Aller au contenu

st22026

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    73

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par st22026

  1. st22026
    Bonjour, un certain site de téléchargement a été bloqué par les fai donc je passe par un vpn en ligne. Une fois sur la série que je veux télécharger, je clique sur le lien de téléchargement et on m'affiche un raccourcisseur d'url avec le bouton "continuer", mais là ça se complique car j'ai beau appuyer sur continuer,rien ne passe. Quelle est la solution? Je ne sais pas comment avoir l'url originale.
  2. st22026
    Bjr, j'ai téléchargé un mp3 que je lis sans problème sur le pc, mais sur le téléphone impossible, j'ai un message d'erreur, fichier non pris en charge. C'est la 1ere fois que ça me fais ça Que faire? s8+
  3. st22026
    Bonjour, sur mon pc Asus je me connecte a une clé 4g, ou à androidhotspot, mais les pages internet ne s'affichent pas. Ma box internet ne fonctionne pas, comment me connecter à internet?
  4. st22026
    Bonjour, ma box internet ne fonctionant plus, jai essayé de me connecter avec 2 télephones comme point d accès mobile sur mon pc (Asus,windows 8.1). Il se connecte mais aucune page internet ne s'affiche. De plus on m'a preté une clé 4g, elle n'est pas reconnu dans les reseaux. Que faire? https://ibb.co/kWSgPe
  5. st22026
    Bonjour, mon pc est beaucoup plus lent qu'avant, que faire? Merci
  6. st22026
    Bonjour, j'ai le forfait free a 20 mais en dehors du wifi les photos des applications insta et facebook ne s affichent pas, youtube ne marche pas,je n ai pas de notif quand je reçoi un mail, google view ne s affiche pas. Free me dit que ca ne vient pas de son réseau car les pages de navigateurs internet s'affichent. Que faire?
  7. st22026
    Bonjour, je souhaite télécharger ce son en mp3, quel logiciel ou site utilisé? Evp - Los Angeles Merci.
  8. st22026
    Bonjour, j'ai installer une nouvelle souris filaire optique, mais le pc (XP) reste bloqué sur la page de démrrage "acer" lorsque je l'allume. La seule solution est de redémarrer en la débranchant. Ca le fait sur tous les ports usb. Quelle solution? Merci.
  9. st22026
    2011051923h5752 - HostingPics.net - Hébergement d'images gratuit Je n'ai pas besoin de récuperer les fichiers parce que je les ai sauvegardés sur mon disque dur.Je ne veux pas reformater en NTFS,je veux garder en FAT32 pour lire les fichiers sur ma télé. J'avais 100gb dessus je ne comprend pas comment il a pu passé a 337gb ! et dans K: il n'y a aucun fichier ! Je ne dois pas être le 1er a qui ca arrive,il doit bien exister un logiciel pour récuperer mes gb. Bonne nuit (ou bon matin)
  10. st22026
    ImageShack® - Online Photo and Video Hosting en plus maintenant j'ai des fichiers que j'avais pourtant supprimé qui apparaissent
  11. st22026
    J'ai 0,2mb system volume information 0,1mb restore 0,1mb recycled 0,0 desktop.ini 0,0 INFO2
  12. st22026
    Bonjour,j'ai formaté un DD externe du NTFS vers FAT32,les données ont été perdues mais je n'ai pas regagné la place et en plus il m'en a enlevé le double de ce que j'avais,comment récuperer cette place?Il ne me reste que 120gb environ sur 460. Pour les données je n'ai pas besoin de les récuperer.
  13. st22026
    Le rapport MBAM type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 236330 Temps écoulé: 8 heure(s), 37 minute(s), 45 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DbgMgr (Malware.Trace) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
  14. st22026
    Je précise que j'ai fait une analyse antivir qui m'a trouvé 4 virus dans java et les a supprimés. Le rapport : Logfile of random's system information tool 1.06 (written by random/random) at 2010-12-27 16:11:14 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 20 GB (28%) free of 73 GB Total RAM: 767 MB (14% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:12:59, on 27/12/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe D:\Folder Lockbox\flockbox.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DNA\btdna.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Acer\Empowering Technology\ePerformance\MemCheck.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe D:\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe c:\program files\avira\antivir desktop\avcenter.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Documents and Settings\Adrien\Bureau\Raccourcis Bureau non utilisés\RSIT.exe D:\Adrien.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Orbitdownloader\orbitcth.dll O2 - BHO: (no name) - {0EEDB912-C5FA-486F-8334-57288578C627} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: (no name) - {6A87B991-A31F-4130-AE72-6D0C294BF082} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [flockbox] D:\Folder Lockbox\flockbox.exe /a O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [NIS] "C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\16.0.0.125\InstStub.exe" /RELAUNCH /RUNONCE /MEDIA "L:\Symantec\Setup.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: &Download by Orbit - res://D:\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://D:\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Add to Windows &Live Favorites - Welcome to Windows Live O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://D:\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (21)\P2P Rocket\Plugins\RazaWebHook.dll/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://D:\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://D:\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://D:\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://D:\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing) O23 - Service: BroadCam Service (BroadCamService) - Unknown owner - C:\Program Files\NCH Software\BroadCam\broadCam.exe (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Eyeline Service (EyelineService) - Unknown owner - C:\Program Files\NCH Software\Eyeline\eyeline.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing) O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe (file missing) O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing) O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Alcohol 120\StarWind\StarWindServiceAE.exe -- End of file - 12479 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3874232922-622592756-1272493053-1006Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3874232922-622592756-1272493053-1006UA.job C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3874232922-622592756-1272493053-1006.job C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3874232922-622592756-1272493053-1006.job C:\WINDOWS\tasks\User_Feed_Synchronization-{5E39FACB-FF9D-4260-963F-CCB597CFD3B7}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}] Octh Class - D:\Orbitdownloader\orbitcth.dll [2010-03-08 240912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EEDB912-C5FA-486F-8334-57288578C627}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - D:\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-15 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}] EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-03-08 106496] {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll [2006-05-10 131072] {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "flockbox"=D:\Folder Lockbox\flockbox.exe [2006-11-10 1065984] "BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent [] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-07-11 7626752] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2010-04-15 202256] "SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-05-14 248552] "NIS"=C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\16.0.0.125\InstStub.exe [2010-11-10 968488] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2010-09-19 323392] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\%FP%Friendly fts.exe] C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe [2003-05-06 72192] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe [2006-04-18 49152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2010-03-06 524632] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] D:\Alcohol 120\axcmd.exe [2009-04-24 203928] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA] C:\Program Files\DNA\btdna.exe [2010-09-19 323392] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice] C:\WINDOWS\system32\browserchoice.exe [2010-02-12 293376] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] D:\DAEMON Tools Lite\daemon.exe -autorun [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2006-03-17 345088] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray] C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-06-01 413696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Documents and Settings\Adrien\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-06-30 136176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2004-08-10 44032] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] D:\iTunesHelper.exe [2010-02-15 141608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchApp] Alaunch [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsgCenterExe] C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe [2010-04-15 75320] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Neuf Media Center] C:\Program Files\SFR\Media Center\MediaCenter.exe [2008-10-10 726336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] C:\WINDOWS\system32\NvMcTray.dll [2006-07-11 86016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nzelit] C:\WINDOWS\clrtolsm.dll,Startup [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] C:\WINDOWS\RTHDCPL.EXE [2006-06-01 16208384] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] D:\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] D:\Unlocker\UnlockerAssistant.exe [2008-05-02 15872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Adrien^Mes documents^Menu Démarrer^Programmes^Démarrage^Free Music Zilla.lnk] D:\FREEMU~1\FMZilla.exe [2010-06-10 736512] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acer Empowering Technology.lnk] C:\Acer\EMPOWE~1\ACEREM~1.EXE [2006-06-01 45056] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acer WLAN 11g USB Dongle.lnk] C:\PROGRA~1\ACERWL~1\ZDWlan.exe [2005-11-16 745472] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk] C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2004-12-14 29696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [1999-02-17 65588] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\klmdb.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\klmdb.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger" "D:\SopCast\SopCast.exe"="D:\SopCast\SopCast.exe:*:Disabled:SopCast Main Application" "D:\Program Files\TVAnts\Tvants.exe"="D:\Program Files\TVAnts\Tvants.exe:*:Disabled:TVAnts" "D:\VLC\vlc.exe"="D:\VLC\vlc.exe:*:Disabled:VLC media player" "C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Disabled:Windows Media Player" "C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000" "D:\Free Music Zilla\FMZilla.exe"="D:\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla" "C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe"="C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe:*:Disabled:Java Platform SE binary" "D:\Orbitdownloader\orbitnet.exe"="D:\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit" "D:\Orbitdownloader\orbitdm.exe"="D:\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit" "D:\SopCast\adv\SopAdver.exe"="D:\SopCast\adv\SopAdver.exe:*:Disabled:SopCast Adver" "D:\StationRipper\StationRipperConsole.exe"="D:\StationRipper\StationRipperConsole.exe:*:Disabled:StationRipperConsole" "C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser" "D:\iTunes.exe"="D:\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (20)\eMule\emule.exe"="C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (20)\eMule\emule.exe:*:Enabled:emule.exe" "C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (16)\utorrent.exe"="C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (16)\utorrent.exe:*:Enabled:µTorrent" "C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (18)\BitTorrent\bittorrent.exe"="C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (18)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA" "C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe:*:Enabled:spoolsv.exe" "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019" "C:\Program Files\SFR\Media Center\httpd\httpd.exe"="C:\Program Files\SFR\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.0/255.255.255.0:Enabled:Serveur de partage Media Center (Player SFR)" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9bd7441a-cd4d-11df-b70d-00192148152f}] shell\AutoRun\command - K:\WD_Windows_Tools\Setup.exe ======List of files/folders created in the last 1 months====== 2010-12-27 01:36:18 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-12-21 21:42:17 ----A---- C:\WINDOWS\system32\mp3codec32win.dll 2010-12-15 16:17:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2296199$ 2010-12-15 16:12:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$ 2010-12-15 16:11:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$ 2010-12-15 16:11:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$ 2010-12-15 16:11:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$ 2010-12-15 16:11:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2436673$ 2010-12-15 16:10:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$ 2010-12-13 15:25:46 ----SHD---- C:\found.000 ======List of files/folders modified in the last 1 months====== 2010-12-27 16:11:50 ----D---- C:\WINDOWS\Prefetch 2010-12-27 16:09:26 ----D---- C:\Documents and Settings\Adrien\Application Data\DNA 2010-12-27 16:06:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.TMP 2010-12-27 16:06:44 ----D---- C:\WINDOWS\system32 2010-12-27 16:03:07 ----D---- C:\WINDOWS\system32\CatRoot2 2010-12-27 16:01:36 ----D---- C:\WINDOWS\temp 2010-12-27 16:00:56 ----D---- C:\WINDOWS 2010-12-27 15:59:24 ----D---- C:\Program Files\DNA 2010-12-27 15:59:16 ----D---- C:\Program Files\Microsoft Silverlight 2010-12-27 02:03:11 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2010-12-27 01:41:15 ----D---- C:\WINDOWS\Registration 2010-12-27 01:23:51 ----D---- C:\Program Files\BearShare Applications 2010-12-26 22:35:52 ----D---- C:\Documents and Settings\Adrien\Application Data\Winamp 2010-12-26 22:35:52 ----D---- C:\Documents and Settings\Adrien\Application Data\Media Player Classic 2010-12-26 22:09:59 ----SHD---- C:\WINDOWS\Installer 2010-12-25 22:59:26 ----D---- C:\Documents and Settings\Adrien\Application Data\uTorrent 2010-12-15 17:31:46 ----D---- C:\Program Files\Internet Explorer 2010-12-15 16:17:31 ----HD---- C:\WINDOWS\inf 2010-12-15 16:17:27 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-12-15 16:13:10 ----A---- C:\WINDOWS\system32\MRT.exe 2010-12-15 16:12:22 ----D---- C:\WINDOWS\ie8updates 2010-12-15 16:12:13 ----HD---- C:\WINDOWS\$hf_mig$ 2010-12-15 16:11:54 ----AD---- C:\WINDOWS\system32\drivers 2010-12-15 16:10:59 ----D---- C:\Program Files\Outlook Express 2010-12-10 15:26:44 ----D---- C:\Program Files\Mozilla Firefox 2010-12-10 02:25:34 ----RSD---- C:\WINDOWS\assembly 2010-12-10 02:24:34 ----D---- C:\WINDOWS\Microsoft.NET 2010-12-10 00:29:56 ----D---- C:\Program Files\Windows Live 2010-12-10 00:27:50 ----D---- C:\WINDOWS\system32\DirectX 2010-12-08 12:32:42 ----D---- C:\Documents and Settings\All Users\Application Data\Real 2010-12-08 12:32:33 ----D---- C:\Documents and Settings\Adrien\Application Data\Real 2010-12-05 20:32:51 ----D---- C:\Documents and Settings\Adrien\Application Data\Orbit 2010-12-04 19:08:53 ----D---- C:\Program Files\CCleaner 2010-12-03 12:23:12 ----RD---- C:\Program Files ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520] R1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys [1999-09-10 25244] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816] R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys [] R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys [] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752] R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\drivers\PfModNT.sys [] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-05-12 1342602] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-05 4284928] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-08-11 6144] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-07-11 3934592] R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-04-30 47360] R3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 VPCNetS2;Virtual Machine Network Services Driver; C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys [2003-09-19 45056] R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-06-29 244864] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] S3 a4u4e2ff;a4u4e2ff; C:\WINDOWS\system32\drivers\a4u4e2ff.sys [] S3 a9cpk978;a9cpk978; C:\WINDOWS\system32\drivers\a9cpk978.sys [] S3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2006-05-12 401664] S3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-05-12 30363] S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024] S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120] S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768] S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944] S3 BTWDNDIS;Serveur d'accès au réseau local Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-05-12 148168] S3 btwmodem;Modem Bluetooth; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2006-05-12 30189] S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-05-12 57320] S3 catchme;catchme; \??\C:\st22026\catchme.sys [] S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys [] S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys [] S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [] S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys [] S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-10 12288] S3 PPPoEWin;PPPoEWin Miniport; C:\WINDOWS\system32\DRIVERS\PPPoEWin.SYS [2003-09-25 104375] S3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys [] S3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys [] S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136] S3 SRS_SSCFilter;SRS Labs Audio Sandbox (WDM); C:\WINDOWS\system32\drivers\srs_sscfilter_i386.sys [2007-05-03 39552] S3 tapavpn;Steganos Anonym VPN Adapter; C:\WINDOWS\system32\DRIVERS\tapavpn.sys [2007-10-19 24320] S3 USB_RNDIS;USB Remote NDIS Network Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 402432] S3 ZD1211U(ZyDAS);ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211u.sys [2005-10-04 280064] S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-10 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AcerMemUsageCheckService;Memory Check Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-05-11 28672] R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672] R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe [2006-05-12 258103] R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568] R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-15 153376] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-03-06 1029456] R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-07-11 155715] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 StarWindServiceAE;StarWind AE Service; D:\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [] S2 BroadCamService;BroadCam Service; C:\Program Files\NCH Software\BroadCam\broadCam.exe -service [] S2 EyelineService;Eyeline Service; C:\Program Files\NCH Software\Eyeline\eyeline.exe -service [] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800] S2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-08-21 72704] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [] S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe -d -f C:\Program Files\WinPcap\rpcapd.ini [] S4 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE [1999-12-13 44032] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------
  15. st22026
    Bonjour,j'ai chopé plusieurs virus,je suis allé sur un site (filestube.com) et voyant qu'il était en train de me foutre un virus,j'ai éteint le pc avant (enfin je sais pas) qu'il ne s'installe (chose a ne pas faire?). Du coup j'ai eu beaucoup de mal a le redémarrer,je l'ai démarrer grace a fixboot,mais le pc est bruyant et assez lent,de plus je suis allé dans system32,il y a eu un bug et maintenant je n'ai plus de son. Merci.
  16. st22026
    TDSSKiller : C:\WINDOWS\system32\DRIVERS\pciide.sys - will be cured after reboot C:\WINDOWS\system32\Drivers\sptd.sys - quarantined alwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4052 Windows 5.1.2600 Service Pack 3 (Safe Mode) Internet Explorer 8.0.6001.18702 25/09/2010 17:05:23 mbam-log-2010-09-25 (17-05-23).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 234745 Temps écoulé: 32 minute(s), 29 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 2 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 93.188.163.70,93.188.166.9 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{dcc7f6ea-da39-4cc7-9a93-3cac7253a050}\NameServer (Trojan.DNSChanger) -> Data: 93.188.163.70,93.188.166.9 -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) ======= RAPPORT D'AD-REMOVER 2.0.0.1,F | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par C_XX le 16/09/10 à 13:30 Contact: AdRemover.contact[AT]gmail.com Site web: http://www.teamxscript.org'>http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 17:16:18 le 25/09/2010, Mode normal Microsoft Windows XP Professionnel Service Pack 3 (X86) Adrien@ACER-7989E0343A ( ) ============== RECHERCHE ============== 3,Fichier trouvé: C:\WINDOWS\Installer\86b344.msi 1,Clé trouvée: HKLM\Software\Classes\Interface\{03C390E8-B836-4B82-8D56-1BFDDC06AE8A} 1,Clé trouvée: HKLM\Software\Classes\Interface\{2C4470A2-E099-4B9E-ABFE-BBA56D046AFD} 1,Clé trouvée: HKLM\Software\Classes\Interface\{391769AE-D8EC-45EC-967D-F5120456E514} 1,Clé trouvée: HKLM\Software\Classes\Interface\{39AEF150-C270-4690-AE7D-955E51BC8960} 1,Clé trouvée: HKLM\Software\Classes\Interface\{CD73B1AB-3403-4E47-B196-517C57BE76A2} 1,Clé trouvée: HKLM\Software\Classes\TypeLib\{39CAFD20-BAFF-454D-A94C-7115710AE6E3} 0,Clé trouvée: HKLM\Software\Classes\BHO.HelperObject 0,Clé trouvée: HKLM\Software\Classes\BHO.HelperObject.1 0,Clé trouvée: HKCU\Software\VB and VBA Program Settings\eurobarre 3,Clé trouvée: HKLM\Software\Classes\Installer\Products\81337C0DA4B761D40A4CB3380F57AE88 3,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\81337C0DA4B761D40A4CB3380F57AE88 3,Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0E28FEBC-5337-4257-963F-2F1CE5D946F5} 0,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0C73318-7B4A-4D16-A0C4-3B83F075EA88} 0,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\FLVPlayer.exe 0,Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} ============== SCAN ADDITIONNEL ============== ** Mozilla Firefox Version [3.6.10 (fr)] ** -- C:\Documents and Settings\Adrien\Application Data\Mozilla\FireFox\Profiles\hjj3vx4k.default\Prefs.js -- browser.download.dir, D: browser.download.lastDir, D: browser.search.defaultenginename, Live Search browser.search.defaulturl, hxxp://search.live.com/results.aspx?FORM=IEFM1&q= browser.startup.homepage, hxxp://tf1.lci.fr/infos/france/ browser.startup.homepage_override.mstone, rv:1.9.2.10 keyword.URL, hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIAWB1&q= ======================================== ** Internet Explorer Version [8.0.6001.18702] ** [HKCU\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\windows\system32\blank.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Show_ToolBar: yes Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Use Custom Search URL: 0 [HKLM\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157 Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Delete_Temp_Files_On_Exit: yes Local Page: C:\windows\system32\blank.htm Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home Use Custom Search URL: 0 [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files\Ad-Remover\Backup: 1 Fichier(s) C:\Ad-Report-SCAN[1].txt - 25/09/2010 (3698 Octet(s)) Fin à: 17:19:59, 25/09/2010 ============== E.O.F ============== ======= RAPPORT D'AD-REMOVER 2.0.0.1,F | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par C_XX le 16/09/10 à 13:30 Contact: AdRemover.contact[AT]gmail.com Site web: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 17:23:24 le 25/09/2010, Mode normal Microsoft Windows XP Professionnel Service Pack 3 (X86) Adrien@ACER-7989E0343A ( ) ============== ACTION(S) ============== 3,Fichier supprimé: C:\WINDOWS\Installer\86b344.msi (!) -- Fichiers temporaires supprimés. 1,Clé supprimée: HKLM\Software\Classes\Interface\{03C390E8-B836-4B82-8D56-1BFDDC06AE8A} 1,Clé supprimée: HKLM\Software\Classes\Interface\{2C4470A2-E099-4B9E-ABFE-BBA56D046AFD} 1,Clé supprimée: HKLM\Software\Classes\Interface\{391769AE-D8EC-45EC-967D-F5120456E514} 1,Clé supprimée: HKLM\Software\Classes\Interface\{39AEF150-C270-4690-AE7D-955E51BC8960} 1,Clé supprimée: HKLM\Software\Classes\Interface\{CD73B1AB-3403-4E47-B196-517C57BE76A2} 1,Clé supprimée: HKLM\Software\Classes\TypeLib\{39CAFD20-BAFF-454D-A94C-7115710AE6E3} 0,Clé supprimée: HKLM\Software\Classes\BHO.HelperObject 0,Clé supprimée: HKLM\Software\Classes\BHO.HelperObject.1 0,Clé supprimée: HKCU\Software\VB and VBA Program Settings\eurobarre 3,Clé supprimée: HKLM\Software\Classes\Installer\Products\81337C0DA4B761D40A4CB3380F57AE88 3,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\81337C0DA4B761D40A4CB3380F57AE88 3,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0E28FEBC-5337-4257-963F-2F1CE5D946F5} 0,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0C73318-7B4A-4D16-A0C4-3B83F075EA88} 0,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\FLVPlayer.exe 0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} ============== SCAN ADDITIONNEL ============== ** Mozilla Firefox Version [3.6.10 (fr)] ** -- C:\Documents and Settings\Adrien\Application Data\Mozilla\FireFox\Profiles\hjj3vx4k.default\Prefs.js -- browser.download.dir, D: browser.download.lastDir, D: browser.search.defaultenginename, Live Search browser.search.defaulturl, hxxp://search.live.com/results.aspx?FORM=IEFM1&q= browser.startup.homepage, hxxp://tf1.lci.fr/infos/france/ browser.startup.homepage_override.mstone, rv:1.9.2.10 keyword.URL, hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIAWB1&q= ======================================== ** Internet Explorer Version [8.0.6001.18702] ** [HKCU\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\windows\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ Use Custom Search URL: 0 [HKLM\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: C:\windows\system32\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ Use Custom Search URL: 0 [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 1 Fichier(s) C:\Program Files\Ad-Remover\Backup: 14 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 25/09/2010 (3797 Octet(s)) C:\Ad-Report-SCAN[1].txt - 25/09/2010 (3827 Octet(s)) Fin à: 17:26:39, 25/09/2010 ============== E.O.F ============== Ou télécharger exeHelper?
