Aller au contenu

FURIOUS BOB

Membres
  • Compteur de contenus

    23
  • Inscription

  • Dernière visite

Tout ce qui a été posté par FURIOUS BOB

  1. Besoin d'aide, svp !!
  2. bonjour a tous, mon PC est sans doute vérolé par je ne sais bien quoi : navigteur google chrome bloqué, seul internet explorer fonctionne presque mais sans icone, ni aucune image, liens décalés ... juste avant que les dysfonctionnements s'accentue j'ai supprimé "navigateur offerbox", programme malveillant que j'ai eu un peu de mal à enlever... je le soupçonne d'être la source du problème mais sans certitude, depuis je galère sec. le PC est sous Windows 7, avec mac afee acheté récemment. je l'ai scanné avec mon antivirus, MBAM, Ccleaner, f secure en ligne ..bref : Y'a -t'il un bienveillant qui pourrait m'aider à éliminer le malveillant qui sabote mon ordi ? D'avance merci,
  3. Salut oGu, J'ai une partition du disque dur interne en 4 je n'en ai pas en version externe il reste 28.6 Go de libre sur le disque de données, 20 Go sur le back up et 2.8 Go sur le recover pour la partie de la manip par RegFIX je le fais avec quel logiciel ??? j'ai déjà executer les deux premières A+
  4. Merci de ton aide et de ton expertise !!

    La lutte armée contre la vermine numérique continue,

    aligatou gozaimasu

    oGu-san

    En savoir plus  
  5. J'ai viré spybot, je fait confiance à ton expérience et garde MBAM ! je galere un peuen fait, le PC est plus rapide et marche bien 95 % du temps mais il plante de temps en temps notamment sur le panneau de config par exemple ! hier blocage puis écran bleu avec MACHINE_CHSAISPAKOI_EXCEPTION vide de la mémoire physique(tout en bas), redémmarage imposé au bouton on/off (désolé c'est pas trés clair mais j'ai pas trop observé le truc) bref la panique : si ce n'est pas un programme malveillant, je me demande si j'ai pas un élément de la tour qui rend l'âme .... voici le rapport Rsit A+ Logfile of random's system information tool 1.06 (written by random/random) Run by DELAPAMPA at 2009-11-25 18:48:15 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 24 GB (25%) free of 94 GB Total RAM: 1023 MB (47% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:48:25, on 25/11/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\Dit.exe C:\WINDOWS\mHotkey.exe C:\WINDOWS\CNYHKey.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Home Cinema\PowerCinema\PCMService.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\uTorrent\uTorrent.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\DELAPAMPA\Mes documents\Downloads\RSIT (1).exe C:\Program Files\Trend Micro\HijackThis\DELAPAMPA.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = pop.free.fr R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {72ED067B-303D-48A2-8211-AFD8D98BE44A} - (no file) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file) O2 - BHO: (no name) - {CAE07211-9B79-4392-B6D6-59C7800ECD9F} - (no file) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing) O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [spybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck /autofix /autoclose /waitstart O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [indexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\ASScrProlog.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk.disabled O4 - Global Startup: Assistant d'Acrobat.lnk.disabled O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1206711224812 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1207653252687 O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file://C:\Program Files\MDT6\AcDcToday.ocx O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} - file://C:\Program Files\MDT6\InstBanr.ocx O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} - file://C:\Program Files\MDT6\InstFred.ocx O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file://C:\Program Files\MDT6\AcPreview.ocx O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 11247 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\MP Scheduled Scan.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72ED067B-303D-48A2-8211-AFD8D98BE44A}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] AcroIEToolbarHelper Class - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAE07211-9B79-4392-B6D6-59C7800ECD9F}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-11-24 344064] "Dit"=C:\WINDOWS\Dit.exe [2004-07-20 90112] "CHotkey"=C:\WINDOWS\mHotkey.exe [2004-02-24 508416] "ledpointer"=C:\WINDOWS\CNYHKey.exe [2004-02-03 5794816] "AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2005-03-04 88209] "PCMService"=C:\Program Files\Home Cinema\PowerCinema\PCMService.exe [2004-11-09 81920] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584] "SpybotSnD"=C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe [2009-01-26 5365592] "IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2007-02-06 849280] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] "SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472] "PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-01-29 30248] "IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-01-29 46632] "PPort11reminder"=C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-02-01 255528] "BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-03-12 663552] "ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2007-01-26 65536] "ASUS Camera ScreenSaver"=C:\WINDOWS\ASScrProlog.exe [2008-10-31 37232] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Adobe Gamma Loader.lnk.disabled - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe Assistant d'Acrobat.lnk.disabled - C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe BTTray.lnk - C:\Program Files\MSI\Bluetooth Software\BTTray.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2004-11-24 94208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "legalnoticecaption"= "legalnoticetext"= [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent" "C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb" "C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray" "C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Pando Networks\Pando\pando.exe"="C:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled:Pando Application" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" ======File associations====== .scr - open - C:\WINDOWS\NOTEPAD.EXE "%1" .scr - install - .scr - config - ======List of files/folders created in the last 1 months====== 2009-11-19 16:55:37 ----D---- C:\Program Files\Avira 2009-11-19 16:55:37 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2009-11-13 13:04:19 ----D---- C:\WINDOWS\temp 2009-11-13 13:04:17 ----A---- C:\ComboFix.txt 2009-11-13 12:48:29 ----D---- C:\ComboFix 2009-11-12 11:11:00 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$ 2009-11-11 11:01:16 ----A---- C:\WINDOWS\zip.exe 2009-11-11 11:01:16 ----A---- C:\WINDOWS\SWXCACLS.exe 2009-11-11 11:01:16 ----A---- C:\WINDOWS\SWSC.exe 2009-11-11 11:01:16 ----A---- C:\WINDOWS\SWREG.exe 2009-11-11 11:01:16 ----A---- C:\WINDOWS\sed.exe 2009-11-11 11:01:16 ----A---- C:\WINDOWS\PEV.exe 2009-11-11 11:01:16 ----A---- C:\WINDOWS\NIRCMD.exe 2009-11-11 11:01:16 ----A---- C:\WINDOWS\MBR.exe 2009-11-11 11:01:16 ----A---- C:\WINDOWS\grep.exe 2009-10-29 20:49:09 ----A---- C:\Boot.bak 2009-10-29 20:49:01 ----RASHD---- C:\cmdcons 2009-10-26 20:02:12 ----D---- C:\rsit 2009-10-26 13:50:03 ----D---- C:\Program Files\Trend Micro ======List of files/folders modified in the last 1 months====== 2009-11-25 18:48:24 ----D---- C:\WINDOWS\Prefetch 2009-11-25 18:48:08 ----D---- C:\Documents and Settings\DELAPAMPA\Application Data\uTorrent 2009-11-25 18:48:04 ----A---- C:\WINDOWS\NeroDigital.ini 2009-11-25 08:54:03 ----D---- C:\WINDOWS\system32 2009-11-25 08:54:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-11-25 08:53:24 ----SD---- C:\WINDOWS\Tasks 2009-11-25 08:50:34 ----D---- C:\WINDOWS\system32\CatRoot2 2009-11-25 08:50:09 ----A---- C:\WINDOWS\ModemLog_Bluetooth Modem.txt 2009-11-25 08:49:38 ----D---- C:\WINDOWS\Minidump 2009-11-25 08:49:33 ----D---- C:\WINDOWS 2009-11-21 11:52:03 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-11-19 16:56:10 ----HD---- C:\WINDOWS\inf 2009-11-19 16:56:10 ----D---- C:\WINDOWS\system32\drivers 2009-11-19 16:55:37 ----RAD---- C:\Program Files 2009-11-19 08:22:26 ----SHD---- C:\WINDOWS\Installer 2009-11-19 08:22:26 ----D---- C:\Config.Msi 2009-11-19 08:22:24 ----D---- C:\WINDOWS\WinSxS 2009-11-19 08:22:22 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2009-11-14 15:06:00 ----D---- C:\Program Files\Mozilla Firefox 2009-11-13 13:04:20 ----D---- C:\QooBox 2009-11-13 12:57:06 ----A---- C:\WINDOWS\system.ini 2009-11-13 12:54:01 ----D---- C:\WINDOWS\AppPatch 2009-11-13 12:53:59 ----D---- C:\Program Files\Fichiers communs 2009-11-13 12:45:11 ----SHD---- C:\System Volume Information 2009-11-13 12:45:11 ----D---- C:\WINDOWS\system32\Restore 2009-11-12 11:23:40 ----A---- C:\WINDOWS\win.ini 2009-11-12 11:21:16 ----D---- C:\WINDOWS\Debug 2009-11-12 11:20:11 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-11-11 11:42:35 ----HD---- C:\WINDOWS\$hf_mig$ 2009-11-11 11:07:42 ----D---- C:\WINDOWS\system32\config 2009-11-11 11:07:32 ----D---- C:\WINDOWS\erdnt 2009-11-11 11:07:12 ----D---- C:\Program Files\Google 2009-11-11 10:02:54 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-11-09 19:51:50 ----D---- C:\Documents and Settings\DELAPAMPA\Application Data\Lavasoft 2009-11-09 19:51:48 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe 2009-11-02 20:42:06 ----N---- C:\WINDOWS\system32\MpSigStub.exe 2009-11-02 19:50:58 ----D---- C:\RECYCLER 2009-10-31 14:05:22 ----D---- C:\WINDOWS\system32\wbem 2009-10-30 08:14:13 ----D---- C:\Program Files\TF1Vision 2009-10-29 