Application Detector.) -- C:\Program Files\Mozilla Firefox\Plugins\npwachk.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60310.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=12.0.1.609] - (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- c:\program files\real\realplayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=12.0.1.609] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- c:\program files\real\realplayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=12.0.1.609] - (.RealNetworks, Inc. - RealPlayer HTML5VideoShim Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=12.0.1.609] - (.RealNetworks, Inc. - 12.0.1.609.) -- c:\program files\real\realplayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [@veetle.com/vbp;version=0.9.17] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (.not file.)
M0 - MFSP: prefs.js [azdare - u2881517.default] Google
M2 - MFEP: prefs.js [azdare - u2881517.default\en-GB@dictionaries.addons.mozilla.org] [] British English Dictionary v1.19.1 (..)
M2 - MFEP: prefs.js [azdare - u2881517.default\image-exchange@picscout.com] [] ImageExchange v2.6 (.PicScout.)
M2 - MFEP: prefs.js [azdare - u2881517.default\vshare@toolbar] [] vShare Plugin v1.0.0 (.vShare.)
M2 - MFEP: prefs.js [azdare - u2881517.default\{1280606b-2510-4fe0-97ef-9b5a22eafe30}] [] ç€è¦½é 組管ç†å“¡ v0.7.5 (.Morac.)
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport
R0 - HKUS\S-1-5-21-2189852577-1833391480-1869350370-1000\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-2189852577-1833391480-1869350370-1000\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\system32\ieframe.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\Userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} . (.Kaspersky Lab - IE Virtual Keyboard.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} . (.Kaspersky Lab - WebToolBar component.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [AVP] . (.Kaspersky Lab - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\azdare\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\azdare\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk . (.Spotify Ltd.) -- C:\Program Files\Spotify\spotify.exe
O4 - Global Startup: C:\Users\azdare\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\azdare\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\azdare\Desktop\MBRCheck.lnk . (...) -- C:\Program Files\ZHPDiag\mbrcheck.exe
O4 - Global Startup: C:\Users\azdare\Desktop\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\azdare\Desktop\Musique.lnk . (...) -- E:\Musique
O4 - Global Startup: C:\Users\azdare\Desktop\Nero Express.lnk . (.Nero AG.) -- C:\Program Files\Nero\Nero 7\Core\nero.exe
O4 - Global Startup: C:\Users\azdare\Desktop\Spotify.lnk . (.Spotify Ltd.) -- C:\Program Files\Spotify\spotify.exe
O4 - Global Startup: C:\Users\azdare\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\azdare\Desktop\ZHPDiag.lnk . (.Nicolas Coolman.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe
O4 - Global Startup: C:\Users\azdare\Desktop\ZHPFix.lnk . (.Nicolas Coolman.) -- C:\Program Files\ZHPDiag\ZHPFix.exe
O4 - Global Startup: C:\Users\azdare\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\azdare\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Add to Anti-Banner . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: ????3?? . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: ????3?????? . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kbrd.ico
O9 - Extra button: &Virtual keyboard - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\logo.ico
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1651F906-B6D6-4704-B8BA-FF2DB9A0A50B}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{1651F906-B6D6-4704-B8BA-FF2DB9A0A50B}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{1651F906-B6D6-4704-B8BA-FF2DB9A0A50B}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS3\Services\Tcpip\..\{1651F906-B6D6-4704-B8BA-FF2DB9A0A50B}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{1651F906-B6D6-4704-B8BA-FF2DB9A0A50B}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{1651F906-B6D6-4704-B8BA-FF2DB9A0A50B}: DhcpDomain = lan
O17 - HKLM\System\CS2\Services\Tcpip\..\{1651F906-B6D6-4704-B8BA-FF2DB9A0A50B}: DhcpDomain = lan
O17 - HKLM\System\CS3\Services\Tcpip\..\{1651F906-B6D6-4704-B8BA-FF2DB9A0A50B}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: klogon . (.Kaspersky Lab - Logon Visualizer.) -- C:\Windows\system32\klogon.dll
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Kaspersky Lab - Mozilla 3 Virtual Keyboard.) - C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (AVP) . (.Kaspersky Lab - Kaspersky Anti-Virus.) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (32-bit).) - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: (NMIndexingService) . (.Nero AG - Nero Home.) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (.Pas de propriétaire.) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.)
[MD5.BDEE1AEE61C63AB26A8A4F6B760B7388] [APT] [RealUpgradeLogonTaskS-1-5-21-2189852577-1833391480-1869350370-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
[MD5.BDEE1AEE61C63AB26A8A4F6B760B7388] [APT] [RealUpgradeScheduledTaskS-1-5-21-2189852577-1833391480-1869350370-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kl1) . (.Kaspersky Lab - Kaspersky Unified Driver.) - C:\Windows\System32\DRIVERS\kl1.sys
O41 - Driver: (KLIF) . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_x86].) - C:\Windows\System32\DRIVERS\klif.sys
O41 - Driver: (KLIM6) . (.Kaspersky Lab - Kaspersky Lab Intermediate Network Driver.) - C:\Windows\System32\DRIVERS\klim6.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.4.4 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {853A4763-6643-4604-8D64-28BDD8925F4C}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {CACAEB5F-174D-4C7C-AC56-A33289A807CA}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: BlackBerry® Media Sync - (.Research In Motion.) [HKLM] -- {40A594D0-1490-4979-9382-D2B764F949C6}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {C2E4B5BD-32DB-4817-A060-341AB17C3F90}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CutePDF Writer 2.8 - (.Pas de propriétaire.) [HKLM] -- CutePDF Writer Installation
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Détection de l'application Winamp - (.Nullsoft, Inc.) [HKCU] -- Winamp Detect
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Java 6 Update 24 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216022FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Kaspersky Internet Security 2010 - (.Kaspersky Lab.) [HKLM] -- InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}
O42 - Logiciel: Kaspersky Internet Security 2010 - (.Kaspersky Lab.) [HKLM] -- {9D8B0949-7C47-476F-9F06-F900D3B078EA}
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft Office Excel Viewer - (.Microsoft Corporation.) [HKLM] -- {95120000-003F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word Viewer 2003 - (.Microsoft Corporation.) [HKLM] -- {9085040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft Primary Interoperability Assemblies 2005 - (.Microsoft Corporation.) [HKLM] -- {D24DB8B9-BB6C-4334-9619-BA1C650E13D3}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - KB2467175 - (.Microsoft Corporation.) [HKLM] -- {a0fe116e-9a8a-466f-aee0-625cb7c207e3}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Mozilla Firefox 4.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0.1 (x86 fr)
O42 - Logiciel: Nero 7 Ultra Edition - (.Nero AG.) [HKLM] -- {22FB6750-ADDF-4726-B67F-6901E1991036}
O42 - Logiciel: OGA Notifier 2.0.0048.0 - (.Microsoft Corporation.) [HKLM] -- {B2544A03-10D0-4E5E-BA69-0362FFC20D18}
O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM] -- {05653DE1-6567-40C6-B930-39D399B64369}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}
O42 - Logiciel: RealNetworks - Microsoft Visual C++ 2008 Runtime - (.RealNetworks, Inc.) [HKLM] -- {7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0
O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: Spotify - (.Pas de propriétaire.) [HKLM] -- Spotify
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VLC media player 1.1.7 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729) - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}