  17. st22026
    Rapport de ZHPDiag v1.26.66 par Nicolas Coolman, Update du 21/09/2010 Run by A at 24/09/2010 18:43:47 Web site : ZHPDiag Outil de diagnostic Contact : nicolascoolman@yahoo.fr ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 OPIE: Opera 10.10 MFIE: Mozilla Firefox (3.6.10) ---\\ System Information Platform : Microsoft Windows XP (5.1.2600) Service Pack 3 Processor: x86 Family 15 Model 79 Stepping 2, AuthenticAMD Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 767 MB (53% free) System drive C: has 13 GB (17%) free of 71 GB ---\\ Logged in mode Computer Name: ACER-7989E0343A User Name: A All Users Names: SUPPORT_388945a0, HelpAssistant, ASPNET, Adrien, Administrateur, Unselected Option: O1,O45,O61,O62,O65,O82 Logged in as Administrator ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 13 Go of 71 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 56 Go of 72 Go) E:\ CD-ROM drive (Not Inserted) F:\ CD-ROM drive (Not Inserted) G:\ Floppy drive, Flash card reader, USB Key (Not Inserted) H:\ Floppy drive, Flash card reader, USB Key (Not Inserted) I:\ Floppy drive, Flash card reader, USB Key (Not Inserted) J:\ Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK ---\\ Processus lancés [MD5.B30F37242DD1C640DD5C770FF5B378AE] - (.Lavasoft - Ad-Aware Service Application.) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [1029456] [MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289] [MD5.1559DD98A2BA1F39C5E1D5C333A37086] - (.FSPro Labs - Folder Lockbox.) -- D:\Folder Lockbox\flockbox.exe [1065984] [MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153] [MD5.E2724029D3648C2EB226D16678727FA9] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [202256] [MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [248552] [MD5.AFA1F8CC076AB0462512A78473D86D53] - (.BitTorrent, Inc. - DNA.) -- C:\Program Files\DNA\btdna.exe [323392] [MD5.A2CD5B30A85F087DE72CD3A116BD7512] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [581693] [MD5.A7A071726A35955C05FCBF9ABDDBBD97] - (.Acer Inc. - Pas de description.) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [28672] [MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089] [MD5.4B5AE15E5C73EB4DC8DBEC2788230D41] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672] [MD5.189C45C7CC2526DA72932872E152A061] - (.Broadcom Corporation. - Bluetooth Support Server.) -- C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe [258103] [MD5.5D1347AA5AE6E2F77D7F4F8372D95AC9] - (.Microsoft Corporation - Media Center Receiver Service.) -- C:\WINDOWS\eHome\ehRecvr.exe [237568] [MD5.980EEEA91776357518892C5544768E2B] - (.Microsoft Corporation - Service de planification Media Center.) -- C:\WINDOWS\eHome\ehSched.exe [103424] [MD5.126A16F569122AE00AD3D12EF831D651] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [MD5.9F40402087B6D4A428571DD6CA83AC1E] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 91.36.) -- C:\WINDOWS\system32\nvsvc32.exe [155715] [MD5.B1691AF4A072CB674D600DB16DD7308E] - (.Rocket Division Software - StarWind iSCSI Target (Alcohol Edition).) -- D:\Alcohol 120\StarWind\StarWindServiceAE.exe [275968] [MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\system32\dllhost.exe [5120] [MD5.A26898623D61508C2FA3F5672C11FA5D] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [910296] [MD5.6F8F0EF862C6F67A09674620B7F5F418] - (.Lavasoft - Ad-Aware Tray Application.) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [524632] [MD5.D61ACEBA5AC21AB4EA814BBC5BF9E5BE] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [14808] [MD5.0AFDF29C19E9EE174213DEE4821AB319] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [555520] ---\\ Plugins de navigateurs Opera/Firefox(P1/P2) P1 - OPN:Opera Plugin Navigator . (.Pas de propriétaire - NPOrbit.) -- C:\Program Files\Opera\Program\Plugins\nporbit.dll P2 - FPN:Firefox Plugin Navigator . (.BitTorrent, Inc. - BitTorrent Plugin 1.) -- C:\Program Files\Mozilla Firefox\Plugins\npbittorrent.dll P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - 1.9.0042.0.) -- C:\Program Files\Mozilla Firefox\Plugins\npLegitCheckPlugin.dll P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 6.0.12.732.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- D:\Mozilla Plugins\npitunes.dll P2 - FPN: [HKLM] [@bittorrent.com/BitTorrentDNA] - (.BitTorrent, Inc. - Delivery Network Acceleration by BitTorrent™.) -- C:\Program Files\DNA\plugins\npbtdna.dll P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX® Web Player.) -- D:\DivX Web Player\npdivx32.dll P2 - FPN: [HKLM] [@divx.com/DivX Content Upload Plugin,version=1.0.0] - (.DivX,Inc. - DivX® Content Upload Plugin.) -- D:\DivX Content Uploader\npUpload.dll P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.DivX, Inc - npdivxplayerplugin.) -- D:\DivX Player\npDivxPlayerPlugin.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_21 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50826.0.) -- C:\Program Files\Microsoft Silverlight\4.0.50826.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.732] - (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.3.732] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=1.0.0.0] - (.RealNetworks, Inc. - RealPlayer HTML5VideoShim Plug-In.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.732] - (.RealNetworks, Inc. - 6.0.12.732.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll P2 - FPN: [HKLM] [@real.com/RhapsodyPlayerEngine,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (.not file.) P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\Adrien\Local Settings\Application Data\Google\Update\1.2.183.29\npGoogleOneClick8.dll ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Pages de démarrage d'Internet Explorer (R0) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home ---\\ Pages de recherche d'Internet Explorer (R1) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Sign In R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local ---\\ Internet Explorer URLSearchHook (R3) R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Pas de propriétaire - Pas de description.) (No version) -- (.not file.) R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18939 (longhorn_ie8_gdr.100616-1700)) -- C:\WINDOWS\system32\ieframe.dll ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} . (.Orbitdownloader.com - Orbitcth.) -- D:\Orbitdownloader\orbitcth.dll O2 - BHO: (no name) - {0EEDB912-C5FA-486F-8334-57288578C627} . (.Pas de propriétaire - Pas de description.) -- (.not file.) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- D:\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {6A87B991-A31F-4130-AE72-6D0C294BF082} . (.Pas de propriétaire - Pas de description.) -- (.not file.) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} . (.HiTRUST - eDStoolbar Module.) -- C:\WINDOWS\system32\eDStoolbar.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} . (.TechSmith Corporation - SnagIt Add-in for Internet Explorer.) -- C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [flockbox] . (.FSPro Labs - Folder Lockbox.) -- D:\Folder Lockbox\flockbox.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [bitTorrent DNA] . (.BitTorrent, Inc. - DNA.) -- C:\Program Files\DNA\btdna.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-21-3874232922-622592756-1272493053-1006\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-3874232922-622592756-1272493053-1006\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-21-3874232922-622592756-1272493053-1006\..\Run: [bitTorrent DNA] . (.BitTorrent, Inc. - DNA.) -- C:\Program Files\DNA\btdna.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk . (.Broadcom Corporation..) -- C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: &Download by Orbit . (.Orbitdownloader.com - Orbitmxt.) -- D:\Orbitdownloader\orbitmxt.dll O8 - Extra context menu item: &Grab video by Orbit . (.Orbitdownloader.com - Orbitmxt.) -- D:\Orbitdownloader\orbitmxt.dll O8 - Extra context menu item: &Traduire à partir de l'anglais - (.not file.) - C:\Program Files\Google\GoogleToolbar1.dll O8 - Extra context menu item: Add to Windows &Live Favorites - (.not file.) - http:\\favorites.live.com\quickadd.aspx O8 - Extra context menu item: Do&wnload selected by Orbit . (.Orbitdownloader.com - Orbitmxt.) -- D:\Orbitdownloader\orbitmxt.dll O8 - Extra context menu item: Down&load all by Orbit . (.Orbitdownloader.com - Orbitmxt.) -- D:\Orbitdownloader\orbitmxt.dll O8 - Extra context menu item: Download with &Shareaza - (.not file.) - C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (21)\P2P Rocket\Plugins\RazaWebHook.dll O8 - Extra context menu item: Envoyer à &Bluetooth . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O8 - Extra context menu item: Pages liées - (.not file.) - C:\Program Files\Google\GoogleToolbar1.dll O8 - Extra context menu item: Pages similaires - (.not file.) - C:\Program Files\Google\GoogleToolbar1.dll O8 - Extra context menu item: Recherche &Google - (.not file.) - C:\Program Files\Google\GoogleToolbar1.dll O8 - Extra context menu item: Tout télécharger avec Free Download Manager - (.not file.) - file:\\D:\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - (.not file.) - file:\\D:\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - (.not file.) - file:\\D:\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - (.not file.) - file:\\D:\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - (.not file.) - C:\Program Files\Google\GoogleToolbar1.dll ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\WIDCOMM\Logiciel Bluetooth\bt_hot_icon.ico O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.not file.) - (.not file.) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.not file.) - (.not file.) O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{DCC7F6EA-DA39-4CC7-9A93-3CAC7253A050}: NameServer = 93.188.163.70,93.188.166.9 O17 - HKLM\System\CCS\Services\Tcpip\..\{DCC7F6EA-DA39-4CC7-9A93-3CAC7253A050}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{DCC7F6EA-DA39-4CC7-9A93-3CAC7253A050}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{DCC7F6EA-DA39-4CC7-9A93-3CAC7253A050}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{DCC7F6EA-DA39-4CC7-9A93-3CAC7253A050}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.163.70,93.188.166.9 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\System32\WgaLogon.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Memory Check Service (AcerMemUsageCheckService) . (.Acer Inc. - Pas de description.) - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Bonjour\mDNSResponder.exe (.not file.) O23 - Service: BroadCam Service (BroadCamService) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\NCH Software\BroadCam\broadCam.exe (.not file.) O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Eyeline Service (EyelineService) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\NCH Software\Eyeline\eyeline.exe (.not file.) O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service (Lavasoft Ad-Aware Service) . (.Lavasoft - Ad-Aware Service Application.) - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Pas de propriétaire - Pas de description.) - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe (.not file.) O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 91.36.) - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: StarWind AE Service (StarWindServiceAE) . (.Rocket Division Software - StarWind iSCSI Target (Alcohol Edition).) - D:\Alcohol 120\StarWind\StarWindServiceAE.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.) ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3874232922-622592756-1272493053-1006Core.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3874232922-622592756-1272493053-1006UA.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-3874232922-622592756-1272493053-1006.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-3874232922-622592756-1272493053-1006.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{5E39FACB-FF9D-4260-963F-CCB597CFD3B7}.job ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Personnalisation du navigateur - >{CB58DED6-4AF3-4080-9DF1-DEE72075169F} . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll O40 - ASIC: Media Center - {407408d4-94ed-4d86-ab69-a7f649d112ee} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\inf\mcdftreg.inf O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp11.inf O40 - ASIC: Fax - {8b15971b-5355-4c82-8c07-7e181ea07608} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\fxsocm.inf O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r45.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: Pilote de processeur AMD (AmdK8) . (.Advanced Micro Devices - AMD Processor Driver.) - C:\Windows\system32\DRIVERS\AmdK8.sys O41 - Driver: avgio (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys O41 - Driver: avipbb (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\system32\DRIVERS\avipbb.sys O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys ---\\ Logiciels installés (O42) O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07} O42 - Logiciel: ALZip - (.ESTsoft Corp..) [HKLM] -- ALZip_is1 O42 - Logiciel: AbiWord 2.4.6 (remove only) - (.AbiSource Developers.) [HKLM] -- AbiWord2 O42 - Logiciel: Acer Empowering Technology - (.Acer.) [HKLM] -- {AB6097D9-D722-4987-BD9E-A076E2848EE2} O42 - Logiciel: Acer WLAN 11g USB Dongle - (.ACER Inc..) [HKLM] -- InstallShield_{0CB98AC0-D691-4B21-AD3D-95982517021D} O42 - Logiciel: Acer eDataSecurity Management - (.Acer.) [HKLM] -- {4AD13F68-CADA-4C6B-9759-C33753F89908} O42 - Logiciel: Acer eDataSecurity Management 2.0.3077 - (.Acer.) [HKLM] -- InstallShield_{4AD13F68-CADA-4C6B-9759-C33753F89908} O42 - Logiciel: Acer ePerformance Management - (.Acer.) [HKLM] -- {7057702F-6D71-4F30-8000-9E72BC771887} O42 - Logiciel: Ad-Aware - (.Lavasoft.) [HKLM] -- Ad-Aware O42 - Logiciel: Ad-Aware - (.Lavasoft.) [HKLM] -- {DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723} O42 - Logiciel: Adobe Audition 3.0 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Audition 3.0 O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader 7.0 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-A70000000000} O42 - Logiciel: AoA Audio Extractor 1.0 - (.AoAMedia.Com.) [HKLM] -- AoA Audio Extractor_is1 O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {3FA365DF-2D68-45ED-8F83-8C8A33E65143} O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033} O42 - Logiciel: AssaultCube v1.0 - (.Pas de propriétaire.) [HKLM] -- AssaultCube_v1.0 O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} O42 - Logiciel: Audacity 1.2.6 - (.Pas de propriétaire.) [HKLM] -- Audacity_is1 O42 - Logiciel: Avidemux 2.5 - (.Pas de propriétaire.) [HKLM] -- Avidemux 2.5 O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: Barre d'outils Outlook de Windows Live (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM] -- {6E15BEDF-7EB5-4010-998E-B430DB4EFE45} O42 - Logiciel: BitTorrent - (.BitTorrent, Inc.) [HKCU] -- BitTorrent O42 - Logiciel: Bloqueur de fenêtres pop-up (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM] -- {A425C250-A0E1-4D78-B1C1-A5CBC7385E7C} O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {07287123-B8AC-41CE-8346-3D777245C35B} O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: CX4300_5500_DX4400 Manuel - (.Pas de propriétaire.) [HKLM] -- CX4300_5500_DX4400 Manuel O42 - Logiciel: Camera RAW Plug-In for EPSON Creativity Suite - (.Pas de propriétaire.) [HKLM] -- {8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E} O42 - Logiciel: Capturino V2.11 - (.Pas de propriétaire.) [HKCU] -- Capturino V2.11 O42 - Logiciel: Creative MediaSource - (.Pas de propriétaire.) [HKLM] -- {56F3E1FF-54FE-4384-A153-6CCABA097814} O42 - Logiciel: DJ show - (.Pas de propriétaire.) [HKLM] -- ST6UNST #2 O42 - Logiciel: DNA - (.BitTorrent Inc..) [HKCU] -- BitTorrent DNA O42 - Logiciel: DOOM Collector's Edition - (.Pas de propriétaire.) [HKLM] -- DOOM Collector's Edition O42 - Logiciel: DSS DJ 5.6 - (.MyXOFT.) [HKLM] -- myxoftdssdj_is1 O42 - Logiciel: Détecteur de flux Windows Live Toolbar (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM] -- {EFFCB0F1-CFEC-48D4-B793-EBFCAE852976} O42 - Logiciel: EPSON Attach To Email - (.SEIKO EPSON.) [HKLM] -- InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5} O42 - Logiciel: EPSON Copy Utility 3 - (.Pas de propriétaire.) [HKLM] -- {67EDD823-135A-4D59-87BD-950616D6E857} O42 - Logiciel: EPSON Easy Photo Print - (.Pas de propriétaire.) [HKLM] -- {B66E665A-DF96-4C38-9422-C7F74BC1B4E5} O42 - Logiciel: EPSON File Manager - (.Pas de propriétaire.) [HKLM] -- {2EB81825-E9EE-44F4-8F51-1240C3898DC6} O42 - Logiciel: EPSON Logiciel imprimante - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON Printer and Utilities O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner O42 - Logiciel: EPSON Scan Assistant - (.Pas de propriétaire.) [HKLM] -- {2A88F1BF-7041-4E42-84B1-6B4ACB83AC64} O42 - Logiciel: EPSON Web-To-Page - (.Pas de propriétaire.) [HKLM] -- {7F14F68C-17FA-4F88-B3FD-7F449C1EBF32} O42 - Logiciel: ESET Online Scanner v3 - (.Pas de propriétaire.) [HKLM] -- ESET Online Scanner O42 - Logiciel: Extension de Windows Live Toolbar (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM] -- {0CA6047C-D28B-4295-834A-07C52BA20C2D} O42 - Logiciel: FLV Player 1.0.3 - (.Digitalgroover.) [HKLM] -- FLV Player O42 - Logiciel: Folder Lockbox 1.1 for Windows 2000/XP - (.Pas de propriétaire.) [HKLM] -- Folder Lockbox_is1 O42 - Logiciel: Free Download Manager 2.5 - (.FreeDownloadManager.ORG.) [HKLM] -- Free Download Manager_is1 O42 - Logiciel: Free Mp3 Wma Converter V 1.6.3 - (.Koyote Soft.) [HKLM] -- Free Mp3 Wma Converter_is1 O42 - Logiciel: Free Music Zilla - (.FreeMusicZilla.com.) [HKLM] -- Free Music Zilla_is1 O42 - Logiciel: Free Sound Recorder v5.8.5 - (.CoolRecordEdit..) [HKLM] -- Free Sound Recorder_is1 O42 - Logiciel: Free Video Converter V 2.5 - (.Koyote Soft.) [HKLM] -- Free Video Converter_is1 O42 - Logiciel: Free Video Dub version 1.5 - (.DVDVideoSoft Limited..) [HKLM] -- Free Video Dub_is1 O42 - Logiciel: Free Video Joiner 1.0 - (.FreeVideoJoiner.com.) [HKLM] -- {14FA6DD9-92ED-493D-A937-81A78870E08A}_is1 O42 - Logiciel: Free Video to Mp3 Converter version 2.8 - (.DVD Video Soft Limited..) [HKLM] -- Free Video to Mp3 Converter_is1 O42 - Logiciel: Free YouTube to Mp3 Converter version 3.1 - (.DVDVideoSoft Limited..) [HKLM] -- Free YouTube to Mp3 Converter_is1 O42 - Logiciel: Freez FLV to MP3 Converter - (.www.smallvideosoft.com.) [HKLM] -- Freez FLV to MP3 Converter v1.5_is1 O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {B131E59D-202C-43C6-84C9-68F0C37541F1} O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome O42 - Logiciel: Google Toolbar for Internet Explorer - (.Pas de propriétaire.) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} O42 - Logiciel: HP USB Disk Storage Format Tool - (.Pas de propriétaire.) [HKLM] -- {0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51} O42 - Logiciel: Hard Disk Wipe Tool 2.35 build 1178 - (.HDDGURU.) [HKLM] -- Hard Disk Wipe Tool_is1 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5 O42 - Logiciel: HouseCall 6.6 - (.Pas de propriétaire.) [HKLM] -- Trend Micro HouseCall 6.6 O42 - Logiciel: IZArc 4.0 beta 1 - (.Ivan Zahariev.) [HKLM] -- {97C82B44-D408-4F14-9252-47FC1636D23E}_is1 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31} O42 - Logiciel: J2SE Runtime Environment 5.0 Update 11 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150110} O42 - Logiciel: JDownloader - (.AppWork UG (haftungsbeschränkt).) [HKLM] -- JDownloader O42 - Logiciel: Java 6 Update 21 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216020FF} O42 - Logiciel: Java 6 Update 3 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160030} O42 - Logiciel: Java SE Runtime Environment 6 Update 1 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160010} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5} O42 - Logiciel: K-Lite Codec Pack 4.0.0 (Full) - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1 O42 - Logiciel: Kantaris Media Player 0.6.4 - (.Christofer Persson.) [HKLM] -- Kantaris_is1 O42 - Logiciel: Kit de connexion ADSL - (.Pas de propriétaire.) [HKLM] -- {2F628098-2E02-42B8-9B0F-C9087E1BDD5C} O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player O42 - Logiciel: MPEG Joiner version 2.22 - (.Pas de propriétaire.) [HKLM] -- MPEG Joiner_is1 O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Magic Video Converter 8.0.8.24 - (.Pas de propriétaire.) [HKLM] -- Magic Video Converter_is1 O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: MediaInfo 0.7.4.3 - (.Pas de propriétaire.) [HKLM] -- MediaInfo O42 - Logiciel: Menus intelligents (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM] -- {0CC70FEF-5068-4CD5-B4DE-86FFD98EC929} O42 - Logiciel: Messenger Plus! Live - (.Yuna Software.) [HKLM] -- Messenger Plus! Live O42 - Logiciel: Microsoft .NET Framework 1.0 Hotfix (KB953295) - (.Microsoft Corporation.) [HKLM] -- KB953295 O42 - Logiciel: Microsoft .NET Framework 1.0 Hotfix (KB979904) - (.Microsoft Corporation.) [HKLM] -- KB979904 O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033) O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700} O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906 O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} O42 - Logiciel: Microsoft Office 2000 Standard - (.Microsoft Corporation.) [HKLM] -- {0002040C-78E1-11D2-B60F-006097C998E7} O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5} O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB} O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d} O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Modem ADSL - (.Pas de propriétaire.) [HKLM] -- Modem ADSL O42 - Logiciel: Mozilla Firefox (3.6.10) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.10) O42 - Logiciel: NTI Backup NOW! 4 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{385979FE-DC4F-4140-8EAD-A59625000D72} O42 - Logiciel: NTI CD & DVD-Maker - (.NewTech Infosystems.) [HKLM] -- InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN O42 - Logiciel: OneCare Advisor (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM] -- {6D7F8D4B-D1A4-402A-973E-31E90940E585} O42 - Logiciel: OpenAL - (.Pas de propriétaire.) [HKLM] -- OpenAL O42 - Logiciel: Opera 10.10 - (.Opera Software ASA.) [HKLM] -- {FB8148DD-C575-4B0A-9F6C-0CFC46937930} O42 - Logiciel: Orbit Downloader - (.www.orbitdownloader.com.) [HKLM] -- Orbit_is1 O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238} O42 - Logiciel: Package de pilotes Windows - AMD System (04/06/2006 1.0.1.0) - (.AMD.) [HKLM] -- F3B506E1FDAEA4DC6669B53B2D3F0B68FBA20C2D O42 - Logiciel: Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) - (.Advanced Micro Devices.) [HKLM] -- 3BEF1AFDE8303306594E2ADA27520E6E700820AE O42 - Logiciel: PerfectLameXP (d:\) - (.Pas de propriétaire.) [HKLM] -- ST6UNST #3 O42 - Logiciel: PerfectLameXP - (.Pas de propriétaire.) [HKLM] -- ST6UNST #1 O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] -- PhotoFiltre O42 - Logiciel: Pixia 4.3a FR - (.Pas de propriétaire.) [HKCU] -- Pixia 4.3a FR O42 - Logiciel: PowerDVD - (.CyberLink Corporation.