franck1967

Membres

Afficher le profil Afficher son activité

Compteur de contenus
9
Inscription
le 1 mai 2009
Dernière visite
le 18 octobre 2011

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par franck1967

Hijackthis

franck1967 a répondu à un(e) sujet de franck1967 dans Analyses et éradication malwares

Bonsoir, Et après ??? Que dois-je faire ?
- le 20 mars 2011
- 7 réponses
Hijackthis

franck1967 a répondu à un(e) sujet de franck1967 dans Analyses et éradication malwares

voila la suite j'ai désactivé le MBR avec le tournevis.... Rapport de ZHPDiag v1.27.170 par Nicolas Coolman, Update du 12/03/2011 Run by sl at 14/03/2011 19:40:32 Web site : ZHPDiag Outil de diagnostic Contact : nicolascoolman@yahoo.fr ---\\ Web Browser MSIE: Internet Explorer v7.0.5730.13 MFIE: Mozilla Firefox v3.6.15 (fr) (Defaut) GCIE: Google Chrome v9.0.597.107 ---\\ System Information Windows XP Home Edition Service Pack 3 (Build 2600) Processor: x86 Family 6 Model 10 Stepping 0, AuthenticAMD Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 254 MB (26% free) System Restore: Activé (Enable) System drive C: has 3 GB (16%) free of 18 GB ---\\ Logged in mode Computer Name: ACER-86U03S59CR User Name: sl All Users Names: SUPPORT_388945a0, sl, HelpAssistant, Administrateur, Unselected Option: O45,O61,O62,O65,O66,O80,O82 Logged in as Administrator ---\\ Environnement Variables %AppData%=C:\Documents and Settings\sl\Application Data %LocalAppData%=C:\Documents and Settings\sl\Local Settings\Application Data %StartMenu%=C:\Documents and Settings\sl\Menu Démarrer ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 3 Go of 18 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 9 Go of 10 Go) E:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 03:34:04.) -- C:\Windows\Explorer.exe [1037824] [MD5.FB22AE2861836D16FCBAECB1B715752E] - (.Microsoft Corporation - Internet Extensions for Win32.) (.21/12/2010 00:06:56.) -- C:\Windows\System32\wininet.dll [832512] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 03:34:28.) -- C:\Windows\System32\Winlogon.exe [512000] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 19:40:30.) -- C:\Windows\System32\drivers\atapi.sys [96512] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 20:15:54.) -- C:\Windows\System32\drivers\ntfs.sys [574976] ---\\ Processus lancés [MD5.94A2242EDA39AD7CE02D0FC06CCCC2AD] - (...) -- C:\WINDOWS\System32\Ati2evxx.exe [385024] [MD5.6797E0F85E5F419EEFBE2E4C7A622EA1] - (.Check Point Software Technologies LTD - TrueVector Service.) -- C:\WINDOWS\system32\ZONELABS\vsmon.exe [2435592] [MD5.2695E3E9497BF72ABB44B5010EC5DA16] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [42184] [MD5.09417134F248DFCEEA15C72BCC87F592] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [322120] [MD5.6761B10EEFC1D97971222DD5E239EF79] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.EXE [55296] [MD5.ED9A9D89A8844D3EE74B6CCC4F361013] - (.Synaptics, Inc. - TouchPad Driver Helper Application.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [126976] [MD5.2529850066879EC192EAEBB2E297137C] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [561152] [MD5.482C319D82C1644D8A4E55967676B87A] - (.ATI Technologies, Inc. - ATI Desktop Control Panel.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [335872] [MD5.44083028C12F4F31FB5EBD1AD539934B] - (.Dritek System Inc. - Launch Manager.) -- C:\PROGRA~1\LAUNCH~1\QtZpAcer.EXE [282624] [MD5.2E9A1A6555C20424FC6DCC3AF21F4D68] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe [3451496] [MD5.F052CB43FCA828CF5C711BAFBECD692F] - (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [1043968] [MD5.390679F7A217A5E73D756276C40AE887] - (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480] [MD5.5E50CA32C27A0662C8E7305278A83978] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [634880] [MD5.8CE5274E996A69E49A6BF50C311BF3F3] - (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\sl\Local Settings\Application Data\Google\Chrome\Application\chrome.exe [995896] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) M3 - MFPP: Plugins - [sl] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [sl] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [sl] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [sl] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [sl] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [sl] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\sl\Local Settings\Application Data\Google\Update \1.2.183.39\npGoogleOneClick8.dll M2 - MFEP: prefs.js [sl - 0vfvr3ui.default\{20a82645-c095-46ed-80e3-08825760534b}(2)] [MicrosoftCG] Microsoft .NET Framework Assistant v1.1 (.Microsoft.) M2 - MFEP: prefs.js [sl - 0vfvr3ui.default\{c36177c0-224a-11da-8cd6-0800200c9a91}] [] Fasterfox v3.9.4 (.RsCcman Productions.) ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) G1 - GCS: Preference [user Data\Default] None G0 - GCSP: Preference [user Data\Default][HomePage] Google ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKUS\S-1-5-21-2669302297-2589800181-2619313026-1005\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (7.00.6000.17095 (vista_gdr.101217-1830)) -- C: \WINDOWS\system32\ieframe.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie \jqs_plugin.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: (no name) - {1E796980-9CC5-11D1-A83F-00C04FC99D61} . (.Pas de propriétaire - Pas de description.) -- (.not file.) ---\\ ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [soundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\Windows\SOUNDMAN.exe O4 - HKLM\..\Run: [synTPLpr] . (.Synaptics, Inc. - TouchPad Driver Helper Application.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ATIModeChange] . (.ATI Technologies, Inc. - ATI 2D Mode component.) -- C:\Windows\System32\Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA] . (.ATI Technologies, Inc. - ATI Desktop Control Panel.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\PROGRA~1\LAUNCH~1\QtZpAcer.exe O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe O4 - HKLM\..\Run: [ZoneAlarm Client] . (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [KernelFaultCheck] Clé orpheline O4 - HKCU\..\Run: [spybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - HKUS\S-1-5-21-2669302297-2589800181-2619313026-1005\..\Run: [spybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy \TeaTimer.exe O4 - Global Startup: C:\Documents And Settings\sl\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk . (...) -- C:\Program Files\ERUNT\AUTOBACK.EXE ---\\ ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Lanceur de tâches Microsoft Works.lnk . (.Microsoft® Corporation.) -- C:\Program Files\Microsoft Works \msworks.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\MSN\MSNCoreFiles\msn6.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe O4 - Global Startup: C:\Documents And Settings\sl\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe O4 - Global Startup: C:\Documents And Settings\sl\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe O4 - Global Startup: C:\Documents And Settings\sl\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Documents And Settings\sl\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player \wmplayer.exe O4 - Global Startup: C:\Documents And Settings\sl\Menu Démarrer\Programmes\Installation du Contrôle Parental.lnk . (.InstallShield Software Corporation.) -- C:\Program Files\Securitoo \Contrôle Parental\securitoo_controle_parental.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~3\Office12\EXCEL.exe ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~3\Office12 \REFBARH.ICO O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{A008AB87-6B3D-4C85-ABB3-613F0147DB2A}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{A008AB87-6B3D-4C85-ABB3-613F0147DB2A}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\System32\stobject.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Service d'état ASP.NET (aspnet_state) - Clé orpheline O23 - Service: (Ati HotKey Poller) . (...) - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: (dmadmin) . (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - C:\WINDOWS\System32\dmadmin.exe O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\WINDOWS\system32\ZONELABS\vsmon.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GlaryInitialize.job ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (AmdK7) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\amdk7.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\processr.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys O41 - Driver: (vsdatant) . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - C:\Windows\System32\vsdatant.sys ---\\ Logiciels installés (O42) O42 - Logiciel: 7-Zip 4.65 - (.Pas de propriétaire.) [HKLM] -- 7-Zip O42 - Logiciel: ATI Control Panel - (.Pas de propriétaire.) [HKLM] -- {0BEDBD4E-2D34-47B5-9973-57E62B29307C} O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] -- ATI Display Driver O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Flash Player 9 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- ShockwaveFlash O42 - Logiciel: Aspire 1350 - (.Pas de propriétaire.) [HKLM] -- Aspire 1350 O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: CodeStuff Starter - (.CodeStuff.) [HKLM] -- CodeStuff Starter O42 - Logiciel: ContentSAFER for Wizmax - (.Pas de propriétaire.) [HKLM] -- {C19BE821-89B1-4A96-AC7C-873810C0CB5F} O42 - Logiciel: ERUNT 1.1j - (.Lars Hederer.) [HKLM] -- ERUNT_is1 O42 - Logiciel: Foxit Reader - (.Foxit Software.) [HKLM] -- {4FEC0D0D-1279-4C46-B6F8-B73C5247A6A9} O42 - Logiciel: Glary Utilities 2.32.0.1126 - (.Glarysoft Ltd.) [HKLM] -- Glary Utilities_is1 O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5 O42 - Logiciel: Indeo® Software - (.Pas de propriétaire.) [HKLM] -- Indeo® Software O42 - Logiciel: Java 6 Update 16 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216016FF} O42 - Logiciel: Java 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070} O42 - Logiciel: KM400/KN400 Display Driver and Utilities - (.Pas de propriétaire.) [HKLM] -- S3 O42 - Logiciel: LG SP USB Driver - (.LG Electronics.) [HKLM] -- {E2AE8456-CCFE-46C0-8629-71CC507660FC} O42 - Logiciel: LG USB WML Modem Driver - (.LG Electronics.) [HKLM] -- {FBA0CA60-8BF2-4381-B819-74F020E165A9} O42 - Logiciel: LG United Mobile Driver - (.LG Electronics.) [HKLM] -- {2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA} O42 - Logiciel: Launch Manager - (.Pas de propriétaire.) [HKLM] -- LManager O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft Bootvis - (.Microsoft.) [HKLM] -- {0F9196C6-58B4-445B-B56E-B1200FECC151} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391- F1E8FAA964C5} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D- 93596DA74165} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8- DA50B7B5C045} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E- EBB76BB86787} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2- C554F6B30EBB} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9- D290383A10D9} O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: Microsoft Works 7.0 - (.Microsoft Corporation.) [HKLM] -- {64D114CE-4234-45C2-B60A-2B07D5A48F72} O42 - Logiciel: Mozilla Firefox (3.6.15) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.15) O42 - Logiciel: OpenEtna win Flasher - (.Guimmer Tech.) [HKLM] -- OpenEtna win Flasher O42 - Logiciel: Realtek AC'97 Audio - (.Pas de propriétaire.) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E} O42 - Logiciel: S3 S3Display - (.Pas de propriétaire.) [HKLM] -- VTDisplay O42 - Logiciel: S3 S3Gamma2 - (.Pas de propriétaire.) [HKLM] -- VTGamma2 O42 - Logiciel: S3 S3Info2 - (.Pas de propriétaire.) [HKLM] -- VTInfo2 O42 - Logiciel: S3 S3Overlay - (.Pas de propriétaire.) [HKLM] -- VTOverlay O42 - Logiciel: SAGEM F@st 1500 - (.Pas de propriétaire.) [HKLM] -- {6472655F-9F8D-4CF1-B038-A45AC7787903} O42 - Logiciel: Sagem WLAN Card Utilities/Driver - (.Pas de propriétaire.) [HKLM] -- {FF8FA9E5-2605-4B1D-8A5C-C1A42924FC4A} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C- 6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC- 643E50089263} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2289158) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{210B16C0-CEBD-4DE9-B474- 04A7E8735E16} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6FC5C4C1-D7AE-44C3-94B7- 6424FC3E752F} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE- C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76- 103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968- 6E5991B1421A} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90- C3A5CA1988C5} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72- 8F30E1793060} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B23002DD-34EC-4988-B810- A5E2A0BF04F1} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED- 4C3E9AD130E8} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8- 59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F5B70033-E79C-4569-90BF- BC9B4E4F3F46} O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer (KB2413381) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3DED0A62-44C8-4E00-A785- 5212F297A9D9} O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A- 15E3264410DF} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A- 6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A- 2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE- 815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776- F795F21FEDDC} O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: Synaptics Pointing Device Driver - (.Pas de propriétaire.) [HKLM] -- SynTPDeinstKey O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2412171) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7961E819-93A5-40A8-8469-4BE2FBBFACEF} O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2508979) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D2137BBA-250B-4548-BC1C-19E5009893D7} O42 - Logiciel: VLC media player 0.9.8a - (.VideoLAN Team.) [HKLM] -- VLC media player O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729) - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27} O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01 O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] -- ie7 O42 - Logiciel: ZoneAlarm - (.Check Point, Inc.) [HKLM] -- ZoneAlarm O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast O42 - Logiciel: xp-AntiSpy 3.97-9 - (.Christian Taubenheim.) [HKLM] -- xp-AntiSpy ---\\ HKCU & HKLM Software Keys [HKCU\Software\7-Zip] [HKCU\Software\ACD Systems] [HKCU\Software\ASUS] [HKCU\Software\AVAST Software] [HKCU\Software\Ad-Remover] [HKCU\Software\AppDataLow\ISWVolatile] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Astonsoft] [HKCU\Software\Bugsplat] [HKCU\Software\CDBurnerXP] [HKCU\Software\Canon] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CodeStuff] [HKCU\Software\CrystalIdea Software] [HKCU\Software\Foxit Software] [HKCU\Software\GlarySoft] [HKCU\Software\Google] [HKCU\Software\JavaSoft] [HKCU\Software\Ligos] [HKCU\Software\LowRegistry] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\Novell] [HKCU\Software\ODBC] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\PowerISO] [HKCU\Software\Quanta] [HKCU\Software\Safer Networking Limited] [HKCU\Software\Samsung] [HKCU\Software\Synaptics] [HKCU\Software\Trend Micro] [HKCU\Software\Trolltech] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Zone Labs] [HKCU\Software\ej-technologies] [HKCU\Software\xp-AntiSpy] [HKLM\Software\ACD Systems] [HKLM\Software\ASUS] [HKLM\Software\ATI Technologies] [HKLM\Software\AVAST Software] [HKLM\Software\Adobe] [HKLM\Software\C07ft5Y] [HKLM\Software\Canon] [HKLM\Software\CheckPoint] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\MDC] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MarkAny] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NOS] [HKLM\Software\ODBC] [HKLM\Software\OldTimer Tools] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\Quanta] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SECURITOO] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Sagem] [HKLM\Software\Schlumberger] [HKLM\Software\SoftShape] [HKLM\Software\Synaptics] [HKLM\Software\TrendMicro] [HKLM\Software\Via4in1Driver] [HKLM\Software\VideoLAN] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Zone Labs] [HKLM\Software\magnet] [HKLM\Software\mozilla.org] ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 01/09/2003 - 12:51:54 - [396030621] ----D- C:\Program Files\Fichiers communs O43 - CFD: 01/09/2003 - 12:56:34 - [3942655] ----D- C:\Program Files\Windows NT O43 - CFD: 01/09/2003 - 12:56:34 - [32852941] ----D- C:\Program Files\MSN O43 - CFD: 01/09/2003 - 12:56:50 - [8745735] ----D- C:\Program Files\MSN Gaming Zone O43 - CFD: 01/09/2003 - 12:56:52 - [2238349] ----D- C:\Program Files\Messenger O43 - CFD: 01/09/2003 - 12:57:12 - [6564230] ----D- C:\Program Files\Windows Media Player O43 - CFD: 01/09/2003 - 12:57:14 - [2495] ----D- C:\Program Files\Services en ligne O43 - CFD: 01/09/2003 - 12:57:14 - [0] --H-D- C:\Program Files\WindowsUpdate O43 - CFD: 01/09/2003 - 12:57:48 - [0] ----D- C:\Program Files\ComPlus Applications O43 - CFD: 01/09/2003 - 12:58:24 - [6426385] ----D- C:\Program Files\Internet Explorer O43 - CFD: 01/09/2003 - 12:58:26 - [4379321] ----D- C:\Program Files\Outlook Express O43 - CFD: 01/09/2003 - 12:58:26 - [3285523] ----D- C:\Program Files\NetMeeting O43 - CFD: 01/09/2003 - 12:58:30 - [11350823] ----D- C:\Program Files\Movie Maker O43 - CFD: 01/09/2003 - 13:01:04 - [0] ----D- C:\Program Files\microsoft frontpage O43 - CFD: 01/09/2003 - 13:01:04 - [0] ----D- C:\Program Files\xerox O43 - CFD: 01/09/2003 - 13:09:04 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 01/09/2003 - 13:09:36 - [0] ----D- C:\Program Files\VIA O43 - CFD: 01/09/2003 - 13:11:46 - [110732] ----D- C:\Program Files\S3Inc O43 - CFD: 01/09/2003 - 13:16:36 - [33391843] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 01/09/2003 - 13:16:38 - [5477376] ----D- C:\Program Files\AvRack O43 - CFD: 01/09/2003 - 13:16:38 - [0] ----D- C:\Program Files\Realtek Sound Manager O43 - CFD: 01/09/2003 - 13:25:34 - [13657136] ----D- C:\Program Files\Synaptics O43 - CFD: 01/09/2003 - 13:26:50 - [5020] ----D- C:\Program Files\Acer Inc O43 - CFD: 01/09/2003 - 13:28:56 - [2872] ----D- C:\Program Files\Adobe O43 - CFD: 01/09/2003 - 13:30:16 - [6031149] ----D- C:\Program Files\NewTech Infosystems O43 - CFD: 01/09/2003 - 13:30:58 - [559404] ----D- C:\Program Files\Ligos O43 - CFD: 01/09/2003 - 14:01:16 - [1587582] ----D- C:\Program Files\Aspire 1350 O43 - CFD: 01/09/2003 - 14:32:20 - [1025320] ----D- C:\Program Files\Launch Manager O43 - CFD: 14/03/2009 - 18:36:16 - [13067236] ----D- C:\Program Files\ATI Technologies O43 - CFD: 14/03/2009 - 18:55:38 - [0] ----D- C:\Program Files\Alwil Software O43 - CFD: 14/03/2009 - 19:38:58 - [24844533] ----D- C:\Program Files\Securitoo O43 - CFD: 14/03/2009 - 20:11:18 - [216040497] ----D- C:\Program Files\Wanadoo O43 - CFD: 15/03/2009 - 08:45:10 - [1591922] ----D- C:\Program Files\SAGEM O43 - CFD: 15/03/2009 - 08:52:28 - [13606542] ----D- C:\Program Files\WLAN Card Utilities O43 - CFD: 15/03/2009 - 09:43:04 - [113834860] ----D- C:\Program Files\Microsoft Works O43 - CFD: 15/03/2009 - 10:12:42 - [12539456] ----D- C:\Program Files\Vuze O43 - CFD: 15/03/2009 - 10:17:46 - [30532752] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 15/03/2009 - 17:46:00 - [3653740] ----D- C:\Program Files\CCleaner O43 - CFD: 15/03/2009 - 22:44:42 - [61995016] ----D- C:\Program Files\VideoLAN O43 - CFD: 20/03/2009 - 21:25:36 - [164700516] ----D- C:\Program Files\Java O43 - CFD: 20/03/2009 - 21:26:54 - [13005792] ----D- C:\Program Files\OpenOffice.org 3 O43 - CFD: 21/03/2009 - 12:48:22 - [0] ----D- C:\Program Files\Lavasoft O43 - CFD: 21/03/2009 - 17:09:02 - [3094515] ----D- C:\Program Files\7-Zip O43 - CFD: 28/03/2009 - 12:45:40 - [764] ----D- C:\Program Files\MSBuild O43 - CFD: 28/03/2009 - 14:14:26 - [0] ----D- C:\Program Files\Astonsoft O43 - CFD: 28/03/2009 - 20:00:40 - [184852] ----D- C:\Program Files\MSECache O43 - CFD: 29/03/2009 - 12:13:42 - [934896] ----D- C:\Program Files\Google O43 - CFD: 05/04/2009 - 18:18:00 - [14904] ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD: 06/04/2009 - 18:04:44 - [563378993] ----D- C:\Program Files\Microsoft Office O43 - CFD: 03/05/2009 - 18:55:34 - [1387249] ----D- C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 03/05/2009 - 20:58:18 - [8152064] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 06/05/2009 - 17:05:34 - [408583] ----D- C:\Program Files\HijackThis O43 - CFD: 13/06/2009 - 14:13:14 - [0] ----D- C:\Program Files\Windows Media Connect 2 O43 - CFD: 27/01/2010 - 17:25:56 - [9547308] ----D- C:\Program Files\Foxit Software O43 - CFD: 02/04/2010 - 23:42:12 - [722877] ----D- C:\Program Files\Samsung O43 - CFD: 02/04/2010 - 23:45:16 - [2044848] ----D- C:\Program Files\MarkAny O43 - CFD: 03/04/2010 - 10:31:38 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 27/08/2010 - 22:05:40 - [0] ----D- C:\Program Files\NOS O43 - CFD: 24/11/2010 - 13:00:38 - [0] ----D- C:\Program Files\Techcity O43 - CFD: 30/12/2010 - 16:26:14 - [7082492] ----D- C:\Program Files\LG Electronics O43 - CFD: 12/01/2011 - 13:20:28 - [51383628] ----D- C:\Program Files\OpenEtna win Flasher O43 - CFD: 28/02/2011 - 19:31:48 - [149105869] ----D- C:\Program Files\AVAST Software O43 - CFD: 01/03/2011 - 00:13:44 - [195257380] ----D- C:\Program Files\Microsoft Bootvis O43 - CFD: 01/03/2011 - 00:42:58 - [671143] ----D- C:\Program Files\xp-AntiSpy O43 - CFD: 04/03/2011 - 18:21:16 - [60782208] ----D- C:\Program Files\Spybot - Search & Destroy O43 - CFD: 04/03/2011 - 21:26:50 - [19465879] ----D- C:\Program Files\Zone Labs O43 - CFD: 09/03/2011 - 21:16:34 - [388236] ----D- C:\Program Files\Trend Micro O43 - CFD: 11/03/2011 - 00:46:56 - [1348349] ----D- C:\Program Files\CodeStuff O43 - CFD: 11/03/2011 - 10:17:06 - [19474947] ----D- C:\Program Files\Glary Utilities O43 - CFD: 11/03/2011 - 16:29:04 - [4924096] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 11/03/2011 - 23:27:24 - [670515] ----D- C:\Program Files\ERUNT O43 - CFD: 12/03/2011 - 19:54:38 - [50640262] ----D- C:\Program Files\Ad-Remover O43 - CFD: 12/03/2011 - 20:41:38 - [3458498] ----D- C:\Program Files\ZHPDiag O43 - CFD: 01/09/2003 - 12:51:54 - [239807474] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD: 01/09/2003 - 12:51:54 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD: 01/09/2003 - 12:51:58 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD: 01/09/2003 - 12:58:24 - [41624545] ----D- C:\Program Files\Fichiers Communs\System O43 - CFD: 01/09/2003 - 12:58:32 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD: 01/09/2003 - 12:58:36 - [8106] ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD: 01/09/2003 - 13:16:34 - [6745859] ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD: 01/09/2003 - 13:28:56 - [102437] ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD: 15/03/2009 - 10:12:44 - [67853883] ----D- C:\Program Files\Fichiers Communs\i4j_jres O43 - CFD: 20/03/2009 - 21:25:30 - [31093537] ----D- C:\Program Files\Fichiers Communs\Java O43 - CFD: 03/05/2009 - 21:13:18 - [92976] ----D- C:\Program Files\Fichiers Communs\DESIGNER O43 - CFD: 13/06/2009 - 15:21:14 - [1908736] ----D- C:\Program Files\Fichiers Communs\ACD Systems O43 - CFD: 01/08/2010 - 21:37:06 - [2721679] ----D- C:\Program Files\Fichiers Communs\Adobe AIR O43 - CFD: 01/09/2003 - 13:09:10 - [0] ----D- C:\Documents and Settings\sl\Application Data\Identities O43 - CFD: 01/09/2003 - 13:28:56 - [0] ----D- C:\Documents and Settings\sl\Application Data\InterTrust O43 - CFD: 01/09/2003 - 12:51:24 - [4854232] -S--D- C:\Documents and Settings\sl\Application Data\Microsoft O43 - CFD: 14/03/2009 - 18:44:12 - [3099206] ----D- C:\Documents and Settings\sl\Application Data\Adobe O43 - CFD: 14/03/2009 - 19:30:24 - [7528] ----D- C:\Documents and Settings\sl\Application Data\Macromedia O43 - CFD: 14/03/2009 - 20:19:42 - [63] ----D- C:\Documents and Settings\sl\Application Data\Help O43 - CFD: 15/03/2009 - 08:50:02 - [636] ----D- C:\Documents and Settings\sl\Application Data\MSN6 O43 - CFD: 15/03/2009 - 10:17:44 - [4160235] ----D- C:\Documents and Settings\sl\Application Data\Mozilla O43 - CFD: 15/03/2009 - 10:17:54 - [9611855] ----D- C:\Documents and Settings\sl\Application Data\Azureus O43 - CFD: 15/03/2009 - 22:48:22 - [448448] ----D- C:\Documents and Settings\sl\Application Data\vlc O43 - CFD: 16/03/2009 - 18:50:38 - [8704] ----D- C:\Documents and Settings\sl\Application Data\Template O43 - CFD: 20/03/2009 - 21:25:06 - [37993756] ----D- C:\Documents and Settings\sl\Application Data\Sun O43 - CFD: 20/03/2009 - 22:27:12 - [2642174] ----D- C:\Documents and Settings\sl\Application Data\OpenOffice.org O43 - CFD: 28/03/2009 - 13:45:04 - [7099] ----D- C:\Documents and Settings\sl\Application Data\Canneverbe_Limited O43 - CFD: 28/03/2009 - 14:16:12 - [639] ----D- C:\Documents and Settings\sl\Application Data\DeepBurner O43 - CFD: 17/04/2009 - 16:42:30 - [199] ----D- C:\Documents and Settings\sl\Application Data\dvdcss O43 - CFD: 04/06/2009 - 10:00:50 - [16627974] ----D- C:\Documents and Settings\sl\Application Data\U3 O43 - CFD: 13/06/2009 - 15:33:50 - [1769526] ----D- C:\Documents and Settings\sl\Application Data\ACD Systems O43 - CFD: 24/08/2009 - 18:57:54 - [4173890] ----D- C:\Documents and Settings\sl\Application Data\Canon O43 - CFD: 02/04/2010 - 23:45:56 - [0] ----D- C:\Documents and Settings\sl\Application Data\DataCast O43 - CFD: 10/06/2010 - 19:07:10 - [4150] ----D- C:\Documents and Settings\sl\Application Data\Icones O43 - CFD: 02/07/2010 - 13:20:16 - [396] ----D- C:\Documents and Settings\sl\Application Data\Google O43 - CFD: 01/08/2010 - 21:40:04 - [67032] ----D- C:\Documents and Settings\sl\Application Data\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1 O43 - CFD: 11/03/2011 - 10:31:10 - [424256] ----D- C:\Documents and Settings\sl\Application Data\GlarySoft O43 - CFD: 11/03/2011 - 16:45:00 - [0] ----D- C:\Documents and Settings\sl\Application Data\Malwarebytes O43 - CFD: 01/09/2003 - 13:06:04 - [7799159] ----D- C:\Documents and Settings\sl\Local Settings\Application Data\Microsoft O43 - CFD: 14/03/2009 - 19:31:40 - [67170046] ----D- C:\Documents and Settings\sl\Local Settings\Application Data\Identities O43 - CFD: 14/03/2009 - 20:19:42 - [0] ----D- C:\Documents and Settings\sl\Local Settings\Application Data\Help O43 - CFD: 15/03/2009 - 17:21:56 - [42671480] ----D- C:\Documents and Settings\sl\Local Settings\Application Data\Mozilla O43 - CFD: 29/03/2009 - 13:42:58 - [48100699] ----D- C:\Documents and Settings\sl\Local Settings\Application Data\Adobe O43 - CFD: 03/05/2009 - 18:34:12 - [0] ----D- C:\Documents and Settings\sl\Local Settings\Application Data\Microsoft Help O43 - CFD: 13/06/2009 - 15:18:30 - [25488896] ----D- C:\Documents and Settings\sl\Local Settings\Application Data\Downloaded Installations O43 - CFD: 13/06/2009 - 15:33:50 - [1768840] ----D- C:\Documents and Settings\sl\Local Settings\Application Data\ACD Systems O43 - CFD: 17/06/2009 - 16:35:48 - [0] ----D- C:\Documents and Settings\sl\Local Settings\Application Data\WMTools Downloaded Files O43 - CFD: 27/01/2010 - 19:12:08 - [0] ----D- C:\Documents and Settings\sl\Local Settings\Application Data\PCHealth O43 - CFD: 16/01/2011 - 20:03:34 - [402056914] ----D- C:\Documents and Settings\sl\Local Settings\Application Data\Google O43 - CFD: 16/01/2011 - 20:04:34 - [0] ----D- C:\Documents and Settings\sl\Local Settings\Application Data\Temp ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.68EF1200F915817C00FCFD7F3CF01200] - 14/03/2011 - 19:32:22 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 14/03/2011 - 19:31:24 ---A- . (...) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 14/03/2011 - 19:31:14 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.68EF1200F915817C00FCFD7F3CF01200] - 14/03/2011 - 19:09:56 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [2029419] O44 - LFC:[MD5.68EF1200F915817C00FCFD7F3CF01200] - 14/03/2011 - 18:50:52 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.55CB08A8478EB48F1FEAAB434D832AC8] - 12/03/2011 - 20:28:24 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [4320] O44 - LFC:[MD5.D88AE818EB574317F999886654FFA800] - 12/03/2011 - 19:58:08 ---A- . (...) -- C:\Ad-Report-SCAN[1].txt [4292] O44 - LFC:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 11/03/2011 - 16:29:51 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers \mbamswissarmy.sys [38224] O44 - LFC:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 11/03/2011 - 16:29:14 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [20952] O44 - LFC:[MD5.268E538C6ACF37F7BA35C600B6022279] - 11/03/2011 - 01:31:22 ---A- . (...) -- C:\WINDOWS\System32\FNTCACHE.DAT [284520] O44 - LFC:[MD5.540C2B5DC47651C572C2804DC72FDDA8] - 09/03/2011 - 23:26:10 ---A- . (.Trend Micro Inc. - TrendMicro Common Module.) -- C:\WINDOWS\System32\drivers\tmcomm.sys [189520] O44 - LFC:[MD5.E97B600480F54C7699309FC9A4DBEF63] - 08/03/2011 - 11:55:00 ---A- . (...) -- C:\WINDOWS\System32\perfc00C.dat [66340] O44 - LFC:[MD5.D0C86104E81E9F5D4442DD807B415450] - 08/03/2011 - 11:55:00 ---A- . (...) -- C:\WINDOWS\System32\perfh009.dat [346260] O44 - LFC:[MD5.58A3746B314CD2724408DDC679D258E6] - 08/03/2011 - 11:55:00 ---A- . (...) -- C:\WINDOWS\System32\perfh00C.dat [407206] O44 - LFC:[MD5.5E72A9649365AE5DC56975785030CDF0] - 08/03/2011 - 11:54:58 ---A- . (...) -- C:\WINDOWS\System32\perfc009.dat [54046] O44 - LFC:[MD5.761685004F19B413E971474BFE6BCC8D] - 08/03/2011 - 11:54:56 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.INI [882144] O44 - LFC:[MD5.65E52FFB0C5D4A3863EE2E80028DB21D] - 08/03/2011 - 10:38:38 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [1158] O44 - LFC:[MD5.FC52BD4056FB8012508FECCEBB8A556C] - 04/03/2011 - 21:28:52 ---A- . (...) -- C:\WINDOWS\System32\vsconfig.xml [420800] O44 - LFC:[MD5.4728AD1AF19C9E9838CCD6D5424213C2] - 04/03/2011 - 21:28:06 --HA- . (...) -- C:\WINDOWS\System32\zllictbl.dat [4212] O44 - LFC:[MD5.050C38EBB22512122E54B47DC278BCCD] - 04/03/2011 - 21:26:58 ---A- . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) -- C:\WINDOWS\System32 \vsdatant.sys [532224] O44 - LFC:[MD5.CF6473B9765E1CA9A07EEAA03FC1C06E] - 04/03/2011 - 20:18:08 ---A- . (...) -- C:\WINDOWS\wininit.ini [180] O44 - LFC:[MD5.C4D7713CF271FAAE5689D5D006757214] - 28/02/2011 - 23:27:34 ---A- . (...) -- C:\WINDOWS\SYSTEM.INI [254] O44 - LFC:[MD5.BE1D7183E5E541DC75E2B26D571300A2] - 28/02/2011 - 23:16:46 ---A- . (...) -- C:\autoexec.bat [34] O44 - LFC:[MD5.63CB2C7A4DCD7758D28FA2DE6EA6629B] - 28/02/2011 - 20:59:14 ---A- . (...) -- C:\WINDOWS\System32\lgAxconfig.ini [2413] O44 - LFC:[MD5.6F93456261F8E9EF7B6D50D726DD7C7F] - 28/02/2011 - 20:58:00 ---A- . (...) -- C:\WINDOWS\ModemLog_Agere Systems AC'97 Modem.txt [4232] O44 - LFC:[MD5.9681A655BE1D8AFF0D1A352504E4AF0C] - 28/02/2011 - 19:34:48 ---A- . (...) -- C:\WINDOWS\System32\CONFIG.NT [3120] O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 28/02/2011 - 19:14:58 ---A- . (...) -- C:\WINDOWS\SYSTEM.SYD [227] O44 - LFC:[MD5.F5D833EB09E794C6F11F4977D8FE9DA2] - 28/02/2011 - 19:14:58 ---A- . (...) -- C:\WINDOWS\win.ini [654] O44 - LFC:[MD5.F61DF22835F390A718706EFAF02C55F9] - 28/02/2011 - 19:14:58 RSHA- . (...) -- C:\BOOT.INI [211] O44 - LFC:[MD5.0439C6170F7F6355BB5275C9CAA6050F] - 23/02/2011 - 16:04:22 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\WINDOWS\avastSS.scr [40648] O44 - LFC:[MD5.C6E1D434F1F3A5226B0DDFDF84B12677] - 23/02/2011 - 16:04:18 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\WINDOWS\System32\aswBoot.exe [190016] O44 - LFC:[MD5.9BE41C1AE8BC481EB662D85C98D979C2] - 23/02/2011 - 15:56:56 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\System32\drivers\aswSnx.sys [371544] O44 - LFC:[MD5.4B1A54BA2BC5873A774DF6B70AB8B0B3] - 23/02/2011 - 15:56:46 ---A- . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS\System32\drivers\aswSP.sys [301528] O44 - LFC:[MD5.C7F1CEA32766184911293F4E1EE653F5] - 23/02/2011 - 15:55:50 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\WINDOWS\System32\drivers\aswTdi.sys [49240] O44 - LFC:[MD5.452D0ECD14FA02F9B061F42C8A30DD49] - 23/02/2011 - 15:55:48 ---A- . (.AVAST Software - avast! File System Filter Driver for Window.) -- C:\WINDOWS\System32\drivers \aswmon2.sys [102232] O44 - LFC:[MD5.687BB5CCB764C2E3DA9F1D4892E50327] - 23/02/2011 - 15:55:44 ---A- . (.AVAST Software - avast! File System Filter Driver for Window.) -- C:\WINDOWS\System32\drivers \aswmon.sys [96344] O44 - LFC:[MD5.B6A9373619D851BE80FB5F1B5EED0D4E] - 23/02/2011 - 15:55:10 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\WINDOWS\System32\drivers\aswRdr.sys [25432] O44 - LFC:[MD5.83631291ADF2887CFFC786D034D3FA15] - 23/02/2011 - 15:54:58 ---A- . (.AVAST Software - avast! Base Kernel-Mode Device Driver for W.) -- C:\WINDOWS\System32\drivers \aavmker4.sys [30680] O44 - LFC:[MD5.1C2E6BB4FE8621B1B863855B02BC33EB] - 23/02/2011 - 15:54:56 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\WINDOWS\System32\drivers \aswFsBlk.sys [19544] O44 - LFC:[MD5.41995A9476529835851B61369596E5D2] - 18/02/2011 - 17:28:28 ---A- . (.Check Point Software Technologies LTD - Check Point Endpoint Security.) -- C:\WINDOWS\System32 \zpeng25.dll [1238528] O44 - LFC:[MD5.18F9AB94694843A35178711A1B96BB1A] - 18/02/2011 - 17:28:24 ---A- . (.Check Point Software Technologies LTD - TrueVector Service.) -- C:\WINDOWS\System32\vsxml.dll [110080] O44 - LFC:[MD5.85C09B9B43AA7CE7C672A39C80176090] - 18/02/2011 - 17:28:24 ---A- . (.Check Point Software Technologies LTD - ZLComm.) -- C:\WINDOWS\System32\zlcomm.dll [69120] O44 - LFC:[MD5.01054D95D578FFEDEC6FC124ED595A5E] - 18/02/2011 - 17:28:24 ---A- . (.Check Point Software Technologies LTD - ZLCommDB.) -- C:\WINDOWS\System32\zlcommdb.dll [104448] O44 - LFC:[MD5.196773E724A1C283BEF7E21BDF2D2F8D] - 18/02/2011 - 17:28:24 ---A- . (.Check Point Software Technologies LTD - vsmon component.) -- C:\WINDOWS\System32\vswmi.dll [43008] O44 - LFC:[MD5.9B8AF90986E11DCA788B1F8E55C82A78] - 18/02/2011 - 17:28:22 ---A- . (.Check Point Software Technologies LTD - TrueVector Client Interface.) -- C:\WINDOWS\System32 \vsmonapi.dll [108032] O44 - LFC:[MD5.9A5E521DDF4F1B025F6F6C99BFB46F67] - 18/02/2011 - 17:28:22 ---A- . (.Check Point Software Technologies LTD - TrueVector Service DLL.) -- C:\WINDOWS\System32\vsdata.dll [112128] O44 - LFC:[MD5.320653DC5250B36C57FDC7C60CD3C23A] - 18/02/2011 - 17:28:22 ---A- . (.Check Point Software Technologies LTD - TrueVector Service.) -- C:\WINDOWS\System32\vsinit.dll [228864] O44 - LFC:[MD5.4636FABD1DBF097F39D0F2679E185BC7] - 18/02/2011 - 17:28:22 ---A- . (.Check Point Software Technologies LTD - TrueVector Service.) -- C:\WINDOWS\System32\vspubapi.dll [302592] O44 - LFC:[MD5.2DFEAC2C914CACE4BA5836139BF09EC3] - 18/02/2011 - 17:28:22 ---A- . (.Check Point Software Technologies LTD - TrueVector Service.) -- C:\WINDOWS\System32\vsregexp.dll [58368] O44 - LFC:[MD5.D47B2CB64DA21201252A6623C7EE1AF3] - 18/02/2011 - 17:28:22 ---A- . (.Check Point Software Technologies LTD - TrueVector Service.) -- C:\WINDOWS\System32\vsutil.dll [715264] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32 \sessmgr.exe O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic \xpnetdiag.exe O47 - AAKE:Key Export SP - "C:\Program Files\Vuze\Azureus.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Vuze\Azureus.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12 \OUTLOOK.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\System32\muzapp.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\muzapp.exe (.not file.) O47 - AAKE:Key Export SP - "C:\WINDOWS\System32\ZoneLabs\vsmon.exe" [Enabled] .(.Check Point Software Technologies LTD - TrueVector Service.) -- C:\WINDOWS\System32\ZoneLabs \vsmon.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32 \sessmgr.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic \xpnetdiag.exe ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{19a411e1-6cb1-11df-aa56-00c09f4835f5}\AutoRun\command - Clé orpheline O51 - MPSK:{56966bf1-50dc-11de-a79e-00c09f4835f5}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- G:\LaunchU3.exe (.not file.) ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Ligos Corporation - Ligos Indeo® Video 3.2.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Ligos Corporation - Ligos Indeo® Video 3.2.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.yvu9"="iyvu9_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\iyvu9_32.dll O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS \System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Ligos Corporation - Ligos Indeo® Video 5.11.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\System32\iac25_32.ax" . (.Ligos Corporation - Indeo® Audio Software.) -- C:\WINDOWS\System32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax O52 - TDSD: \Drivers32\"VIDC.ACDV"="ACDV.dll" . (.ACD Systems - ACDV.) -- C:\WINDOWS\System32\ACDV.dll O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"ir50_32.dll"="Ligos Indeo® Video 5.11" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\iac25_32.ax"="Indeo® Audio Software" . (.Ligos Corporation - Indeo® Audio Software.) -- C:\WINDOWS\System32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir41_32.ax"="Indeo® Video Interactive R4.5" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"iyvu9_32.dll"="Indeo® Video RAW YVU9" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\iyvu9_32.dll O52 - TDSD: \drivers.desc\"ir32_32.dll"="Indeo® Video R3.2" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"ACDV.dll"="ACDV 1.0" . (.Pas de propriétaire - Pas de description.) -- (.not file.) ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\B2C_AGENT [Key] . (.LG Electronics - B2C NotiAgent MFC ?? ????.) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client \B2CNotiAgent.exe O53 - SMSR:HKLM\...\startupreg\Google Update [Key] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\sl\Local Settings\Application Data\Google\Update \GoogleUpdate.exe O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe O53 - SMSR:HKLM\...\startupreg\VTTimer [Key] . (.S3 Graphics, Inc. - Pas de description.) -- C:\Windows\System32\VTTimer.exe ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 24/04/2003 - 12:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32 \drivers\ptilink.sys [17792] O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 24/04/2003 - 12:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32 \drivers\cinemst2.sys [262528] O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 24/04/2003 - 12:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers \cpqdap01.sys [11776] O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 24/04/2003 - 12:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032] O58 - SDL:[MD5.2ADC0CA9945C65284B3D19BC18765974] - 13/04/2008 - 19:54:36 ---A- . (.National Semiconductor Corporation - NSC Fast Infrared Driver..) -- C:\WINDOWS\system32\drivers \nscirda.sys [28672] O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 24/04/2003 - 12:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032] O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 24/04/2003 - 12:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032] O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 24/04/2003 - 12:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers \tsbvcap.sys [21376] O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 24/04/2003 - 12:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers \vdmindvd.sys [58112] O58 - SDL:[MD5.E9648254056BCE81A85380C0C3647DC4] - 17/08/2001 - 20:13:08 ---A- . (.VIA Technologies, Inc. - NDIS 5.0 miniport driver.) -- C:\WINDOWS\system32\drivers\fetnd5.sys [27165] O58 - SDL:[MD5.0E3E3FAE3A0A58B8D936A8E841A17D16] - 27/12/2002 - 04:41:00 ---A- . (.VIA Technologies, Inc. - VIA NT AGP Filter.) -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS [26880] O58 - SDL:[MD5.E8C619C6C6BDE90D130DDA87150E1944] - 11/08/2003 - 14:09:18 ---A- . (.Copyright © VIA/S3 Graphics, Inc. - VIA/S3G Miniport Driver.) -- C:\WINDOWS\system32\drivers \vtmini.sys [265344] O58 - SDL:[MD5.EA8D01E733FDA92147DE62AA04D154A6] - 14/05/2003 - 18:44:06 ---A- . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\WINDOWS\system32\drivers \ALCXWDM.SYS [740044] O58 - SDL:[MD5.540C2B5DC47651C572C2804DC72FDDA8] - 06/09/2010 - 10:26:20 ---A- . (.Trend Micro Inc. - TrendMicro Common Module.) -- C:\WINDOWS\system32\drivers\tmcomm.sys [189520] O58 - SDL:[MD5.DECAF721585F9DB53D60D70FD064B6BB] - 18/11/2002 - 09:30:58 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\WINDOWS\system32\drivers\SynTP.sys [263536] O58 - SDL:[MD5.15A72D5B8F0B6A718207F14BD5EBB8FF] - 01/09/2003 - 13:30:12 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\WINDOWS\system32\drivers\NTIDrvr.sys [6912] O58 - SDL:[MD5.FAF0C0E706A0D45F6EFBC1503DAF914D] - 08/04/2003 - 13:24:40 ---A- . (.Pas de propriétaire - Driver for Bluetooth USB Devices.) -- C:\WINDOWS\system32\drivers\btwusb.sys [51208] O58 - SDL:[MD5.55C246EA3FDD96B2A9F74187F0A29066] - 21/02/2003 - 11:20:48 ---A- . (.Pas de propriétaire - Flash Upgrade Driver for Bluetooth USB Device.) -- C:\WINDOWS\system32\drivers \frmupgr.sys [17388] O58 - SDL:[MD5.E60B77F0F1D04A1B3CC8FEE4D25417B5] - 15/08/2003 - 18:00:56 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8180 NDIS5.1 miniport driver.) -- C:\WINDOWS \system32\drivers\RTL8180.sys [173184] O58 - SDL:[MD5.29063004926B225C417E7147822F5866] - 15/01/2003 - 16:05:54 ---A- . (.VIA Technologies, Inc. - NDIS 5.0 miniport driver.) -- C:\WINDOWS\system32\drivers\fetnd5b.sys [41984] O58 - SDL:[MD5.7126ABCCEB2785A99AEA5C5F8C57ECDF] - 13/11/2003 - 22:47:00 ---A- . (.ATI Technologies Inc. - ATI Radeon Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys [640000] O58 - SDL:[MD5.4B474C4B3932BCA5C2D44AD38BCD465F] - 16/01/2003 - 12:26:52 ---A- . (.Dritek System Inc. - Dritek PS2 Keyboard Filter Driver.) -- C:\WINDOWS\system32\drivers\DKbFltr.SYS [16256] O58 - SDL:[MD5.F2DD4159715AFA801C7916F85D2E2779] - 21/10/2010 - 09:45:16 ---A- . (.LG Electronics Inc. - LG CDMA USB Multi function Driver.) -- C:\WINDOWS\system32\drivers\lgusbbus.sys [13056] O58 - SDL:[MD5.83631291ADF2887CFFC786D034D3FA15] - 23/02/2011 - 15:54:58 ---A- . (.AVAST Software - avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP.) -- C:\WINDOWS \system32\drivers\aavmker4.sys [30680] O58 - SDL:[MD5.687BB5CCB764C2E3DA9F1D4892E50327] - 23/02/2011 - 15:55:44 ---A- . (.AVAST Software - avast! File System Filter Driver for Windows NT/2000.) -- C:\WINDOWS\system32 \drivers\aswmon.sys [96344] O58 - SDL:[MD5.452D0ECD14FA02F9B061F42C8A30DD49] - 23/02/2011 - 15:55:48 ---A- . (.AVAST Software - avast! File System Filter Driver for Windows XP.) -- C:\WINDOWS\system32\drivers \aswmon2.sys [102232] O58 - SDL:[MD5.9BE41C1AE8BC481EB662D85C98D979C2] - 23/02/2011 - 15:56:56 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\system32\drivers\aswSnx.sys [371544] O58 - SDL:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 20/12/2010 - 18:08:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [20952] O58 - SDL:[MD5.18EEB910627DDAF40F822966F887BAD8] - 07/01/2005 - 17:05:28 ---A- . (.Ralink Technology Inc. - Sample Driver for Ralink 802.11g Wireless USB Adapters.) -- C:\WINDOWS \system32\drivers\rt2500usb.sys [147328] O58 - SDL:[MD5.D7010580BF4E45D5E793A1FE75758C69] - 15/03/2009 - 09:05:46 ---A- . (.