21:14:27 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-10-29 20:53:46 ----RSD---- C:\WINDOWS\Fonts 2009-10-29 20:49:09 ----RASH---- C:\boot.ini 2009-10-26 13:51:43 ----D---- C:\Program Files\Malwarebytes' Anti-Malware ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 43520] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-11-24 28520] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-24 55656] R3 3xHybrid;3xHybrid service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2004-10-06 945152] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-11-24 872960] R3 atinrvxx;ATI WDM Rage Theater Video; C:\WINDOWS\system32\DRIVERS\atinrvxx.sys [2004-08-03 105984] R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2004-03-31 16640] R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2004-03-31 30235] R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2004-03-31 146684] R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2004-12-17 804800] R3 FA31X;NETGEAR FA311/FA312 NDIS 5.0 Miniport Driver; C:\WINDOWS\system32\DRIVERS\FA31XND5.SYS [2002-05-15 16007] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288] R3 MVDCODEC;ATI WDM Specialized MVD Codec; C:\WINDOWS\system32\DRIVERS\atinmdxx.sys [2004-08-03 13824] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-10-20 33280] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-10-20 12928] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368] R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-11-08 21760] R3 PRISM_A00;CREATIX 802.11g Driver; C:\WINDOWS\system32\DRIVERS\PRISMA00.sys [2004-01-16 380736] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888] R3 UKBFLT;UKBFLT; C:\WINDOWS\system32\DRIVERS\UKBFLT.sys [2003-12-19 11672] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984] S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [] S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [] S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-03-04 1066278] S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295] S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2004-03-31 52856] S3 CardReaderFilter;Card Reader Filter; \??\C:\WINDOWS\system32\Drivers\USBCRFT.SYS [] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591] S3 FA312;Pilote de la carte Fast Ethernet FA330/FA312/FA311 NETGEAR; C:\WINDOWS\system32\DRIVERS\FA312nd5.sys [2001-08-17 16074] S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2000-11-07 17490] S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2000-11-07 45965] S3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128] S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 NETMDUSB;Net MD; C:\WINDOWS\System32\Drivers\NETMDUSB.sys [2001-12-11 37087] S3 PALLADIA;Palladia 300/400 Usb Adsl Modem; C:\WINDOWS\system32\DRIVERS\usbiad.sys [2004-07-14 31547] S3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [] S3 QV2KUX;Appareil photo numérique Casio; C:\WINDOWS\system32\DRIVERS\qv2kux.sys [2001-08-17 3328] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usb_rndisx;Carte ISDN USB; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-26 36864] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 X10UIF;%DESCRIPTION%; C:\WINDOWS\System32\Drivers\x10uif.sys [2001-11-14 10761] S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys [2008-07-08 103936] S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys [2008-07-08 103936] S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys [2008-07-08 103936] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-11-24 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-11-24 185089] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-11-24 425984] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 btwdins;Bluetooth Service; C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe [2004-03-31 135168] R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168] R3 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [] S2 qgehicwx;USB Serial Converter Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2005-05-19 68096] S3 AdobeVersionCue;AdobeVersionCue; C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe [2003-10-22 61440] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe [2004-12-13 65536] S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe [2004-12-13 1527893] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-11-14 1836544] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 SPTISRV;Sony SPTI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe [2002-03-13 65536] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------
  6. salut , oui je l'ai fait, mais comment je procède ? oh fait par quoi remplcaer spybot selon toi?
  7. Salut! le voici Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tkrhoghe] ⴠⴭⴭⴭⴭⴭⴭ਍Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tkrhoghe] ⴠⴭⴭⴭⴭⴭⴭ਍ merci pour ces infos. Il faut donc que j'investisse dans un nouveau disque externe avant de faire le ghost.
  8. Salut oGu, Le rapport est ici. Merci, t'es un chef, mon ordi rame bien moins désormais ! J'ai encore deux questions, purement technique cette fois : 1/Sais tu comment on procède pour faire un ghost CD? 2/Avec spybot + antivir, dois je rajouter autre chose pour sécuriser au mieux mon PC ? ComboFix 09-11-13.04 - DELAPAMPA 13/11/2009 12:49.11.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.428 [GMT 1:00] Lancé depuis: c:\documents and settings\DELAPAMPA\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\DELAPAMPA\Bureau\CFScript (3).txt AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7} AV: BullGuard 5.0 antivirus *On-access scanning disabled* (Updated) {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913} FW: BullGuard 5.0 firewall *disabled* {2AEF4CB6-61B5-4E60-AF22-D95E75B63FA1} FILE :: "c:\program files\google\googletoolbar1.dll" "c:\windows\TEMP\TMP0000001F96B43AD95BD351D8" . ((((((((((((((((((((((((((((( Fichiers créés du 2009-10-13 au 2009-11-13 )))))))))))))))))))))))))))))))))))) . 2009-11-09 18:57 . 2009-11-09 18:57 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2009-11-09 18:55 . 2008-10-30 09:21 75072 ----a-w- c:\windows\system32\drivers\avipbb.sys 2009-11-09 18:55 . 2008-05-09 11:15 45376 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2009-11-09 18:55 . 2008-01-21 16:11 22336 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2009-11-09 18:55 . 2009-11-09 18:55 -------- d-----w- c:\program files\Avira 2009-11-09 18:55 . 2009-11-09 18:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2009-10-26 19:02 . 2009-10-26 19:02 -------- d-----w- C:\rsit 2009-10-26 12:50 . 2009-10-26 12:50 -------- d-----w- c:\program files\Trend Micro 2009-10-16 15:51 . 2009-10-06 11:40 545280 ----a-w- c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe 2009-10-16 15:51 . 2009-10-06 11:40 344064 ----a-w- c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\piclens@cooliris.com\libs\LaunchCooliris.exe 2009-10-16 15:51 . 2009-10-06 11:40 153600 ----a-w- c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll 2009-10-16 15:51 . 2009-10-06 11:40 103424 ----a-w- c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\piclens@cooliris.com\libs\pixomatic.dll 2009-10-16 15:51 . 2009-10-06 11:40 4716544 ----a-w- c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\piclens@cooliris.com\components\cooliris.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-13 11:47 . 2005-03-07 18:27 84702 ----a-w- c:\windows\system32\perfc00C.dat 2009-11-13 11:47 . 2005-03-07 18:27 510144 ----a-w- c:\windows\system32\perfh00C.dat 2009-11-13 11:43 . 2005-03-08 14:26 17408 ----a-w- c:\windows\system32\drivers\USBCRFT.SYS 2009-11-12 23:24 . 2007-09-02 20:02 -------- d-----w- c:\documents and settings\DELAPAMPA\Application Data\uTorrent 2009-11-11 10:07 . 2005-10-17 17:07 -------- d-----w- c:\program files\Google 2009-11-11 09:02 . 2006-03-05 16:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-11-09 18:51 . 2006-05-05 19:18 -------- d-----w- c:\documents and settings\DELAPAMPA\Application Data\Lavasoft 2009-11-02 19:42 . 2009-10-03 12:47 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-10-30 07:14 . 2007-09-02 21:01 -------- d-----w- c:\program files\TF1Vision 2009-10-29 20:14 . 2006-03-05 16:33 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-10-26 12:51 . 2008-10-09 17:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-09-11 14:18 . 2004-08-05 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-10 13:54 . 2008-10-09 17:08 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-10 13:53 . 2008-10-09 17:08 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-04 21:04 . 2004-08-05 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-08-29 07:56 . 2004-08-05 12:00 916480 ------w- c:\windows\system32\wininet.dll 2009-08-26 08:01 . 2004-08-05 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll 2009-08-23 02:28 . 2005-05-19 18:04 99152 ----a-w- c:\documents and settings\DELAPAMPA\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-08-20 13:09 . 2009-08-20 13:09 1193832 ----a-w- c:\windows\system32\FM20.DLL 2007-11-14 11:57 . 2007-11-14 11:57 135680 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . ((((((((((((((((((((((((((((( SnapShot@2009-10-29_19.56.50 ))))))))))))))))))))))))))))))))))))))))) . - 2005-03-07 18:27 . 2009-10-26 19:03 71320 c:\windows\system32\perfc009.dat + 2005-03-07 18:27 . 2009-11-13 11:47 71320 c:\windows\system32\perfc009.dat + 2008-01-24 11:46 . 2007-11-08 17:03 21248 c:\windows\system32\drivers\ssmdrv.sys - 2009-10-20 00:45 . 2009-10-20 00:45 38240 c:\windows\Installer\{90120000-0020-040C-0000-0000000FF1CE}\O12ConvIcon.exe + 2009-11-12 10:22 . 2009-11-12 10:22 38240 c:\windows\Installer\{90120000-0020-040C-0000-0000000FF1CE}\O12ConvIcon.exe - 2005-09-10 18:00 . 