O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01
O42 - Logiciel: Winamp - (.Nullsoft, Inc.) [HKLM] -- Winamp
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {61AD15B2-50DB-4686-A739-14FE180D4429}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {09F56A49-A7B1-4AAB-95B9-D13094254AD1}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
O42 - Logiciel: Wireless LAN Driver - (.Generic.) [HKLM] -- {3E789BE5-3DE0-498C-8F74-35010DACA2ED}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {353FE16B-30FE-469A-BF55-B978F4218003}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Acro Software Inc]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AirSnare]
[HKCU\Software\AppDataLow\F-Secure]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Cygnus Solutions]
[HKCU\Software\DVDVIDEOSOFT]
[HKCU\Software\Dataleach]
[HKCU\Software\Digital River]
[HKCU\Software\DivX]
[HKCU\Software\ESET]
[HKCU\Software\F-Secure]
[HKCU\Software\FlashGet Network]
[HKCU\Software\Gabest]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\KasperskyLab]
[HKCU\Software\Lavalys]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Moonlight Cordless]
[HKCU\Software\Mozilla]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Research In Motion]
[HKCU\Software\SiS]
[HKCU\Software\SoftVTU]
[HKCU\Software\Softonic]
[HKCU\Software\Spotify]
[HKCU\Software\SupportSoft]
[HKCU\Software\Synaptics]
[HKCU\Software\VSO]
[HKCU\Software\VideoToMp3]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Winamp]
[HKCU\Software\YahooPartnerToolbar]
[HKLM\Software\Acro Software Inc]
[HKLM\Software\Adobe]
[HKLM\Software\AheadUpdate]
[HKLM\Software\Ahead]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Audible]
[HKLM\Software\CDDB]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cygnus Solutions]
[HKLM\Software\DVDVIDEOSOFT]
[HKLM\Software\DivX]
[HKLM\Software\Eset]
[HKLM\Software\FlashGet Network]
[HKLM\Software\Fujitsu Siemens Computers]
[HKLM\Software\GEAR Software]
[HKLM\Software\GPL Ghostscript]
[HKLM\Software\Generic]
[HKLM\Software\Google]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KasperskyLab]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\Nullsoft]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RealNetworks]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Research in Motion]
[HKLM\Software\RichFX]
[HKLM\Software\SiS]
[HKLM\Software\SupportSoft]
[HKLM\Software\Synaptics]
[HKLM\Software\Thraex Software]
[HKLM\Software\TrendMicro]
[HKLM\Software\VSO]
[HKLM\Software\VideoLAN]
[HKLM\Software\VideoToMp3]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\mozilla.org]
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 08/05/2010 - 14:07:42 - [299589] ----D- C:\Program Files\Acro Software
O43 - CFD: 09/10/2010 - 23:34:00 - [162743158] ----D- C:\Program Files\Adobe
O43 - CFD: 25/12/2010 - 12:10:18 - [2306366] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 21/04/2011 - 22:32:28 - [621125] ----D- C:\Program Files\Bonjour
O43 - CFD: 29/05/2011 - 11:14:02 - [3753504] ----D- C:\Program Files\CCleaner
O43 - CFD: 05/04/2011 - 22:48:36 - [668833465] ----D- C:\Program Files\Common Files
O43 - CFD: 01/10/2010 - 23:10:42 - [487250428] ----D- C:\Program Files\ESET
O43 - CFD: 14/03/2010 - 19:19:50 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 08/05/2010 - 14:09:12 - [8075602] ----D- C:\Program Files\GPLGS
O43 - CFD: 05/10/2010 - 21:00:06 - [2662316] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 06/04/2011 - 23:06:58 - [7385538] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 21/04/2011 - 22:40:04 - [1856627] ----D- C:\Program Files\iPod
O43 - CFD: 21/04/2011 - 22:41:58 - [128144132] ----D- C:\Program Files\iTunes
O43 - CFD: 30/03/2011 - 21:24:02 - [89315928] ----D- C:\Program Files\Java
O43 - CFD: 10/09/2010 - 19:47:14 - [36462291] ----D- C:\Program Files\Kaspersky Lab
O43 - CFD: 05/10/2010 - 20:31:32 - [54] ----D- C:\Program Files\Lavalys
O43 - CFD: 11/07/2010 - 21:26:22 - [0] ----D- C:\Program Files\Lavasoft
O43 - CFD: 21/12/2010 - 20:14:18 - [4941089] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 06/04/2010 - 22:44:50 - [81665294] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 21/04/2011 - 07:23:22 - [38388859] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 17/07/2010 - 13:27:26 - [8167779] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 13/08/2010 - 11:09:04 - [20470054] ----D- C:\Program Files\Movie Maker
O43 - CFD: 01/05/2011 - 23:54:20 - [35190005] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 02/11/2006 - 13:37:42 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 11/05/2010 - 21:04:08 - [172559848] ----D- C:\Program Files\MSECache
O43 - CFD: 13/05/2010 - 23:30:58 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 10/02/2011 - 22:20:08 - [75369906] ----D- C:\Program Files\Nero
O43 - CFD: 21/03/2011 - 23:03:12 - [410434848] ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD: 21/03/2011 - 22:17:04 - [156389901] ----D- C:\Program Files\OpenOffice.org 3.3 (fr) Installation Files
O43 - CFD: 25/12/2010 - 12:12:30 - [76322555] ----D- C:\Program Files\QuickTime
O43 - CFD: 13/11/2010 - 23:25:22 - [91749362] ----D- C:\Program Files\Real
O43 - CFD: 02/11/2006 - 13:37:42 - [38694657] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 05/04/2011 - 22:48:34 - [5997977] ----D- C:\Program Files\Research In Motion
O43 - CFD: 14/03/2010 - 23:05:22 - [4089410] ----D- C:\Program Files\Spotify
O43 - CFD: 21/07/2010 - 19:43:20 - [15544054] ----D- C:\Program Files\Synaptics
O43 - CFD: 05/10/2010 - 21:00:06 - [0] --H-D- C:\Program Files\Temp
O43 - CFD: 24/09/2010 - 19:25:48 - [794562] ----D- C:\Program Files\trend micro
O43 - CFD: 02/11/2006 - 14:01:30 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 18/03/2010 - 19:50:56 - [82388938] ----D- C:\Program Files\VideoLAN
O43 - CFD: 27/03/2011 - 00:03:32 - [32398092] ----D- C:\Program Files\Winamp
O43 - CFD: 27/03/2011 - 00:02:56 - [132284] ----D- C:\Program Files\Winamp Detect
O43 - CFD: 09/07/2010 - 22:26:42 - [1016832] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 09/07/2010 - 22:26:38 - [2737152] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 09/07/2010 - 22:26:30 - [4490624] ----D- C:\Program Files\Windows Defender
O43 - CFD: 09/07/2010 - 22:26:38 - [7084664] ----D- C:\Program Files\Windows Journal
O43 - CFD: 30/03/2011 - 19:51:18 - [97162157] ----D- C:\Program Files\Windows Live
O43 - CFD: 10/05/2011 - 23:48:40 - [9116344] ----D- C:\Program Files\Windows Mail
O43 - CFD: 12/10/2010 - 21:51:12 - [4498121] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 14/03/2010 - 19:19:50 - [7957544] ----D- C:\Program Files\Windows NT
O43 - CFD: 09/07/2010 - 22:26:34 - [8228002] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 11/07/2010 - 23:14:20 - [134144] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 09/07/2010 - 22:26:40 - [6527558] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 20/03/2010 - 16:45:38 - [3887659] ----D- C:\Program Files\WinRAR
O43 - CFD: 05/06/2011 - 00:57:10 - [9831630] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 09/10/2010 - 23:34:48 - [6281214] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 13/02/2011 - 15:23:36 - [89830288] ----D- C:\Program Files\Common Files\Ahead
O43 - CFD: 21/04/2011 - 22:40:04 - [104109595] ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 31/01/2011 - 21:39:50 - [81920] ----D- C:\Program Files\Common Files\Canon
O43 - CFD: 20/06/2010 - 16:55:48 - [4674088] ----D- C:\Program Files\Common Files\DVDVIDEOSOFT
O43 - CFD: 05/10/2010 - 21:00:08 - [614532] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 18/02/2011 - 11:33:36 - [1247175] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 21/10/2010 - 18:19:44 - [275601759] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 27/03/2011 - 00:01:06 - [4780336] ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 13/11/2010 - 23:22:12 - [863] ----D- C:\Program Files\Common Files\Real
O43 - CFD: 05/04/2011 - 22:48:36 - [704206] ----D- C:\Program Files\Common Files\Research In Motion