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\drivers \mdc8021x.sys [15781] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/04/2008 - 17:39:16 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32 \drivers\secdrv.sys [20480] O58 - SDL:[MD5.F8E0B715ECDCC4D426D1DC8BEAD6E0B8] - 21/10/2010 - 09:45:18 ---A- . (.LG Electronics Inc. - LG CDMA USB Modem Driver.) -- C:\WINDOWS\system32\drivers\lgusbmodem.sys [25216] O58 - SDL:[MD5.41C12F229CF403A2BB2C8F4A05993C8F] - 21/10/2010 - 09:45:16 ---A- . (.LG Electronics Inc. - LG CDMA USB Diagnostics Driver.) -- C:\WINDOWS\system32\drivers\lgusbdiag.sys [20864] O58 - SDL:[MD5.F71671248134EA39BFD10401EE5FD825] - 19/10/2008 - 23:00:06 ---A- . (.Google Inc - ADB Interface.) -- C:\WINDOWS\system32\drivers\androidusb.sys [25728] O58 - SDL:[MD5.C7F1CEA32766184911293F4E1EE653F5] - 23/02/2011 - 15:55:50 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\WINDOWS\system32\drivers\aswTdi.sys [49240] O58 - SDL:[MD5.B6A9373619D851BE80FB5F1B5EED0D4E] - 23/02/2011 - 15:55:10 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\WINDOWS\system32\drivers\aswRdr.sys [25432] O58 - SDL:[MD5.4B1A54BA2BC5873A774DF6B70AB8B0B3] - 23/02/2011 - 15:56:46 ---A- . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS\system32\drivers\aswSP.sys [301528] O58 - SDL:[MD5.1C2E6BB4FE8621B1B863855B02BC33EB] - 23/02/2011 - 15:54:56 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\WINDOWS\system32\drivers \aswFsBlk.sys [19544] O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 20/12/2010 - 18:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers \mbamswissarmy.sys [38224] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 24/04/2003 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 24/04/2003 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097] O58 - SDL:[MD5.050C38EBB22512122E54B47DC278BCCD] - 13/05/2010 - 10:02:32 ---A- . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) -- C:\WINDOWS\system32 \vsdatant.sys [532224] O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 24/04/2003 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912] O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 24/04/2003 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809] O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 24/04/2003 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 24/04/2003 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 24/04/2003 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 24/04/2003 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 24/04/2003 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 04/08/2004 - 06:45:26 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 04/08/2004 - 06:45:14 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 04/08/2004 - 06:45:10 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 04/08/2004 - 06:45:16 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 24/04/2003 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:[MD5.4D3EB5A8021AF05C7FE5F313443A533B] - 12/09/2002 - 17:29:42 ---A- . (.VIA Technologies, Inc. - Network Device Monitor Utility.) -- C:\WINDOWS\system32\ntsim.sys [6016] O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 04/08/2004 - 06:45:12 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560] O58 - SDL:[MD5.05A56C3156E1B6CC7BBD8E1D54D491F2] - 09/09/2002 - 19:54:06 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) -- C:\WINDOWS \system32\ASNDIS5.sys [16269] ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 O63 - Logiciel: HiJackThis - (.Trend Micro.) [HKLM] -- {45A66726-69BC-466B-A7A4-12FCBA4883D7} O63 - Logiciel: OTL - (.OldTimer.) ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\AAVMKER4.sys - (.not file.) - avast! Asynchronous Virus Monitor (Aavmker4) .(...) - LEGACY_AAVMKER4 O64 - Services: CurCS - C:\WINDOWS\system32\drivers\afd.sys - Environnement de prise en charge de réseau AFD (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - C:\WINDOWS\System32\alg.exe - Service de la passerelle de la couche Application (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestion d'applications (AppMgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_APPMGMT O64 - Services: CurCS - C:\Windows\System32\DRIVERS\arp1394.sys - Protocole client ARP 1394 (Arp1394) .(.Microsoft Corporation - IP/1394 Arp Client.) - LEGACY_ARP1394 O64 - Services: CurCS - C:\PROGRA~1\WLANCA~1\ASNDIS5.sys - ASNDIS5 Protocol Driver (ASNDIS5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) - LEGACY_ASNDIS5 O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWFSBLK.sys - (.not file.) - aswFsBlk (aswFsBlk) .(...) - LEGACY_ASWFSBLK O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWMON2.sys - (.not file.) - avast! Standard Shield Support (aswMon2) .(...) - LEGACY_ASWMON2 O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWRDR.sys - (.not file.) - aswRdr (aswRdr) .(...) - LEGACY_ASWRDR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWSNX.sys - (.not file.) - aswSnx (aswSnx) .(...) - LEGACY_ASWSNX O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWSP.sys - (.not file.) - avast! Self Protection (aswSP) .(...) - LEGACY_ASWSP O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWTDI.sys - (.not file.) - avast! Network Shield Support (aswTdi) .(...) - LEGACY_ASWTDI O64 - Services: CurCS - C:\WINDOWS\System32\Ati2evxx.exe - Ati HotKey Poller (Ati HotKey Poller) .(...) - LEGACY_ATI_HOTKEY_POLLER O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Audio Windows (AudioSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_AUDIOSRV O64 - Services: CurCS - C:\Program Files\AVAST Software\Avast\AvastSvc.exe - avast! Antivirus (avast! Antivirus) .(.AVAST Software - avast! Service.) - LEGACY_AVAST!_ANTIVIRUS O64 - Services: CurCS - (.not file.) - avgntflt (avgntflt) .(...) - LEGACY_AVGNTFLT O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\BEEP.sys - Beep (Beep) .(...) - LEGACY_BEEP O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Service de transfert intelligent en arrière-plan (BITS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BITS O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Explorateur d'ordinateur (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BROWSER O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\CDFS.sys - cdfs (cdfs) .(...) - LEGACY_CDFS O64 - Services: CurCS - (.not file.) - (.not file.) - Application système COM+ (COMSysApp) .(...) - LEGACY_COMSYSAPP O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Services de cryptographie (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC O64 - Services: CurCS - (.not file.) - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(...) - LEGACY_DCOMLAUNCH O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Client DHCP (Dhcp) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DHCP O64 - Services: CurCS - C:\Windows\System32\drivers\dmboot.sys - dmboot (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - C:\Windows\System32\drivers\dmload.sys - dmload (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Client DNS (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Service de rapport d'erreurs (ERSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_ERSVC O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Système d'événements de COM+ (EventSystem) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_EVENTSYSTEM O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FASTFAT.sys - fastfat (fastfat) .(...) - LEGACY_FASTFAT O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Compatibilité avec le Changement rapide d'utilisateur (FastUserSwitchingCompatibility) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY O64 - Services: CurCS - C:\WINDOWS\system32\fxssvc.exe - Fax (Fax) .(.Microsoft Corporation - Service de télécopie.) - LEGACY_FAX O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FIPS.sys - Fips (Fips) .(...) - LEGACY_FIPS O64 - Services: CurCS - C:\Windows\System32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC O64 - Services: CurCS - C:\Windows\System32\DRIVERS\msgpc.sys - Classificateur de paquets générique (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Aide et support (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HELPSVC O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - HID Input Service (HidServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HIDSERV O64 - Services: CurCS - C:\Windows\System32\Drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - HTTP SSL (HTTPFilter) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HTTPFILTER O64 - Services: CurCS - C:\WINDOWS\System32\imapi.exe - Service COM de gravage de CD IMAPI (ImapiService) .(.Microsoft Corporation - API Image Mastering.) - LEGACY_IMAPISERVICE O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ipnat.sys - Traducteur d'adresses réseau IP (IpNat) .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ipsec.sys - Pilote IPSEC (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC O64 - Services: CurCS - C:\Windows\System32\DRIVERS\irda.sys - Protocole IrDA (irda) .(.Microsoft Corporation - IRDA Protocol Driver.) - LEGACY_IRDA O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Moniteur infrarouge (Irmon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_IRMON O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - (.not file.) - KLIF (KLIF) .(...) - LEGACY_KLIF O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\KSECDD.sys - ksecdd (ksecdd) .(...) - LEGACY_KSECDD O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Serveur (lanmanserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANSERVER O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Station de travail (LanmanWorkstation) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANWORKSTATION O64 - Services: CurCS - C:\Windows\System32\DRIVERS\Lbd.sys (.not file.) - Lbd (Lbd) .