2009-10-14 20:27 23040 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe + 2005-09-10 18:00 . 2009-11-12 10:23 23040 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe - 2005-09-10 18:00 . 2009-10-14 20:27 61440 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe + 2005-09-10 18:00 . 2009-11-12 10:23 61440 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe - 2005-09-10 18:00 . 2009-10-14 20:27 27136 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe + 2005-09-10 18:00 . 2009-11-12 10:23 27136 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe + 2005-09-10 18:00 . 2009-11-12 10:23 11264 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe - 2005-09-10 18:00 . 2009-10-14 20:27 11264 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe - 2005-09-10 18:00 . 2009-10-14 20:27 86016 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe + 2005-09-10 18:00 . 2009-11-12 10:23 86016 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe - 2005-09-10 18:00 . 2009-10-14 20:27 12288 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe + 2005-09-10 18:00 . 2009-11-12 10:23 12288 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe + 2005-09-10 18:00 . 2009-11-12 10:23 4096 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe - 2005-09-10 18:00 . 2009-10-14 20:27 4096 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe - 2005-03-07 18:27 . 2009-10-26 19:03 440654 c:\windows\system32\perfh009.dat + 2005-03-07 18:27 . 2009-11-13 11:47 440654 c:\windows\system32\perfh009.dat + 2005-03-07 11:33 . 2009-11-12 10:35 355360 c:\windows\system32\FNTCACHE.DAT - 2005-03-07 11:33 . 2009-08-23 02:28 355360 c:\windows\system32\FNTCACHE.DAT + 2005-09-10 18:00 . 2009-11-12 10:23 409600 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe - 2005-09-10 18:00 . 2009-10-14 20:27 409600 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe + 2005-09-10 18:00 . 2009-11-12 10:23 286720 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe - 2005-09-10 18:00 . 2009-10-14 20:27 286720 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe + 2005-09-10 18:00 . 2009-11-12 10:23 249856 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe - 2005-09-10 18:00 . 2009-10-14 20:27 249856 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe + 2005-09-10 18:00 . 2009-11-12 10:23 794624 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe - 2005-09-10 18:00 . 2009-10-14 20:27 794624 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe - 2005-09-10 18:00 . 2009-10-14 20:27 135168 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe + 2005-09-10 18:00 . 2009-11-12 10:23 135168 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe + 2005-09-10 18:00 . 2009-11-12 10:23 593920 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe - 2005-09-10 18:00 . 2009-10-14 20:27 593920 c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe + 2009-11-04 19:37 . 2008-07-08 13:04 406392 c:\windows\ie8updates\KB976749-IE8\spuninst\updspapi.dll + 2009-11-04 19:37 . 2008-07-08 13:03 234872 c:\windows\ie8updates\KB976749-IE8\spuninst\spuninst.exe + 2004-08-05 12:00 . 2009-08-14 15:13 1850752 c:\windows\system32\win32k.sys + 2004-08-05 12:00 . 2009-10-22 09:17 5939712 c:\windows\system32\mshtml.dll + 2008-10-15 06:48 . 2009-08-14 15:13 1850752 c:\windows\system32\dllcache\win32k.sys + 2004-08-05 12:00 . 2009-10-22 09:17 5939712 c:\windows\system32\dllcache\mshtml.dll + 2009-10-22 11:46 . 2009-10-22 11:46 6821888 c:\windows\Installer\5311697.msp + 2009-08-18 11:58 . 2009-08-18 11:58 8301056 c:\windows\Installer\531167f.msp + 2009-10-06 17:40 . 2009-10-06 17:40 7681024 c:\windows\Installer\5311674.msp + 2009-10-22 11:28 . 2009-10-22 11:28 5521408 c:\windows\Installer\531165c.msp + 2009-11-04 19:37 . 2009-08-29 07:56 5940224 c:\windows\ie8updates\KB976749-IE8\mshtml.dll + 2005-05-22 12:03 . 2009-11-05 17:36 26768832 c:\windows\system32\MRT.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-24 344064] "PCMService"="c:\program files\Home Cinema\PowerCinema\PCMService.exe" [2004-11-09 81920] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584] "SpybotSnD"="c:\program files\Spybot - Search & Destroy\SpybotSD.exe" [2009-01-26 5365592] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 849280] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 30248] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 46632] "PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528] "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 663552] "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 65536] "ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2008-10-31 37232] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "Dit"="Dit.exe" - c:\windows\Dit.exe [2004-07-20 90112] "CHotkey"="mHotkey.exe" - c:\windows\mHotkey.exe [2004-02-24 508416] "ledpointer"="CNYHKey.exe" - c:\windows\CNYHKey.exe [2004-02-03 5794816] "AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2005-03-04 88209] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-05 44544] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma Loader.lnk.disabled [2005-5-19 1958] Assistant d'Acrobat.lnk.disabled [2005-5-19 1862] BTTray.lnk - c:\program files\MSI\Bluetooth Software\BTTray.exe [2004-3-31 507965] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tkrhoghe] [bU] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\utorrent.exe"= "c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Pando Networks\\Pando\\pando.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "57245:TCP"= 57245:TCP:Pando P2P TCP Listening Port "57245:UDP"= 57245:UDP:Pando P2P UDP Listening Port R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [03/11/2006 18:19 13592] R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [07/03/2005 10:52 945152] R3 FA31X;NETGEAR FA311/FA312 NDIS 5.0 Miniport Driver;c:\windows\system32\drivers\FA31XND5.SYS [18/11/2005 21:17 16007] R3 PRISM_A00;CREATIX 802.11g Driver;c:\windows\system32\drivers\PRISMA00.sys [08/03/2005 16:59 380736] R3 UKBFLT;UKBFLT;c:\windows\system32\drivers\UKBFLT.sys [08/03/2005 15:30 11672] S2 qgehicwx;USB Serial Converter Helper;c:\windows\System32\svchost.exe -k netsvcs [05/08/2004 13:00 14336] S3 CardReaderFilter;Card Reader Filter;c:\windows\system32\drivers\USBCRFT.SYS [08/03/2005 15:26 17408] S3 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?] S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?] S3 PALLADIA;Palladia 300/400 Usb Adsl Modem;c:\windows\system32\drivers\usbiad.sys [16/02/2006 21:22 31547] --- Autres Services/Pilotes en mémoire --- *Deregistered* - mbr . Contenu du dossier 'Tâches planifiées' 2009-11-11 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2009-11-13 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://home.neuf.fr/ uInternet Settings,ProxyServer = pop.free.fr uInternet Settings,ProxyOverride = *.local FF - ProfilePath - c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/webhp?hl=fr FF - prefs.js: network.proxy.type - 4 FF - component: c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\{f592709f-ff4a-4862-b659-4afabda56312}\components\FFAlert.dll FF - component: c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\piclens@cooliris.com\components\cooliris.dll FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll FF - plugin: c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava11.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava12.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava13.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava14.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava32.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJPI150_01.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPOJI610.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava11.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava12.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava13.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava32.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJPI141_01.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOJI610.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - ORPHELINS SUPPRIMES - - - - BHO-{72ED067B-303D-48A2-8211-AFD8D98BE44A} - (no file) BHO-{CAE07211-9B79-4392-B6D6-59C7800ECD9F} - (no file) ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-11-13 12:57 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync] "Name"="ActiveSync" "DisplayName"="Microsoft ActiveSync" "Param1"="ActiveSync" "Type"="wellknown" "Order"=dword:00000001 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings] "Name"="IESettings" "Type"="IESettings" "Order"=dword:00000004 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles] "Name"="MediaFiles" "Type"="MediaFiles" "Order"=dword:00000003 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\NPW] "Name"="NPW" "Param1"="NPW" "Type"="wellknown" "Order"=dword:00000002 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\Outlook] "Name"="Outlook" "DisplayName"="Microsoft Outlook" "Param1"="Outlook" "Type"="wellknown" "Order"=dword:00000000 "State"=dword:00000020 [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|þ»Ñw*] "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(572) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(3800) c:\program files\CyberLink\Shared Files\CLRCEngine.dll c:\windows\HKCYDLL.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\eappprxy.dll c:\windows\system32\btncopy.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\MSI\Bluetooth Software\bin\btwdins.exe c:\progra~1\COMMON~1\X10\Common\x10nets.exe c:\program files\Brother\ControlCenter3\brccMCtl.exe c:\program files\Brother\Brmfcmon\BrMfcmon.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . Heure de fin: 2009-11-13 13:04 - La machine a redémarré ComboFix-quarantined-files.txt 2009-11-13 12:04 ComboFix2.txt 2009-11-11 10:14 ComboFix3.txt 2009-11-04 18:12 ComboFix4.txt 2009-11-04 11:55 ComboFix5.txt 2009-11-13 11:48 Avant-CF: 30 275 923 968 octets libres Après-CF: 30 237 085 696 octets libres - - End Of File - - 128176A5A380A17609A5E32092B67DA5