O43 - CFD: 02/11/2006 - 12:18:34 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 02/11/2006 - 12:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 31/03/2010 - 19:49:24 - [2488320] ----D- C:\Program Files\Common Files\SupportSoft
O43 - CFD: 09/07/2010 - 22:26:34 - [8737810] ----D- C:\Program Files\Common Files\System
O43 - CFD: 17/03/2010 - 20:01:02 - [116558746] ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 21/07/2010 - 22:35:20 - [11665920] ----D- C:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD: 13/11/2010 - 23:25:14 - [352256] ----D- C:\Program Files\Common Files\xing shared
O43 - CFD: 09/10/2010 - 23:34:46 - [763] ----D- C:\ProgramData\Adobe
O43 - CFD: 25/12/2010 - 12:28:28 - [92790583] ----D- C:\ProgramData\Apple
O43 - CFD: 25/12/2010 - 12:16:44 - [67007504] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 02/11/2006 - 14:02:26 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 14/03/2010 - 19:19:50 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 02/11/2006 - 14:02:26 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 14/08/2010 - 23:13:48 - [76588] ----D- C:\ProgramData\DivX
O43 - CFD: 02/11/2006 - 14:02:26 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 04/07/2010 - 20:33:38 - [1211] ----D- C:\ProgramData\F-Secure
O43 - CFD: 14/03/2010 - 19:19:50 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 14:02:26 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 04/06/2011 - 22:49:56 - [443150477] ----D- C:\ProgramData\Kaspersky Lab
O43 - CFD: 10/09/2010 - 19:44:54 - [83065134] ----D- C:\ProgramData\Kaspersky Lab Setup Files
O43 - CFD: 10/09/2010 - 19:04:54 - [72] ----D- C:\ProgramData\Lavasoft
O43 - CFD: 18/07/2010 - 16:19:40 - [14486951] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 14/03/2010 - 19:19:50 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 21/10/2010 - 18:22:50 - [141332737] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 14/03/2010 - 19:19:50 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 13/02/2011 - 15:22:38 - [389742750] ----D- C:\ProgramData\Nero
O43 - CFD: 27/03/2010 - 11:10:46 - [540] ----D- C:\ProgramData\Office Genuine Advantage
O43 - CFD: 17/10/2010 - 17:36:32 - [1341762] ----D- C:\ProgramData\Real
O43 - CFD: 05/04/2011 - 22:48:34 - [911761] ----D- C:\ProgramData\Research In Motion
O43 - CFD: 02/11/2006 - 14:02:26 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 03/05/2010 - 09:45:52 - [224] ----D- C:\ProgramData\Sun
O43 - CFD: 02/11/2006 - 14:02:26 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 24/07/2010 - 22:34:20 - [492] ----D- C:\ProgramData\Vso
O43 - CFD: 09/07/2010 - 11:07:28 - [0] ----D- C:\ProgramData\WindowsSearch
O43 - CFD: 25/12/2010 - 12:18:36 - [541235] ----D- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
O43 - CFD: 21/03/2010 - 23:34:44 - [6251252] ----D- C:\Users\azdare\AppData\Roaming\Adobe
O43 - CFD: 10/02/2011 - 22:32:44 - [133049] ----D- C:\Users\azdare\AppData\Roaming\Ahead
O43 - CFD: 25/12/2010 - 12:29:14 - [1727760363] ----D- C:\Users\azdare\AppData\Roaming\Apple Computer
O43 - CFD: 20/06/2010 - 17:36:42 - [5995] ----D- C:\Users\azdare\AppData\Roaming\BITS
O43 - CFD: 21/07/2010 - 23:05:30 - [199] ----D- C:\Users\azdare\AppData\Roaming\dvdcss
O43 - CFD: 20/06/2010 - 17:31:18 - [9430] ----D- C:\Users\azdare\AppData\Roaming\FlashGet
O43 - CFD: 20/06/2010 - 17:31:08 - [478841] ----D- C:\Users\azdare\AppData\Roaming\FlashGetBHO
O43 - CFD: 14/03/2010 - 19:23:16 - [0] ----D- C:\Users\azdare\AppData\Roaming\Identities
O43 - CFD: 14/03/2010 - 19:25:18 - [0] ----D- C:\Users\azdare\AppData\Roaming\InstallShield
O43 - CFD: 14/03/2010 - 19:29:22 - [487] ----D- C:\Users\azdare\AppData\Roaming\Macromedia
O43 - CFD: 18/07/2010 - 16:20:00 - [35784] ----D- C:\Users\azdare\AppData\Roaming\Malwarebytes
O43 - CFD: 11/05/2010 - 21:11:22 - [143327] -S--D- C:\Users\azdare\AppData\Roaming\Microsoft
O43 - CFD: 14/03/2010 - 19:42:08 - [54724922] ----D- C:\Users\azdare\AppData\Roaming\Mozilla
O43 - CFD: 14/11/2010 - 17:37:56 - [93593] ----D- C:\Users\azdare\AppData\Roaming\Nero
O43 - CFD: 14/11/2010 - 18:00:22 - [2441905] ----D- C:\Users\azdare\AppData\Roaming\OpenOffice.org
O43 - CFD: 13/11/2010 - 23:28:52 - [769474186] ----D- C:\Users\azdare\AppData\Roaming\Real
O43 - CFD: 05/04/2011 - 22:47:46 - [1638885] ----D- C:\Users\azdare\AppData\Roaming\Research in Motion
O43 - CFD: 14/05/2011 - 16:24:28 - [1237415] ----D- C:\Users\azdare\AppData\Roaming\Spotify
O43 - CFD: 07/05/2011 - 19:53:30 - [1038170] ----D- C:\Users\azdare\AppData\Roaming\vlc
O43 - CFD: 17/10/2010 - 17:45:48 - [18182] ----D- C:\Users\azdare\AppData\Roaming\Vso
O43 - CFD: 05/06/2011 - 00:32:48 - [95117] ----D- C:\Users\azdare\AppData\Roaming\Winamp
O43 - CFD: 20/03/2010 - 16:44:56 - [12] ----D- C:\Users\azdare\AppData\Roaming\WinRAR
O43 - CFD: 09/10/2010 - 23:30:44 - [229216] ----D- C:\Users\azdare\Appdata\Local\Adobe
O43 - CFD: 10/02/2011 - 22:31:56 - [106922] ----D- C:\Users\azdare\Appdata\Local\Ahead
O43 - CFD: 25/12/2010 - 12:10:34 - [17837568] ----D- C:\Users\azdare\Appdata\Local\Apple
O43 - CFD: 31/01/2011 - 23:59:14 - [89542434] ----D- C:\Users\azdare\Appdata\Local\Apple Computer
O43 - CFD: 14/03/2010 - 19:23:08 - [0] -SH-D- C:\Users\azdare\Appdata\Local\Application Data
O43 - CFD: 03/06/2011 - 21:24:36 - [0] ----D- C:\Users\azdare\Appdata\Local\CutePDF Writer
O43 - CFD: 05/10/2010 - 21:18:12 - [19456] ----D- C:\Users\azdare\Appdata\Local\eSupport.com
O43 - CFD: 14/03/2010 - 19:23:08 - [0] -SH-D- C:\Users\azdare\Appdata\Local\Historique
O43 - CFD: 21/10/2010 - 22:29:22 - [258268023] ----D- C:\Users\azdare\Appdata\Local\Microsoft
O43 - CFD: 14/03/2010 - 19:42:00 - [46358052] ----D- C:\Users\azdare\Appdata\Local\Mozilla
O43 - CFD: 13/11/2010 - 23:26:52 - [0] ----D- C:\Users\azdare\Appdata\Local\Real
O43 - CFD: 14/05/2011 - 15:29:36 - [1048222214] ----D- C:\Users\azdare\Appdata\Local\Spotify
O43 - CFD: 11/07/2010 - 21:30:24 - [0] ----D- C:\Users\azdare\Appdata\Local\Sunbelt Software
O43 - CFD: 31/03/2010 - 19:49:32 - [1580] ----D- C:\Users\azdare\Appdata\Local\SupportSoft
O43 - CFD: 05/06/2011 - 00:57:24 - [31832] ----D- C:\Users\azdare\Appdata\Local\Temp
O43 - CFD: 14/03/2010 - 19:23:08 - [0] -SH-D- C:\Users\azdare\Appdata\Local\Temporary Internet Files
O43 - CFD: 17/10/2010 - 17:40:38 - [34948] ----D- C:\Users\azdare\Appdata\Local\VirtualStore
O43 - CFD: 03/06/2011 - 21:49:54 - [65536] ----D- C:\Users\azdare\Appdata\Local\Windows Live
O43 - CFD: 09/04/2011 - 12:09:18 - [0] ----D- C:\Users\azdare\Appdata\Local\{10BBD91C-9F4E-4223-A2CF-1BE17FC83EE0}
O43 - CFD: 08/04/2011 - 19:26:44 - [0] ----D- C:\Users\azdare\Appdata\Local\{111027B6-8BCC-45D5-B2FA-11E03E0BA9FD}
O43 - CFD: 03/06/2011 - 21:49:36 - [0] ----D- C:\Users\azdare\Appdata\Local\{1F403660-290D-45CD-A8D8-E75D0869AB21}
O43 - CFD: 16/05/2011 - 18:06:08 - [0] ----D- C:\Users\azdare\Appdata\Local\{32557970-2D6B-4B80-B7C7-2D877B80FD1B}
O43 - CFD: 29/05/2011 - 11:58:48 - [0] ----D- C:\Users\azdare\Appdata\Local\{3B3404AD-D056-4E30-ACA7-8B788EADAD1F}
O43 - CFD: 15/04/2011 - 21:52:24 - [0] ----D- C:\Users\azdare\Appdata\Local\{408DD47B-3004-42FB-8F4F-35A0FDBEEE66}
O43 - CFD: 28/05/2011 - 16:04:46 - [0] ----D- C:\Users\azdare\Appdata\Local\{53161186-4848-428B-B454-D00284FB0127}
O43 - CFD: 01/06/2011 - 18:12:46 - [0] ----D- C:\Users\azdare\Appdata\Local\{5AC86398-546B-4329-A9BC-2C2424781FE0}
O43 - CFD: 01/04/2011 - 19:30:12 - [0] ----D- C:\Users\azdare\Appdata\Local\{952E5CF0-2B8B-45E5-9148-9858B3792FCF}
O43 - CFD: 11/04/2011 - 18:14:48 - [0] ----D- C:\Users\azdare\Appdata\Local\{98902A12-A5C6-4C0C-9D58-24590E50DFE2}
O43 - CFD: 02/06/2011 - 20:07:22 - [0] ----D- C:\Users\azdare\Appdata\Local\{A204D076-B851-481A-9CAD-12488661DABB}
O43 - CFD: 14/04/2011 - 18:53:20 - [0] ----D- C:\Users\azdare\Appdata\Local\{AB05E3E9-004E-4F44-90C3-FAC25555D6CA}
O43 - CFD: 06/05/2011 - 21:26:38 - [0] ----D- C:\Users\azdare\Appdata\Local\{C1AC97A3-6B84-443F-9F4F-FB5F46D1EF99}
O43 - CFD: 25/04/2011 - 20:59:40 - [0] ----D- C:\Users\azdare\Appdata\Local\{D3F2E284-357F-4F88-B789-F16EB96B1D6D}
O43 - CFD: 29/05/2011 - 23:59:32 - [0] ----D- C:\Users\azdare\Appdata\Local\{DCDB0C18-3330-49B6-AFBE-86105AD515F9}