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1} O42 - Logiciel: Prism Video Converter - (.NCH Software.) [HKLM] -- Prism O42 - Logiciel: RAR Password Cracker 4.12 - (.dnSoft Research Group.) [HKLM] -- RAR Password Cracker O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0 O42 - Logiciel: RealUpgrade 1.0 - (.RealNetworks, Inc..) [HKLM] -- {F4F4F84E-804F-4E9A-84D7-C34283F0088F} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Rhapsody Player Engine - (.RealNetworks.) [HKLM] -- {8A62A068-3FD6-495A-9F66-26FE94F32EC9} O42 - Logiciel: SUPER © Version 2010.bld.37 (Jan 2, 2010) - (.eRightSoft.) [HKLM] -- SUPER © O42 - Logiciel: Screenpresso - (.LearnPulse.) [HKCU] -- Screenpresso O42 - Logiciel: Search Settings 1.2 - (.Pas de propriétaire.) [HKLM] -- {D0C73318-7B4A-4D16-A0C4-3B83F075EA88} O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} O42 - Logiciel: SnagIt 8 - (.TechSmith Corporation.) [HKLM] -- {93699C3E-005E-4294-87CA-F5B7DE2CD687} O42 - Logiciel: SolveigMM Video Splitter - (.Solveig Multimedia.) [HKLM] -- SolveigMM Video Splitter O42 - Logiciel: Sonic Encoders - (.Sonic Solutions.) [HKLM] -- {9941F0AA-B903-4AF4-A055-83A9815CC011} O42 - Logiciel: SopCast 3.0.1 - (.SopCast.com.) [HKLM] -- SopCast O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: StationRipper 2.87 - (.Ratajik Software.) [HKLM] -- StationRipper O42 - Logiciel: TVAnts 1.0 - (.Pas de propriétaire.) [HKLM] -- TVAnts 1.0 O42 - Logiciel: Total Video Converter 3.11 - (.EffectMatrix Inc..) [HKLM] -- Total Video Converter 3.11_is1 O42 - Logiciel: Tunatic - (.Pas de propriétaire.) [HKLM] -- Tunatic O42 - Logiciel: UltraISO Premium V8.66 - (.Pas de propriétaire.) [HKLM] -- UltraISO_is1 O42 - Logiciel: Uninstall 1.0.0.1 - (.Pas de propriétaire.) [HKLM] -- Uninstall_is1 O42 - Logiciel: Unlocker 1.8.7 - (.Cedrick Collomb.) [HKLM] -- Unlocker O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: VideoLAN VLC media player 0.8.6c - (.VideoLAN Team.) [HKLM] -- VLC media player O42 - Logiciel: Virtual DJ - Atomix Productions - (.Pas de propriétaire.) [HKLM] -- Virtual DJ - Atomix Productions O42 - Logiciel: Virtual Machine Network Services Driver - (.Microsoft Corporation.) [HKLM] -- {A1795AC0-9B6A-40D9-8E07-A82662268D9F} O42 - Logiciel: VirtualDubMOD 1.5.10.3 Fr - (.Trad-Fr.) [HKLM] -- {B158F76F-76AB-4115-A4F0-4C6EF6956093}_is1 O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729) - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27} O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01 O42 - Logiciel: WIDCOMM Bluetooth Software - (.WIDCOMM, Inc..) [HKLM] -- {3F4EC965-28EF-45C3-B063-04B25D4E9679} O42 - Logiciel: WinZip - (.Pas de propriétaire.) [HKLM] -- WinZip O42 - Logiciel: Winamp - (.Nullsoft, Inc.) [HKLM] -- Winamp O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130 O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- WGA O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] -- ie7 O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {ED00D08A-3C5F-488D-93A0-A04F21F23956} O42 - Logiciel: Windows Live Contrôle parental - (.Microsoft Corporation.) [HKLM] -- {D5D81435-B8DE-4CAF-867F-7998F2B92CFC} O42 - Logiciel: Windows Live Favorites pour Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {786C4AD1-DCBA-49A6-B0EF-B317A344BD66} O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1} O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {F7D27C70-90F5-49B9-B188-0A133C0CE353} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA} O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} O42 - Logiciel: Windows XP Media Center Edition 2005 KB973768 - (.Microsoft Corporation.) [HKLM] -- KB973768 O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service O42 - Logiciel: Wisdom-soft Set up ScreenHunter 5.1 Free - (.Wisdom Software Inc..) [HKLM] -- Wisdom-soft Set up ScreenHunter 5.1 Free O42 - Logiciel: Yea Chess - (.Pas de propriétaire.) [HKLM] -- YeaChess O42 - Logiciel: YouTUBE movie downloader - (.FENERIS tech.) [HKLM] -- {2F8BE445-D14C-40E2-AF62-E43539FD1500} O42 - Logiciel: commercial - (.Default Company Name.) [HKLM] -- {38C65D12-79E3-49C0-B211-DE3BE0A7AB39} O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {81063354-9060-42B2-A000-1EBE96778AA9} O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} ---\\ HKCU & HKLM Software Keys [HKCU\Software\ABBYY] [HKCU\Software\ABF software] [HKCU\Software\AC3filter] [HKCU\Software\AIST] [HKCU\Software\ALWIL Software] [HKCU\Software\ASIO] [HKCU\Software\ASProtect] [HKCU\Software\AVS4YOU] [HKCU\Software\Adobe] [HKCU\Software\Ahead] [HKCU\Software\Alcohol Soft] [HKCU\Software\Alive Video Converter] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\AsfTools] [HKCU\Software\Audacity] [HKCU\Software\Aurigma] [HKCU\Software\Avira] [HKCU\Software\BitDefender] [HKCU\Software\CDDB] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\ComodoGroup] [HKCU\Software\Cool MP3 Converter] [HKCU\Software\CoreAAC] [HKCU\Software\CoreVorbis] [HKCU\Software\Creative Tech] [HKCU\Software\Cyberlink] [HKCU\Software\Cygnus Solutions] [HKCU\Software\DARTECH] [HKCU\Software\DFX] [HKCU\Software\DSP-worx] [HKCU\Software\DT Soft] [HKCU\Software\DVD Decrypter] [HKCU\Software\DVDVideoSoft] [HKCU\Software\DigitByteStudio] [HKCU\Software\Digital River] [HKCU\Software\DivXNetworks] [HKCU\Software\DownloadManager] [HKCU\Software\DxV3.9.5] [HKCU\Software\EPSON] [HKCU\Software\ESET] [HKCU\Software\EasyBoot Systems] [HKCU\Software\Elecard] [HKCU\Software\EstSoft] [HKCU\Software\FSPro Labs] [HKCU\Software\FoxBurnerSDK] [HKCU\Software\FreeDownloadManager.ORG] [HKCU\Software\Freeware] [HKCU\Software\Fridgesoft] [HKCU\Software\GNU] [HKCU\Software\GSpot Appliance Corp] [HKCU\Software\Gabest] [HKCU\Software\Genesis Digital Innovations] [HKCU\Software\Google] [HKCU\Software\Grisoft] [HKCU\Software\Gromada] [HKCU\Software\Haali] [HKCU\Software\IE] [HKCU\Software\IM Providers] [HKCU\Software\IZSoftware] [HKCU\Software\InnoShock] [HKCU\Software\Intel] [HKCU\Software\Jacek Pazera] [HKCU\Software\JavaSoft] [HKCU\Software\Lake] [HKCU\Software\Lavasoft] [HKCU\Software\Lexmark] [HKCU\Software\Ligos] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Lphant] [HKCU\Software\Macromedia] [HKCU\Software\Magnet] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MediaInfo] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\MySpace] [HKCU\Software\MyXOFT] [HKCU\Software\NCH Software] [HKCU\Software\NCH Swift Sound] [HKCU\Software\NSWB] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\NVIDIA nvCpl Container] [HKCU\Software\Netscape] [HKCU\Software\Nico Mak Computing] [HKCU\Software\NirSoft] [HKCU\Software\Northcode Inc] [HKCU\Software\Novell] [HKCU\Software\ODBC] [HKCU\Software\Opera Software] [HKCU\Software\P2P Rocket] [HKCU\Software\Patchou] [HKCU\Software\Pegasys Inc.] [HKCU\Software\PerfectSoft] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Ratajik Software] [HKCU\Software\RealNetworks] [HKCU\Software\Realtek] [HKCU\Software\Ripp-it] [HKCU\Software\SEIKO EPSON] [HKCU\Software\SWiSHzone.com] [HKCU\Software\Safer Networking Limited] [HKCU\Software\Shareaza] [HKCU\Software\SlySoft] [HKCU\Software\Softonic] [HKCU\Software\SoftwareClub] [HKCU\Software\Solveig Multimedia] [HKCU\Software\Songbeat] [HKCU\Software\Steganos] [HKCU\Software\Sysinternals] [HKCU\Software\TVANTS] [HKCU\Software\TechSmith] [HKCU\Software\Terravirtual] [HKCU\Software\Torrent2Exe.com] [HKCU\Software\TorrentAid] [HKCU\Software\Trolltech] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VFPlugin] [HKCU\Software\Video DVD Maker FREE] [HKCU\Software\VideoGrabber] [HKCU\Software\VirtualDJ] [HKCU\Software\WMR90] [HKCU\Software\WMVCR] [HKCU\Software\Widcomm] [HKCU\Software\Wildbits] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinZip Computing] [HKCU\Software\Winamp] [HKCU\Software\Wisdom-soft] [HKCU\Software\Womble Multimedia, Inc.] [HKCU\Software\Womble] [HKCU\Software\Xi] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Yahoo] [HKCU\Software\ZHC] [HKCU\Software\ZyDAS] [HKCU\Software\acer] [HKCU\Software\dicas digital image coding GmbH] [HKCU\Software\eMule] [HKCU\Software\ej-technologies] [HKCU\Software\id] [HKCU\Software\orbit] [HKCU\Software\sYk0] [HKCU\Software\skype] [HKCU\Software\vfcS] [HKCU\Software\videoconvert] [HKLM\Software\14919ea49a8f3b4aa3cf1058d9a64cec] [HKLM\Software\ABBYY] [HKLM\Software\ALLDJSUPERDVDEDITOR] [HKLM\Software\ALWIL Software] [HKLM\Software\AMD] [HKLM\Software\AOL] [HKLM\Software\AVS4YOU] [HKLM\Software\AVS] [HKLM\Software\AbiSuite] [HKLM\Software\Acer] [HKLM\Software\Activision] [HKLM\Software\Adobe Systems] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\Alcohol Soft] [HKLM\Software\Anubis P2P] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Audible] [HKLM\Software\AviSynth] [HKLM\Software\Avira] [HKLM\Software\BitTorrent] [HKLM\Software\Borland] [HKLM\Software\BrowserChoice] [HKLM\Software\C07ft5Y] [HKLM\Software\CDDB] [HKLM\Software\Canon] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Codec Tweak Tool] [HKLM\Software\Creative Tech] [HKLM\Software\CyberLink] [HKLM\Software\Cygnus Solutions] [HKLM\Software\DFX] [HKLM\Software\DIOC] [HKLM\Software\DT Soft] [HKLM\Software\DVDVideoSoft] [HKLM\Software\Digital River] [HKLM\Software\DivXNetworks] [HKLM\Software\EPSON] [HKLM\Software\EasyBoot Systems] [HKLM\Software\Elecard] [HKLM\Software\Electronic Arts] [HKLM\Software\Eset] [HKLM\Software\EstSoft] [HKLM\Software\FSPro Labs] [HKLM\Software\Free Music Zilla] [HKLM\Software\FreeDownloadManager.ORG] [HKLM\Software\Friendly Technologies] [HKLM\Software\FullCircle] [HKLM\Software\GEAR Software] [HKLM\Software\GNU] [HKLM\Software\Gabest] [HKLM\Software\Gemplus] [HKLM\Software\GlobeSpanVirata] [HKLM\Software\Google] [HKLM\Software\Grisoft] [HKLM\Software\HaaliMkx] [HKLM\Software\Hewlett-Packard Company] [HKLM\Software\HomeVideoPage.com] [HKLM\Software\IZSoftware] [HKLM\Software\InnoShock] [HKLM\Software\InstallShield] [HKLM\Software\InterVideo] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KLCodecPack] [HKLM\Software\Kantaris] [HKLM\Software\KoYoTe] [HKLM\Software\Lake] [HKLM\Software\Lavasoft] [HKLM\Software\Lexmark] [HKLM\Software\Licenses] [HKLM\Software\LightScribe] [HKLM\Software\LimeWire] [HKLM\Software\Macromedia] [HKLM\Software\Magnet] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\McAfee] [HKLM\Software\MicroQuill] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\MusicNet] [HKLM\Software\NCH Software] [HKLM\Software\NCH Swift Sound] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\Nero] [HKLM\Software\Netscape] [HKLM\Software\Neuf Telecom] [HKLM\Software\NewTech Infosystems] [HKLM\Software\Nico Mak Computing] [HKLM\Software\Novell] [HKLM\Software\Nullsoft] [HKLM\Software\ODBC] [HKLM\Software\OldTimer Tools] [HKLM\Software\OpenVPN] [HKLM\Software\Opera Software] [HKLM\Software\Orbit] [HKLM\Software\P2P Rocket] [HKLM\Software\Patchou] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\Ratajik Software] [HKLM\Software\RealNetworks] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\RichFX] [HKLM\Software\S3R521] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Schlumberger] [HKLM\Software\Secure] [HKLM\Software\Shareaza] [HKLM\Software\Sonic] [HKLM\Software\Steganos] [HKLM\Software\Symantec] [HKLM\Software\TechSmith] [HKLM\Software\TerraVirtual] [HKLM\Software\Trad-FR] [HKLM\Software\TrendMicro] [HKLM\Software\Ulead Systems] [HKLM\Software\VicMan Software] [HKLM\Software\VideoLAN] [HKLM\Software\VirtualDJ] [HKLM\Software\WIDCOMM_TEMP] [HKLM\Software\WMR90] [HKLM\Software\Widcomm] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Windows] [HKLM\Software\Wise Solutions] [HKLM\Software\X-AVCSD] [HKLM\Software\Xi] [HKLM\Software\Xing Technology Corp.] [HKLM\Software\Yahoo] [HKLM\Software\ZHC] [HKLM\Software\ej-technologies] [HKLM\Software\iTinySoft] [HKLM\Software\mozilla.org] [HKLM\Software\muvee Technologies] [HKLM\Software\swearware] [HKLM\Software\vfcS] ---\\ Contenu des dossiers ProgramFiles/ProgramData (O43) O43 - CFD:Common File Directory ----D- C:\Program Files\Abbyy FineReader 6.0 Sprint O43 - CFD:Common File Directory ----D- C:\Program Files\Acer WLAN 11g USB Dongle O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update O43 - CFD:Common File Directory ----D- C:\Program Files\Avira O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5 O43 - CFD:Common File Directory ----D- C:\Program Files\BearShare Applications O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour O43 - CFD:Common File Directory ----D- C:\Program Files\cache_db O43 - CFD:Common File Directory ----D- C:\Program Files\commercial O43 - CFD:Common File Directory ----D- C:\Program Files\Creative O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink O43 - CFD:Common File Directory ----D- C:\Program Files\DataCache O43 - CFD:Common File Directory ----D- C:\Program Files\DFX O43 - CFD:Common File Directory ----D- C:\Program Files\DIFX O43 - CFD:Common File Directory ----D- C:\Program Files\DNA O43 - CFD:Common File Directory ----D- C:\Program Files\DOOM Collector's Edition O43 - CFD:Common File Directory ----D- C:\Program Files\epson O43 - CFD:Common File Directory ----D- C:\Program Files\ESET O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs O43 - CFD:Common File Directory ----D- C:\Program Files\FLV Player O43 - CFD:Common File Directory ----D- C:\Program Files\Friendly Technologies O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer O43 - CFD:Common File Directory ----D- C:\Program Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\K-Lite Codec Pack O43 - CFD:Common File Directory ----D- C:\Program Files\Kit ADSL O43 - CFD:Common File Directory ----D- C:\Program Files\Lavasoft O43 - CFD:Common File Directory ----D- C:\Program Files\library O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD:Common File Directory ----D- C:\Program Files\MediaInfo O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Sync Framework O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD:Common File Directory ----D- C:\Program Files\ModemAdsl O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild O43 - CFD:Common File Directory ----D- C:\Program Files\MSN O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Messenger O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0 O43 - CFD:Common File Directory ----D- C:\Program Files\MySpace O43 - CFD:Common File Directory ----D- C:\Program Files\NCH Software O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting O43 - CFD:Common File Directory ----D- C:\Program Files\NewTech Infosystems O43 - CFD:Common File Directory ----D- C:\Program Files\Online Services O43 - CFD:Common File Directory ----D- C:\Program Files\OpenAL O43 - CFD:Common File Directory ----D- C:\Program Files\Opera O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express O43 - CFD:Common File Directory ----D- C:\Program Files\Real O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne O43 - CFD:Common File Directory ----D- C:\Program Files\Symantec O43 - CFD:Common File Directory ----D- C:\Program Files\TechSmith O43 - CFD:Common File Directory ----D- C:\Program Files\tmp O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information O43 - CFD:Common File Directory ----D- C:\Program Files\VIRTUA~1 O43 - CFD:Common File Directory ----D- C:\Program Files\WIDCOMM O43 - CFD:Common File Directory ----D- C:\Program Files\Winamp O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live Favorites O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live Toolbar O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Connect 2 O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Plus O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate O43 - CFD:Common File Directory ----D- C:\Program Files\WinZip O43 - CFD:Common File Directory ----D- C:\Program Files\Wisdom-soft ScreenHunter 5 Free O43 - CFD:Common File Directory ----D- C:\Program Files\xerox O43 - CFD:Common File Directory ----D- C:\Program Files\Xvid O43 - CFD:Common File Directory ----D- C:\Program Files\Yahoo! O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe AIR O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe Systems Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Apple O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\AVSMedia O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Designer O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DVDVideoSoft O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\EZB Systems O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\FTL Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Java O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\LightScribe O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\muvee Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\NewTech Infosystems O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Nullsoft O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Real O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Solveig Multimedia O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SWF Studio O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Symantec Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.00000000000000000000000000000000] - 24/09/2010 - 16:30:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1263655] O44 - LFC:[MD5.80B99DCD51C7E6F179BC48150E54F35C] - 24/09/2010 - 16:29:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [2148] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24/09/2010 - 16:29:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.00000000000000000000000000000000] - 24/09/2010 - 16:29:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [300] O44 - LFC:[MD5.00000000000000000000000000000000] - 24/09/2010 - 16:29:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 24/09/2010 - 16:28:37 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.FD372BADC8BDB1D0E0B069A8EF9CB809] - 24/09/2010 - 16:28:33 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\aaw7boot.log [273779] O44 - LFC:[MD5.21011AAD5B9734561916017C919BA67C] - 24/09/2010 - 16:25:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ntbtlog.txt [9582356] O44 - LFC:[MD5.00000000000000000000000000000000] - 24/09/2010 - 16:24:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SchedLgU.Txt [32442] O44 - LFC:[MD5.873EA3362AA6AC9B704F6C27D2CC7445] - 24/09/2010 - 16:24:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bthservsdp.dat [12] O44 - LFC:[MD5.A72C9844B8EBE4CD7C68E5C62F58446E] - 24/09/2010 - 12:09:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wmsetup.log [465531] O44 - LFC:[MD5.C2FB056EDEEF3A7CA1A1748DBDE1A5DA] - 23/09/2010 - 13:27:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\030625 [852] O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 17/09/2010 - 16:03:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system.ini [227] O44 - LFC:[MD5.06FEE57CB91BCC814C7A607FC6170A55] - 17/09/2010 - 16:03:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\win.ini [1514] O44 - LFC:[MD5.D94C89AF8B64F9A16F6B079D4ABAB723] - 17/09/2010 - 16:03:14 RSHA- . (.Pas de propriétaire - Pas de description.) -- C:\boot.ini [291] O44 - LFC:[MD5.ED0AFF1B281049ACB712B35D5D2989BE] - 15/09/2010 - 19:39:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\FaxSetup.log [800649] O44 - LFC:[MD5.FE5F5A81C1FDA94F24F3388536D30092] - 15/09/2010 - 19:39:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2259922.log [10559] O44 - LFC:[MD5.798E6E3F6864C13B97D2736B49535C6E] - 15/09/2010 - 19:39:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\MedCtrOC.log [69452] O44 - LFC:[MD5.4FAC6D566E4DFB4AC4AA2FBAEB1E0272] - 15/09/2010 - 19:39:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\comsetup.log [266932] O44 - LFC:[MD5.E8EABA8D8FCBCBF7597DD129C36F0D21] - 15/09/2010 - 19:39:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ehOCGen.log [44302] O44 - LFC:[MD5.07A5B677F4B4812109972965AD5F79FD] - 15/09/2010 - 19:39:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\iis6.log [858887] O44 - LFC:[MD5.C32C0500386BDC9B4B517C20293C87B0] - 15/09/2010 - 19:39:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\imsins.log [1374] O44 - LFC:[MD5.6FBF5148E809C645F240F0F0ED30E3A8] - 15/09/2010 - 19:39:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\msgsocm.log [40541] O44 - LFC:[MD5.D556EC823C0851ED7F545CBAFA1D7245] - 15/09/2010 - 19:39:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\msmqinst.log [245054] O44 - LFC:[MD5.D2FB864FEA1C010A2DEE2C53FC82BF4C] - 15/09/2010 - 19:39:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\netfxocm.log [141743] O44 - LFC:[MD5.B7DBEF9718D500DF42105D7550A86431] - 15/09/2010 - 19:39:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ntdtcsetup.log [162559] O44 - LFC:[MD5.CA41F7258A7A456952250A6BA894E865] - 15/09/2010 - 19:39:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ocgen.log [392764] O44 - LFC:[MD5.D8EC4CEDBC809FCF2C7693FFEE179C7E] - 15/09/2010 - 19:39:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ocmsn.log [44626] O44 - LFC:[MD5.480A7179C2E3311B8B1E7EE37CC047A0] - 15/09/2010 - 19:39:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\plusoc.log [92613] O44 - LFC:[MD5.66AF64CB3A720C66FEB55ECA83E5B04C] - 15/09/2010 - 19:39:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\tabletoc.log [40119] O44 - LFC:[MD5.6F57A4C9D09D5EF73DB97DCC7EE726F3] - 15/09/2010 - 19:39:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\tsoc.log [370996] O44 - LFC:[MD5.28ACA960DDE740146ACD26A86CAE1E1A] - 15/09/2010 - 19:39:07 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB975558.log [10158] O44 - LFC:[MD5.E695087FCE2E81C596AF30A4059856A8] - 15/09/2010 - 19:39:07 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\imsins.BAK [1374] O44 - LFC:[MD5.51E5E3CE2B5AB662E5798DA37F2CC399] - 15/09/2010 - 19:39:03 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2347290.log [17037] O44 - LFC:[MD5.A5C306F7D7788867F8AF854890BAE1B8] - 15/09/2010 - 19:39:03 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\updspapi.log [200653] O44 - LFC:[MD5.BD99B860AB8122EB217477034D7C3C1F] - 15/09/2010 - 19:38:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2121546.log [16517] O44 - LFC:[MD5.66B57608F99148B1322D81503578044B] - 15/09/2010 - 19:38:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB982802.log [16002] O44 - LFC:[MD5.253E2360E3C5A9AD97CEB719A61CB5BA] - 15/09/2010 - 19:38:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB981322.log [15238] O44 - LFC:[MD5.CA48B591FD105279BBB05C96FCB8A09E] - 15/09/2010 - 19:36:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2141007.log [13936] O44 - LFC:[MD5.D527B166721A4EC4D9D480461523AD5D] - 31/08/2010 - 17:52:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ModemLog_Modem Bluetooth.txt [5778] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll ---\\ Export de clé d'application autorisée (ECAA) (O47) O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Disabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\sessmgr.exe" [Disabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "D:\SopCast\SopCast.exe" [Disabled] .