  9. Logfile of random's system information tool 1.06 (written by random/random) Run by DELAPAMPA at 2009-11-11 12:30:12 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 30 GB (32%) free of 94 GB Total RAM: 1023 MB (36% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:30:27, on 11/11/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\Dit.exe C:\WINDOWS\mHotkey.exe C:\WINDOWS\CNYHKey.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Home Cinema\PowerCinema\PCMService.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\MSI\Bluetooth Software\BTTray.exe C:\WINDOWS\explorer.exe C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe c:\program files\avira\antivir personaledition classic\avcenter.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe C:\WINDOWS\system32\notepad.exe C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\DELAPAMPA\Mes documents\Downloads\RSIT (2).exe C:\Program Files\Trend Micro\HijackThis\DELAPAMPA.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = pop.free.fr R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing) O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [spybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck /autofix /autoclose /waitstart O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [indexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\ASScrProlog.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk.disabled O4 - Global Startup: Assistant d'Acrobat.lnk.disabled O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1206711224812 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1207653252687 O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file://C:\Program Files\MDT6\AcDcToday.ocx O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} - file://C:\Program Files\MDT6\InstBanr.ocx O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} - file://C:\Program Files\MDT6\InstFred.ocx O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file://C:\Program Files\MDT6\AcPreview.ocx O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 11592 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\MP Scheduled Scan.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] AcroIEToolbarHelper Class - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-11-24 344064] "Dit"=C:\WINDOWS\Dit.exe [2004-07-20 90112] "CHotkey"=C:\WINDOWS\mHotkey.exe [2004-02-24 508416] "ledpointer"=C:\WINDOWS\CNYHKey.exe [2004-02-03 5794816] "AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2005-03-04 88209] "PCMService"=C:\Program Files\Home Cinema\PowerCinema\PCMService.exe [2004-11-09 81920] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584] "SpybotSnD"=C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe [2009-01-26 5365592] "IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2007-02-06 849280] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] "SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472] "PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-01-29 30248] "IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-01-29 46632] "PPort11reminder"=C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-02-01 255528] "BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-03-12 663552] "ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2007-01-26 65536] "ASUS Camera ScreenSaver"=C:\WINDOWS\ASScrProlog.exe [2008-10-31 37232] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Adobe Gamma Loader.lnk.disabled - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe Assistant d'Acrobat.lnk.disabled - C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe BTTray.lnk - C:\Program Files\MSI\Bluetooth Software\BTTray.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2004-11-24 94208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "legalnoticecaption"= "legalnoticetext"= [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent" "C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb" "C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray" "C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Pando Networks\Pando\pando.exe"="C:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled:Pando Application" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" ======File associations====== .scr - open - C:\WINDOWS\NOTEPAD.EXE "%1" .scr - install - .scr - config - ======List of files/folders created in the last 1 months====== 2009-11-11 11:42:34 ----D---- C:\WINDOWS\LastGood 2009-11-11 11:14:43 ----D---- C:\WINDOWS\temp 2009-11-11 11:14:41 ----A---- C:\ComboFix.txt 2009-11-11 11:01:16 ----A---- C:\WINDOWS\zip.exe 2009-11-11 11:01:16 ----A---- C:\WINDOWS\SWXCACLS.exe 2009-11-11 11:01:16 ----A---- C:\WINDOWS\SWSC.exe 2009-11-11 11:01:16 ----A---- C:\WINDOWS\SWREG.exe 2009-11-11 11:01:16 ----A---- C:\WINDOWS\sed.exe 2009-11-11 11:01:16 ----A---- C:\WINDOWS\PEV.exe 2009-11-11 11:01:16 ----A---- C:\WINDOWS\NIRCMD.exe 2009-11-11 11:01:16 ----A---- C:\WINDOWS\MBR.exe 2009-11-11 11:01:16 ----A---- C:\WINDOWS\grep.exe 2009-11-09 19:55:28 ----D---- C:\Program Files\Avira 2009-11-09 19:55:28 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2009-10-29 20:49:09 ----A---- C:\Boot.bak 2009-10-29 20:49:01 ----RASHD---- C:\cmdcons 2009-10-26 20:02:12 ----D---- C:\rsit 2009-10-26 13:50:03 ----D---- C:\Program Files\Trend Micro ======List of files/folders modified in the last 1 months====== 2009-11-11 12:30:20 ----D---- C:\WINDOWS\Prefetch 2009-11-11 11:46:46 ----HD---- C:\WINDOWS\inf 2009-11-11 11:42:35 ----HD---- C:\WINDOWS\$hf_mig$ 2009-11-11 11:42:34 ----D---- C:\WINDOWS 2009-11-11 11:26:15 ----D---- C:\WINDOWS\system32 2009-11-11 11:26:14 ----D---- C:\Program Files\Mozilla Firefox 2009-11-11 11:14:44 ----D---- C:\WINDOWS\system32\drivers 2009-11-11 11:14:06 ----D---- C:\QooBox 2009-11-11 11:13:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-11-11 11:12:33 ----D---- C:\WINDOWS\system32\CatRoot2 2009-11-11 11:12:26 ----SD---- C:\WINDOWS\Tasks 2009-11-11 11:09:39 ----A---- C:\WINDOWS\ModemLog_Bluetooth Modem.txt 2009-11-11 11:09:36 ----A---- C:\WINDOWS\system.ini 2009-11-11 11:07:42 ----D---- C:\WINDOWS\system32\config 2009-11-11 11:07:32 ----D---- C:\WINDOWS\erdnt 2009-11-11 11:07:14 ----RAD---- C:\Program Files 2009-11-11 11:07:12 ----D---- C:\Program Files\Google 2009-11-11 11:06:07 ----D---- C:\WINDOWS\AppPatch 2009-11-11 11:06:01 ----D---- C:\Program Files\Fichiers communs 2009-11-11 11:01:26 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-11-11 10:02:54 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-11-09 19:51:50 ----D---- C:\Documents and Settings\DELAPAMPA\Application Data\Lavasoft 2009-11-09 19:51:48 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-11-04 20:37:54 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-11-04 12:41:53 ----A---- C:\WINDOWS\NeroDigital.ini 2009-11-04 12:33:26 ----D---- C:\Documents and Settings\DELAPAMPA\Application Data\uTorrent 2009-11-02 20:42:06 ----N---- C:\WINDOWS\system32\MpSigStub.exe 2009-11-02 19:50:58 ----D---- C:\RECYCLER 2009-10-31 14:05:22 ----D---- C:\WINDOWS\system32\wbem 2009-10-30 08:14:13 ----D---- C:\Program Files\TF1Vision 2009-10-29 21:14:27 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-10-29 20:53:46 ----RSD---- C:\WINDOWS\Fonts 2009-10-29 20:49:09 ----RASH---- C:\boot.ini 2009-10-26 13:51:43 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-10-22 10:17:28 ----N---- C:\WINDOWS\system32\mshtml.dll 2009-10-20 01:45:42 ----SHD---- C:\WINDOWS\Installer 2009-10-20 01:45:42 ----D---- C:\Config.Msi 2009-10-15 11:35:35 ----D---- C:\WINDOWS\Microsoft.NET 2009-10-15 11:35:33 ----RSD---- C:\WINDOWS\assembly 2009-10-15 11:27:20 ----D---- C:\WINDOWS\Debug 2009-10-14 21:30:50 ----D---- C:\WINDOWS\WinSxS 2009-10-14 21:28:11 ----D---- C:\Program Files\Internet Explorer 2009-10-14 21:22:44 ----A---- C:\WINDOWS\win.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 43520] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032] R3 3xHybrid;3xHybrid service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2004-10-06 945152] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-11-24 872960] R3 atinrvxx;ATI WDM Rage Theater Video; C:\WINDOWS\system32\DRIVERS\atinrvxx.sys [2004-08-03 105984] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2004-03-31 16640] R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2004-03-31 30235] R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2004-03-31 146684] R3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2004-12-17 804800] R3 FA31X;NETGEAR FA311/FA312 NDIS 5.0 Miniport Driver; C:\WINDOWS\system32\DRIVERS\FA31XND5.SYS [2002-05-15 16007] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288] R3 MVDCODEC;ATI WDM Specialized MVD Codec; C:\WINDOWS\system32\DRIVERS\atinmdxx.sys [2004-08-03 13824] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-10-20 33280] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-10-20 12928] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368] R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-11-08 21760] R3 PRISM_A00;CREATIX 802.11g Driver; C:\WINDOWS\system32\DRIVERS\PRISMA00.sys [2004-01-16 380736] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888] R3 UKBFLT;UKBFLT; C:\WINDOWS\system32\DRIVERS\UKBFLT.sys [2003-12-19 11672] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984] S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [] S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [] S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-03-04 1066278] S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295] S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2004-03-31 52856] S3 CardReaderFilter;Card Reader Filter; \??