(...) - LEGACY_LBD O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Assistance TCP/IP NetBIOS (LmHosts) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LMHOSTS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mdc8021x.sys - AEGIS Protocol (IEEE 802.1x) v2.3.1.9 (MDC8021X) .(.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) - LEGACY_MDC8021X O64 - Services: CurCS - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.exe - Machine Debug Manager (MDM) .(.Microsoft Corporation - Machine Debug Manager.) - LEGACY_MDM O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Affichage des messages (Messenger) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_MESSENGER O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MNMDD.sys - mnmdd (mnmdd) .(...) - LEGACY_MNMDD O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MOUNTMGR.sys - (.not file.) - mountmgr (mountmgr) .(...) - LEGACY_MOUNTMGR O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxdav.sys - Redirecteur client WebDav (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb.sys - MRXSMB (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB O64 - Services: CurCS - C:\WINDOWS\System32\msdtc.exe - Distributed Transaction Coordinator (MSDTC) .(.Microsoft Corporation - MS DTC console program.) - LEGACY_MSDTC O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS O64 - Services: CurCS - C:\WINDOWS\System32\msiexec.exe - Windows Installer (MSIServer) .(.Microsoft Corporation - Windows® installer.) - LEGACY_MSISERVER O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MUP.sys - (.not file.) - Mup (Mup) .(...) - LEGACY_MUP O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDIS.sys - (.not file.) - Pilote système NDIS (NDIS) .(...) - LEGACY_NDIS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndistapi.sys - Pilote TAPI NDIS d'accès distant (NdisTapi) .(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) - LEGACY_NDISTAPI O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndisuio.sys - NDIS mode utilisateur E/S Protocole (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O Driver.) - LEGACY_NDISUIO O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - Interface NetBIOS (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbt.sys - NetBIOS sur TCP/IP (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexions réseau (Netman) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NETMAN O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - NLA (Network Location Awareness) (Nla) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NLA O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NTFS.sys - ntfs (ntfs) .(...) - LEGACY_NTFS O64 - Services: CurCS - C:\WINDOWS\system32\ntsim.sys - NTSIM (NTSIM) .(.VIA Technologies, Inc. - Network Device Monitor Utility.) - LEGACY_NTSIM O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL O64 - Services: CurCS - C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.exe - Office Source Engine (ose) .(.Microsoft Corporation - Office Source Engine.) - LEGACY_OSE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARTMGR.sys - (.not file.) - PartMgr (PartMgr) .(...) - LEGACY_PARTMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARVDM.sys - ParVdm (ParVdm) .(...) - LEGACY_PARVDM O64 - Services: CurCS - C:\WINDOWS\system32\PCANDIS5.sys - PCANDIS5 NDIS Protocol Driver (PCANDIS5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) - LEGACY_PCANDIS5 O64 - Services: CurCS - C:\WINDOWS\System32\lsass.exe - Services IPSEC (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Emplacement protégé (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rasacd.sys - Pilote de connexion automatique d'accès distant (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Gestionnaire de connexions d'accès distant (RasMan) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASMAN O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rdbss.sys - Rdbss (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(...) - LEGACY_RDPNP O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\RDPWD.sys - RDPWD (RDPWD) .(...) - LEGACY_RDPWD O64 - Services: CurCS - (.not file.) - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(...) - LEGACY_RPCSS O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Gestionnaire de comptes de sécurité (SamSs) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_SAMSS O64 - Services: CurCS - (.not file.) - SCDEmu (SCDEmu) .(...) - LEGACY_SCDEMU O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Planificateur de tâches (Schedule) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SCHEDULE O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexion secondaire (seclogon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SECLOGON O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Notification d'événement système (SENS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SENS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\SERIAL.sys - Serial (Serial) .(...) - LEGACY_SERIAL O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Pare-feu de connexion Internet (ICF) / Partage de connexion Internet (ICS) (SharedAccess) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHAREDACCESS O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Détection matériel noyau (ShellHWDetection) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHELLHWDETECTION O64 - Services: CurCS - C:\WINDOWS\system32\spoolsv.exe - Spouleur d'impression (Spooler) .(.Microsoft Corporation - Spooler SubSystem App.) - LEGACY_SPOOLER O64 - Services: CurCS - C:\Windows\System32\DRIVERS\sr.sys - Pilote de filtre de restauration système (sr) .(.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) - LEGACY_SR O64 - Services: CurCS - (.not file.) - srescan (srescan) .(...) - LEGACY_SRESCAN O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Service de restauration système (srservice) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SRSERVICE O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv.sys - Srv (Srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Service de découvertes SSDP (SSDPSRV) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SSDPSRV O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Acquisition d'image Windows (WIA) (stisvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_STISVC O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Téléphonie (TapiSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TAPISRV O64 - Services: CurCS - C:\Windows\System32\DRIVERS\tcpip.sys - Pilote du protocole TCP/IP (Tcpip) .(.Microsoft Corporation - TCP/IP Protocol Driver.) - LEGACY_TCPIP O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\TDTCP.sys - TDTCP (TDTCP) .(...) - LEGACY_TDTCP O64 - Services: CurCS - (.not file.) - (.not file.) - Services Terminal Server (TermService) .(...) - LEGACY_TERMSERVICE O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Thèmes (Themes) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_THEMES O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\TMCOMM.sys - tmcomm (tmcomm) .(...) - LEGACY_TMCOMM O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client de suivi de lien distribué (TrkWks) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TRKWKS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\UDFS.sys - Udfs (Udfs) .(...) - LEGACY_UDFS O64 - Services: CurCS - (.not file.) - Gestionnaire de téléchargement (uploadmgr) .(...) - LEGACY_UPLOADMGR O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Hôte de périphérique universel Plug-and-Play (upnphost) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_UPNPHOST O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VGA.sys - vga (vga) .(...) - LEGACY_VGA O64 - Services: CurCS - C:\WINDOWS\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VOLSNAP.sys - VolSnap (VolSnap) .(...) - LEGACY_VOLSNAP O64 - Services: CurCS - C:\Windows\System32\vsdatant.sys - vsdatant (vsdatant) .(.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - LEGACY_VSDATANT O64 - Services: CurCS - C:\WINDOWS\system32\ZONELABS\vsmon.exe - TrueVector Internet Monitor (vsmon) .(.Check Point Software Technologies LTD - TrueVector Service.) - LEGACY_VSMON O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Horloge Windows (W32Time) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_W32TIME O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wanarp.sys - Pilote ARP IP d'accès distant (Wanarp) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARP O64 - Services: CurCS - C:\Windows\System32\DRIVERS\Wdf01000.sys - Wdf01000 (Wdf01000) .(.Microsoft Corporation - WDF Dynamic.) - LEGACY_WDF01000 O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - WebClient (WebClient) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WEBCLIENT O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Infrastructure de gestion Windows (winmgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WINMGMT O64 - Services: CurCS - C:\WINDOWS\System32\wbem\wmiapsrv.exe - Carte de performance WMI (WmiApSrv) .(.Microsoft Corporation - Service de la carte de performance WMI.) - LEGACY_WMIAPSRV O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Centre de sécurité (wscsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WSCSVC O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Mises à jour automatiques (wuauserv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUAUSERV O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Configuration automatique sans fil (WZCSVC) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WZCSVC ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\sl\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O68 - StartMenuInternet: <MSN Explorer> <>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\MSN6.exe ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - Google ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 0 | Service d'état ASP.NET (aspnet_state) . (...) - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe SR - | Auto 13/11/2003 385024 | (Ati HotKey Poller) . (...) - C:\WINDOWS\System32\Ati2evxx.exe SR - | Auto 23/02/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe SR - | Auto 30/10/2009 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe SR - | Auto 18/02/2011 2435592 | (vsmon) . (.Check Point Software Technologies LTD.) - C:\WINDOWS\system32\ZONELABS\vsmon.exe End of the scan (1098 lines in 02mn 45s)(0) Merci encore
- le 14 mars 2011
- 7 réponses
Hijackthis