(.www.sopcast.com - SopCast Main Application.) -- D:\SopCast\SopCast.exe O47 - AAKE:Key Export SP - "D:\Program Files\TVAnts\Tvants.exe" [Disabled] .(.Zhejiang University - TVAnts.) -- D:\Program Files\TVAnts\Tvants.exe O47 - AAKE:Key Export SP - "D:\VLC\vlc.exe" [Disabled] .(.Pas de propriétaire - Pas de description.) -- D:\VLC\vlc.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Media Player\wmplayer.exe" [Disabled] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\Network Diagnostic\xpnetdiag.exe" [Disabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "D:\Free Music Zilla\FMZilla.exe" [Enabled] .(.Pas de propriétaire - FMZilla Module.) -- D:\Free Music Zilla\FMZilla.exe O47 - AAKE:Key Export SP - "C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe" [Disabled] .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe O47 - AAKE:Key Export SP - "D:\Orbitdownloader\orbitnet.exe" [Enabled] .(.Orbitdownloader.com - P2P service of Orbit Downloader.) -- D:\Orbitdownloader\orbitnet.exe O47 - AAKE:Key Export SP - "D:\Orbitdownloader\orbitdm.exe" [Enabled] .(.Orbitdownloader.com - Orbit Downloader.) -- D:\Orbitdownloader\orbitdm.exe O47 - AAKE:Key Export SP - "D:\SopCast\adv\SopAdver.exe" [Disabled] .(.www.sopcast.com - SopCast Adver.) -- D:\SopCast\adv\SopAdver.exe O47 - AAKE:Key Export SP - "D:\StationRipper\StationRipperConsole.exe" [Disabled] .(.Pas de propriétaire - Pas de description.) -- D:\StationRipper\StationRipperConsole.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe O47 - AAKE:Key Export SP - "C:\Program Files\Opera\opera.exe" [Enabled] .(.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\opera.exe O47 - AAKE:Key Export SP - "D:\iTunes.exe" [Enabled] .(.Apple Inc. - iTunes.) -- D:\iTunes.exe O47 - AAKE:Key Export SP - "C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (20)\eMule\emule.exe" [Enabled] .(.Pas de propriétaire - .) (.not file.) -- C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (20)\eMule\emule.exe O47 - AAKE:Key Export SP - "C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (16)\utorrent.exe" [Enabled] .(.Pas de propriétaire - .) (.not file.) -- C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (16)\utorrent.exe O47 - AAKE:Key Export SP - "C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (18)\BitTorrent\bittorrent.exe" [Enabled] .(.Pas de propriétaire - .) (.not file.) -- C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (18)\BitTorrent\bittorrent.exe O47 - AAKE:Key Export SP - "C:\Program Files\DNA\btdna.exe" [Enabled] .(.BitTorrent, Inc. - DNA.) (.not file.) -- C:\Program Files\DNA\btdna.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\spoolsv.exe" [Enabled] .(.Microsoft Corporation - Spooler SubSystem App.) (.not file.) -- C:\WINDOWS\system32\spoolsv.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "%windir%\system32\drivers\svchost.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\system32\drivers\svchost.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) (.not file.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) (.not file.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) (.not file.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe ---\\ Déni du service (Local Security Authority) (LSA) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.I420"="i420vfw.dll" . (.www.helixcommunity.org - Helix I420 YUV Codec.) -- C:\WINDOWS\System32\i420vfw.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.voxacm160"="vct3216.acm" . (.Voxware, Inc. - Voxware Audio Compression Manager Driver.) -- C:\WINDOWS\System32\vct3216.acm O52 - TDSD: \Drivers32\"msacm.scg726"="scg726.acm" . (.SHARP Corporation - SHARP G.726 ACM Audio Decoder.) -- C:\WINDOWS\System32\scg726.acm O52 - TDSD: \Drivers32\"msacm.alf2cd"="alf2cd.acm" . (.NCT Company - NCT ALF2CD Audio CODEC.) -- C:\WINDOWS\System32\alf2cd.acm O52 - TDSD: \Drivers32\"vidc.dvsd"="mcdvd_32.dll" . (.MainConcept - MainConcept DV Codec.) -- C:\WINDOWS\System32\mcdvd_32.dll O52 - TDSD: \Drivers32\"VIDC.DIVX"="divx.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\divx.dll O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\xvidvfw.dll O52 - TDSD: \Drivers32\"VIDC.YV12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\WINDOWS\System32\yv12vfw.dll O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\System32\ac3acm.acm O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\WINDOWS\System32\lameACM.acm O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ff_vfw.dll O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"tssoft32.acm"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \drivers.desc\"iccvid.dll"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \drivers.desc\"ir32_32.dll"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"xvid.dll"="XviD MPEG-4 Video Codec" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\xvid.dll O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"vct3216.acm"="Voxware Compression Toolkit" . (.Voxware, Inc. - Voxware Audio Compression Manager Driver.) -- C:\WINDOWS\System32\vct3216.acm O52 - TDSD: \drivers.desc\"scg726.acm"="Sharp G.726 Audio Decoder" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"alf2cd.acm"="alf2cd.acm" . (.NCT Company - NCT ALF2CD Audio CODEC.) -- C:\WINDOWS\System32\alf2cd.acm O52 - TDSD: \drivers.desc\"mcdvd_32.dll"="mcdvd_32.dll" . (.MainConcept - MainConcept DV Codec.) -- C:\WINDOWS\System32\mcdvd_32.dll O52 - TDSD: \drivers.desc\"divx.dll"="DivX 6.8.3" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec v1.2-dev" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.97b2" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\System32\ac3acm.acm O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ff_vfw.dll O52 - TDSD: \drivers.desc\"i420vfw.dll"="i420vfw.dll" . (.www.helixcommunity.org - Helix I420 YUV Codec.) -- C:\WINDOWS\System32\i420vfw.dll O52 - TDSD: \drivers.desc\"yv12vfw.dll"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\WINDOWS\System32\yv12vfw.dll ---\\ ShareTools MSconfig StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\%FP%Friendly fts.exe [Key] . (.Friendly Technologies - fts.) -- C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe O53 - SMSR:HKLM\...\startupreg\Acer Empowering Technology Monitor [Key] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\SysMonitor.exe O53 - SMSR:HKLM\...\startupreg\Ad-Watch [Key] . (.Lavasoft - Ad-Aware Tray Application.) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O53 - SMSR:HKLM\...\startupreg\AlcoholAutomount [Key] . (.Alcohol Soft Development Team - Alcohol Launcher.) -- D:\Alcohol 120\axcmd.exe O53 - SMSR:HKLM\...\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe O53 - SMSR:HKLM\...\startupreg\BitTorrent DNA [Key] . (.BitTorrent, Inc. - DNA.) -- C:\Program Files\DNA\btdna.exe O53 - SMSR:HKLM\...\startupreg\BrowserChoice [Key] . (.Microsoft Corporation - Choix de navigateur .) -- C:\WINDOWS\system32\browserchoice.exe O53 - SMSR:HKLM\...\startupreg\ctfmon.exe [Key] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite [Key] . (.Pas de propriétaire - Pas de description.) -- D:\DAEMON Tools Lite\daemon.exe O53 - SMSR:HKLM\...\startupreg\eDataSecurity Loader [Key] . (.HiTRUST - eDSloader.) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O53 - SMSR:HKLM\...\startupreg\ehTray [Key] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\WINDOWS\ehome\ehtray.exe O53 - SMSR:HKLM\...\startupreg\EPSON Stylus DX4400 Series [Key] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.exe O53 - SMSR:HKLM\...\startupreg\eRecoveryService [Key] . (.Acer Inc. - eRecovery agent.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O53 - SMSR:HKLM\...\startupreg\Google Update [Key] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\Adrien\Local Settings\Application Data\Google\Update\GoogleUpdate.exe O53 - SMSR:HKLM\...\startupreg\IMEKRMIG6.1 [Key] . (.Microsoft Corporation - Microsoft Korean IME 2002.) -- C:\WINDOWS\ime\imkr6_1\IMEKRMIG.exe O53 - SMSR:HKLM\...\startupreg\IMJPMIG8.1 [Key] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- D:\iTunesHelper.exe O53 - SMSR:HKLM\...\startupreg\KernelFaultCheck [Key] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\dumprep 0 -k O53 - SMSR:HKLM\...\startupreg\MsgCenterExe [Key] . (.RealNetworks, Inc. - RealNetworks Event Launcher.) -- C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe O53 - SMSR:HKLM\...\startupreg\MSPY2002 [Key] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe O53 - SMSR:HKLM\...\startupreg\ntiMUI [Key] . (.Pas de propriétaire - Pas de description.) -- c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O53 - SMSR:HKLM\...\startupreg\NvMediaCenter [Key] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll O53 - SMSR:HKLM\...\startupreg\Nzelit [Key] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\clrtolsm.dll O53 - SMSR:HKLM\...\startupreg\PHIME2002A [Key] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe O53 - SMSR:HKLM\...\startupreg\PHIME2002ASync [Key] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe O53 - SMSR:HKLM\...\startupreg\SpybotSD TeaTimer [Key] . (.Safer-Networking Ltd. - System settings protector.) -- D:\Spybot - Search & Destroy\TeaTimer.exe O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe O53 - SMSR:HKLM\...\startupreg\UnlockerAssistant [Key] . (.Pas de propriétaire - Pas de description.) -- D:\Unlocker\UnlockerAssistant.exe O53 - SMSR:HKLM\...\startupreg\WMPNSCFG [Key] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles O55 - MWPS:[HKLM\...\Policies\System] - "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:[MD5.FEFE7F885EA456194656C6A00EA16C93] - 18/06/2006 - 22:40:44 ---A- . (.Advanced Micro Devices - AMD Processor Driver.) -- C:\WINDOWS\system32\drivers\AmdK8.sys O58 - SDL:[MD5.B979979AB8027F7F53FB16EC4229B7DB] - 10/09/1999 - 11:06:00 ---A- . (.Adaptec - ASPI for WIN32 Kernel Driver.) -- C:\WINDOWS\system32\drivers\ASPI32.SYS O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 13/02/2009 - 11:17:49 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 25/11/2009 - 11:19:02 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys O58 - SDL:[MD5.2DAA8CC2670720DEDDCC74A20EDE2EE9] - 13/02/2009 - 11:28:39 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys O58 - SDL:[MD5.AD9BD66A862116E79CB45BB6BE46055F] - 30/03/2009 - 09:32:47 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\WINDOWS\system32\drivers\avipbb.sys O58 - SDL:[MD5.3292260A6AE8F328C7EF698B6EBD56E2] - 15/11/2002 - 11:15:08 ---A- . (.Broadcom Corporation - USB Driver for Bluetooth Adapter.) -- C:\WINDOWS\system32\drivers\bcbthub.sys O58 - SDL:[MD5.EE0F41FA0466189A2C8B9CAF7D1CDDD5] - 08/06/2005 - 17:44:20 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) -- C:\WINDOWS\system32\drivers\BRGSp50.sys O58 - SDL:[MD5.7F4288419E9ABACF86DDBD0FD95DCC22] - 08/06/2005 - 17:44:42 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver (AMD64).) -- C:\WINDOWS\system32\drivers\BRGSp50a64.sys O58 - SDL:[MD5.3BC0AFBD546162FE6ED6CCB15BEFAD73] - 12/05/2006 - 12:21:22 ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\WINDOWS\system32\drivers\btaudio.sys O58 - SDL:[MD5.9515D10CEAF284AB1A21934E1958D4FD] - 12/05/2006 - 12:19:04 ---A- . (.Broadcom Corporation. - Bluetooth Bus Enumerator.) -- C:\WINDOWS\system32\drivers\btkrnl.sys O58 - SDL:[MD5.1D25FB8B6B073E6F4FB51034F734EA2C] - 12/05/2006 - 12:17:18 ---A- . (.Broadcom Corporation. - Bluetooth BTPORT Driver for Windows 2000.) -- C:\WINDOWS\system32\drivers\btport.sys O58 - SDL:[MD5.AF3CC52FC040A402A6AD07AC1BD4FE76] - 12/05/2006 - 12:20:04 ---A- . (.Broadcom Corporation. - Bluetooth Serial Driver for Windows 2000.) -- C:\WINDOWS\system32\drivers\btserial.sys O58 - SDL:[MD5.E233AE94F1B66DDBFBCA9566D0F7FDBA] - 12/05/2006 - 12:20:00 ---A- . (.Broadcom Corporation. - Bluetooth Serial Driver for Windows 2000.) -- C:\WINDOWS\system32\drivers\btslbcsp.sys O58 - SDL:[MD5.66BFF2643E5F6A0F80208DDE1C4B653A] - 12/05/2006 - 12:13:46 ---A- . (.Broadcom Corporation. - Bluetooth LAN Access Server Driver.) -- C:\WINDOWS\system32\drivers\btwdndis.sys O58 - SDL:[MD5.49D358C0F2EEBDD545270F6935B63AD9] - 12/05/2006 - 12:17:10 ---A- . (.Broadcom Corporation. - Bluetooth BTPORT Driver for Windows 2000.) -- C:\WINDOWS\system32\drivers\btwmodem.sys O58 - SDL:[MD5.4272BAB9291D26DA5AC913BC79C3CE85] - 12/05/2006 - 12:16:44 ---A- . (.Broadcom Corporation. - Driver for Bluetooth USB Devices.) -- C:\WINDOWS\system32\drivers\btwusb.sys O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 10/08/2004 - 21:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 10/08/2004 - 21:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys O58 - SDL:[MD5.A6E17A52FD08CA9CB9E323F7EAEEE4AA] - 03/05/2007 - 09:27:46 R--A- . (.Pas de propriétaire - SRS Labs CSII Decoder Kernel DLL.) -- C:\WINDOWS\system32\drivers\csiidecoder_kern_i386.sys O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 18/05/2009 - 14:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys O58 - SDL:[MD5.33C660CECDC17F9B76767B90F15D8E34] - 26/07/2006 - 06:03:22 ---A- . (.FSPro Labs - My Private Folder driver.) -- C:\WINDOWS\system32\drivers\mprifl.sys O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 10/08/2004 - 21:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys O58 - SDL:[MD5.7F1C1F78D709C4A54CBB46EDE7E0B48D] - 11/08/2006 - 18:52:28 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\WINDOWS\system32\drivers\NTIDrvr.sys O58 - SDL:[MD5.B19C2AAE0922072FF4A467F2A37620AD] - 12/07/2006 - 23:19:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 91.36.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys O58 - SDL:[MD5.9ECCD189A9554C30A0D18A429778C7BA] - 28/06/2006 - 18:38:56 ---A- . (.NVIDIA Corporation - NVIDIA® nForce IDE Performance Driver.) -- C:\WINDOWS\system32\drivers\nvatabus.sys O58 - SDL:[MD5.FEC5BF206886B880B429216C63528AA2] - 28/06/2006 - 18:39:02 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\WINDOWS\system32\drivers\nvraid.sys O58 - SDL:[MD5.C7C2D542FAF1DAFAC2CB5EDA02832332] - 10/08/2004 - 21:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\pciide.sys O58 - SDL:[MD5.02AAAFB7BA137CE5DDABCDF8090954D9] - 30/04/2009 - 15:35:53 ---A- . (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\WINDOWS\system32\drivers\pcouffin.sys O58 - SDL:[MD5.C8A2D6FF660AC601B7BB9A9B16A5C25E] - 05/03/2003 - 12:19:28 ---A- . (.Creative Technology Ltd. - PCI/ISA Device Info. Service.) -- C:\WINDOWS\system32\drivers\PfModNT.sys O58 - SDL:[MD5.8AE03E978BC99F31AE31B183CD373951] - 25/09/2003 - 16:52:46 ---A- . (.Friendly Technologies - PPPoE Protocol Driver.) -- C:\WINDOWS\system32\drivers\PPPoEWin.SYS O58 - SDL:[MD5.00B670D8A36C7134CFC66B446A18CC92] - 07/04/2006 - 20:17:34 ---A- . (.HiTRUST - PSD Filter Driver.) -- C:\WINDOWS\system32\drivers\psdfilter.sys O58 - SDL:[MD5.E9A60343CB7C39090638B1DD574F26EB] - 08/03/2006 - 17:10:52 ---A- . (.HiTRUST - PSD Virtual Disk Driver.) -- C:\WINDOWS\system32\drivers\psdvdisk.sys O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 10/08/2004 - 21:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys O58 - SDL:[MD5.153D02480A0A2F45785522E814C634B6] - 20/08/2008 - 18:58:58 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\pxhelp20.sys O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 10/08/2004 - 21:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 10/08/2004 - 21:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys O58 - SDL:[MD5.3000E98F519CF6FDA669BAE8E47F7B4F] - 05/06/2006 - 21:09:26 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys O58 - SDL:[MD5.00000000000000000000000000000000] - 18/08/2010 - 02:50:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\sptd.sys O58 - SDL:[MD5.DDF31872859EB9A3E30BFEBDD11B8F28] - 03/05/2007 - 09:28:04 R--A- . (.Pas de propriétaire - SRS WOW HD, TSXT, CSII, Mobile HD Standalone driver.) -- C:\WINDOWS\system32\drivers\SRS_SSCFilter_i386.sys O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 11/05/2009 - 09:11:52 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys O58 - SDL:[MD5.889F7F7487619FC0E33796F7DCD26397] - 03/05/2007 - 09:27:42 R--A- . (.Pas de propriétaire - SRS Labs Surround HP kernel DLL.) -- C:\WINDOWS\system32\drivers\Surroundhp_kern_i386.sys O58 - SDL:[MD5.592639E8322B123694BF3C97C7AECA50] - 19/10/2007 - 09:50:50 ---A- . (.Steganos GmbH - TAP-Win32 Virtual Network Driver.) -- C:\WINDOWS\system32\drivers\tapavpn.sys O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 10/08/2004 - 21:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys O58 - SDL:[MD5.15406A7C60F76A56708FB75E65B8AAFC] - 03/05/2007 - 09:27:42 R--A- . (.Pas de propriétaire - SRS Labs TruSurround HD 4 kernel DLL.) -- C:\WINDOWS\system32\drivers\tshd4_kern_i386.sys O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 10/08/2004 - 21:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys O58 - SDL:[MD5.97C3B0E7B7174D6658220862269DDC8D] - 10/11/2005 - 11:27:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\WINIO.sys O58 - SDL:[MD5.47B2FD803DFDF39BF9F22FB88FFCF24A] - 03/05/2007 - 09:27:44 R--A- . (.SRS Labs, Inc. - WOW HD kernel mode DLL for Windows.) -- C:\WINDOWS\system32\drivers\wowhd_kern_i386.sys O58 - SDL:[MD5.518C4D4DCB93C88316303694163BBD63] - 29/06/2006 - 09:53:00 ---A- . (.Marvell - NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller.) -- C:\WINDOWS\system32\drivers\yk51x86.sys O58 - SDL:[MD5.478B4415DFB3A45B6FE61EC781E07D7B] - 28/10/2005 - 10:38:18 ---A- . (.ZyDAS Technology Corporation - ZD1211B 802.11 b+g USB LAN Driver.) -- C:\WINDOWS\system32\drivers\ZD1211BU.sys O58 - SDL:[MD5.3C185892DD5C13975966E8D1C2A65290] - 04/10/2005 - 14:38:24 ---A- . (.ZyDAS Technology Corporation - ZD1211 802.11b+g USB LAN Driver.) -- C:\WINDOWS\system32\drivers\ZD1211U.sys O58 - SDL:[MD5.29C917279D79848B3DD94909FC00E2A8] - 14/01/2004 - 10:30:00 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) -- C:\WINDOWS\system32\drivers\ZDPNDIS5.sys O58 - SDL:[MD5.00AE175B903D45ED4A62384D3315DC2A] - 25/10/2004 - 12:40:58 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) -- C:\WINDOWS\system32\drivers\ZDPSp50.sys O58 - SDL:[MD5.E11183B2F02AE38915982D10D717C6C6] - 18/03/2005 - 14:35:28 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver (AMD64).) -- C:\WINDOWS\system32\drivers\ZDPSp50a64.sys O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 10/08/2004 - 21:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 10/08/2004 - 21:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 10/08/2004 - 21:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 10/08/2004 - 21:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 10/08/2004 - 21:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 10/08/2004 - 21:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 10/08/2004 - 21:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 10/08/2004 - 21:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 10/08/2004 - 21:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 10/08/2004 - 21:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 10/08/2004 - 21:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 10/08/2004 - 21:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 10/08/2004 - 21:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 10/08/2004 - 21:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 10/08/2004 - 21:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys O58 - SDL:[MD5.29C917279D79848B3DD94909FC00E2A8] - 14/01/2004 - 10:30:00 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) -- C:\WINDOWS\system32\ZDPNDIS5.sys ---\\ Détournement de DNS (DDNS) (O60) O60 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.163.70,93.188.166.9 ---\\ Liste des outils de nettoyage (LATC) (O63) O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis O63 - Logiciel: ZHPDiag 1.26 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 O63 - Logiciel: RSIT - (.random/random.) O63 - Logiciel: Toolbar SD - (.IDN Team.) ---\\ Liste des services Legacy (LALS) (O64) O64 - Services: CurCS - (.not file.) - avast! Asynchronous Virus Monitor (Aavmker4) .(.Pas de propriétaire - Pas de description.) - LEGACY_AAVMKER4 O64 - Services: CurCS - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe - Memory Check Service (AcerMemUsageCheckService) .(.Acer Inc. - Pas de description.) - LEGACY_ACERMEMUSAGECHECKSERVICE O64 - Services: CurCS - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe - Adobe LM Service (Adobe LM Service) .(.Adobe Systems - System Level Service Utility.) - LEGACY_ADOBE_LM_SERVICE O64 - Services: CurCS - C:\WINDOWS\system32\drivers\afd.sys - AFD (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - C:\WINDOWS\System32\alg.exe - Service de la passerelle de la couche Application (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\sched.exe - Avira AntiVir Planificateur (AntiVirSchedulerService) .(.Avira GmbH - Antivirus Scheduler.) - LEGACY_ANTIVIRSCHEDULERSERVICE O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avguard.exe - Avira AntiVir Guard (AntiVirService) .