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.2EBD88E0E11F327F2302D10F5F577706] - 04/06/2011 - 23:45:50 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.E16852ED09657A5B7EB9372D11ED8C57] - 04/06/2011 - 21:48:10 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.2DD4ECC07979DBFC956DAA858C3644E9] - 31/05/2011 - 20:46:29 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [404640]
O44 - LFC:[MD5.2DEB2F34AC9C07B8231A88214D86907C] - 25/05/2011 - 21:38:20 ---A- . (...) -- C:\Windows\System32\perfc009.dat [103658]
O44 - LFC:[MD5.372AE0092CB04BCA6B26B8ACCCFF000E] - 25/05/2011 - 21:38:20 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [126248]
O44 - LFC:[MD5.10578F7384AD305AE009788211031EAB] - 25/05/2011 - 21:38:20 ---A- . (...) -- C:\Windows\System32\perfh009.dat [595584]
O44 - LFC:[MD5.67BA415429DBA591DAA310EB79A16802] - 25/05/2011 - 21:38:20 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [678294]
O44 - LFC:[MD5.6A8067EDBE96B565C7D15DF5D3A2AFBD] - 25/05/2011 - 21:38:19 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1495948]
O44 - LFC:[MD5.6307CD66CB3F4C4A13D0FF5995872E1F] - 23/05/2011 - 16:59:34 ---A- . (...) -- C:\Windows\System32\drivers\klin.dat [115369]
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "E:\Mes fichiers reçus\FlashGet\FlashGet3.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- E:\Mes fichiers reçus\FlashGet\FlashGet3.exe (.not file.)
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O53 - SMSR:HKLM\...\startupreg\AppleSyncNotifier [Key] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O53 - SMSR:HKLM\...\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} [Key] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O53 - SMSR:HKLM\...\startupreg\Malwarebytes Anti-Malware (reboot) [Key] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O53 - SMSR:HKLM\...\startupreg\NeroFilterCheck [Key] . (.Nero AG - NeroCheck.) -- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O53 - SMSR:HKLM\...\startupreg\SiSTray [Key] . (...) -- C:\Program Files\SiS VGA Utilities\SiSTray.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O53 - SMSR:HKLM\...\startupreg\SynTPEnh [Key] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O53 - SMSR:HKLM\...\startupreg\TkBellExe [Key] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- c:\program files\real\realplayer\Update\realsched.exe
O53 - SMSR:HKLM\...\startupreg\Windows Defender [Key] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O53 - SMSR:HKLM\...\startupreg\WMPNSCFG [Key] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 09:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [420968]
O58 - SDL:[MD5.B84088CA3CDCA97DA44A984C6CE1CCAD] - 02/11/2006 - 09:51:32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297576]
O58 - SDL:[MD5.7880C67BCCC27C86FD05AA2AFB5EA469] - 02/11/2006 - 09:50:35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [98408]
O58 - SDL:[MD5.9AE713F8E30EFC2ABCCD84904333DF4D] - 02/11/2006 - 09:51:00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [147048]
O58 - SDL:[MD5.496EDA16A127AC9A38BB285BEF17DBB5] - 30/05/2007 - 18:07:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17592]
O58 - SDL:[MD5.5F673180268BB1FDB69C99B6619FE379] - 02/11/2006 - 09:50:09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [67688]
O58 - SDL:[MD5.957F7540B5E7F602E44648C7DE5A1C05] - 02/11/2006 - 09:50:10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [67688]
O58 - SDL:[MD5.2846F5EE802889D500FCF5CC48B28381] - 05/09/2009 - 13:25:36 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athr.sys [1183744]
O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 15/03/2010 - 18:34:18 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [56816]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 08:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 08:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 08:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 08:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 08:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 08:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]
O58 - SDL:[MD5.59172A0724F2AB769F31D61B0571D75B] - 30/05/2007 - 18:07:15 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19128]
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 09:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]
O58 - SDL:[MD5.F88FB26547FD2CE6D0A5AF2985892C48] - 02/11/2006 - 07:30:54 ---A- . (.Intel Corporation - Intel® PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G60I32.sys [117760]
O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 09:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [316520]
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 18/05/2009 - 13:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [26600]
O58 - SDL:[MD5.DF353B401001246853763C4B7AAA6F50] - 02/11/2006 - 09:50:10 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [37480]
O58 - SDL:[MD5.C957BF4B5D80B46C5017BF0101E6C906] - 02/11/2006 - 09:51:25 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [232040]
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 09:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 09:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 09:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]
O58 - SDL:[MD5.222E263CC06E47BDA386FE19B88E8583] - 09/05/2007 - 15:33:00 ---A- . (.JMicron Technology Corp. - JMicron JMB36X RAID Driver.) -- C:\Windows\system32\drivers\jraid.sys [48640]
O58 - SDL:[MD5.CE3958F58547454884E97BDA78CD7040] - 01/09/2009 - 13:29:50 ---A- . (.Kaspersky Lab - Kaspersky Unified Driver.) -- C:\Windows\system32\drivers\kl1.sys [128016]
O58 - SDL:[MD5.53EEDAB3F0511321AC3AE8BC968B158C] - 14/10/2009 - 19:18:34 ---A- . (.Kaspersky Lab - Kaspersky Lab Boot Guard Driver.) -- C:\Windows\system32\drivers\klbg.sys [36880]
O58 - SDL:[MD5.DE6C14FB8438EF932D9F58F269A19B85] - 10/09/2010 - 18:46:41 ---A- . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_x86].) -- C:\Windows\system32\drivers\klif.sys [311312]
O58 - SDL:[MD5.00D1A61B38982EF12F0CBBFE98648F83] - 03/11/2009 - 15:33:40 ---A- . (.Kaspersky Lab - Kaspersky Lab Intermediate Network Driver.) -- C:\Windows\system32\drivers\klim6.sys [21520]
O58 - SDL:[MD5.AA63A815876A76987B5DBCE6AF7478E9] - 02/10/2009 - 17:39:36 ---A- . (.Kaspersky Lab - KLMOUFLT Mouse Device Filter [fre_wlh_x86].) -- C:\Windows\system32\drivers\klmouflt.sys [19472]
O58 - SDL:[MD5.A2262FB9F28935E862B4DB46438C80D2] - 02/11/2006 - 09:50:04 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [65640]
O58 - SDL:[MD5.30D73327D390F72A62F32C103DAF1D6D] - 02/11/2006 - 09:50:05 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [65640]
O58 - SDL:[MD5.E1E36FEFD45849A95F1AB81DE0159FE3] - 02/11/2006 - 09:50:10 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [65640]
O58 - SDL:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 20/12/2010 - 18:08:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [20952]
O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 20/12/2010 - 18:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [38224]
O58 - SDL:[MD5.D153B14FC6598EAE8422A2037553ADCE] - 02/11/2006 - 09:49:53 ---A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [28776]
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 09:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 09:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 07:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]
O58 - SDL:[MD5.6F785DB62A6D8F3FAFD3E5695277E849] - 05/01/2007 - 20:59:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [86096]
O58 - SDL:[MD5.4A5FCAB82D9BF6AF8A023A66802FE9E9] - 05/01/2007 - 20:59:42 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [35920]
O58 - SDL:[MD5.5B6C11DE7E839C05248CED8825470FEF] - 24/07/2010 - 20:59:10 ---A- . (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Windows\system32\drivers\pcouffin.sys [47360]
O58 - SDL:[MD5.CCDAC889326317792480C0A67156A1EC] - 02/11/2006 - 09:51:45 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [900712]
O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 09:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]
O58 - SDL:[MD5.F17713D108ACA124A139FDE877EEF68A] - 20/05/2008 - 17:33:50 ---A- . (.Research In Motion Limited - BlackBerry Device Driver.) -- C:\Windows\system32\drivers\RimUsb.sys [22784]