franck1967 a répondu à un(e) sujet de franck1967 dans Analyses et éradication malwares

C'est là le problème.... zhpdiag fige mon système en fin d'analyse et je ne peux récupérer le fichier log car je dois arrêter le pc !!! Je vais encore réessayer ...
- le 14 mars 2011
- 7 réponses
Hijackthis

franck1967 a répondu à un(e) sujet de franck1967 dans Analyses et éradication malwares

======= RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 01/03/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 20:08:54 le 12/03/2011, Mode normal Microsoft Windows XP Édition familiale Service Pack 3 (X86) sl@ACER-86U03S59CR ( ) ============== ACTION(S) ============== Fichier supprimé: C:\Program Files\Mozilla FireFox\Components\AskSearch.js Dossier supprimé: C:\Program Files\AskSearch (!) -- Fichiers temporaires supprimés. -- Fichier ouvert: C:\Documents and Settings\sl\Application Data\Mozilla\FireFox\Profiles\0vfvr3ui.default\Prefs.js -- Ligne supprimée: user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .ti... Ligne supprimée: user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*"); Ligne supprimée: user_pref("extensions.wrc.SearchRules.baidu.com.style", ".WRCN {display:none} .result .f .WRCN {disp... Ligne supprimée: user_pref("extensions.wrc.SearchRules.baidu.com.url", "^hxxp\\:\\/\\/www\\.baidu\\.com\\/.*"); -- Fichier Fermé -- Clé supprimée: HKCU\Software\AppDataLow\AskSA Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll Clé supprimée: HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [3.6.15 (fr)] **** -- C:\Documents and Settings\sl\Application Data\Mozilla\FireFox\Profiles\0vfvr3ui.default -- Extensions\staged-xpis (?) Extensions\{20a82645-c095-46ed-80e3-08825760534b}(2) (Microsoft .NET Framework Assistant) Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91} (Fasterfox) Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\sl\\Bureau\\Fichiers téléchargés Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.15 ======================================== **** Google Chrome Version [9.0.597.107] **** -- C:\Documents and Settings\sl\Local Settings\Application Data\Google\Chrome\User Data\Default -- Preferences - default_search_provider: "Google" (Activé: true) (?) Preferences - homepage: hxxp://www.google.com Preferences - homepage_is_newtabpage: false ======================================== **** Internet Explorer Version [7.0.5730.13] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_Toolbar|{1E796980-9CC5-11D1-A83F-00C04FC99D61} (x) HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll) HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?) HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 2 Fichier(s) C:\Program Files\Ad-Remover\Backup: 15 Fichier(s) C:\Ad-Report-SCAN[1].txt - 12/03/2011 19:55:51 (4292 Octet(s)) C:\Ad-Report-CLEAN[1].txt - 12/03/2011 20:09:12 (3768 Octet(s)) Fin à: 20:10:15, 12/03/2011 ============== E.O.F ==============
- le 12 mars 2011
- 7 réponses
Hijackthis