\C:\WINDOWS\system32\Drivers\USBCRFT.SYS [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591] S3 FA312;Pilote de la carte Fast Ethernet FA330/FA312/FA311 NETGEAR; C:\WINDOWS\system32\DRIVERS\FA312nd5.sys [2001-08-17 16074] S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2000-11-07 17490] S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2000-11-07 45965] S3 mbr;mbr; \??\C:\DOCUME~1\DELAPA~1\LOCALS~1\Temp\mbr.sys [] S3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128] S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 NETMDUSB;Net MD; C:\WINDOWS\System32\Drivers\NETMDUSB.sys [2001-12-11 37087] S3 PALLADIA;Palladia 300/400 Usb Adsl Modem; C:\WINDOWS\system32\DRIVERS\usbiad.sys [2004-07-14 31547] S3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [] S3 QV2KUX;Appareil photo numérique Casio; C:\WINDOWS\system32\DRIVERS\qv2kux.sys [2001-08-17 3328] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usb_rndisx;Carte ISDN USB; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-26 36864] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 X10UIF;%DESCRIPTION%; C:\WINDOWS\System32\Drivers\x10uif.sys [2001-11-14 10761] S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys [2008-07-08 103936] S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys [2008-07-08 103936] S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys [2008-07-08 103936] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-11-24 425984] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 btwdins;Bluetooth Service; C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe [2004-03-31 135168] R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168] R3 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [] S2 qgehicwx;USB Serial Converter Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2005-05-19 68096] S3 AdobeVersionCue;AdobeVersionCue; C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe [2003-10-22 61440] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe [2004-12-13 65536] S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe [2004-12-13 1527893] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-11-14 1836544] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 SPTISRV;Sony SPTI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe [2002-03-13 65536] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------
  10. salut oGu ! voici les rapports antivir + combofix Avira AntiVir Personal Date de création du fichier de rapport : mardi 10 novembre 2009 12:00 La recherche porte sur 1038808 souches de virus. Détenteur de la licence :Avira AntiVir PersonalEdition Classic Numéro de série : 0000149996-ADJIE-0001 Plateforme : Windows XP Version de Windows :(Service Pack 3) [5.1.2600] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur :MEDIO19MAI05 Informations de version : BUILD.DAT : 8.2.0.52 16931 Bytes 02/12/2008 14:55:00 AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 08:21:00 AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 13:44:27 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:16 LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 07:30:27 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36 ANTIVIR1.VDF : 7.1.0.56 411136 Bytes 09/11/2008 16:57:13 ANTIVIR2.VDF : 7.1.0.89 221184 Bytes 16/11/2008 16:16:47 ANTIVIR3.VDF : 7.1.0.97 45056 Bytes 17/11/2008 16:38:59 Version du moteur: 8.2.0.31 AEVDF.DLL : 8.1.0.6 102772 Bytes 14/10/2008 10:05:56 AESCRIPT.DLL : 8.1.1.15 332156 Bytes 11/11/2008 14:00:07 AESCN.DLL : 8.1.1.5 123251 Bytes 07/11/2008 15:06:41 AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 13:58:38 AEPACK.DLL : 8.1.3.4 393591 Bytes 11/11/2008 09:41:39 AEOFFICE.DLL : 8.1.0.30 196986 Bytes 07/11/2008 15:06:41 AEHEUR.DLL : 8.1.0.71 1487222 Bytes 07/11/2008 15:06:41 AEHELP.DLL : 8.1.1.3 119157 Bytes 07/11/2008 15:06:41 AEGEN.DLL : 8.1.1.0 319859 Bytes 07/11/2008 15:06:41 AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 10:05:56 AECORE.DLL : 8.1.4.1 172405 Bytes 07/11/2008 15:06:41 AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 10:05:56 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:02 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:27:58 AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 12:02:15 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:37 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:19 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:46 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:36 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:07 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/2008 07:23:16 RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 10:08:43 Configuration pour la recherche actuelle : Nom de la tâche..................: Disques durs locaux Fichier de configuration.........: C:\Program Files\Avira\AntiVir PersonalEdition Classic\alldiscs.avp Documentation....................: bas Action principale................: interactif Action secondaire................: ignorer Recherche sur les secteurs d'amorçage maître: marche Recherche sur les secteurs d'amorçage: marche Secteurs d'amorçage..............: C:, D:, E:, F:, Recherche dans les programmes actifs: marche Recherche en cours sur l'enregistrement: marche Recherche de Rootkits............: arrêt Fichier mode de recherche........: Sélection de fichiers intelligente Recherche sur les archives.......: marche Limiter la profondeur de récursivité: 20 Archive Smart Extensions.........: marche Heuristique de macrovirus........: marche Heuristique fichier..............: moyen Début de la recherche : mardi 10 novembre 2009 12:00 La recherche sur les processus démarrés commence : Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'chrome.exe' - '1' module(s) sont contrôlés Processus de recherche 'chrome.exe' - '1' module(s) sont contrôlés Processus de recherche 'chrome.exe' - '1' module(s) sont contrôlés Processus de recherche 'guardgui.exe' - '1' module(s) sont contrôlés Processus de recherche 'MpCmdRun.exe' - '1' module(s) sont contrôlés Processus de recherche 'avnotify.exe' - '1' module(s) sont contrôlés Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés Processus de recherche 'iPodService.exe' - '1' module(s) sont contrôlés Processus de recherche 'wmpnscfg.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'BrccMCtl.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'btwdins.exe' - '1' module(s) sont contrôlés Processus de recherche 'iTunesHelper.exe' - '1' module(s) sont contrôlés Processus de recherche 'QTTask.exe' - '1' module(s) sont contrôlés Processus de recherche 'mDNSResponder.exe' - '1' module(s) sont contrôlés Processus de recherche 'AppleMobileDeviceService.exe' - '1' module(s) sont contrôlés Processus de recherche 'pptd40nt.exe' - '1' module(s) sont contrôlés Processus de recherche 'ipoint.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'MSASCui.exe' - '1' module(s) sont contrôlés Processus de recherche 'AGRSMMSG.exe' - '1' module(s) sont contrôlés Processus de recherche 'CNYHKey.exe' - '1' module(s) sont contrôlés Processus de recherche 'mHotkey.exe' - '1' module(s) sont contrôlés Processus de recherche 'Dit.exe' - '1' module(s) sont contrôlés Processus de recherche 'atiptaxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés Processus de recherche 'ati2evxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'MsMpEng.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'ati2evxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés '47' processus ont été contrôlés avec '47' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD1 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD2 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD3 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD4 [iNFO] Aucun virus trouvé ! [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt. Secteur d'amorçage maître HD5 [iNFO] Aucun virus trouvé ! [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt. Secteur d'amorçage maître HD6 [iNFO] Aucun virus trouvé ! [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt. La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'D:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'E:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'F:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence. Le registre a été contrôlé ( '72' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' <BOOT> C:\hiberfil.