O58 - SDL:[MD5.4019149E4E296072831C8855605D9FDC] - 27/03/2010 - 15:41:46 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\Windows\system32\drivers\SBREDrv.sys [95024]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 06:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.C735CBBBC26C1D33C6D7AEB2AA65A52A] - 23/04/2008 - 10:21:08 ---A- . (.Silicon Integrated Systems Corporation - SiS AGPv3.5 Filter.) -- C:\Windows\system32\drivers\SISAGPX.SYS [58416]
O58 - SDL:[MD5.CEDD6F4E7D84E9F98B34B3FE988373AA] - 02/11/2006 - 09:50:10 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [38504]
O58 - SDL:[MD5.DF843C528C4F69D12CE41CE462E973A7] - 02/11/2006 - 09:50:16 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [71784]
O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 09:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]
O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 09:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]
O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 09:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]
O58 - SDL:[MD5.70534D1E4F9AC990536D5FB5B550B3DE] - 14/08/2008 - 09:40:40 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [203312]
O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 09:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [235112]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 09:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 09:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.D4FB6ECC60A428564BA8768B0E23C0FC] - 18/02/2011 - 16:36:58 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl.sys [41984]
O58 - SDL:[MD5.524D8D450622DB4A7875B111C299A76B] - 02/01/2011 - 16:58:01 ---A- . (.Pas de propriétaire - AVZ Driver.) -- C:\Windows\system32\drivers\utiwnzq2.sys [7168]
O58 - SDL:[MD5.7AA7EC9A08DC2C39649C413B1A26E298] - 30/05/2007 - 18:07:15 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20152]
O58 - SDL:[MD5.D984439746D42B30FC65A4C3546C6829] - 02/11/2006 - 09:50:41 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\system32\drivers\vsmraid.sys [112232]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 07:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 07:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 07:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 07:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 07:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 07:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 07:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 07:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 07:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 07:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 07:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 07:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 07:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 07:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 07:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - (.not file.) - 20901201 (20901201) .(...) - LEGACY_20901201
O64 - Services: CurCS - (.not file.) - 20901202 Boot Guard Driver (20901202) .(...) - LEGACY_20901202
O64 - Services: CurCS - C:\Windows\system32\Drivers\AVGNTFLT.sys - avgntflt (avgntflt) .(...) - LEGACY_AVGNTFLT
O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(...) - LEGACY_BEEP
O64 - Services: CurCS - (.not file.) - DrvAgent32 (DrvAgent32) .(...) - LEGACY_DRVAGENT32
O64 - Services: CurCS - (.not file.) - F-Secure Standalone Minifilter (F-Secure Standalone Minifilter) .(...) - LEGACY_F-SECURE_STANDALONE_MINIFILTER
O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(...) - LEGACY_FASTFAT
O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC
O64 - Services: CurCS - 01/09/2009 - C:\Windows\System32\DRIVERS\kl1.sys - kl1(kl1) .(.Kaspersky Lab - Kaspersky Unified Driver.) - LEGACY_KL1
O64 - Services: CurCS - 14/10/2009 - C:\Windows\System32\drivers\klbg.sys - Kaspersky Lab Boot Guard Driver(klbg) .(.Kaspersky Lab - Kaspersky Lab Boot Guard Driver.) - LEGACY_KLBG
O64 - Services: CurCS - 10/09/2010 - C:\Windows\System32\DRIVERS\klif.sys - Kaspersky Lab Driver(KLIF) .(.Kaspersky Lab - Klif Mini-Filter [fre_wlh_x86].) - LEGACY_KLIF
O64 - Services: CurCS - 03/11/2009 - C:\Windows\System32\DRIVERS\klim6.sys - Kaspersky Anti-Virus NDIS 6 Filter(KLIM6) .(.Kaspersky Lab - Kaspersky Lab Intermediate Network Driver.) - LEGACY_KLIM6
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\Lbd.sys (.not file.) - Lbd (Lbd) .(...) - LEGACY_LBD
O64 - Services: CurCS - C:\Users\azdare\AppData\Local\Temp\mbr.sys (.not file.) - mbr (mbr) .(...) - LEGACY_MBR
O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY
O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(...) - LEGACY_NTFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL
O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(...) - LEGACY_SECDRV
O64 - Services: CurCS - (.not file.) - setup_9.0.0.722_02.10.2010_14-31drv (setup_9.0.0.722_02.10.2010_14-31drv) .(...) - LEGACY_SETUP_9.0.0.722_02.10.2010_14-31DRV
O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (Bing) - Bing
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - Bing
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.254FBCA565E049648B0CCE2CEADF05D2] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\azdare\AppData\Roaming\inst.exe [87608]
[MD5.5B6C11DE7E839C05248CED8825470FEF] [sPRF] (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Users\azdare\AppData\Roaming\pcouffin.sys [47360]
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "SLSVC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\slsvc.exe
O87 - FAEL: "SLSVC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\slsvc.exe
O87 - FAEL: "WinCollab-DFSR-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "WinCollab-DFSR-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "WinCollab-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "TCP Query User{071AB4AD-4BD4-4C49-91CC-F2F66C483F89}C:\program files\spotify\spotify.exe" | In - Public - P6 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\program files\spotify\spotify.exe
O87 - FAEL: "UDP Query User{7312E921-F826-4EB9-8FBD-6144C0814A8A}C:\program files\spotify\spotify.exe" | In - Public - P17 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\program files\spotify\spotify.exe
O87 - FAEL: "TCP Query User{C26B9D6F-7B12-4A29-A795-CAE43A4D7A0F}C:\program files\internet explorer\iexplore.exe" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files\internet explorer\iexplore.exe
O87 - FAEL: "UDP Query User{A2546927-67E1-4116-90AA-0ADF4D673394}C:\program files\internet explorer\iexplore.exe" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files\internet explorer\iexplore.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus de l’autorité de sécurité locale.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "{ED13C80F-4862-46CD-AA37-07532443EAA3}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O87 - FAEL: "TCP Query User{DCB2EACD-2191-416C-8F28-64062AA3CAB3}C:\program files\spotify\spotify.exe" | In - Private - P6 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\program files\spotify\spotify.exe
O87 - FAEL: "UDP Query User{A552FBAA-8EC9-45F0-ACEA-E5360BD77317}C:\program files\spotify\spotify.exe" | In - Private - P17 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\program files\spotify\spotify.exe
O87 - FAEL: "TCP Query User{78FC08B1-8695-4144-98A8-87B113321E3E}C:\program files\mozilla firefox\firefox.exe" | In - Private - P6 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe
O87 - FAEL: "UDP Query User{2BC5DC51-3A9E-41EA-872D-7B9E27B84B02}C:\program files\mozilla firefox\firefox.exe" | In - Private - P17 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe
O87 - FAEL: "TCP Query User{E4A7AD8C-E930-42DB-934D-CE340CFD67D0}C:\program files\mozilla firefox\firefox.exe" | In - Public - P6 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe
O87 - FAEL: "UDP Query User{84687092-6BD3-49E8-9B1A-A01E8224DB56}C:\program files\mozilla firefox\firefox.exe" | In - Public - P17 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe
O87 - FAEL: "TCP Query User{CA645644-8B05-4C78-A13B-4B92C31A9D43}C:\program files\real\realplayer\realplay.exe" | In - Private - P6 - TRUE | .(.RealNetworks, Inc. - RealPlayer.) -- C:\program files\real\realplayer\realplay.exe