(.Avira GmbH - Antivirus On-Access Service.) - LEGACY_ANTIVIRSERVICE O64 - Services: CurCS - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe - Apple Mobile Device (Apple Mobile Device) .(.Apple Inc. - Apple Mobile Device Service.) - LEGACY_APPLE_MOBILE_DEVICE O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestion d'applications (AppMgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_APPMGMT O64 - Services: CurCS - C:\Windows\system32\DRIVERS\arp1394.sys - Protocole client ARP 1394 (Arp1394) .(.Microsoft Corporation - IP/1394 Arp Client.) - LEGACY_ARP1394 O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASPI32.sys - ASPI32 (ASPI32) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASPI32 O64 - Services: CurCS - (.not file.) - aswFsBlk (aswFsBlk) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWFSBLK O64 - Services: CurCS - (.not file.) - avast! Standard Shield Support (aswMon2) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWMON2 O64 - Services: CurCS - (.not file.) - aswRdr (aswRdr) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWRDR O64 - Services: CurCS - (.not file.) - avast! Self Protection (aswSP) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWSP O64 - Services: CurCS - (.not file.) - avast! Network Shield Support (aswTdi) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWTDI O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Audio Windows (AudioSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_AUDIOSRV O64 - Services: CurCS - (.not file.) - avast! Antivirus (avast! Antivirus) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVAST!_ANTIVIRUS O64 - Services: CurCS - (.not file.) - AVG7 Wrap Driver (Avg7RsW) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVG7RSW O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\BEEP.sys - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de transfert intelligent en arrière-plan (BITS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BITS O64 - Services: CurCS - C:\Program Files\Bonjour\mDNSResponder.exe (.not file.) - Service Bonjour (Bonjour Service) .(.Pas de propriétaire - Pas de description.) - LEGACY_BONJOUR_SERVICE O64 - Services: CurCS - C:\Program Files\NCH Software\BroadCam\broadCam.exe (.not file.) - BroadCam Service (BroadCamService) .(.Pas de propriétaire - Pas de description.) - LEGACY_BROADCAMSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Explorateur d'ordinateur (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BROWSER O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Bluetooth Support Service (BthServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BTHSERV O64 - Services: CurCS - C:\WINDOWS\system32\drivers\btserial.sys - Bluetooth Serial Driver (BTSERIAL) .(.Broadcom Corporation. - Bluetooth Serial Driver for Windows 2000.) - LEGACY_BTSERIAL O64 - Services: CurCS - C:\WINDOWS\system32\drivers\btslbcsp.sys - Bluetooth Port Client Driver (BTSLBCSP) .(.Broadcom Corporation. - Bluetooth Serial Driver for Windows 2000.) - LEGACY_BTSLBCSP O64 - Services: CurCS - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe - Bluetooth Service (btwdins) .(.Broadcom Corporation. - Bluetooth Support Server.) - LEGACY_BTWDINS O64 - Services: CurCS - C:\st22026\catchme.sys (.not file.) - catchme (catchme) .(.Pas de propriétaire - Pas de description.) - LEGACY_CATCHME O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\CDFS.sys - cdfs (cdfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_CDFS O64 - Services: CurCS - C:\WINDOWS\system32\clipsrv.exe - Gestionnaire de l'Album (ClipSrv) .(.Microsoft Corporation - Windows NT DDE Server.) - LEGACY_CLIPSRV O64 - Services: CurCS - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe - .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) .(.Microsoft Corporation - .NET Runtime Optimization Service.) - LEGACY_CLR_OPTIMIZATION_V2.0.50727_32 O64 - Services: CurCS - (.not file.) - COMODO Internet Security Helper Service (cmdAgent) .(.Pas de propriétaire - Pas de description.) - LEGACY_CMDAGENT O64 - Services: CurCS - (.not file.) - COMODO Internet Security Sandbox Driver (cmdGuard) .(.Pas de propriétaire - Pas de description.) - LEGACY_CMDGUARD O64 - Services: CurCS - (.not file.) - COMODO Internet Security Helper Driver (cmdHlp) .(.Pas de propriétaire - Pas de description.) - LEGACY_CMDHLP O64 - Services: CurCS - C:\WINDOWS\system32\dllhost.exe - Application système COM+ (COMSysApp) .(.Microsoft Corporation - COM Surrogate.) - LEGACY_COMSYSAPP O64 - Services: CurCS - C:\WINDOWS\system32\CTsvcCDA.exe - Creative Service for CDROM Access (Creative Service for CDROM Access) .(.Creative Technology Ltd - Creative Service for CDROM Access.) - LEGACY_CREATIVE_SERVICE_FOR_CDROM_ACCESS O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Services de cryptographie (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC O64 - Services: CurCS - C:\WINDOWS\system32\svchost -k DcomLaunch (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DHCP (Dhcp) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DHCP O64 - Services: CurCS - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique (dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN O64 - Services: CurCS - C:\Windows\system32\drivers\dmboot.sys - dmboot (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - C:\Windows\system32\drivers\dmload.sys - dmload (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Gestionnaire de disque logique (dmserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DMSERVER O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DNS (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE O64 - Services: CurCS - C:\WINDOWS\eHome\ehRecvr.exe - Media Center Receiver Service (ehRecvr) .(.Microsoft Corporation - Media Center Receiver Service.) - LEGACY_EHRECVR O64 - Services: CurCS - C:\WINDOWS\eHome\ehSched.exe - Service de planification Media Center (ehSched) .(.Microsoft Corporation - Service de planification Media Center.) - LEGACY_EHSCHED O64 - Services: CurCS - (.not file.) - EraserUtilDrv10633 (EraserUtilDrv10633) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRV10633 O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Service de rapport d'erreurs (ERSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_ERSVC O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Système d'événements de COM+ (EventSystem) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_EVENTSYSTEM O64 - Services: CurCS - C:\Program Files\NCH Software\Eyeline\eyeline.exe (.not file.) - Eyeline Service (EyelineService) .(.Pas de propriétaire - Pas de description.) - LEGACY_EYELINESERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FASTFAT.sys - fastfat (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Compatibilité avec le Changement rapide d'utilisateur (FastUserSwitchingCompatibility) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY O64 - Services: CurCS - C:\WINDOWS\system32\fxssvc.exe - Fax (Fax) .(.Microsoft Corporation - Service de télécopie.) - LEGACY_FAX O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FIPS.sys - Fips (Fips) .(.Pas de propriétaire - Pas de description.) - LEGACY_FIPS O64 - Services: CurCS - C:\Windows\system32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR O64 - Services: CurCS - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe - Windows Presentation Foundation Font Cache 3.0.0.0 (FontCache3.0.0.0) .(.Microsoft Corporation - PresentationFontCache.exe.) - LEGACY_FONTCACHE3.0.0.0 O64 - Services: CurCS - C:\Windows\system32\DRIVERS\fssfltr_tdi.sys - FssFltr (fssfltr) .(.Microsoft Corporation - Family Safety Filter Driver (TDI).) - LEGACY_FSSFLTR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC O64 - Services: CurCS - C:\Windows\system32\DRIVERS\msgpc.sys - Classificateur de paquets générique (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Aide et support (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HELPSVC O64 - Services: CurCS - C:\Windows\system32\Drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - HTTP SSL (HTTPFilter) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HTTPFILTER O64 - Services: CurCS - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe - InstallDriver Table Manager (IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT O64 - Services: CurCS - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe - Windows CardSpace (idsvc) .(.Microsoft Corporation - Windows CardSpace.) - LEGACY_IDSVC O64 - Services: CurCS - C:\WINDOWS\system32\imapi.exe - Service COM de gravage de CD IMAPI (ImapiService) .(.Microsoft Corporation - API Image Mastering.) - LEGACY_IMAPISERVICE O64 - Services: CurCS - (.not file.) - COMODO Internet Security Firewall Driver (Inspect) .(.Pas de propriétaire - Pas de description.) - LEGACY_INSPECT O64 - Services: CurCS - C:\Acer\Empowering Technology\eRecovery\int15.sys - int15.sys (int15.sys) .(.Pas de propriétaire - Pas de description.) - LEGACY_INT15.SYS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ipnat.sys - Traducteur d'adresses réseau IP (IpNat) .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT O64 - Services: CurCS - C:\Program Files\iPod\bin\iPodService.exe (.not file.) - Service de l'iPod (iPod Service) .(.Pas de propriétaire - Pas de description.) - LEGACY_IPOD_SERVICE O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ipsec.sys - Pilote IPSEC (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - (.not file.) - klmd21 (klmd21) .(.Pas de propriétaire - Pas de description.) - LEGACY_KLMD21 O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\KSECDD.sys - ksecdd (ksecdd) .(.Pas de propriétaire - Pas de description.) - LEGACY_KSECDD O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Serveur (lanmanserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANSERVER O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Station de travail (LanmanWorkstation) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANWORKSTATION O64 - Services: CurCS - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe - Lavasoft Ad-Aware Service (Lavasoft Ad-Aware Service) .(.Lavasoft - Ad-Aware Service Application.) - LEGACY_LAVASOFT_AD-AWARE_SERVICE O64 - Services: CurCS - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe (.not file.) - LightScribeService Direct Disc Labeling Service (LightScribeService) .(.Pas de propriétaire - Pas de description.) - LEGACY_LIGHTSCRIBESERVICE O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Assistance TCP/IP NetBIOS (LmHosts) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LMHOSTS O64 - Services: CurCS - (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR O64 - Services: CurCS - C:\WINDOWS\ehome\mcrdsvc.exe - Media Center Extender Service (McrdSvc) .(.Microsoft Corporation - MCRD Device Service.) - LEGACY_MCRDSVC O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MNMDD.sys - mnmdd (mnmdd) .(.Pas de propriétaire - Pas de description.) - LEGACY_MNMDD O64 - Services: CurCS - (.not file.) - mountmgr (mountmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MOUNTMGR O64 - Services: CurCS - C:\Windows\sysTEM32\DRIVERS\MPRIFL.sys - MPRIFL (MPRIFL) .(.FSPro Labs - My Private Folder driver.) - LEGACY_MPRIFL O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxdav.sys - Redirecteur client WebDav (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb.sys - MRXSMB (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB O64 - Services: CurCS - C:\WINDOWS\system32\msdtc.exe - Distributed Transaction Coordinator (MSDTC) .(.Microsoft Corporation - MS DTC console program.) - LEGACY_MSDTC O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS O64 - Services: CurCS - C:\WINDOWS\system32\msiexec.exe - Windows Installer (MSIServer) .(.Microsoft Corporation - Windows® installer.) - LEGACY_MSISERVER O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ndistapi.sys - Pilote TAPI NDIS d'accès distant (NdisTapi) .(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) - LEGACY_NDISTAPI O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ndisuio.sys - NDIS mode utilisateur E/S Protocole (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O Driver.) - LEGACY_NDISUIO O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbios.sys - Interface NetBIOS (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbt.sys - NetBIOS sur TCP/IP (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexions réseau (Netman) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NETMAN O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - NLA (Network Location Awareness) (Nla) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NLA O64 - Services: CurCS - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (.not file.) - NMIndexingService (NMIndexingService) .(.Pas de propriétaire - Pas de description.) - LEGACY_NMINDEXINGSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NTFS.sys - ntfs (ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Stockage amovible (NtmsSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NTMSSVC O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL O64 - Services: CurCS - C:\Windows\system32\drivers\nvatabus.sys - nvatabus (nvatabus) .(.NVIDIA Corporation - NVIDIA® nForce IDE Performance Driver.) - LEGACY_NVATABUS O64 - Services: CurCS - C:\Windows\system32\drivers\nvraid.sys - NVIDIA nForce RAID Class Driver (nvraid) .(.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) - LEGACY_NVRAID O64 - Services: CurCS - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Display Driver Service (NVSvc) .(.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 91.36.) - LEGACY_NVSVC O64 - Services: CurCS - (.not file.) - PartMgr (PartMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARTMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARVDM.sys - ParVdm (ParVdm) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARVDM O64 - Services: CurCS - C:\WINDOWS\system32\drivers\PfModNT.sys - PfModNT (PfModNT) .(.Creative Technology Ltd. - PCI/ISA Device Info. Service.) - LEGACY_PFMODNT O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Services IPSEC (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT O64 - Services: CurCS - (.not file.) - PROCEXP113 (PROCEXP113) .(.Pas de propriétaire - Pas de description.) - LEGACY_PROCEXP113 O64 - Services: CurCS - (.not file.) - PROCEXP90 (PROCEXP90) .(.Pas de propriétaire - Pas de description.) - LEGACY_PROCEXP90 O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Emplacement protégé (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\psdvdisk.sys - psdvdisk (psdvdisk) .(.HiTRUST - PSD Virtual Disk Driver.) - LEGACY_PSDVDISK O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rasacd.sys - Pilote de connexion automatique d'accès distant (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestionnaire de connexion automatique d'accès distant (RasAuto) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASAUTO O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestionnaire de connexions d'accès distant (RasMan) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASMAN O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rdbss.sys - Rdbss (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Routage et accès distant (RemoteAccess) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_REMOTEACCESS O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Accès à distance au Registre (RemoteRegistry) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_REMOTEREGISTRY O64 - Services: CurCS - C:\WINDOWS\system32\svchost -k rpcss (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS O64 - Services: CurCS - C:\WINDOWS\system32\rsvp.exe - QoS RSVP (RSVP) .(.Microsoft Corporation - Microsoft RSVP.) - LEGACY_RSVP O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Gestionnaire de comptes de sécurité (SamSs) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_SAMSS O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Planificateur de tâches (Schedule) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SCHEDULE O64 - Services: CurCS - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe - SeaPort (SeaPort) .(.Microsoft Corporation - Microsoft SeaPort Search Enhancement Broker.) - LEGACY_SEAPORT O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexion secondaire (seclogon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SECLOGON O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Notification d'événement système (SENS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SENS O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Pare-feu Windows / Partage de connexion Internet (SharedAccess) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHAREDACCESS O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Détection matériel noyau (ShellHWDetection) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHELLHWDETECTION O64 - Services: CurCS - C:\WINDOWS\system32\spoolsv.exe - Spouleur d'impression (Spooler) .(.Microsoft Corporation - Spooler SubSystem App.) - LEGACY_SPOOLER O64 - Services: CurCS - C:\Windows\system32\Drivers\sptd.sys - sptd (sptd) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPTD O64 - Services: CurCS - C:\Windows\system32\DRIVERS\sr.sys - Pilote de filtre de restauration système (sr) .(.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) - LEGACY_SR O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de restauration système (srservice) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SRSERVICE O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv.sys - Srv (Srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de découvertes SSDP (SSDPSRV) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SSDPSRV O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - D:\Alcohol 120\StarWind\StarWindServiceAE.exe - StarWind AE Service (StarWindServiceAE) .(.Rocket Division Software - StarWind iSCSI Target (Alcohol Edition).) - LEGACY_STARWINDSERVICEAE O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Acquisition d'image Windows (WIA) (stisvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_STISVC O64 - Services: CurCS - (.not file.) - SYMDNS (SYMDNS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMDNS O64 - Services: CurCS - (.not file.) - SymEvent (SymEvent) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMEVENT O64 - Services: CurCS - (.not file.) - SYMFW (SYMFW) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMFW O64 - Services: CurCS - (.not file.) - SYMIDS (SYMIDS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMIDS O64 - Services: CurCS - (.not file.) - SYMIDSCO (SYMIDSCO) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMIDSCO O64 - Services: CurCS - (.not file.) - SYMNDIS (SYMNDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMNDIS O64 - Services: CurCS - (.not file.) - SYMREDRV (SYMREDRV) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMREDRV O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMTDI O64 - Services: CurCS - C:\WINDOWS\system32\smlogsvc.exe - Journaux et alertes de performance (SysmonLog) .(.Microsoft Corporation - Service des alertes et des journaux de perf.) - LEGACY_SYSMONLOG O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Téléphonie (TapiSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TAPISRV O64 - Services: CurCS - C:\Windows\system32\DRIVERS\tcpip.sys - Pilote du protocole TCP/IP (Tcpip) .(.Microsoft Corporation - TCP/IP Protocol Driver.) - LEGACY_TCPIP O64 - Services: CurCS - C:\WINDOWS\System32\svchost -k DComLaunch (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Thèmes (Themes) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_THEMES O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client de suivi de lien distribué (TrkWks) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TRKWKS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\UBHELPER.sys - UBHelper (UBHelper) .(.Pas de propriétaire - Pas de description.) - LEGACY_UBHELPER O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\UDFS.sys - Udfs (Udfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_UDFS O64 - Services: CurCS - (.not file.) - UnlockerDriver5 (UnlockerDriver5) .(.Pas de propriétaire - Pas de description.) - LEGACY_UNLOCKERDRIVER5 O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Hôte de périphérique universel Plug-and-Play (upnphost) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_UPNPHOST O64 - Services: CurCS - (.not file.) - uwrdqaoc (uwrdqaoc) .(.Pas de propriétaire - Pas de description.) - LEGACY_UWRDQAOC O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VGA.sys - vga (vga) .(.Pas de propriétaire - Pas de description.) - LEGACY_VGA O64 - Services: CurCS - C:\WINDOWS\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VOLSNAP.sys - VolSnap (VolSnap) .(.Pas de propriétaire - Pas de description.) - LEGACY_VOLSNAP O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Horloge Windows (W32Time) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_W32TIME O64 - Services: CurCS - C:\Windows\system32\DRIVERS\wanarp.sys - Pilote ARP IP d'accès distant (Wanarp) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARP O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - WebClient (WebClient) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WEBCLIENT O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Infrastructure de gestion Windows (winmgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WINMGMT O64 - Services: CurCS - C:\WINDOWS\system32\wbem\wmiapsrv.exe - Carte de performance WMI (WmiApSrv) .(.Microsoft Corporation - Service de la carte de performance WMI.) - LEGACY_WMIAPSRV O64 - Services: CurCS - C:\Program Files\Windows Media Player\WMPNetwk.exe - Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows M.) - LEGACY_WMPNETWORKSVC O64 - Services: CurCS - C:\WINDOWS\system32\drivers\ws2ifsl.sys - Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (WS2IFSL) .