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\Documents and Settings\DELAPAMPA\Bureau\ComboFix.exe [0] Type d'archive: RAR SFX (self extracting) --> 32788R22FWJFW\n.pif [RESULTAT] Le fichier contient un programme exécutable. Cependant, celui-ci se dissimule sous une extension de fichier inoffensive (HIDDENEXT/Crypted) [AVERTISSEMENT] Fichier ignoré. C:\Documents and Settings\DELAPAMPA\Mes documents\Downloads\ComboFix.exe [0] Type d'archive: RAR SFX (self extracting) --> 32788R22FWJFW\n.pif [RESULTAT] Le fichier contient un programme exécutable. Cependant, celui-ci se dissimule sous une extension de fichier inoffensive (HIDDENEXT/Crypted) [AVERTISSEMENT] Fichier ignoré. C:\System Volume Information\_restore{490945C7-5CD8-4349-9148-F4444C2648AE}\RP831\A0052683.exe [RESULTAT] Contient le cheval de Troie TR/Trash.Gen [AVERTISSEMENT] Fichier ignoré. C:\System Volume Information\_restore{490945C7-5CD8-4349-9148-F4444C2648AE}\RP831\A0052685.exe [RESULTAT] Contient le cheval de Troie TR/Trash.Gen [AVERTISSEMENT] Fichier ignoré. C:\System Volume Information\_restore{490945C7-5CD8-4349-9148-F4444C2648AE}\RP831\A0052686.exe [RESULTAT] Contient le cheval de Troie TR/Trash.Gen [AVERTISSEMENT] Fichier ignoré. C:\System Volume Information\_restore{490945C7-5CD8-4349-9148-F4444C2648AE}\RP831\A0052690.exe [RESULTAT] Contient le cheval de Troie TR/Trash.Gen [REMARQUE] Une copie de sécurité a été créée sous le nom 4b2960c9.qua ( QUARANTAINE ) [REMARQUE] Fichier supprimé. C:\System Volume Information\_restore{490945C7-5CD8-4349-9148-F4444C2648AE}\RP834\A0052847.exe [0] Type d'archive: RAR SFX (self extracting) --> SmitfraudFix\Agent.OMZ.Fix.exe [RESULTAT] Le fichier contient un programme exécutable. Cependant, celui-ci se dissimule sous une extension de fichier inoffensive (HIDDENEXT/Crypted) [AVERTISSEMENT] Fichier ignoré. C:\System Volume Information\_restore{490945C7-5CD8-4349-9148-F4444C2648AE}\RP839\A0053131.exe [0] Type d'archive: RAR SFX (self extracting) --> 32788R22FWJFW\n.pif [RESULTAT] Le fichier contient un programme exécutable. Cependant, celui-ci se dissimule sous une extension de fichier inoffensive (HIDDENEXT/Crypted) [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b2961b0.qua' ! C:\System Volume Information\_restore{490945C7-5CD8-4349-9148-F4444C2648AE}\RP839\A0053614.pif [RESULTAT] Le fichier contient un programme exécutable. Cependant, celui-ci se dissimule sous une extension de fichier inoffensive (HIDDENEXT/Crypted) [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b29628f.qua' ! Recherche débutant dans 'D:\' <BACKUP> D:\Tools\eTrust Antivirus\AlertPackage.exe [0] Type d'archive: RSRC --> Object [1] Type d'archive: CAB (Microsoft) --> alert.exe [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. D:\Tools\eTrust Antivirus\webpkg.exe [0] Type d'archive: RSRC --> Object [1] Type d'archive: CAB (Microsoft) --> inoweb.exe [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. Recherche débutant dans 'E:\' <RECOVER> Recherche débutant dans 'F:\' <DATA> Fin de la recherche : mardi 10 novembre 2009 14:37 Temps nécessaire: 2:37:21 Heure(s) La recherche a été effectuée intégralement 11957 Les répertoires ont été contrôlés 385423 Des fichiers ont été contrôlés 9 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 1 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 3 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 2 Impossible de contrôler des fichiers 385412 Fichiers non infectés 8607 Les archives ont été contrôlées 13 Avertissements 3 Consignes ComboFix 09-11-09.02 - DELAPAMPA 11/11/2009 11:02.10.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.462 [GMT 1:00] Lancé depuis: c:\documents and settings\DELAPAMPA\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\DELAPAMPA\Bureau\CFScript (2).txt AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7} AV: BullGuard 5.0 antivirus *On-access scanning disabled* (Updated) {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913} FW: BullGuard 5.0 firewall *disabled* {2AEF4CB6-61B5-4E60-AF22-D95E75B63FA1} FILE :: "c:\program files\google\googletoolbar1.dll" "c:\windows\tkrhoghe" . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\google\googletoolbar1.dll c:\program files\Google\GoogleToolbarNotifier c:\program files\Google\GoogleToolbarNotifier\5.1.1309.3572\gth.dll c:\program files\Google\GoogleToolbarNotifier\5.1.1309.3572\gtn.dll c:\program files\Google\GoogleToolbarNotifier\5.1.1309.3572\Readme.url c:\program files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe c:\program files\PC Tools AntiVirus c:\program files\PC Tools AntiVirus\msvcr71.dll c:\program files\PC Tools AntiVirus\Updates\av9-015.vdb c:\program files\PC Tools AntiVirus\Updates\av9-016.vdb . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_PCTAVSVC -------\Service_PCTAVSvc ((((((((((((((((((((((((((((( Fichiers créés du 2009-10-11 au 2009-11-11 )))))))))))))))))))))))))))))))))))) . 2009-11-09 18:57 . 2009-11-09 18:57 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2009-11-09 18:55 . 2008-10-30 09:21 75072 ----a-w- c:\windows\system32\drivers\avipbb.sys 2009-11-09 18:55 . 2008-05-09 11:15 45376 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2009-11-09 18:55 . 2008-01-21 16:11 22336 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2009-11-09 18:55 . 2009-11-09 18:55 -------- d-----w- c:\program files\Avira 2009-11-09 18:55 . 2009-11-09 18:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2009-10-26 19:02 . 2009-10-26 19:02 -------- d-----w- C:\rsit 2009-10-26 12:50 . 2009-10-26 12:50 -------- d-----w- c:\program files\Trend Micro 2009-10-16 15:51 . 2009-10-06 11:40 545280 ----a-w- c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe 2009-10-16 15:51 . 2009-10-06 11:40 344064 ----a-w- c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\piclens@cooliris.com\libs\LaunchCooliris.exe 2009-10-16 15:51 . 2009-10-06 11:40 153600 ----a-w- c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll 2009-10-16 15:51 . 2009-10-06 11:40 103424 ----a-w- c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\piclens@cooliris.com\libs\pixomatic.dll 2009-10-16 15:51 . 2009-10-06 11:40 4716544 ----a-w- c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\piclens@cooliris.com\components\cooliris.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-11 10:07 . 2005-10-17 17:07 -------- d-----w- c:\program files\Google 2009-11-11 09:59 . 2005-03-07 18:27 84702 ----a-w- c:\windows\system32\perfc00C.dat 2009-11-11 09:59 . 2005-03-07 18:27 510144 ----a-w- c:\windows\system32\perfh00C.dat 2009-11-11 09:54 . 2005-03-08 14:26 17408 ----a-w- c:\windows\system32\drivers\USBCRFT.SYS 2009-11-11 09:02 . 2006-03-05 16:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-11-09 18:51 . 2006-05-05 19:18 -------- d-----w- c:\documents and settings\DELAPAMPA\Application Data\Lavasoft 2009-11-04 11:33 . 2007-09-02 20:02 -------- d-----w- c:\documents and settings\DELAPAMPA\Application Data\uTorrent 2009-11-02 19:42 . 2009-10-03 12:47 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-10-30 07:14 . 2007-09-02 21:01 -------- d-----w- c:\program files\TF1Vision 2009-10-29 20:14 . 2006-03-05 16:33 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-10-26 12:51 . 2008-10-09 17:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-09-11 14:18 . 2004-08-05 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-10 13:54 . 2008-10-09 17:08 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-10 13:53 . 2008-10-09 17:08 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-04 21:04 . 2004-08-05 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-08-29 07:56 . 2004-08-05 12:00 916480 ------w- c:\windows\system32\wininet.dll 2009-08-26 08:01 . 2004-08-05 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll 2009-08-23 02:28 . 2005-05-19 18:04 99152 ----a-w- c:\documents and settings\DELAPAMPA\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-08-20 13:09 . 2009-08-20 13:09 1193832 ----a-w- c:\windows\system32\FM20.DLL 2007-11-14 11:57 . 2007-11-14 11:57 135680 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . ((((((((((((((((((((((((((((( SnapShot@2009-10-29_19.56.50 ))))))))))))))))))))))))))))))))))))))))) . + 2005-03-07 18:27 . 2009-11-11 09:59 71320 c:\windows\system32\perfc009.dat - 2005-03-07 18:27 . 2009-10-26 19:03 71320 c:\windows\system32\perfc009.dat + 2008-01-24 11:46 . 2007-11-08 17:03 21248 c:\windows\system32\drivers\ssmdrv.sys + 2005-03-07 18:27 . 2009-11-11 09:59 440654 c:\windows\system32\perfh009.dat - 2005-03-07 18:27 . 2009-10-26 19:03 440654 c:\windows\system32\perfh009.dat + 2009-11-04 19:37 . 2008-07-08 13:04 406392 c:\windows\ie8updates\KB976749-IE8\spuninst\updspapi.dll + 2009-11-04 19:37 . 2008-07-08 13:03 234872 c:\windows\ie8updates\KB976749-IE8\spuninst\spuninst.exe + 2004-08-05 12:00 . 2009-10-22 09:17 5939712 c:\windows\system32\mshtml.dll + 2004-08-05 12:00 . 2009-10-22 09:17 5939712 c:\windows\system32\dllcache\mshtml.dll + 2009-11-04 19:37 . 2009-08-29 07:56 5940224 c:\windows\ie8updates\KB976749-IE8\mshtml.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-24 344064] "PCMService"="c:\program files\Home Cinema\PowerCinema\PCMService.exe" [2004-11-09 81920] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584] "SpybotSnD"="c:\program files\Spybot - Search & Destroy\SpybotSD.exe" [2009-01-26 5365592] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 849280] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 30248] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 46632] "PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528] "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 663552] "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 65536] "ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2008-10-31 37232] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "Dit"="Dit.exe" - c:\windows\Dit.exe [2004-07-20 90112] "CHotkey"="mHotkey.exe" - c:\windows\mHotkey.exe [2004-02-24 508416] "ledpointer"="CNYHKey.exe" - c:\windows\CNYHKey.exe [2004-02-03 5794816] "AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2005-03-04 88209] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-05 44544] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma Loader.lnk.disabled [2005-5-19 1958] Assistant d'Acrobat.lnk.disabled [2005-5-19 1862] BTTray.lnk - c:\program files\MSI\Bluetooth Software\BTTray.exe [2004-3-31 507965] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\utorrent.exe"= "c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Pando Networks\\Pando\\pando.