O87 - FAEL: "UDP Query User{B78AFAB4-536F-479B-AF8E-209A17A54CEE}C:\program files\real\realplayer\realplay.exe" | In - Private - P17 - TRUE | .(.RealNetworks, Inc. - RealPlayer.) -- C:\program files\real\realplayer\realplay.exe
O87 - FAEL: "TCP Query User{3FE62662-AC81-4364-B219-0D9BCE170550}C:\program files\java\jre6\bin\javaw.exe" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\program files\java\jre6\bin\javaw.exe
O87 - FAEL: "UDP Query User{F7715B82-8566-47D4-9303-0DDC180D65D5}C:\program files\java\jre6\bin\javaw.exe" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\program files\java\jre6\bin\javaw.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "{1A7E82A5-1177-48B6-8A72-A79D3F286F78}" | In - Private - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "{751F37D7-40C2-46A9-BC49-D62C9588F32B}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{CC6EC8E2-98E6-4A66-A42F-F981367244C0}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{1DF79D9B-C7F5-45DC-8D46-0FFB2A0F5ACC}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 18/02/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 10/09/2010 340520 | (AVP) . (.Kaspersky Lab.) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
SR - | Auto 06/04/2011 349472 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Demand 14/04/2011 820520 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 22/01/2008 275752 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
SR - | Auto 18/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover
Run by azdare at 05/06/2011 00:58:45
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys ndis.sys athr.sys rdbss.sys tcpip.sys NETIO.SYS USBPORT.SYS usbehci.sys usbohci.sys
C:\Windows\system32\DRIVERS\athr.sys Atheros Communications, Inc. Driver for Atheros CB42/CB43/MB42/MB43 Network Adapter
1 ntkrnlpa!IofCallDriver[0x82C5F912] -> \Device\Harddisk0\DR0[0x85723528]
3 CLASSPNP[0x83FD18B3] -> ntkrnlpa!IofCallDriver[0x82C5F912] -> [0x85510538]
5 acpi[0x806956BC] -> ntkrnlpa!IofCallDriver[0x82C5F912] -> \Device\Ide\IdeDeviceP1T0L0-1[0x855106C0]
kernel: MBR read successfully
user & kernel MBR OK
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by azdare at 05/06/2011 00:58:47
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
---\\ Liste des émulateurs de CD/DVD (Hook du MBR)
O58 - SDL:[MD5.5B6C11DE7E839C05248CED8825470FEF] - 24/07/2010 - 20:59:10 ---A- . (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Windows\system32\drivers\pcouffin.sys [47360]
End of the scan (974 lines in 01mn 49s)(0)
-
merci pour ta reponse! tout est a jour bizarement, tout a ete fait mais je pense que c'est un probleme de avira
-
ca dit rien à personne ce problème?? Merci
-
Salut les amis,
Mon probleme est le scan avec avira il bug tous le temps au meme endroit cad 42.5% j'ai fait un scan avec malwarebytes anti malware, pas de soucis j'ai controler mon rapport HIjack avec ZHP RAS, alors jai fais le scan antivirus Avira en mode sans echec RAS voici le rapport ci dessous:
si quelqun a eu deja ce probleme pourriez vous maider svp! merci davance
Avira AntiVir Personal
Date de création du fichier de rapport : jeudi 10 décembre 2009 18:24
La recherche porte sur 1429599 souches de virus.
Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus
Numéro de série : 0000149996-ADJIE-0000001
Plateforme : Windows Vista
Version de Windows : (Service Pack 2) [6.0.6002]
Mode Boot : Mode sans échec
Identifiant : azdare
Nom de l'ordinateur : PC-DE-AZDARE
Informations de version :
BUILD.DAT : 9.0.0.74 21698 Bytes 04/12/2009 13:56:00
AVSCAN.EXE : 9.0.3.10 466689 Bytes 25/11/2009 19:31:47
AVSCAN.DLL : 9.0.3.0 49409 Bytes 03/03/2009 10:21:02
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 11:35:11
LUKERES.DLL : 9.0.2.0 13569 Bytes 03/03/2009 10:21:31
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 19:31:40
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 19:31:41
VBASE002.VDF : 7.10.1.1 2048 Bytes 19/11/2009 19:31:41
VBASE003.VDF : 7.10.1.2 2048 Bytes 19/11/2009 19:31:41
VBASE004.VDF : 7.10.1.3 2048 Bytes 19/11/2009 19:31:41
VBASE005.VDF : 7.10.1.4 2048 Bytes 19/11/2009 19:31:42
VBASE006.VDF : 7.10.1.5 2048 Bytes 19/11/2009 19:31:42
VBASE007.VDF : 7.10.1.6 2048 Bytes 19/11/2009 19:31:42
VBASE008.VDF : 7.10.1.7 2048 Bytes 19/11/2009 19:31:42
VBASE009.VDF : 7.10.1.8 2048 Bytes 19/11/2009 19:31:42
VBASE010.VDF : 7.10.1.9 2048 Bytes 19/11/2009 19:31:42
VBASE011.VDF : 7.10.1.10 2048 Bytes 19/11/2009 19:31:42
VBASE012.VDF : 7.10.1.11 2048 Bytes 19/11/2009 19:31:42
VBASE013.VDF : 7.10.1.79 209920 Bytes 25/11/2009 19:31:43
VBASE014.VDF : 7.10.1.128 197632 Bytes 30/11/2009 19:29:44
VBASE015.VDF : 7.10.1.178 195584 Bytes 07/12/2009 19:30:36
VBASE016.VDF : 7.10.1.179 2048 Bytes 07/12/2009 19:30:36
VBASE017.VDF : 7.10.1.180 2048 Bytes 07/12/2009 19:30:37
VBASE018.VDF : 7.10.1.181 2048 Bytes 07/12/2009 19:30:37
VBASE019.VDF : 7.10.1.182 2048 Bytes 07/12/2009 19:30:37
VBASE020.VDF : 7.10.1.183 2048 Bytes 07/12/2009 19:30:37
VBASE021.VDF : 7.10.1.184 2048 Bytes 07/12/2009 19:30:37
VBASE022.VDF : 7.10.1.185 2048 Bytes 07/12/2009 19:30:37
VBASE023.VDF : 7.10.1.186 2048 Bytes 07/12/2009 19:30:37
VBASE024.VDF : 7.10.1.187 2048 Bytes 07/12/2009 19:30:37
VBASE025.VDF : 7.10.1.188 2048 Bytes 07/12/2009 19:30:37
VBASE026.VDF : 7.10.1.189 2048 Bytes 07/12/2009 19:30:37
VBASE027.VDF : 7.10.1.190 2048 Bytes 07/12/2009 19:30:37
VBASE028.VDF : 7.10.1.191 2048 Bytes 07/12/2009 19:30:37
VBASE029.VDF : 7.10.1.192 2048 Bytes 07/12/2009 19:30:37
VBASE030.VDF : 7.10.1.193 2048 Bytes 07/12/2009 19:30:38
VBASE031.VDF : 7.10.1.212 127488 Bytes 10/12/2009 17:26:52
Version du moteur : 8.2.1.108
AEVDF.DLL : 8.1.1.2 106867 Bytes 15/09/2009 20:40:02
AESCRIPT.DLL : 8.1.3.2 582010 Bytes 10/12/2009 17:26:56
AESCN.DLL : 8.1.3.0 127348 Bytes 10/12/2009 17:26:53
AESBX.DLL : 8.1.1.1 246132 Bytes 25/11/2009 19:31:46
AERDL.DLL : 8.1.3.4 479605 Bytes 01/12/2009 19:29:46
AEPACK.DLL : 8.2.0.3 422261 Bytes 05/11/2009 21:30:00
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 23/06/2009 18:08:58
AEHEUR.DLL : 8.1.0.186 2183544 Bytes 07/12/2009 19:30:43
AEHELP.DLL : 8.1.8.0 237942 Bytes 07/12/2009 19:30:40
AEGEN.DLL : 8.1.1.80 364917 Bytes 07/12/2009 19:30:39
AEEMU.DLL : 8.1.1.0 393587 Bytes 03/10/2009 21:01:05
AECORE.DLL : 8.1.9.1 180598 Bytes 10/12/2009 17:26:53
AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 14:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 08:47:30
AVPREF.DLL : 9.0.3.0 44289 Bytes 26/09/2009 20:41:18
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 14:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 07/11/2008 15:24:42
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 15:05:22
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 10:36:37
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 15:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 08:20:57
NETNT.DLL : 9.0.0.0 11521 Bytes 07/11/2008 15:40:59
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 13/07/2009 21:15:46
RCTEXT.DLL : 9.0.73.0 88321 Bytes 25/11/2009 19:31:35
Configuration pour la recherche actuelle :
Nom de la tâche...............................: Contrôle intégral du système
Fichier de configuration......................: c:\program files\avira\antivir desktop\sysscan.avp
Documentation.................................: bas
Action principale.............................: interactif
Action secondaire.............................: ignorer
Recherche sur les secteurs d'amorçage maître..: marche
Recherche sur les secteurs d'amorçage.........: marche
Secteurs d'amorçage...........................: C:,
Recherche dans les programmes actifs..........: marche
Recherche en cours sur l'enregistrement.......: marche
Recherche de Rootkits.........................: marche
Contrôle d'intégrité de fichiers système......: arrêt
Fichier mode de recherche.....................: Tous les fichiers
Recherche sur les archives....................: marche
Limiter la profondeur de récursivité..........: 20
Archive Smart Extensions......................: marche
Heuristique de macrovirus.....................: marche
Heuristique fichier...........................: moyen
Début de la recherche : jeudi 10 décembre 2009 18:24
La recherche d'objets cachés commence.