(.Microsoft Corporation - Winsock2 IFS Layer.) - LEGACY_WS2IFSL O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Centre de sécurité (wscsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WSCSVC O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Mises à jour automatiques (wuauserv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUAUSERV O64 - Services: CurCS - C:\Windows\system32\DRIVERS\WudfPf.sys - Windows Driver Foundation - User-mode Driver Framework Platform Driver (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Windows Driver Foundation - User-mode Driver Framework (WudfSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUDFSVC O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Configuration automatique sans fil (WZCSVC) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WZCSVC O64 - Services: CurCS - C:\Windows\system32\Drivers\ZDPSp50.sys - ZDPSp50 NDIS Protocol Driver (ZDPSp50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) - LEGACY_ZDPSP50 ---\\ Observateur d'évènement d'application (OEA) (O66) O66 - EventLog: ID=490 (ESENT) - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb O66 - EventLog: ID=4118 (Avira AntiVir) - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\Fonts\TT0131M_.TTF O66 - EventLog: ID=4118 (Avira AntiVir) - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\Fonts\timesi.ttf O66 - EventLog: ID=4118 (Avira AntiVir) - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Mozilla Firefox\crashreporter.ini O66 - EventLog: ID=439 (ESENT) - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb O66 - EventLog: ID=470 (ESENT) - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.exe> <exefile>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Adrien\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O68 - StartMenuInternet: <Opera.exe> <Opera>[HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Opera.exe ---\\ Search Browser Infection (SBI) (O69) O69 - SBI: SearchScopes [HKCU] Google - (Search Google) - Google O69 - SBI: SearchScopes [HKCU] {0E28FEBC-5337-4257-963F-2F1CE5D946F5} - (Dealio) - Online Coupon Codes, Discount Coupons, Proflowers Coupon, Coupon & Online Shopping Deals by Dealio O69 - SBI: SearchScopes [HKCU] {210073B5-670D-4ABE-A7CB-83EDBC77BF35} - (Orbit Search (Powered By Google)) - Orbit Downloader Start O69 - SBI: SearchScopes [HKCU] {4C5BEAD8-8EF4-4C92-AC8E-E954BDAC938E} [DefaultScope] - (Yahoo! Search) - Yahoo! Search - Web Search O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Live Search) - Bing O69 - SBI: SearchScopes [HKCU] {E7673B47-044C-4C57-A107-B5BD8F64792A} - (Live Search) - Bing ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover Run by Adrien at 24/09/2010 18:45:35 device: opened successfully user: MBR read successfully called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x83A47EC5]<< kernel: MBR read successfully user & kernel MBR OK ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) MBRCheck, version 1.2.3 by ad13, http://ad13.geekstog Run by Adrien at 24/09/2010 18:45:53 153 GB \\.\PhysicalDrive0 Unknown MBR code SHA1: 6A37CCD118436B688B51F6BD4C2B47A895EBDF7F Found non-standard or infected MBR. Dump file Name : C:\Program Files\ZHPDiag\MBRDump_09-24-10_18-45-54_PhysicalDrive0.bin ---\\ Internet Feature Controls (IFC) (O81) O81 - IFC: Internet Feature Controls [HKLM] [FEATURE_BROWSER_EMULATION] -- svchost.exe ---\\ Recherche des services démarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\WINDOWS\System32\appmgmts.dll [176640] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\System32\audiosrv.dll [42496] O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\System32\browser.dll [77824] O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\System32\cryptsvc.dll [62464] O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\System32\dmserver.dll [24576] O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\System32\dhcpcsvc.dll [127488] O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\System32\ersvc.dll [23040] O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\es.dll [253952] O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680] O83 - Search Svchost Services: HidServ (HidServ) . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\hidserv.dll [0] O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\System32\srvsvc.dll [96768] O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\System32\wkssvc.dll [132096] O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\System32\msgsvc.dll [33792] O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\System32\netman.dll [198144] O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\System32\mswsock.dll [247808] O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [88576] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [186368] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\System32\mprdim.dll [53248] O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [194560] O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\System32\seclogon.dll [18944] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\WINDOWS\System32\ipnathlp.dll [332800] O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll [171520] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\WINDOWS\System32\tapisrv.dll [249856] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680] O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112] O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\system32\w32time.dll [178176] O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\System32\wzcsvc.dll [483840] O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - API avancées Windows 32.) -- C:\WINDOWS\System32\advapi32.dll [685568] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [145408] O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [80896] O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\System32\xmlprov.dll [129024] O83 - Search Svchost Services: MHN (MHN) . (.Microsoft Corporation - Windows NT.) -- C:\WINDOWS\System32\mhn.dll [85504] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\WINDOWS\system32\qmgr.dll [409088] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680] O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400] O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS\system32\MsPMSNSv.dll [27136] O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Exécution du service Agent de quarantaine.) -- C:\WINDOWS\System32\qagentrt.dll [293376] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\WINDOWS\System32\kmsvc.dll [61440] ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 11/05/2006 28672 | Memory Check Service (AcerMemUsageCheckService) . (.Acer Inc..) - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe SS - | Demand 21/08/2010 72704 | Adobe LM Service (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe SR - | Auto 13/05/2009 108289 | Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe SR - | Auto 21/07/2009 185089 | Avira AntiVir Guard (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe SR - | Auto 28/08/2009 144672 | Apple Mobile Device (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe SS - | Auto 28/08/2009 0 | Service Bonjour (Bonjour Service) . (.Pas de propriétaire.) - C:\Program Files\Bonjour\mDNSResponder.exe SS - | Auto 28/08/2009 0 | BroadCam Service (BroadCamService) . (.Pas de propriétaire.) - C:\Program Files\NCH Software\BroadCam\broadCam.exe SR - | Auto 12/05/2006 258103 | Bluetooth Service (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe SS - | Disabled 13/12/1999 44032 | Creative Service for CDROM Access (Creative Service for CDROM Access) . (.Creative Technology Ltd.) - C:\WINDOWS\system32\CTsvcCDA.exe SS - | Auto 13/12/1999 0 | Eyeline Service (EyelineService) . (.Pas de propriétaire.) - C:\Program Files\NCH Software\Eyeline\eyeline.exe SS - | Demand 13/12/1999 0 | Google Updater Service (gusvc) . (.Pas de propriétaire.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Demand 14/11/2005 69632 | InstallDriver Table Manager (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe SS - | Demand 14/11/2005 0 | Service de l’iPod (iPod Service) . (.Pas de propriétaire.) - C:\Program Files\iPod\bin\iPodService.exe SR - | Auto 17/07/2010 153376 | Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe SR - | Auto 06/03/2010 1029456 | Lavasoft Ad-Aware Service (Lavasoft Ad-Aware Service) . (.Lavasoft.) - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe SS - | Auto 06/03/2010 0 | LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Pas de propriétaire.) - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe SS - | Demand 06/03/2010 0 | NMIndexingService (NMIndexingService) . (.Pas de propriétaire.) - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe SR - | Auto 12/07/2006 155715 | NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe SS - | Demand 12/07/2006 0 | Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.Pas de propriétaire.) - C:\Program Files\WinPcap\rpcapd.exe SR - | Auto 28/05/2007 275968 | StarWind AE Service (StarWindServiceAE) . (.Rocket Division Software.) - D:\Alcohol 120\StarWind\StarWindServiceAE.exe ---\\ Infection BT - BHO/Toolbar (Possible) O42 - Logiciel: Search Settings 1.2 - (.Pas de propriétaire.) [HKLM] -- {D0C73318-7B4A-4D16-A0C4-3B83F075EA88} End of the scan (1477 lines in 02mn 09s)(0)
  18. st22026
    Bonjour,je n'arrive pas a demarrer Malware bytes anti malware,ni a lancer spybot (en normal ou sans echec). Que dois-je faire? Merci.
  19. st22026
    MBAM n'a rien trouvé et le problème dont je parlais au début n'est pas réapparu. Merci
  20. st22026
    Voici le résultat du scan il a trouvé 7 menaces : ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6211 # api_version=3.0.2 # EOSSerial=c9e4a6e87211df49bb5d07acf1cd4f80 # end=finished # remove_checked=false # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2010-05-22 01:59:52 # local_time=2010-05-22 03:59:52 (+0100, Paris, Madrid (heure d'été)) # country="France" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=512 16777215 100 0 0 0 0 0 # compatibility_mode=768 16777215 100 0 0 0 0 0 # compatibility_mode=1797 16775141 100 94 733660 70591303 66071 0 # compatibility_mode=8192 67108863 100 0 136 136 0 0 # scanned=85389 # found=7 # cleaned=0 # scan_time=9407 C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FraudAntiMalwares.zip Win32/Bagle.gen.zip worm 00000000000000000000000000000000 I C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FraudAntiMalwares1.zip Win32/Bagle.gen.zip worm 00000000000000000000000000000000 I C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\rdpcdd.sys.vir Win32/Olmarik.ZC trojan 00000000000000000000000000000000 I C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP273\A0071113.sys Win32/Olmarik.ZC trojan 00000000000000000000000000000000 I D:\vcs1600.exe Win32/Adware.RK.AB application 00000000000000000000000000000000 I D:\unlocker1.8.7.exe a variant of Win32/Adware.ADON application 00000000000000000000000000000000 I D:\Unlocker\eBay_shortcuts_1016.exe a variant of Win32/Adware.ADON application 00000000000000000000000000000000 I Pourquoi ne pas avoir coché la case Remove found threats? J'en ai supprimé quelques-unes à la main.
  21. st22026
    Quand je clique sur j'accepte,ca me met que la signature numérique est erronée.
  22. st22026
    ComboFix 10-05-20.A0 -21/05/2010 11:54:44.8.1 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.767.251 [GMT 2:00] Lancé depuis: c:\documents and settings\Adrien\Bureau\st22026.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Adrien\Application Data\Gmail c:\windows\run.log c:\windows\system32\dumphive.exe c:\windows\system32\Ijl11.dll c:\windows\system32\Process.exe c:\windows\system32\SCLabel.ocx c:\windows\system32\SrchSTS.exe c:\windows\system32\VCCLSID.exe c:\windows\system32\WS2Fix.exe c:\windows\vekaf._sy Une copie infectée de c:\windows\system32\drivers\rdpcdd.sys a été trouvée et désinfectée Copie restaurée à partir de - Kitty had a snack . ((((((((((((((((((((((((((((( Fichiers créés du 2010-04-21 au 2010-05-21 )))))))))))))))))))))))))))))))))))) . 2010-05-20 21:21 . 2010-05-20 21:45 -------- d-----w- C:\Rootpeal 2010-05-19 10:27 . 2010-05-19 10:32 25839688 ----a-w- C:\wmp11-windowsxp-x86-FR-FR.exe 2010-05-19 07:57 . 2010-05-19 07:57 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-05-19 07:55 . 2010-05-19 07:56 921376 ----a-w- c:\program files\jxpiinstall.exe 2010-05-18 15:41 . 2010-05-18 15:45 -------- d-----w- c:\documents and settings\Adrien\Application Data\QuickScan 2010-04-26 15:13 . 2010-04-26 15:13 318904 ----a-w- c:\program files\windows-media-player-firefox-plugin_windows_media_player_firefox_plugin_1.0.0.8_anglais_35439.exe 2010-04-26 13:38 . 2010-04-26 13:38 -------- d-----w- c:\documents and settings\Adrien\Local Settings\Application Data\Christofer_Persson . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-21 10:01 . 2009-09-03 15:36 12 ----a-w- c:\windows\bthservsdp.dat 2010-05-20 17:09 . 2009-01-09 16:06 -------- d-----w- c:\documents and settings\Adrien\Application Data\Orbit 2010-05-20 12:43 . 2009-03-23 10:48 -------- d-----w- c:\documents and settings\Adrien\Application Data\uTorrent 2010-05-20 12:39 . 2009-01-10 01:04 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2010-05-19 07:58 . 2006-12-23 10:26 -------- d-----w- c:\program files\Fichiers communs\Java 2010-05-19 07:57 . 2010-05-19 07:57 503808 ----a-w- c:\documents and settings\Adrien\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4000a8af-n\msvcp71.dll 2010-05-19 07:57 . 2010-05-19 07:57 499712 ----a-w- c:\documents and settings\Adrien\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4000a8af-n\jmc.dll 2010-05-19 07:57 . 2010-05-19 07:57 348160 ----a-w- c:\documents and settings\Adrien\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4000a8af-n\msvcr71.dll 2010-05-19 07:57 . 2010-05-19 07:57 61440 ----a-w- c:\documents and settings\Adrien\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1dbaaf4f-n\decora-sse.dll 2010-05-19 07:57 . 2010-05-19 07:57 12800 ----a-w- c:\documents and settings\Adrien\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1dbaaf4f-n\decora-d3d.dll 2010-05-19 07:57 . 2006-12-23 10:26 -------- d-----w- c:\program files\Java 2010-05-18 11:14 . 2009-03-25 15:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-05-17 14:48 . 2010-05-18 15:40 702120 ----a-w- c:\documents and settings\Adrien\Application Data\Mozilla\Firefox\Profiles\hjj3vx4k.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll 2010-05-17 14:48 . 2010-05-18 15:40 868456 ----a-w- c:\documents and settings\Adrien\Application Data\Mozilla\Firefox\Profiles\hjj3vx4k.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll 2010-05-17 13:47 . 2009-09-06 19:09 -------- d-----w- c:\documents and settings\Adrien\Application Data\BitTorrent 2010-05-15 09:58 . 2009-08-19 15:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-04-29 13:39 . 2009-08-19 15:47 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-04-29 13:39 . 2009-08-19 15:47 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-04-26 13:38 . 2007-08-05 16:56 -------- d-----w- c:\documents and settings\Adrien\Application Data\vlc 2010-04-24 23:00 . 2010-02-26 21:08 -------- d-----w- c:\program files\Bonjour 2010-04-15 11:00 . 2010-04-15 11:00 49152 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll 2010-04-15 11:00 . 2010-04-15 11:00 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll 2010-04-15 11:00 . 2010-04-15 11:00 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll 2010-04-15 11:00 . 2010-04-15 11:00 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll 2010-04-15 11:00 . 2010-04-15 11:00 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll 2010-04-15 11:00 . 2010-04-15 11:00 40960 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll 2010-04-15 11:00 . 2010-04-15 11:00 341600 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll 2010-04-15 11:00 . 2010-04-15 11:00 308808 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll 2010-04-15 11:00 . 2010-04-15 11:00 14848 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll 2010-04-15 11:00 . 2006-12-24 17:25 -------- d-----w- c:\program files\Fichiers communs\Real 2010-04-15 11:00 . 2010-04-15 10:59 -------- d-----w- c:\program files\Real 2010-04-15 11:00 . 2010-04-15 11:00 -------- d-----w- c:\program files\Fichiers communs\xing shared 2010-04-15 10:59 . 2003-03-18 20:14 499712 ----a-w- c:\windows\system32\msvcp71.dll 2010-04-15 10:59 . 2003-02-21 02:42 348160 ----a-w- c:\windows\system32\msvcr71.dll 2010-03-31 18:06 . 2010-02-10 09:40 4720 ----a-w- c:\windows\system32\PerfStringBackup.TMP 2010-03-12 13:58 . 2010-03-12 13:58 184 ----a-w- c:\documents and settings\Adrien\Application Data\Capturino\ijl17.dll 2010-03-10 06:16 . 2004-08-10 20:00 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-03-06 09:32 . 2009-04-18 08:55 15688 ----a-w- c:\windows\system32\lsdelete.exe 2010-02-26 21:05 . 2010-02-26 21:05 72488 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe 2010-02-25 06:17 . 2006-03-04 04:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-02-24 13:11 . 2005-01-19 04:26 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-02-22 12:47 . 2010-02-22 12:47 318904 ----a-w- c:\program files\wmpfirefoxplugin.exe 2009-08-20 13:09 . 2009-08-20 13:09 19879 ----a-w- c:\program files\Fichiers communs\urezol.dat 2009-08-17 13:57 . 2009-08-17 13:57 12543 ----a-w- c:\program files\Fichiers communs\zuduhenajy.dat 2008-12-28 18:05 . 2008-12-28 18:05 2402832 -c--a-w- c:\program files\WLinstaller.exe 2006-05-03 10:06 . 2010-01-28 10:23 163328 --sh--r- c:\windows\system32\flvDX.dll 2007-02-21 11:47 . 2010-01-28 10:23 31232 --sh--r- c:\windows\system32\msfDX.dll 2008-03-16 13:30 . 2010-01-28 10:23 216064 --sh--r- c:\windows\system32\nbDX.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "flockbox"="d:\folder lockbox\flockbox.exe" [2006-11-10 1065984] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-11 7626752] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2010-04-15 202256] "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ BTTray.lnk - c:\program files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [2006-5-12 581693] [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^Adrien^Mes documents^Menu Démarrer^Programmes^Démarrage^Free Music Zilla.lnk] path=c:\documents and settings\Adrien\Mes documents\Menu Démarrer\Programmes\Démarrage\Free Music Zilla.lnk backup=c:\windows\pss\Free Music Zilla.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acer Empowering Technology.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer Empowering Technology.lnk backup=c:\windows\pss\Acer Empowering Technology.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acer WLAN 11g USB Dongle.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer WLAN 11g USB Dongle.lnk backup=c:\windows\pss\Acer WLAN 11g USB Dongle.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk backup=c:\windows\pss\Microsoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchApp] Alaunch [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\%FP%Friendly fts.exe] 2003-05-06 08:28 72192 -c--a-w- c:\program files\Friendly Technologies\BroadbandAccess\fts.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Empowering Technology Monitor] 2006-04-18 18:54 49152 -c--a-w- c:\windows\system32\SysMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch] 2010-03-06 09:32 524632 ----a-w- c:\program files\Lavasoft\Ad-Aware\AAWTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] 2005-05-03 02:43 69632 -c--a-w- c:\windows\Alcmtr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] 2009-04-24 02:16 203928 ----a-w- d:\alcohol 120\AxCmd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA] 2009-03-16 18:47 342848 ----a-w- c:\program files\DNA\btdna.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice] 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 02:33 15360 ------w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2009-04-23 13:51 691656 ----a-w- d:\daemon tools lite\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader] 2006-03-17 14:00 345088 -c--a-w- c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray] 2005-08-05 11:34 64512 -c--a-w- c:\windows\ehome\ehtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4400 Series] 2007-03-01 06:01 180736 -c--a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATICAE.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService] 2006-06-01 13:40 413696 -c--a-w- c:\acer\Empowering Technology\eRecovery\eRAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2009-05-28 11:25 133104 ----atw- c:\documents and settings\Adrien\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1] 2004-08-10 20:00 44032 -c--a-w- c:\windows\ime\imkr6_1\imekrmig.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1] 2004-08-10 20:00 208952 -c--a-w- c:\windows\ime\imjp8_1\imjpmig.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-02-15 16:07 141608 ----a-w- D:\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsgCenterExe] 2010-04-15 10:59 75320 ----a-w- c:\program files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002] 2004-08-10 20:00 59392 -c--a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI] 2005-05-11 15:15 45056 -c--a-w- c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2006-07-11 22:19 86016 ----a-w- c:\windows\system32\nvmctray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] 2006-07-11 22:19 1519616 ----a-w- c:\windows\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A] 2004-08-10 20:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync] 2004-08-10 20:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2006-06-01 00:48 16208384 -c--a-w- c:\windows\RTHDCPL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] 2009-03-05 14:07 2260480 --sha-r- d:\spybot - search & destroy\TeaTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2007-09-25 00:11 132496 -c--a-w- c:\program files\Java\jre1.6.0_03\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] 2008-05-02 03:15 15872 ----a-w- d:\unlocker\UnlockerAssistant.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] 2006-11-03 07:59 204288 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Regedit32"=c:\windows\system32\regedit.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "DisableNotifications"= 1 (0x1) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "d:\\SopCast\\SopCast.exe"= "d:\\Program Files\\TVAnts\\Tvants.exe"= "d:\\VLC\\vlc.exe"= "c:\\Program Files\\Windows Media Player\\wmplayer.exe"= "c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "d:\\Free Music Zilla\\FMZilla.exe"= "c:\\Program Files\\Java\\jre1.6.0_03\\bin\\javaw.exe"= "d:\\Orbitdownloader\\orbitnet.exe"= "d:\\Orbitdownloader\\orbitdm.exe"= "d:\\SopCast\\adv\\SopAdver.exe"= "d:\\StationRipper\\StationRipperConsole.