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "57245:TCP"= 57245:TCP:Pando P2P TCP Listening Port "57245:UDP"= 57245:UDP:Pando P2P UDP Listening Port R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [03/11/2006 18:19 13592] R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [07/03/2005 10:52 945152] R3 FA31X;NETGEAR FA311/FA312 NDIS 5.0 Miniport Driver;c:\windows\system32\drivers\FA31XND5.SYS [18/11/2005 21:17 16007] R3 PRISM_A00;CREATIX 802.11g Driver;c:\windows\system32\drivers\PRISMA00.sys [08/03/2005 16:59 380736] R3 UKBFLT;UKBFLT;c:\windows\system32\drivers\UKBFLT.sys [08/03/2005 15:30 11672] S2 qgehicwx;USB Serial Converter Helper;c:\windows\System32\svchost.exe -k netsvcs [05/08/2004 13:00 14336] S3 CardReaderFilter;Card Reader Filter;c:\windows\system32\drivers\USBCRFT.SYS [08/03/2005 15:26 17408] S3 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?] S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?] S3 PALLADIA;Palladia 300/400 Usb Adsl Modem;c:\windows\system32\drivers\usbiad.sys [16/02/2006 21:22 31547] --- Autres Services/Pilotes en mémoire --- *Deregistered* - mbr . Contenu du dossier 'Tâches planifiées' 2009-11-04 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2009-11-11 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://home.neuf.fr/ uInternet Settings,ProxyServer = pop.free.fr uInternet Settings,ProxyOverride = *.local FF - ProfilePath - c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/webhp?hl=fr FF - prefs.js: network.proxy.type - 4 FF - component: c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\{f592709f-ff4a-4862-b659-4afabda56312}\components\FFAlert.dll FF - component: c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\piclens@cooliris.com\components\cooliris.dll FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll FF - plugin: c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava11.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava12.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava13.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava14.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava32.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJPI150_01.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPOJI610.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava11.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava12.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava13.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava32.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJPI141_01.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOJI610.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - ORPHELINS SUPPRIMES - - - - HKCU-Run-ccleaner - c:\program files\CCleaner\CCleaner.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-11-11 11:09 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... c:\windows\TEMP\TMP0000001F96B43AD95BD351D8 524288 bytes Scan terminé avec succès Fichiers cachés: 1 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync] "Name"="ActiveSync" "DisplayName"="Microsoft ActiveSync" "Param1"="ActiveSync" "Type"="wellknown" "Order"=dword:00000001 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings] "Name"="IESettings" "Type"="IESettings" "Order"=dword:00000004 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles] "Name"="MediaFiles" "Type"="MediaFiles" "Order"=dword:00000003 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\NPW] "Name"="NPW" "Param1"="NPW" "Type"="wellknown" "Order"=dword:00000002 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\Outlook] "Name"="Outlook" "DisplayName"="Microsoft Outlook" "Param1"="Outlook" "Type"="wellknown" "Order"=dword:00000000 "State"=dword:00000020 [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|þ»Ñw*] "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(572) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(2768) c:\program files\CyberLink\Shared Files\CLRCEngine.dll c:\windows\HKCYDLL.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\btncopy.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\eappprxy.dll c:\program files\WinRAR\rarext.dll c:\program files\Avira\AntiVir PersonalEdition Classic\shlext.dll c:\program files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll c:\program files\Conceptworld\Piky\Piky.dll c:\program files\Malwarebytes' Anti-Malware\mbamext.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\MSI\Bluetooth Software\bin\btwdins.exe c:\progra~1\COMMON~1\X10\Common\x10nets.exe c:\program files\Brother\ControlCenter3\brccMCtl.exe c:\program files\Brother\Brmfcmon\BrMfcmon.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . Heure de fin: 2009-11-11 11:14 - La machine a redémarré ComboFix-quarantined-files.txt 2009-11-11 10:14 ComboFix2.txt 2009-11-04 18:12 ComboFix3.txt 2009-11-04 11:55 ComboFix4.txt 2009-10-29 20:01 ComboFix5.txt 2009-11-11 10:01 Avant-CF: 31 858 028 544 octets libres Après-CF: 31 814 070 272 octets libres - - End Of File - - 24630A4BAE0D28C8B3630D6706164A59
  11. Salut Désolé je me suis emmélé les pinceaux avec tous ces rapports !! le voici le Rsit OK effectivement, alors encore merci cher ami. en plus ce n'est pas ton métier, tu es vraiment un passionné et c'est chose rare que les actions purement désintéressés !!! Comment te remercier ? y ' a t'il un classement ou une évaluation des helpers où je peux faire grimper ta côte ? :P ANTIVIR trouvé des trojans qu'il n'est pas en mesure de traiter on dirait notamment ceux là : HIDDENEXT/crypted TR/trash.Gen Le rapport : Logfile of random's system information tool 1.06 (written by random/random) Run by DELAPAMPA at 2009-11-09 20:07:29 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 30 GB (32%) free of 94 GB Total RAM: 1023 MB (44% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:07:39, on 09/11/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\Dit.exe C:\WINDOWS\mHotkey.exe C:\WINDOWS\CNYHKey.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\rundll32.exe C:\Documents and Settings\DELAPAMPA\Mes documents\Downloads\RSIT (1).exe C:\Program Files\Trend Micro\HijackThis\DELAPAMPA.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = pop.free.fr R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {72ED067B-303D-48A2-8211-AFD8D98BE44A} - (no file) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: (no name) - {CAE07211-9B79-4392-B6D6-59C7800ECD9F} - (no file) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [spybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck /autofix /autoclose /waitstart O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [indexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\ASScrProlog.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk.disabled O4 - Global Startup: Assistant d'Acrobat.lnk.disabled O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1206711224812 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1207653252687 O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file://C:\Program Files\MDT6\AcDcToday.ocx O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} - file://C:\Program Files\MDT6\InstBanr.ocx O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} - file://C:\Program Files\MDT6\InstFred.ocx O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file://C:\Program Files\MDT6\AcPreview.ocx O20 - Winlogon Notify: tkrhoghe - C:\WINDOWS\ O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - Unknown owner - C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe (file missing) O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 11681 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\MP Scheduled Scan.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72ED067B-303D-48A2-8211-AFD8D98BE44A}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-11-14 2436160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] AcroIEToolbarHelper Class - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-26 668656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAE07211-9B79-4392-B6D6-59C7800ECD9F}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-11-14 2436160] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-11-24 344064] "Dit"=C:\WINDOWS\Dit.exe [2004-07-20 90112] "CHotkey"=C:\WINDOWS\mHotkey.exe [2004-02-24 508416] "ledpointer"=C:\WINDOWS\CNYHKey.exe [2004-02-03 5794816] "AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2005-03-04 88209] "PCMService"=C:\Program Files\Home Cinema\PowerCinema\PCMService.exe [2004-11-09 81920] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584] "SpybotSnD"=C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe [2009-01-26 5365592] "IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2007-02-06 849280] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] "SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472] "PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-01-29 30248] "IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-01-29 46632] "PPort11reminder"=C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-02-01 255528] "BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-03-12 663552] "ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2007-01-26 65536] "ASUS Camera ScreenSaver"=C:\WINDOWS\ASScrProlog.exe [2008-10-31 37232] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ccleaner"=C:\Program Files\CCleaner\CCleaner.exe /AUTO [] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Adobe Gamma Loader.lnk.disabled - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe Assistant d'Acrobat.lnk.disabled - C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe BTTray.lnk - C:\Program Files\MSI\Bluetooth Software\BTTray.