Impossible d'initialiser le pilote.
La recherche sur les processus démarrés commence :
Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lsm.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wininit.exe' - '1' module(s) sont contrôlés
Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
'17' processus ont été contrôlés avec '17' modules
La recherche sur les secteurs d'amorçage maître commence :
Secteur d'amorçage maître HD0
[iNFO] Aucun virus trouvé !
La recherche sur les secteurs d'amorçage commence :
Secteur d'amorçage 'C:\'
[iNFO] Aucun virus trouvé !
La recherche sur les renvois aux fichiers exécutables (registre) commence :
Le registre a été contrôlé ( '37' fichiers).
La recherche sur les fichiers sélectionnés commence :
Recherche débutant dans 'C:\'
C:\pagefile.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
[REMARQUE] Ce fichier est un fichier système Windows.
[REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.
Fin de la recherche : jeudi 10 décembre 2009 19:31
Temps nécessaire: 1:06:48 Heure(s)
La recherche a été effectuée intégralement
22183 Les répertoires ont été contrôlés
254099 Des fichiers ont été contrôlés
0 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
0 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
0 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
1 Impossible de contrôler des fichiers
254098 Fichiers non infectés
1450 Les archives ont été contrôlées
1 Avertissements
1 Consignes
-
personne pour m'aider je pense que vous n'avez pas compris ce que je veux??
-
Bonjour à tous,
Je viens d'installer real player 11 par sécurité parce que j'utilisais le realpayer 9 pour écouter la radio car fenêtre plus petite et discrète mais sur le 11 la fenêtre est super large impossible de la réduire si vous avez une astuce svp je serais ravis
.Merci.
-
Bonjour Gof,
Tout dabord merci d'avoir repondu! En faite c'est une amie qui m'a demande de verifier son ordi portable je n'ai rien trouver de speciale j'ai scanner avec le web scanner de kaspersky RAS, ensuite avec Avira idem j'ai fait des recherches avec malwarebytes antimalware RAS donc pour l'a rassurer je me suis dis pour etre sure je vais faire un rapport Hijackthis donc si tu me dis que c'est ok
c'est genial! Merci beaucoup en tous cas!ps: excuse pour les accents j'ai un clavier anglais
-
Salut la communaute,
Pourriez vous s'il vous plait analyser le rapport ci dessous: merci!!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:09:21, on 01/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RegCleaner\RegCleanr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\RegCleaner\RegCleanr.exe
C:\Documents and Settings\Giuseppina\Desktop\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
--
End of file - 9466 bytes
-
cool merci tu es un boss!!!
-
Bonjour,
J`ai desinstalle Antivir Avira le week end dernier, merci de l`astcuce. Entre parenthese je trouve Mc afee trop lourd au demarrage.
-
Bonsoir,
Apparemment c`est nikel pour mon pc je t`en remercie infiniment
t, sinon j`ai un petit logo de windows qui me dit programmes de demarages bloques je ne sais pas si cela a un rapport avec ce qu`on a fait? -
Salut Le Sioux voici le rapport d'OTMoveIt Merci!!!!
C:\Users\azdare\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000372 moved successfully.
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09082008_173045
-
Salut Le Sioux Voici ci dessous le rapport kaspersky
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Monday, September 08, 2008 12:09:21 AM
Système d'exploitation : Professional, (Build 6000)
Kaspersky On-line Scanner version : 5.0.84.2
Dernière mise à jour de la base antivirus Kaspersky : 7/09/2008
Enregistrements dans la base antivirus Kaspersky : 1072091
-------------------------------------------------------------------------------
Paramètres d'analyse:
Analyser avec la base antivirus suivante: standard
Analyser les archives: vrai
Analyser les bases de messagerie: vrai
Cible de l'analyse - Poste de travail:
C:\
D:\
Statistiques de l'analyse:
Total d'objets analysés: 72974
Nombre de virus trouvés: 1
Nombre d'objets infectés: 1 / 0
Nombre d'objets suspects: 0
Durée de l'analyse: 02:03:05
Nom de l'objet infecté / Nom du virus / Dernière action
C:\Boot\BCD L'objet est verrouillé ignoré
C:\Boot\BCD.LOG L'objet est verrouillé ignoré
C:\NTDETECT.COM L'objet est verrouillé ignoré
C:\ntldr L'objet est verrouillé ignoré
C:\ProgramData\McAfee\EasyNet\MHNData L'objet est verrouillé ignoré
C:\ProgramData\McAfee\MNA\NAData L'objet est verrouillé ignoré
C:\ProgramData\McAfee\MNM\NDData L'objet est verrouillé ignoré
C:\ProgramData\McAfee\MPF\data\log.edb L'objet est verrouillé ignoré
C:\ProgramData\McAfee\MPS\mpspii.dat L'objet est verrouillé ignoré
C:\ProgramData\McAfee\MSC\Logs\{1A79916F-AF14-4EE4-AD29-7DD7818F5281}.log L'objet est verrouillé ignoré
C:\ProgramData\McAfee\MSC\Logs\{F78A1DB5-A22F-423D-B014-A975C01B2D43}.log L'objet est verrouillé ignoré
C:\ProgramData\McAfee\MSC\McUsers.dat L'objet est verrouillé ignoré
C:\ProgramData\McAfee\MSK\MSKWMDB.dat L'objet est verrouillé ignoré
C:\ProgramData\McAfee\MSK\settingsdb.dat L'objet est verrouillé ignoré
C:\ProgramData\McAfee\VirusScan\Data\TFR231.tmp L'objet est verrouillé ignoré
C:\ProgramData\McAfee\VirusScan\Logs\OAS.Log L'objet est verrouillé ignoré
C:\Users\All Users\McAfee\EasyNet\MHNData L'objet est verrouillé ignoré
C:\Users\All Users\McAfee\MNA\NAData L'objet est verrouillé ignoré
C:\Users\All Users\McAfee\MNM\NDData L'objet est verrouillé ignoré
C:\Users\All Users\McAfee\MPF\data\log.edb L'objet est verrouillé ignoré
C:\Users\All Users\McAfee\MPS\mpspii.dat L'objet est verrouillé ignoré
C:\Users\All Users\McAfee\MSC\Logs\{1A79916F-AF14-4EE4-AD29-7DD7818F5281}.log L'objet est verrouillé ignoré
C:\Users\All Users\McAfee\MSC\Logs\{F78A1DB5-A22F-423D-B014-A975C01B2D43}.log L'objet est verrouillé ignoré
C:\Users\All Users\McAfee\MSC\McUsers.dat L'objet est verrouillé ignoré
C:\Users\All Users\McAfee\MSK\MSKWMDB.dat L'objet est verrouillé ignoré
C:\Users\All Users\McAfee\MSK\settingsdb.dat L'objet est verrouillé ignoré
C:\Users\All Users\McAfee\VirusScan\Data\TFR231.tmp L'objet est verrouillé ignoré
C:\Users\All Users\McAfee\VirusScan\Logs\OAS.Log L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000372 Infecté : Backdoor.Win32.Small.fwl ignoré
C:\Users\azdare\AppData\Local\Microsoft\Feeds Cache\index.dat L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012008090720080908\index.dat L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Local\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Local\Microsoft\Windows\UsrClass.dat{a493e78c-a034-11dc-a036-95566961b951}.TM.blf L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Local\Microsoft\Windows\UsrClass.dat{a493e78c-a034-11dc-a036-95566961b951}.TMContainer00000000000000000001.regtrans-ms L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Local\Microsoft\Windows\UsrClass.dat{a493e78c-a034-11dc-a036-95566961b951}.TMContainer00000000000000000002.regtrans-ms L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Local\Mozilla\Firefox\Profiles\c2110aqy.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Local\Mozilla\Firefox\Profiles\c2110aqy.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Local\Mozilla\Firefox\Profiles\c2110aqy.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Local\Mozilla\Firefox\Profiles\c2110aqy.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Local\Mozilla\Firefox\Profiles\c2110aqy.default\urlclassifier3.sqlite L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Local\RayV\support.1.log L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Local\Temp\etilqs_JGnBTOqwflWEsQrLwBV6 L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Local\Temp\FXSAPIDebugLogFile.txt L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Local\Temp\~DF8A73.tmp L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Local\Temp\~DF8A7E.tmp L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Roaming\Microsoft\Windows\Cookies\index.dat L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Roaming\Mozilla\Firefox\Profiles\c2110aqy.default\cert8.db L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Roaming\Mozilla\Firefox\Profiles\c2110aqy.default\content-prefs.sqlite L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Roaming\Mozilla\Firefox\Profiles\c2110aqy.default\cookies.sqlite L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Roaming\Mozilla\Firefox\Profiles\c2110aqy.default\downloads.sqlite L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Roaming\Mozilla\Firefox\Profiles\c2110aqy.default\formhistory.sqlite L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Roaming\Mozilla\Firefox\Profiles\c2110aqy.default\key3.db L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Roaming\Mozilla\Firefox\Profiles\c2110aqy.default\parent.lock L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Roaming\Mozilla\Firefox\Profiles\c2110aqy.default\permissions.sqlite L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Roaming\Mozilla\Firefox\Profiles\c2110aqy.default\places.sqlite L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Roaming\Mozilla\Firefox\Profiles\c2110aqy.default\places.sqlite-journal L'objet est verrouillé ignoré