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Opera\\opera.exe"= "d:\\iTunes.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "86:TCP"= 86:TCP:*:Disabled:BroadCam Web Server R0 MPRIFL;MPRIFL;c:\windows\system32\drivers\mprifl.sys [07/01/2007 13:02 13824] R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [23/02/2010 17:13 108289] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [09/03/2009 21:06 1029456] S2 BroadCamService;BroadCam Service;"c:\program files\NCH Software\BroadCam\broadCam.exe" -service --> c:\program files\NCH Software\BroadCam\broadCam.exe [?] S2 EyelineService;Eyeline Service;"c:\program files\NCH Software\Eyeline\eyeline.exe" -service --> c:\program files\NCH Software\Eyeline\eyeline.exe [?] S3 tapavpn;Steganos Anonym VPN Adapter;c:\windows\system32\drivers\tapavpn.sys [19/10/2007 10:50 24320] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18/05/2009 16:00 721904] . Contenu du dossier 'Tâches planifiées' 2010-05-17 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 09:32] 2010-05-14 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2010-05-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3874232922-622592756-1272493053-1006Core.job - c:\documents and settings\Adrien\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-28 11:25] 2010-05-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3874232922-622592756-1272493053-1006UA.job - c:\documents and settings\Adrien\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-28 11:25] 2010-05-21 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3874232922-622592756-1272493053-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09] 2010-05-18 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3874232922-622592756-1272493053-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09] 2010-05-20 c:\windows\Tasks\User_Feed_Synchronization-{5E39FACB-FF9D-4260-963F-CCB597CFD3B7}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 02:31] . . ------- Examen supplémentaire ------- . mWindow Title = uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local IE: &Download by Orbit - d:\orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - d:\orbitdownloader\orbitmxt.dll/204 IE: &Traduire à partir de l'anglais - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: Do&wnload selected by Orbit - d:\orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - d:\orbitdownloader\orbitmxt.dll/202 IE: Download with &Shareaza - c:\program files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (21)\P2P Rocket\Plugins\RazaWebHook.dll/3000 IE: Envoyer à &Bluetooth - c:\program files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm IE: Pages liées - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html IE: Pages similaires - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html IE: Recherche &Google - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html IE: Tout télécharger avec Free Download Manager - file://d:\free download manager\dlall.htm IE: Télécharger avec Free Download Manager - file://d:\free download manager\dllink.htm IE: Télécharger la sélection avec Free Download Manager - file://d:\free download manager\dlselected.htm IE: Télécharger la vidéo avec Free Download Manager - file://d:\free download manager\dlfvideo.htm IE: Version de la page actuelle disponible dans le cache Google - c:\program files\Google\GoogleToolbar1.dll/cmcache.html FF - ProfilePath - c:\documents and settings\Adrien\Application Data\Mozilla\Firefox\Profiles\hjj3vx4k.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - prefs.js: browser.startup.homepage - hxxp://tf1.lci.fr/infos/france/ FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIAWB1&q= FF - component: c:\documents and settings\Adrien\Application Data\Mozilla\Firefox\Profiles\hjj3vx4k.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll FF - component: d:\free download manager\Firefox\Extension\components\vmsfdmff.dll FF - component: d:\orbitdownloader\addons\OneClickYouTubeDownloader\components\GrabXpcom.dll FF - plugin: c:\documents and settings\Adrien\Application Data\Mozilla\Firefox\Profiles\hjj3vx4k.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll FF - plugin: c:\documents and settings\Adrien\Local Settings\Application Data\Google\Update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll FF - plugin: c:\program files\Opera\program\plugins\nporbit.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: d:\divx content uploader\npUpload.dll FF - plugin: d:\divx player\npDivxPlayerPlugin.dll FF - plugin: d:\divx web player\npdivx32.dll FF - plugin: d:\mozilla plugins\npitunes.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- PARAMETRES FIREFOX ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr ef", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); . - - - - ORPHELINS SUPPRIMES - - - - MSConfigStartUp-au - c:\program files\Dealio\DealioAU.exe MSConfigStartUp-avast! - d:\quaran~1\ashDisp.exe MSConfigStartUp-brastk - c:\windows\system32\brastk.exe MSConfigStartUp-braviax - braviax.exe MSConfigStartUp-BroadCamRun - c:\program files\NCH Software\BroadCam\broadCam.exe MSConfigStartUp-DSLAGENTEXE - dslagent.exe MSConfigStartUp-EyelineRun - c:\program files\NCH Software\Eyeline\eyeline.exe MSConfigStartUp-msword98 - c:\windows\system32\msword98.exe MSConfigStartUp-MySpaceIM - c:\program files\MySpace\IM\MySpaceIM.exe MSConfigStartUp-PC Antispyware 2010 - c:\program files\PC_Antispyware2010\PC_Antispyware2010.exe MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\QTTask.exe MSConfigStartUp-realtekc - c:\documents and settings\Adrien\Application Data\Gmail\exiap6415386.exe MSConfigStartUp-Regedit32 - c:\windows\system32\regedit.exe MSConfigStartUp-RelevantKnowledge - c:\program files\relevantknowledge\rlvknlg.exe MSConfigStartUp-SkyTel - SkyTel.EXE MSConfigStartUp-SRS Audio Sandbox - D:\SRSSSC.exe MSConfigStartUp-stvamvqu - c:\documents and settings\Adrien\Local Settings\Application Data\qeippu\ugjtsftav.exe MSConfigStartUp-UpdateWin - c:\windows\system32\adsmsexth.exe MSConfigStartUp-userinit - c:\windows\system32\ntos.exe AddRemove-eMule - c:\program files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (20)\eMule\Uninstall.exe AddRemove-{D9DA5C41-964F-455F-B5E7-3664519440E8}_is1 - c:\program files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (3)\Bit Che\unins000.exe AddRemove-BitTorrent - c:\program files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (18)\BitTorrent\BitTorrent.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-21 12:04 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(1436) c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\btncopy.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\rundll32.exe c:\acer\Empowering Technology\ePerformance\MemCheck.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe c:\windows\eHome\ehRecvr.exe c:\windows\eHome\ehSched.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\LightScribe\LSSrvc.exe c:\windows\system32\nvsvc32.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe d:\alcohol 120\StarWind\StarWindServiceAE.exe c:\windows\ehome\mcrdsvc.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\Windows Media Player\WMPNetwk.exe c:\windows\system32\dllhost.exe . ************************************************************************** . Heure de fin: 2010-05-21 12:09:06 - La machine a redémarré ComboFix-quarantined-files.txt 2010-05-21 10:09 ComboFix2.txt 2009-09-04 17:41 ComboFix3.txt 2009-09-04 16:36 ComboFix4.txt 2009-08-21 15:59 Avant-CF: 22 200 057 856 octets libres Après-CF: 22 218 125 312 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect /usepmtimer Current=4 Default=4 Failed=3 LastKnownGood=5 Sets=1,2,3,4,5 - - End Of File - - DD91B5B9A730819B741185A232401635
  23. st22026
    gmer plante toujours,voici le rapport rootpeal : ROOTREPEAL © AD, 2007-2009 ================================================== Scan Start Time: 2010/05/20 23:32 Program Version: Version 1.3.5.0 Windows Version: Windows XP Media Center Edition SP3 ================================================== Drivers ------------------- Name: PCI_PNP0892 Image Path: \Driver\PCI_PNP0892 Address: 0x00000000 Size: 0 File Visible: No Signed: - Status: - Name: rootrepeal.sys Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys Address: 0xBA194000 Size: 49152 File Visible: No Signed: - Status: - Name: spsc.sys Image Path: spsc.sys Address: 0xF7285000 Size: 1052672 File Visible: No Signed: - Status: - Name: sptd Image Path: \Driver\sptd Address: 0x00000000 Size: 0 File Visible: No Signed: - Status: - Hidden/Locked Files ------------------- Path: C:\Documents and Settings\Adrien\Local Settings\temp\fla19.tmp Status: Invisible to the Windows API! Path: C:\Documents and Settings\Adrien\Local Settings\temp\fla28.tmp Status: Visible to the Windows API, but not on disk. Path: C:\Documents and Settings\Adrien\Local Settings\temp\fla2A.tmp Status: Visible to the Windows API, but not on disk. Path: c:\documents and settings\adrien\application data\mozilla\firefox\profiles\hjj3vx4k.default\sessionstore.js Status: Allocation size mismatch (API: 81920, Raw: 77824) Path: c:\documents and settings\adrien\local settings\application data\microsoft\windows live contacts\{8c8229b9-fb85-4c2a-a76d-50ad1d4bbf18}\dbstore\contacts.edb Status: Allocation size mismatch (API: 3702784, Raw: 3706880) Path: c:\documents and settings\adrien\local settings\application data\mozilla\firefox\profiles\hjj3vx4k.default\cache\e5108730d01 Status: Size mismatch (API: 7749632, Raw: 7372800) SSDT ------------------- #: 041 Function Name: NtCreateKey Status: Hooked by "<unknown>" at address 0xf7b29e06 #: 053 Function Name: NtCreateThread Status: Hooked by "<unknown>" at address 0xf7b29dfc #: 063 Function Name: NtDeleteKey Status: Hooked by "<unknown>" at address 0xf7b29e0b #: 065 Function Name: NtDeleteValueKey Status: Hooked by "<unknown>" at address 0xf7b29e15 #: 071 Function Name: NtEnumerateKey Status: Hooked by "spsc.sys" at address 0xf72a4ca4 #: 073 Function Name: NtEnumerateValueKey Status: Hooked by "spsc.sys" at address 0xf72a5032 #: 098 Function Name: NtLoadKey Status: Hooked by "<unknown>" at address 0xf7b29e1a #: 119 Function Name: NtOpenKey Status: Hooked by "spsc.sys" at address 0xf72860c0 #: 122 Function Name: NtOpenProcess Status: Hooked by "<unknown>" at address 0xf7b29de8 #: 128 Function Name: NtOpenThread Status: Hooked by "<unknown>" at address 0xf7b29ded #: 160 Function Name: NtQueryKey Status: Hooked by "spsc.sys" at address 0xf72a510a #: 177 Function Name: NtQueryValueKey Status: Hooked by "spsc.sys" at address 0xf72a4f8a #: 193 Function Name: NtReplaceKey Status: Hooked by "<unknown>" at address 0xf7b29e24 #: 204 Function Name: NtRestoreKey Status: Hooked by "<unknown>" at address 0xf7b29e1f #: 247 Function Name: NtSetValueKey Status: Hooked by "<unknown>" at address 0xf7b29e10 #: 257 Function Name: NtTerminateProcess Status: Hooked by "<unknown>" at address 0xf7b29df7 Stealth Objects ------------------- Object: Hidden Code [Driver: Ntfs, IRP_MJ_CREATE] Process: System Address: 0x83c5d1f8 Size: 121 Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLOSE] Process: System Address: 0x83c5d1f8 Size: 121 Object: Hidden Code [Driver: Ntfs, IRP_MJ_READ] Process: System Address: 0x83c5d1f8 Size: 121 Object: Hidden Code [Driver: Ntfs, IRP_MJ_WRITE] Process: System Address: 0x83c5d1f8 Size: 121 Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_INFORMATION] Process: System Address: 0x83c5d1f8 Size: 121 Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_INFORMATION] Process: System Address: 0x83c5d1f8 Size: 121 Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_EA] Process: System Address: 0x83c5d1f8 Size: 121 Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_EA] Process: System Address: 0x83c5d1f8 Size: 121 Object: Hidden Code [Driver: Ntfs, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x83c5d1f8 Size: 121 Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_VOLUME_INFORMATION] Process: System Address: 0x83c5d1f8 Size: 121 Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_VOLUME_INFORMATION] Process: System Address: 0x83c5d1f8 Size: 121 Object: Hidden Code [Driver: Ntfs, IRP_MJ_DIRECTORY_CONTROL] Process: System Address: 0x83c5d1f8 Size: 121 Object: Hidden Code [Driver: Ntfs, IRP_MJ_FILE_SYSTEM_CONTROL] Process: System Address: 0x83c5d1f8 Size: 121 Object: Hidden Code [Driver: Ntfs, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x83c5d1f8 Size: 121 Object: Hidden Code [Driver: Ntfs, IRP_MJ_SHUTDOWN] Process: System Address: 0x83c5d1f8 Size: 121 Object: Hidden Code [Driver: Ntfs, IRP_MJ_LOCK_CONTROL] Process: System Address: 0x83c5d1f8 Size: 121 Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLEANUP] Process: System Address: 0x83c5d1f8 Size: 121 Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_SECURITY] Process: System Address: 0x83c5d1f8 Size: 121 Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_SECURITY] Process: System Address: 0x83c5d1f8 Size: 121 Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_QUOTA] Process: System Address: 0x83c5d1f8 Size: 121 Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_QUOTA] Process: System Address: 0x83c5d1f8 Size: 121 Object: Hidden Code [Driver: Ntfs, IRP_MJ_PNP] Process: System Address: 0x83c5d1f8 Size: 121 Object: Hidden Code [Driver: Fastfat, IRP_MJ_CREATE] Process: System Address: 0x8356d500 Size: 121 Object: Hidden Code [Driver: Fastfat, IRP_MJ_CLOSE] Process: System Address: 0x8356d500 Size: 121 Object: Hidden Code [Driver: Fastfat, IRP_MJ_READ] Process: System Address: 0x8356d500 Size: 121 Object: Hidden Code [Driver: Fastfat, IRP_MJ_WRITE] Process: System Address: 0x8356d500 Size: 121 Object: Hidden Code [Driver: Fastfat, IRP_MJ_QUERY_INFORMATION] Process: System Address: 0x8356d500 Size: 121 Object: Hidden Code [Driver: Fastfat, IRP_MJ_SET_INFORMATION] Process: System Address: 0x8356d500 Size: 121 Object: Hidden Code [Driver: Fastfat, IRP_MJ_QUERY_EA] Process: System Address: 0x8356d500 Size: 121 Object: Hidden Code [Driver: Fastfat, IRP_MJ_SET_EA] Process: System Address: 0x8356d500 Size: 121 Object: Hidden Code [Driver: Fastfat, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x8356d500 Size: 121 Object: Hidden Code [Driver: Fastfat, IRP_MJ_QUERY_VOLUME_INFORMATION] Process: System Address: 0x8356d500 Size: 121 Object: Hidden Code [Driver: Fastfat, IRP_MJ_SET_VOLUME_INFORMATION] Process: System Address: 0x8356d500 Size: 121 Object: Hidden Code [Driver: Fastfat, IRP_MJ_DIRECTORY_CONTROL] Process: System Address: 0x8356d500 Size: 121 Object: Hidden Code [Driver: Fastfat, IRP_MJ_FILE_SYSTEM_CONTROL] Process: System Address: 0x8356d500 Size: 121 Object: Hidden Code [Driver: Fastfat, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x8356d500 Size: 121 Object: Hidden Code [Driver: Fastfat, IRP_MJ_SHUTDOWN] Process: System Address: 0x8356d500 Size: 121 Object: Hidden Code [Driver: Fastfat, IRP_MJ_LOCK_CONTROL] Process: System Address: 0x8356d500 Size: 121 Object: Hidden Code [Driver: Fastfat, IRP_MJ_CLEANUP] Process: System Address: 0x8356d500 Size: 121 Object: Hidden Code [Driver: Fastfat, IRP_MJ_PNP] Process: System Address: 0x8356d500 Size: 121 Object: Hidden Code [Driver: awackd46ࠅ౶瑎䙦܂Èై, IRP_MJ_CREATE] Process: System Address: 0x8394a500 Size: 121 Object: Hidden Code [Driver: awackd46ࠅ౶瑎䙦܂Èై, IRP_MJ_CLOSE] Process: System Address: 0x8394a500 Size: 121 Object: Hidden Code [Driver: awackd46ࠅ౶瑎䙦܂Èై, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x8394a500 Size: 121 Object: Hidden Code [Driver: awackd46ࠅ౶瑎䙦܂Èై, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x8394a500 Size: 121 Object: Hidden Code [Driver: awackd46ࠅ౶瑎䙦܂Èై, IRP_MJ_POWER] Process: System Address: 0x8394a500 Size: 121 Object: Hidden Code [Driver: awackd46ࠅ౶瑎䙦܂Èై, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x8394a500 Size: 121 Object: Hidden Code [Driver: awackd46ࠅ౶瑎䙦܂Èై, IRP_MJ_PNP] Process: System Address: 0x8394a500 Size: 121 Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE] Process: System Address: 0x83a661f8 Size: 121 Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLOSE] Process: System Address: 0x83a661f8 Size: 121 Object: Hidden Code [Driver: Cdrom, IRP_MJ_READ] Process: System Address: 0x83a661f8 Size: 121 Object: Hidden Code [Driver: Cdrom, IRP_MJ_WRITE] Process: System Address: 0x83a661f8 Size: 121 Object: Hidden Code [Driver: Cdrom, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x83a661f8 Size: 121 Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x83a661f8 Size: 121 Object: Hidden Code [Driver: Cdrom, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x83a661f8 Size: 121 Object: Hidden Code [Driver: Cdrom, IRP_MJ_SHUTDOWN] Process: System Address: 0x83a661f8 Size: 121 Object: Hidden Code [Driver: Cdrom, IRP_MJ_POWER] Process: System Address: 0x83a661f8 Size: 121 Object: Hidden Code [Driver: Cdrom, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x83a661f8 Size: 121 Object: Hidden Code [Driver: Cdrom, IRP_MJ_PNP] Process: System Address: 0x83a661f8 Size: 121 Object: Hidden Code [Driver: usbehci, IRP_MJ_CREATE] Process: System Address: 0x83a8f1f8 Size: 121 Object: Hidden Code [Driver: usbehci, IRP_MJ_CLOSE] Process: System Address: 0x83a8f1f8 Size: 121 Object: Hidden Code [Driver: usbehci, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x83a8f1f8 Size: 121 Object: Hidden Code [Driver: usbehci, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x83a8f1f8 Size: 121 Object: Hidden Code [Driver: usbehci, IRP_MJ_POWER] Process: System Address: 0x83a8f1f8 Size: 121 Object: Hidden Code [Driver: usbehci, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x83a8f1f8 Size: 121 Object: Hidden Code [Driver: usbehci, IRP_MJ_PNP] Process: System Address: 0x83a8f1f8 Size: 121 Object: Hidden Code [Driver: usbohci, IRP_MJ_CREATE] Process: System Address: 0x83a871f8 Size: 121 Object: Hidden Code [Driver: usbohci, IRP_MJ_CLOSE] Process: System Address: 0x83a871f8 Size: 121 Object: Hidden Code [Driver: usbohci, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x83a871f8 Size: 121 Object: Hidden Code [Driver: usbohci, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x83a871f8 Size: 121 Object: Hidden Code [Driver: usbohci, IRP_MJ_POWER] Process: System Address: 0x83a871f8 Size: 121 Object: Hidden Code [Driver: usbohci, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x83a871f8 Size: 121 Object: Hidden Code [Driver: usbohci, IRP_MJ_PNP] Process: System Address: 0x83a871f8 Size: 121 Object: Hidden Code [Driver: awxtfrgqࠅs, IRP_MJ_CREATE] Process: System Address: 0x83a7b500 Size: 121 Object: Hidden Code [Driver: awxtfrgqࠅs, IRP_MJ_CLOSE] Process: System Address: 0x83a7b500 Size: 121 Object: Hidden Code [Driver: awxtfrgqࠅs, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x83a7b500 Size: 121 Object: Hidden Code [Driver: awxtfrgqࠅs, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x83a7b500 Size: 121 Object: Hidden Code [Driver: awxtfrgqࠅs, IRP_MJ_POWER] Process: System Address: 0x83a7b500 Size: 121 Object: Hidden Code [Driver: awxtfrgqࠅs, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x83a7b500 Size: 121 Object: Hidden Code [Driver: awxtfrgqࠅs, IRP_MJ_PNP] Process: System Address: 0x83a7b500 Size: 121 Object: Hidden Code [Driver: USBSTOR, IRP_MJ_CREATE] Process: System Address: 0x8397b1f8 Size: 121 Object: Hidden Code [Driver: USBSTOR, IRP_MJ_CLOSE] Process: System Address: 0x8397b1f8 Size: 121 Object: Hidden Code [Driver: USBSTOR, IRP_MJ_READ] Process: System Address: 0x8397b1f8 Size: 121 Object: Hidden Code [Driver: USBSTOR, IRP_MJ_WRITE] Process: System Address: 0x8397b1f8 Size: 121 Object: Hidden Code [Driver: USBSTOR, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x8397b1f8 Size: 121 Object: Hidden Code [Driver: USBSTOR, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x8397b1f8 Size: 121 Object: Hidden Code [Driver: USBSTOR, IRP_MJ_POWER] Process: System Address: 0x8397b1f8 Size: 121 Object: Hidden Code [Driver: USBSTOR, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x8397b1f8 Size: 121 Object: Hidden Code [Driver: USBSTOR, IRP_MJ_PNP] Process: System Address: 0x8397b1f8 Size: 121 Object: Hidden Code [Driver: dmio, IRP_MJ_CREATE] Process: System Address: 0x83c5f1f8 Size: 121 Object: Hidden Code [Driver: dmio, IRP_MJ_CLOSE] Process: System Address: 0x83c5f1f8 Size: 121 Object: Hidden Code [Driver: dmio, IRP_MJ_READ] Process: System Address: 0x83c5f1f8 Size: 121 Object: Hidden Code [Driver: dmio, IRP_MJ_WRITE] Process: System Address: 0x83c5f1f8 Size: 121 Object: Hidden Code [Driver: dmio, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x83c5f1f8 Size: 121 Object: Hidden Code [Driver: dmio, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x83c5f1f8 Size: 121 Object: Hidden Code [Driver: dmio, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x83c5f1f8 Size: 121 Object: Hidden Code [Driver: dmio, IRP_MJ_SHUTDOWN] Process: System Address: 0x83c5f1f8 Size: 121 Object: Hidden Code [Driver: dmio, IRP_MJ_POWER] Process: System Address: 0x83c5f1f8 Size: 121 Object: Hidden Code [Driver: dmio, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x83c5f1f8 Size: 121 Object: Hidden Code [Driver: dmio, IRP_MJ_PNP] Process: System Address: 0x83c5f1f8 Size: 121 Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CREATE] Process: System Address: 0x83bf11f8 Size: 121 Object: Hidden Code [Driver: Ftdisk, IRP_MJ_READ] Process: System Address: 0x83bf11f8 Size: 121 Object: Hidden Code [Driver: Ftdisk, IRP_MJ_WRITE] Process: System Address: 0x83bf11f8 Size: 121 Object: Hidden Code [Driver: Ftdisk, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x83bf11f8 Size: 121 Object: Hidden Code [Driver: Ftdisk, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x83bf11f8 Size: 121 Object: Hidden Code [Driver: Ftdisk, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x83bf11f8 Size: 121 Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SHUTDOWN] Process: System Address: 0x83bf11f8 Size: 121 Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CLEANUP] Process: System Address: 0x83bf11f8 Size: 121 Object: Hidden Code [Driver: Ftdisk, IRP_MJ_POWER] Process: System Address: 0x83bf11f8 Size: 121 Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x83bf11f8 Size: 121 Object: Hidden Code [Driver: Ftdisk, IRP_MJ_PNP] Process: System Address: 0x83bf11f8 Size: 121 Object: Hidden Code [Driver: NetBT, IRP_MJ_CREATE] Process: System Address: 0x8352a500 Size: 121 Object: Hidden Code [Driver: NetBT, IRP_MJ_CLOSE] Process: System Address: 0x8352a500 Size: 121 Object: Hidden Code [Driver: NetBT, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x8352a500 Size: 121 Object: Hidden Code [Driver: NetBT, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x8352a500 Size: 121 Object: Hidden Code [Driver: NetBT, IRP_MJ_CLEANUP] Process: System Address: 0x8352a500 Size: 121 Object: Hidden Code [Driver: NetBT, IRP_MJ_PNP] Process: System Address: 0x8352a500 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_NAMED_PIPE] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLOSE] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_READ] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_WRITE] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_INFORMATION] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_INFORMATION] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_EA] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_EA] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_VOLUME_INFORMATION] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_VOLUME_INFORMATION] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DIRECTORY_CONTROL] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FILE_SYSTEM_CONTROL] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SHUTDOWN] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_LOCK_CONTROL] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLEANUP] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_MAILSLOT] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_SECURITY] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_SECURITY] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_POWER] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CHANGE] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_QUOTA] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_QUOTA] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_PNP] Process: System Address: 0x834411f8 Size: 121 Object: Hidden Code [Driver: Cdfsȅఆ瑁䅭킠ē섓਀TsTabS, IRP_MJ_CREATE] Process: System Address: 0x831c51f8 Size: 121 Object: Hidden Code [Driver: Cdfsȅఆ瑁䅭킠ē섓਀TsTabS, IRP_MJ_CLOSE] Process: System Address: 0x831c51f8 Size: 121 Object: Hidden Code [Driver: Cdfsȅఆ瑁䅭킠ē섓਀TsTabS, IRP_MJ_READ] Process: System Address: 0x831c51f8 Size: 121 Object: Hidden Code [Driver: Cdfsȅఆ瑁䅭킠ē섓਀TsTabS, IRP_MJ_QUERY_INFORMATION] Process: System Address: 0x831c51f8 Size: 121 Object: Hidden Code [Driver: Cdfsȅఆ瑁䅭킠ē섓਀TsTabS, IRP_MJ_SET_INFORMATION] Process: System Address: 0x831c51f8 Size: 121 Object: Hidden Code [Driver: Cdfsȅఆ瑁䅭킠ē섓਀TsTabS, IRP_MJ_QUERY_VOLUME_INFORMATION] Process: System Address: 0x831c51f8 Size: 121 Object: Hidden Code [Driver: Cdfsȅఆ瑁䅭킠ē섓਀TsTabS, IRP_MJ_DIRECTORY_CONTROL] Process: System Address: 0x831c51f8 Size: 121 Object: Hidden Code [Driver: Cdfsȅఆ瑁䅭킠ē섓਀TsTabS, IRP_MJ_FILE_SYSTEM_CONTROL] Process: System Address: 0x831c51f8 Size: 121 Object: Hidden Code [Driver: Cdfsȅఆ瑁䅭킠ē섓਀TsTabS, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x831c51f8 Size: 121 Object: Hidden Code [Driver: Cdfsȅఆ瑁䅭킠ē섓਀TsTabS, IRP_MJ_SHUTDOWN] Process: System Address: 0x831c51f8 Size: 121 Object: Hidden Code [Driver: Cdfsȅఆ瑁䅭킠ē섓਀TsTabS, IRP_MJ_LOCK_CONTROL] Process: System Address: 0x831c51f8 Size: 121 Object: Hidden Code [Driver: Cdfsȅఆ瑁䅭킠ē섓਀TsTabS, IRP_MJ_CLEANUP] Process: System Address: 0x831c51f8 Size: 121 Object: Hidden Code [Driver: Cdfsȅఆ瑁䅭킠ē섓਀TsTabS, IRP_MJ_PNP] Process: System Address: 0x831c51f8 Size: 121 ==EOF==
  24. st22026
    Ca ne me le fait pas sur un site particulier mais plutôt lorsque emule ou utorrent est lancé,en clair quand les pages mettent plus de temps a s'afficher. J'ai remarqué que lorsque ces sites s'affichent,le logo (tout le temps)à gauche de l'URL ressemble au logo du site katz.cd Je ne pense pas que j'ai chopé un truc sur du p2p mais plutot en parcourant le web. J'ai téléchargé GMER puis lancé l'analyse,quand je suis revenu sur le PC,toutes les fenêtres étaient éteintes ! Alors j'ai relancé mais il y a un message d'erreur qui me met "**** a rencontré un problème et doit fermer blabla" J'ai supprimé puis retéléchargé le fichier .exe 2 fois,même problème.
  25. st22026
    Logfile of random's system information tool 1.06 (written by random/random) Run at 2010-05-20 12:47:48 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 17 GB (24%) free of 73 GB Total RAM: 767 MB (41% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:47:55, on 20/05/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Acer\Empowering Technology\ePerformance\MemCheck.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Java\jre6\bin\jqs.exe c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe D:\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe D:\Folder Lockbox\flockbox.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (16)\utorrent.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (20)\eMule\emule.exe C:\Documents and Settings\Adrien\Bureau\Raccourcis Bureau non utilisés\RSIT.exe D:\Adrien.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Orbitdownloader\orbitcth.dll O2 - BHO: (no name) - {0EEDB912-C5FA-486F-8334-57288578C627} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {6A87B991-A31F-4130-AE72-6D0C294BF082} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file) O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [flockbox] D:\Folder Lockbox\flockbox.exe /a O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: &Download by Orbit - res://D:\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://D:\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://D:\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (21)\P2P Rocket\Plugins\RazaWebHook.dll/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://D:\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://D:\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://D:\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://D:\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGam...1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O20 - AppInit_DLLs: O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing) O23 - Service: BroadCam Service (BroadCamService) - Unknown owner - C:\Program Files\NCH Software\BroadCam\broadCam.exe (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Eyeline Service (EyelineService) - Unknown owner - C:\Program Files\NCH Software\Eyeline\eyeline.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing) O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing) O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Alcohol 120\StarWind\StarWindServiceAE.exe -- End of file - 11320 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3874232922-622592756-1272493053-1006Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3874232922-622592756-1272493053-1006UA.job C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3874232922-622592756-1272493053-1006.job C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3874232922-622592756-1272493053-1006.job C:\WINDOWS\tasks\User_Feed_Synchronization-{5E39FACB-FF9D-4260-963F-CCB597CFD3B7}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}] Octh Class - D:\Orbitdownloader\orbitcth.dll [2010-03-08 240912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EEDB912-C5FA-486F-8334-57288578C627}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - D:\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-19 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-19 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}] EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-03-08 106496] {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll [2006-05-10 131072] {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "flockbox"=D:\Folder Lockbox\flockbox.exe [2006-11-10 1065984] "BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent [] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-07-12 7626752] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2010-04-15 202256] "SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\%FP%Friendly fts.exe] C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe [2003-05-06 72192] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe [2006-04-18 49152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2010-03-06 524632] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] D:\Alcohol 120\axcmd.exe [2009-04-24 203928] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\au] C:\Program Files\Dealio\DealioAU.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!] D:\QUARAN~1\ashDisp.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA] C:\Program Files\DNA\btdna.exe [2009-03-16 342848] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\brastk] C:\WINDOWS\system32\brastk.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\braviax] braviax.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BroadCamRun] C:\Program Files\NCH Software\BroadCam\broadCam.exe -logon [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice] C:\WINDOWS\system32\browserchoice.exe [2010-02-12 293376] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] D:\DAEMON Tools Lite\daemon.exe [2009-04-23 691656] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DSLAGENTEXE] dslagent.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2006-03-17 345088] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray] C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-06-01 413696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EyelineRun] C:\Program Files\NCH Software\Eyeline\eyeline.exe -logon [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Documents and Settings\Adrien\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-28 133104] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2004-08-10 44032] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] D:\iTunesHelper.exe [2010-02-15 141608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchApp] Alaunch [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsgCenterExe] C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe [2010-04-15 75320] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msword98] C:\WINDOWS\system32\msword98.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] C:\WINDOWS\system32\NvMcTray.dll [2006-07-12 86016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Antispyware 2010] C:\Program Files\PC_Antispyware2010\PC_Antispyware2010.exe /hide [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe -atboottime [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\realtekc] C:\Documents and Settings\Adrien\Application Data\Gmail\exiap6415386.exe 2 [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Regedit32] C:\WINDOWS\system32\regedit.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RelevantKnowledge] C:\program files\relevantknowledge\rlvknlg.exe -boot [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] C:\WINDOWS\RTHDCPL.EXE [2006-06-01 16208384] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] SkyTel.EXE [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] D:\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SRS Audio Sandbox] D:\SRSSSC.exe /hideme [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\stvamvqu] C:\Documents and Settings\Adrien\Local Settings\Application Data\qeippu\ugjtsftav.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] D:\Unlocker\UnlockerAssistant.exe [2008-05-02 15872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateWin] C:\WINDOWS\system32\adsmsexth.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\userinit] C:\WINDOWS\system32\ntos.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Adrien^Mes documents^Menu Démarrer^Programmes^Démarrage^Free Music Zilla.lnk] D:\FREEMU~1\FMZilla.exe [2009-11-05 736512] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acer Empowering Technology.lnk] C:\Acer\EMPOWE~1\ACEREM~1.EXE [2006-06-01 45056] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acer WLAN 11g USB Dongle.lnk] C:\PROGRA~1\ACERWL~1\ZDWlan.exe [2005-11-16 745472] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk] C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2004-12-14 29696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [1999-02-17 65588] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"=" " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=scecli clrtolsm.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger" "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019" "D:\SopCast\SopCast.exe"="D:\SopCast\SopCast.exe:*:Disabled:SopCast Main Application" "D:\Program Files\TVAnts\Tvants.exe"="D:\Program Files\TVAnts\Tvants.exe:*:Disabled:TVAnts" "D:\VLC\vlc.exe"="D:\VLC\vlc.exe:*:Disabled:VLC media player" "C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Disabled:Windows Media Player" "C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000" "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Disabled:DNA" "D:\Free Music Zilla\FMZilla.exe"="D:\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla" "C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe"="C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe:*:Disabled:Java Platform SE binary" "D:\Real Alternative\Media Player Classic\mplayerc.exe"="D:\Real Alternative\Media Player Classic\mplayerc.exe:*:Disabled:Media Player Classic" "C:\Program Files\MySpace\IM\MySpaceIM.exe"="C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Disabled:MySpaceIM" "D:\NetXfer\NetTransport.exe"="D:\NetXfer\NetTransport.exe:*:Disabled:NetXfer Download Manager" "D:\Orbitdownloader\orbitnet.exe"="D:\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit" "D:\Orbitdownloader\orbitdm.exe"="D:\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit" "D:\SopCast\adv\SopAdver.exe"="D:\SopCast\adv\SopAdver.exe:*:Disabled:SopCast Adver" "D:\StationRipper\StationRipperConsole.exe"="D:\StationRipper\StationRipperConsole.exe:*:Disabled:StationRipperConsole" "C:\WINDOWS\system32\drivers\svchost.exe"="C:\WINDOWS\system32\drivers\svchost.exe:*:Disabled:svchost" "C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (20)\eMule\emule.exe"="C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (20)\eMule\emule.exe:*:Enabled:eMule" "C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (18)\BitTorrent\bittorrent.exe"="C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (18)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (16)\utorrent.exe"="C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (16)\utorrent.exe:*:Enabled:µTorrent" "C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (19)\eMule\skins\skins\Assault.exe"="C:\Program Files\MediaInfo\Nouveau dossier (18)\Nouveau dossier (19)\eMule\skins\skins\Assault.exe:*:Enabled:Assault" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" "C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "D:\iTunes.exe"="D:\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{332131b9-2a55-11de-b264-00192148152f}] shell\AutoRun\command - K:\Menu.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d23d210-93af-11db-acae-000e9b25862d}] shell\AutoRun\command - K:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\truecrypt.exe shell\open\command - K:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\truecrypt.exe ======List of files/folders created in the last 1 months====== 2010-05-19 12:42:07 ----N---- C:\WINDOWS\system32\spmsg.dll 2010-05-19 12:27:33 ----A---- C:\wmp11-windowsxp-x86-FR-FR.exe 2010-05-19 09:58:16 ----D---- C:\Documents and Settings\All Users\Application Data\Sun 2010-05-19 09:57:31 ----A---- C:\WINDOWS\system32\javaws.exe 2010-05-19 09:57:31 ----A---- C:\WINDOWS\system32\javaw.exe 2010-05-19 09:57:31 ----A---- C:\WINDOWS\system32\java.exe 2010-05-19 09:57:31 ----A---- C:\WINDOWS\system32\deployJava1.dll 2010-05-19 09:55:59 ----A---- C:\Program Files\jxpiinstall.exe 2010-05-18 17:41:16 ----D---- C:\Documents and Settings\Adrien\Application Data\QuickScan 2010-05-15 11:58:25 ----A---- C:\mbam-error.txt 2010-05-12 06:39:45 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$ 2010-04-26 17:13:28 ----A---- C:\Program Files\windows-media-player-firefox-plugin_windows_media_player_firefox_plugin_1.0.0.8_anglais_35439.exe ======List of files/folders modified in the last 1 months====== 2010-05-20 12:47:50 ----D---- C:\Documents and Settings\Adrien\Application Data\uTorrent 2010-05-20 12:47:49 ----D---- C:\WINDOWS\Prefetch 2010-05-20 11:32:38 ----D---- C:\Documents and Settings\Adrien\Application Data\Orbit 2010-05-20 10:55:44 ----D---- C:\WINDOWS\temp 2010-05-20 10:20:48 ----D---- C:\WINDOWS\system32\CatRoot2 2010-05-20 10:20:45 ----D---- C:\WINDOWS\Registration 2010-05-20 10:20:29 ----D---- C:\WINDOWS 2010-05-20 03:03:05 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-05-19 19:40:00 ----D---- C:\WINDOWS\system32 2010-05-19 12:42:57 ----D---- C:\WINDOWS\system32\CatRoot 2010-05-19 12:42:08 ----HD---- C:\WINDOWS\inf 2010-05-19 12:41:39 ----D---- C:\Program Files\Windows Media Player 2010-05-19 12:41:10 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-05-19 12:41:10 ----D---- C:\WINDOWS\Help 2010-05-19 09:58:15 ----SHD---- C:\WINDOWS\Installer 2010-05-19 09:58:14 ----D---- C:\Program Files\Fichiers communs\Java 2010-05-19 09:57:07 ----D---- C:\Program Files\Java 2010-05-19 09:56:00 ----RD---- C:\Program Files 2010-05-18 18:44:47 ----AD---- C:\WINDOWS\system32\drivers 2010-05-18 13:14:02 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2010-05-17 15:47:00 ----D---- C:\Documents and Settings\Adrien\Application Data\BitTorrent 2010-05-15 14:14:37 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$ 2010-05-15 11:58:24 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-05-12 06:39:47 ----D---- C:\Program Files\Outlook Express 2010-05-12 06:33:05 ----HD---- C:\WINDOWS\$hf_mig$ 2010-05-06 16:49:09 ----A---- C:\WINDOWS\win.ini 2010-05-06 13:23:43 ----AC---- C:\WINDOWS\ModemLog_Modem Bluetooth.txt 2010-05-03 17:00:43 ----D---- C:\tempocapt 2010-04-30 20:51:06 ----A---- C:\WINDOWS\system32\MRT.exe 2010-04-28 23:04:58 ----D---- C:\WINDOWS\network diagnostic 2010-04-27 13:23:13 ----SD---- C:\WINDOWS\Tasks 2010-04-26 15:38:09 ----D---- C:\Documents and Settings\Adrien\Application Data\vlc 2010-04-25 01:00:41 ----D---- C:\Program Files\Bonjour ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520] R1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys [1999-09-10 25244] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816] R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys [] R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys [] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752] R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\drivers\PfModNT.sys [] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-05-12 1342602] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-05 4284928] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-08-11 6144] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-07-12 3934592] R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-04-30 47360] R3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 VPCNetS2;Virtual Machine Network Services Driver; C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys [2003-09-19 45056] R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-06-29 244864] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] S3 a87y7u6e;a87y7u6e; C:\WINDOWS\system32\drivers\a87y7u6e.sys [] S3 albe4huy;albe4huy; C:\WINDOWS\system32\drivers\albe4huy.sys [] S3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2006-05-12 401664] S3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-05-12 30363] S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024] S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120] S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768] S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944] S3 BTWDNDIS;Serveur d'accès au réseau local Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-05-12 148168] S3 btwmodem;Modem Bluetooth; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2006-05-12 30189] S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-05-12 57320] S3 catchme;catchme; \??\C:\DOCUME~1\Adrien\LOCALS~1\Temp\catchme.sys [] S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [] S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-10 12288] S3 PPPoEWin;PPPoEWin Miniport; C:\WINDOWS\system32\DRIVERS\PPPoEWin.SYS [2003-09-25 104375] S3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys [] S3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys [] S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136] S3 SRS_SSCFilter;SRS Labs Audio Sandbox (WDM); C:\WINDOWS\system32\drivers\srs_sscfilter_i386.sys [2007-05-03 39552] S3 tapavpn;Steganos Anonym VPN Adapter; C:\WINDOWS\system32\DRIVERS\tapavpn.sys [2007-10-19 24320] S3 USB_RNDIS;USB Remote NDIS Network Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 402432] S3 ZD1211U(ZyDAS);ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211u.sys [2005-10-04 280064] S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-10 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AcerMemUsageCheckService;Memory Check Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-05-11 28672] R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672] R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe [2006-05-12 258103] R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568] R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-05-19 153376] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-03-06 1029456] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-02-17 73728] R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-07-12 155715] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 StarWindServiceAE;StarWind AE Service; D:\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [] S2 BroadCamService;BroadCam Service; C:\Program Files\NCH Software\BroadCam\broadCam.exe -service [] S2 EyelineService;Eyeline Service; C:\Program Files\NCH Software\Eyeline\eyeline.exe -service [] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [] S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe -d -f C:\Program Files\WinPcap\rpcapd.ini [] S4 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE [1999-12-13 44032] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------
×
×
  • Créer...