franck1967 a répondu à un(e) sujet de franck1967 dans Analyses et éradication malwares

Merci pour la réponse .... Voici donc le processus ======= RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 01/03/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 19:55:18 le 12/03/2011, Mode normal Microsoft Windows XP Édition familiale Service Pack 3 (X86) sl@ACER-86U03S59CR ( ) ============== RECHERCHE ============== Fichier trouvé: C:\Program Files\Mozilla FireFox\Components\AskSearch.js Dossier trouvé: C:\Program Files\AskSearch -- Fichier ouvert: C:\Documents and Settings\sl\Application Data\Mozilla\FireFox\Profiles\0vfvr3ui.default\Prefs.js -- Ligne trouvée: user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .ti... Ligne trouvée: user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*"); Ligne trouvée: user_pref("extensions.wrc.SearchRules.baidu.com.style", ".WRCN {display:none} .result .f .WRCN {disp... Ligne trouvée: user_pref("extensions.wrc.SearchRules.baidu.com.url", "^hxxp\\:\\/\\/www\\.baidu\\.com\\/.*"); -- Fichier Fermé -- Clé trouvée: HKCU\Software\AppDataLow\AskSA Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll Clé trouvée: HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [3.6.15 (fr)] **** Components\AskSearch.js -- C:\Documents and Settings\sl\Application Data\Mozilla\FireFox\Profiles\0vfvr3ui.default -- Extensions\staged-xpis (?) Extensions\{20a82645-c095-46ed-80e3-08825760534b}(2) (Microsoft .NET Framework Assistant) Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91} (Fasterfox) Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\sl\\Bureau\\Fichiers téléchargés Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.15 ======================================== **** Google Chrome Version [9.0.597.107] **** -- C:\Documents and Settings\sl\Local Settings\Application Data\Google\Chrome\User Data\Default -- Preferences - default_search_provider: "Google" (Activé: true) (?) Preferences - homepage: hxxp://www.google.com Preferences - homepage_is_newtabpage: false ======================================== **** Internet Explorer Version [7.0.5730.13] **** HKCU_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Start Page - hxxp://www.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKCU_SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} - "Ask Search" (hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&gc=1&q={searchTerms}&cr...) HKLM_SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} - "Ask Search" (hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&gc=1&q={searchTerms}&cr...) HKCU_Toolbar|{1E796980-9CC5-11D1-A83F-00C04FC99D61} (x) HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll) HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?) HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files\Ad-Remover\Backup: 1 Fichier(s) C:\Ad-Report-SCAN[1].txt - 12/03/2011 19:55:51 (3807 Octet(s)) Fin à: 19:56:51, 12/03/2011 ============== E.O.F ==============
- le 12 mars 2011
- 7 réponses
Hijackthis

franck1967 a posté un sujet dans Analyses et éradication malwares

Bonsoir, j'essaie de nettoyer l'ordinateur... relativement ancien de ma femme. Mais je pêche. Celui ci est très lent... Permettez moi de vous joindre un Hijackthis... Avec mes remerciements Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:53:10, on 09/03/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17095) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZONELABS\vsmon.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AskBarDis\bar\bin\AskService.exe C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\PROGRA~1\LAUNCH~1\QtZpAcer.EXE C:\Program Files\AVAST Software\Avast\avastUI.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\sl\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\sl\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\explorer.exe C:\Program Files\AVAST Software\Avast\setup\avast.setup C:\Program Files\Mozilla Firefox\plugin-container.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Orange : téléphones, forfaits, Internet, actualité, sport, video R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZpAcer.EXE O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Search - ?p=GRfox000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe O23 - Service: Service COM de gravure de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZONELABS\vsmon.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZONELABS\vsmon.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe -- End of file - 8588 bytes
- le 10 mars 2011
- 7 réponses
Aide

franck1967 a répondu à un(e) sujet de franck1967 dans Analyses et éradication malwares

Bonjour, voila mon nouveau rapport : mon pc est un peu moins lent mais.... qu'en pensez vous ? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:20:08, on 04/05/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\acs.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Cobian Backup 8\cbService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\TVersity\Media Server\MediaServer.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\TP-LINK\TWCU\TWCU.exe C:\Program Files\Timer HW1.0\Timer HW1.0.exe C:\Program Files\Cobian Backup 8\cbInterface.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Dudez\ProtoWall\ProtoWall.exe C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\filehippo.com\UpdateChecker.exe C:\PROGRA~1\MICROS~4\rapimgr.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\PROGRA~1\FDF\FAST2.EXE C:\Program Files\BOINC\boincmgr.exe C:\Program Files\DynDNS Updater\DynUpPs.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\PyGrenouille\pygrenouille.exe C:\Program Files\DynDNS Updater\DynTray.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\BOINC\boinc.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\BOINC\projects\setiathome.berkeley.edu\astropulse_5.03_windows_intelx86.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Thunderbird\thunderbird.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-vaio.sony-europe.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll O4 - HKLM\..\Run: [smartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /StartUp O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe" O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [TWCU] "C:\Program Files\TP-LINK\TWCU\TWCU.exe" -nogui O4 - HKLM\..\Run: [Cobian Backup 8 interface] "C:\Program Files\Cobian Backup 8\cbInterface.exe" -service O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKCU\..\Run: [ProtoWall] C:\Program Files\Dudez\ProtoWall\ProtoWall.exe O4 - HKCU\..\Run: [Orb] "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [filehippo.com] "C:\Program Files\filehippo.com\UpdateChecker.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s O4 - HKCU\..\Run: [FAST Defrag] C:\PROGRA~1\FDF\FAST2.EXE -tray O4 - S-1-5-18 Startup: GraphWeather.lnk = ? (User 'SYSTEM') O4 - S-1-5-18 Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe (User 'SYSTEM') O4 - S-1-5-18 Startup: Timer HW1.0.lnk = ? (User 'SYSTEM') O4 - .DEFAULT Startup: GraphWeather.lnk = ? (User 'Default user') O4 - .DEFAULT Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe (User 'Default user') O4 - .DEFAULT Startup: Timer HW1.0.lnk = ? (User 'Default user') O4 - Startup: GraphWeather.lnk = ? O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Startup: Timer HW1.0.lnk = ? O4 - Global Startup: BOINC Manager.lnk = C:\Program Files\BOINC\boincmgr.exe O4 - Global Startup: DynDNS Updater.lnk = C:\Program Files\DynDNS Updater\DynUpPs.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: PyGrenouille.lnk = C:\Program Files\PyGrenouille\pygrenouille.exe O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Tout t&élécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddList.html O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9D4E8679-ABE0-49B1-9B52-47CEED36512C}: NameServer = 192.168.1.1,212.27.53.252 O17 - HKLM\System\CS2\Services\Tcpip\..\{0B110AA0-4929-45D1-8328-69EBC0282E36}: NameServer = 212.27.32.5,212.27.32.176 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: TP-LINK Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Cobian Backup 8 service (CobBMService) - Luis Cobian - C:\Program Files\Cobian Backup 8\cbService.exe O23 - Service: Google Update Service (gupdate1c991f7c5db8a3e) (gupdate1c991f7c5db8a3e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 13236 bytes
- le 4 mai 2009
- 4 réponses
Aide

franck1967 a répondu à un(e) sujet de franck1967 dans Analyses et éradication malwares

Merci encore, je m'y attelle doucement. Je remettrai un rapport des terminé
- le 3 mai 2009
- 4 réponses
Aide

franck1967 a posté un sujet dans Analyses et éradication malwares

Bonjour et merci par avance. Depuis quelques temps mon pc est trés lent et les dossiers sur mon bureau s'ouvrent très lentement. Je ne parle meme pas de firefox. Je m'en remets donc à vous avec plaisir. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:31:56, on 01/05/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\acs.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Cobian Backup 8\cbService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\TVersity\Media Server\MediaServer.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\TP-LINK\TWCU\TWCU.exe C:\Program Files\Cobian Backup 8\cbInterface.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\filehippo.com\UpdateChecker.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\PROGRA~1\MICROS~4\rapimgr.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\PROGRA~1\FDF\FAST2.EXE C:\Program Files\Orb Networks\Orb\bin\Orb.exe C:\Program Files\BOINC\boincmgr.exe C:\Program Files\DynDNS Updater\DynUpPs.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\PyGrenouille\pygrenouille.exe C:\Program Files\BOINC\boinc.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\GraphWeather\GraphWeather.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\Timer HW1.0\Timer HW1.0.exe C:\Program Files\BOINC\projects\setiathome.berkeley.edu\astropulse_5.03_windows_intelx86.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\DynDNS Updater\DynTray.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Dudez\ProtoWall\ProtoWall.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Mozilla Thunderbird\thunderbird.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-vaio.sony-europe.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll O4 - HKLM\..\Run: [smartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /StartUp O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe" O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [TWCU] "C:\Program Files\TP-LINK\TWCU\TWCU.exe" -nogui O4 - HKLM\..\Run: [Cobian Backup 8 interface] "C:\Program Files\Cobian Backup 8\cbInterface.exe" -service O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [sW20] C:\WINDOWS\system32\sw20.exe O4 - HKLM\..\Run: [sW24] C:\WINDOWS\system32\sw24.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [ProtoWall] C:\Program Files\Dudez\ProtoWall\ProtoWall.exe O4 - HKCU\..\Run: [Orb] "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [filehippo.com] "C:\Program Files\filehippo.com\UpdateChecker.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s O4 - HKCU\..\Run: [FAST Defrag] C:\PROGRA~1\FDF\FAST2.EXE -tray O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - S-1-5-18 Startup: GraphWeather.lnk = ? (User 'SYSTEM') O4 - S-1-5-18 Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe (User 'SYSTEM') O4 - S-1-5-18 Startup: Timer HW1.0.lnk = ? (User 'SYSTEM') O4 - .DEFAULT Startup: GraphWeather.lnk = ? (User 'Default user') O4 - .DEFAULT Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe (User 'Default user') O4 - .DEFAULT Startup: Timer HW1.0.lnk = ? (User 'Default user') O4 - Startup: GraphWeather.lnk = ? O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Startup: Timer HW1.0.lnk = ? O4 - Global Startup: BOINC Manager.lnk = C:\Program Files\BOINC\boincmgr.exe O4 - Global Startup: DynDNS Updater.lnk = C:\Program Files\DynDNS Updater\DynUpPs.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: PyGrenouille.lnk = C:\Program Files\PyGrenouille\pygrenouille.exe O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Tout t&élécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddList.html O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9D4E8679-ABE0-49B1-9B52-47CEED36512C}: NameServer = 192.168.1.1,212.27.53.252 O17 - HKLM\System\CS2\Services\Tcpip\..\{0B110AA0-4929-45D1-8328-69EBC0282E36}: NameServer = 212.27.32.5,212.27.32.176 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: TP-LINK Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Cobian Backup 8 service (CobBMService) - Luis Cobian - C:\Program Files\Cobian Backup 8\cbService.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate1c991f7c5db8a3e) (gupdate1c991f7c5db8a3e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 14989 bytes Merci Merci....
- le 1 mai 2009
- 4 réponses

Connexion

franck1967

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par franck1967

Hijackthis

Hijackthis

Hijackthis

Hijackthis

Hijackthis

Hijackthis

Aide

Aide

Aide

Zebulon

Outils en ligne

Naviguer