C:\Users\azdare\AppData\Roaming\Mozilla\Firefox\Profiles\c2110aqy.default\search.sqlite L'objet est verrouillé ignoré
C:\Users\azdare\NTUSER.DAT L'objet est verrouillé ignoré
C:\Users\azdare\ntuser.dat.LOG1 L'objet est verrouillé ignoré
C:\Users\azdare\ntuser.dat.LOG2 L'objet est verrouillé ignoré
C:\Users\azdare\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TM.blf L'objet est verrouillé ignoré
C:\Users\azdare\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000001.regtrans-ms L'objet est verrouillé ignoré
C:\Users\azdare\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000002.regtrans-ms L'objet est verrouillé ignoré
C:\Windows\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\Windows\Debug\sam.log L'objet est verrouillé ignoré
C:\Windows\Debug\WIA\wiatrace.log L'objet est verrouillé ignoré
C:\Windows\Logs\CBS\CBS.log L'objet est verrouillé ignoré
C:\Windows\Logs\CBS\CBS.persist.log L'objet est verrouillé ignoré
C:\Windows\Logs\DPX\setupact.log L'objet est verrouillé ignoré
C:\Windows\Logs\DPX\setuperr.log L'objet est verrouillé ignoré
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe.config L'objet est verrouillé ignoré
C:\Windows\PANTHER\UnattendGC\diagerr.xml L'objet est verrouillé ignoré
C:\Windows\PANTHER\UnattendGC\diagwrn.xml L'objet est verrouillé ignoré
C:\Windows\PANTHER\UnattendGC\setupact.log L'objet est verrouillé ignoré
C:\Windows\PANTHER\UnattendGC\setuperr.log L'objet est verrouillé ignoré
C:\Windows\security\database\secedit.sdb L'objet est verrouillé ignoré
C:\Windows\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 L'objet est verrouillé ignoré
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 L'objet est verrouillé ignoré
C:\Windows\System32\catroot2\edb.log L'objet est verrouillé ignoré
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb L'objet est verrouillé ignoré
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb L'objet est verrouillé ignoré
C:\Windows\System32\config\COMPONENTS L'objet est verrouillé ignoré
C:\Windows\System32\config\COMPONENTS.LOG1 L'objet est verrouillé ignoré
C:\Windows\System32\config\COMPONENTS.LOG2 L'objet est verrouillé ignoré
C:\Windows\System32\config\DEFAULT L'objet est verrouillé ignoré
C:\Windows\System32\config\DEFAULT.LOG1 L'objet est verrouillé ignoré
C:\Windows\System32\config\DEFAULT.LOG2 L'objet est verrouillé ignoré
C:\Windows\System32\config\SAM L'objet est verrouillé ignoré
C:\Windows\System32\config\SAM.LOG1 L'objet est verrouillé ignoré
C:\Windows\System32\config\SAM.LOG2 L'objet est verrouillé ignoré
C:\Windows\System32\config\SECURITY L'objet est verrouillé ignoré
C:\Windows\System32\config\SECURITY.LOG1 L'objet est verrouillé ignoré
C:\Windows\System32\config\SECURITY.LOG2 L'objet est verrouillé ignoré
C:\Windows\System32\config\SOFTWARE L'objet est verrouillé ignoré
C:\Windows\System32\config\SOFTWARE.LOG1 L'objet est verrouillé ignoré
C:\Windows\System32\config\SOFTWARE.LOG2 L'objet est verrouillé ignoré
C:\Windows\System32\config\SYSTEM L'objet est verrouillé ignoré
C:\Windows\System32\config\SYSTEM.LOG1 L'objet est verrouillé ignoré
C:\Windows\System32\config\SYSTEM.LOG2 L'objet est verrouillé ignoré
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TM.blf L'objet est verrouillé ignoré
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000001.regtrans-ms L'objet est verrouillé ignoré
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000002.regtrans-ms L'objet est verrouillé ignoré
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000003.regtrans-ms L'objet est verrouillé ignoré
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000004.regtrans-ms L'objet est verrouillé ignoré
C:\Windows\System32\LogFiles\Scm\SCM.EVM L'objet est verrouillé ignoré
C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl L'objet est verrouillé ignoré
C:\Windows\System32\restore\MachineGuid.txt L'objet est verrouillé ignoré
C:\Windows\System32\spool\SpoolerETW.etl L'objet est verrouillé ignoré
C:\Windows\System32\wbem\AutoRecover\3460B7617E0429A960E481B197F238A3.mof L'objet est verrouillé ignoré
C:\Windows\System32\wbem\AutoRecover\43A7EEE279F15546EE900076CA8CC2C8.mof L'objet est verrouillé ignoré
C:\Windows\System32\wbem\AutoRecover\95CF8C2673B156E93407C44DA1171F14.mof L'objet est verrouillé ignoré
C:\Windows\System32\wbem\AutoRecover\E478A5DB75C9721E744C05D78DBACFD3.mof L'objet est verrouillé ignoré
C:\Windows\System32\wbem\Logs\WMITracing.log L'objet est verrouillé ignoré
C:\Windows\System32\wbem\Repository\INDEX.BTR L'objet est verrouillé ignoré
C:\Windows\System32\wbem\Repository\MAPPING1.MAP L'objet est verrouillé ignoré
C:\Windows\System32\wbem\Repository\MAPPING2.MAP L'objet est verrouillé ignoré
C:\Windows\System32\wbem\Repository\OBJECTS.DATA L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Application.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\DFS Replication.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\HardwareEvents.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Internet Explorer.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Key Management Service.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-PLA%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Networking%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnosticDataCollector%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-MemoryDiagnostics-Results%4Debug.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-MUI%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Program-Compatibility-Assistant%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Leak-Diagnostic%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RestartManager%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC-FileVirtualization%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WLAN-AutoConfig%4Operational.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\ODiag.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\OSession.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Security.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\Setup.evtx L'objet est verrouillé ignoré
C:\Windows\System32\winevt\Logs\System.evtx L'objet est verrouillé ignoré
C:\Windows\Tasks\Maintenance en 1 clic.job L'objet est verrouillé ignoré
C:\Windows\Tasks\McDefragTask.job L'objet est verrouillé ignoré
C:\Windows\Tasks\McQcTask.job L'objet est verrouillé ignoré
C:\Windows\Tasks\SCHEDLGU.TXT L'objet est verrouillé ignoré
C:\Windows\Temp\mcafee_UiLuOr6P6TV15AE L'objet est verrouillé ignoré
C:\Windows\Temp\mcmsc_BETyTtTVJiZSQVZ L'objet est verrouillé ignoré
C:\Windows\Temp\mcmsc_sSIcxGbkQpNTy1E L'objet est verrouillé ignoré
C:\Windows\Temp\mcmsc_VnLmm9wHkL9QXL9 L'objet est verrouillé ignoré
C:\Windows\Temp\sqlite_PpTbIaamhblsBXz L'objet est verrouillé ignoré
C:\Windows\Temp\sqlite_QblN0yZ0dvstybM L'objet est verrouillé ignoré
C:\Windows\Temp\sqlite_yiPFoa7cR2wRNID L'objet est verrouillé ignoré
C:\Windows\Temp\sqlite_yve05ZAQTW1Tqag L'objet est verrouillé ignoré
C:\Windows\WindowsUpdate.log L'objet est verrouillé ignoré
C:\Windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6000.16386_none_cef7ceb03914a67f\dnary.xsd L'objet est verrouillé ignoré
Analyse terminée.
[Résolu] Analyse rapport ZHPDiag
dans Analyses et éradication malwares
Posté(e)
merci pour votre réponse rapide et efficace!