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2004-11-24 94208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tkrhoghe] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224] "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "legalnoticecaption"= "legalnoticetext"= [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent" "C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb" "C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray" "C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Pando Networks\Pando\pando.exe"="C:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled:Pando Application" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" ======File associations====== .scr - open - C:\WINDOWS\NOTEPAD.EXE "%1" .scr - install - .scr - config - ======List of files/folders created in the last 1 months====== 2009-11-09 19:55:28 ----D---- C:\Program Files\Avira 2009-11-09 19:55:28 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2009-11-04 19:12:11 ----D---- C:\WINDOWS\temp 2009-11-04 19:12:09 ----A---- C:\ComboFix.txt 2009-11-04 19:00:05 ----D---- C:\ComboFix 2009-10-29 20:49:09 ----A---- C:\Boot.bak 2009-10-29 20:49:01 ----RASHD---- C:\cmdcons 2009-10-29 20:47:36 ----A---- C:\WINDOWS\zip.exe 2009-10-29 20:47:36 ----A---- C:\WINDOWS\SWXCACLS.exe 2009-10-29 20:47:36 ----A---- C:\WINDOWS\SWSC.exe 2009-10-29 20:47:36 ----A---- C:\WINDOWS\SWREG.exe 2009-10-29 20:47:36 ----A---- C:\WINDOWS\sed.exe 2009-10-29 20:47:36 ----A---- C:\WINDOWS\PEV.exe 2009-10-29 20:47:36 ----A---- C:\WINDOWS\NIRCMD.exe 2009-10-29 20:47:36 ----A---- C:\WINDOWS\MBR.exe 2009-10-29 20:47:36 ----A---- C:\WINDOWS\grep.exe 2009-10-26 20:02:12 ----D---- C:\rsit 2009-10-26 13:50:03 ----D---- C:\Program Files\Trend Micro ======List of files/folders modified in the last 1 months====== 2009-11-09 20:07:36 ----D---- C:\WINDOWS\Prefetch 2009-11-09 19:55:29 ----D---- C:\WINDOWS\system32\drivers 2009-11-09 19:55:28 ----RAD---- C:\Program Files 2009-11-09 19:51:50 ----D---- C:\Documents and Settings\DELAPAMPA\Application Data\Lavasoft 2009-11-09 19:51:48 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-11-09 19:35:11 ----D---- C:\WINDOWS\system32 2009-11-09 19:35:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-11-09 19:34:04 ----D---- C:\WINDOWS\system32\CatRoot2 2009-11-09 19:34:02 ----SD---- C:\WINDOWS\Tasks 2009-11-09 19:31:35 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-11-09 19:31:21 ----D---- C:\WINDOWS 2009-11-09 19:31:03 ----A---- C:\WINDOWS\ModemLog_Bluetooth Modem.txt 2009-11-06 19:24:03 ----N---- C:\WINDOWS\SchedLgU.Txt 2009-11-06 19:19:57 ----D---- C:\Program Files\Mozilla Firefox 2009-11-04 20:37:57 ----HD---- C:\WINDOWS\inf 2009-11-04 20:37:54 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-11-04 20:37:36 ----HD---- C:\WINDOWS\$hf_mig$ 2009-11-04 19:11:36 ----D---- C:\QooBox 2009-11-04 19:07:54 ----A---- C:\WINDOWS\system.ini 2009-11-04 19:06:13 ----D---- C:\WINDOWS\system32\config 2009-11-04 19:05:59 ----D---- C:\WINDOWS\erdnt 2009-11-04 19:03:52 ----D---- C:\WINDOWS\AppPatch 2009-11-04 19:03:49 ----D---- C:\Program Files\Fichiers communs 2009-11-04 12:41:53 ----A---- C:\WINDOWS\NeroDigital.ini 2009-11-04 12:33:26 ----D---- C:\Documents and Settings\DELAPAMPA\Application Data\uTorrent 2009-11-02 20:42:06 ----N---- C:\WINDOWS\system32\MpSigStub.exe 2009-11-02 19:50:58 ----SHD---- C:\RECYCLER 2009-10-31 14:05:22 ----D---- C:\WINDOWS\system32\wbem 2009-10-30 08:14:13 ----D---- C:\Program Files\TF1Vision 2009-10-29 21:14:27 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-10-29 20:53:46 ----RSD---- C:\WINDOWS\Fonts 2009-10-29 20:49:09 ----RASH---- C:\boot.ini 2009-10-26 13:51:43 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-10-22 10:17:28 ----A---- C:\WINDOWS\system32\mshtml.dll 2009-10-20 01:45:42 ----SHD---- C:\WINDOWS\Installer 2009-10-20 01:45:42 ----D---- C:\Config.Msi 2009-10-15 11:35:35 ----D---- C:\WINDOWS\Microsoft.NET 2009-10-15 11:35:33 ----RSD---- C:\WINDOWS\assembly 2009-10-15 11:27:20 ----D---- C:\WINDOWS\Debug 2009-10-14 21:30:50 ----D---- C:\WINDOWS\WinSxS 2009-10-14 21:28:11 ----D---- C:\Program Files\Internet Explorer 2009-10-14 21:22:44 ----A---- C:\WINDOWS\win.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 43520] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032] R3 3xHybrid;3xHybrid service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2004-10-06 945152] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-11-24 872960] R3 atinrvxx;ATI WDM Rage Theater Video; C:\WINDOWS\system32\DRIVERS\atinrvxx.sys [2004-08-03 105984] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2004-03-31 16640] R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2004-03-31 30235] R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2004-03-31 146684] R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2004-12-17 804800] R3 FA31X;NETGEAR FA311/FA312 NDIS 5.0 Miniport Driver; C:\WINDOWS\system32\DRIVERS\FA31XND5.SYS [2002-05-15 16007] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288] R3 MVDCODEC;ATI WDM Specialized MVD Codec; C:\WINDOWS\system32\DRIVERS\atinmdxx.sys [2004-08-03 13824] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-10-20 33280] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-10-20 12928] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368] R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-11-08 21760] R3 PRISM_A00;CREATIX 802.11g Driver; C:\WINDOWS\system32\DRIVERS\PRISMA00.sys [2004-01-16 380736] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888] R3 UKBFLT;UKBFLT; C:\WINDOWS\system32\DRIVERS\UKBFLT.sys [2003-12-19 11672] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984] S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [] S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [] S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-03-04 1066278] S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295] S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2004-03-31 52856] S3 CardReaderFilter;Card Reader Filter; \??\C:\WINDOWS\system32\Drivers\USBCRFT.SYS [] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591] S3 FA312;Pilote de la carte Fast Ethernet FA330/FA312/FA311 NETGEAR; C:\WINDOWS\system32\DRIVERS\FA312nd5.sys [2001-08-17 16074] S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2000-11-07 17490] S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2000-11-07 45965] S3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128] S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 NETMDUSB;Net MD; C:\WINDOWS\System32\Drivers\NETMDUSB.sys [2001-12-11 37087] S3 PALLADIA;Palladia 300/400 Usb Adsl Modem; C:\WINDOWS\system32\DRIVERS\usbiad.sys [2004-07-14 31547] S3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [] S3 QV2KUX;Appareil photo numérique Casio; C:\WINDOWS\system32\DRIVERS\qv2kux.sys [2001-08-17 3328] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usb_rndisx;Carte ISDN USB; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-26 36864] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 X10UIF;%DESCRIPTION%; C:\WINDOWS\System32\Drivers\x10uif.sys [2001-11-14 10761] S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys [2008-07-08 103936] S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys [2008-07-08 103936] S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys [2008-07-08 103936] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-11-24 425984] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 btwdins;Bluetooth Service; C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe [2004-03-31 135168] R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [] S2 PCTAVSvc;PC Tools AntiVirus Engine; C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe [] S2 qgehicwx;USB Serial Converter Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2005-05-19 68096] S3 AdobeVersionCue;AdobeVersionCue; C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe [2003-10-22 61440] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe [2004-12-13 65536] S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe [2004-12-13 1527893] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-11-14 1836544] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 SPTISRV;Sony SPTI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe [2002-03-13 65536] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------
  12. salut Ogu, Mille Merci pour ton expertise ! Et si tu veux bien continuer à me guider pour la sécurisation, j'accepte volontiers, le rapport est Là Petite curiosité : à part la philanthropie, quel intérêt as tu à aider les mecs qui galère avec leur PC, de quel façon es tu lié à ZEbulon ? ComboFix 09-11-03.03 - DELAPAMPA 04/11/2009 12:45.8.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.611 [GMT 1:00] Lancé depuis: c:\documents and settings\DELAPAMPA\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\DELAPAMPA\Bureau\CFScript.txt AV: BullGuard 5.0 antivirus *On-access scanning disabled* (Updated) {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913} FW: BullGuard 5.0 firewall *disabled* {2AEF4CB6-61B5-4E60-AF22-D95E75B63FA1} FILE :: "c:\windows\system32\59E0682C5F.sys" "c:\windows\Tasks\Google Software Updater.job" "c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4031931224-3083130229-1089167384-1006Core.job" "c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4031931224-3083130229-1089167384-1006UA.job" . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\Google Updater c:\documents and settings\All Users\Application Data\Google Updater\history\history c:\documents and settings\All Users\Application Data\Google Updater\icons\images_acrobat.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_ar.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_avast.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_chrome.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_desktop.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_earth.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_ff.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_gapps.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_gpy.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_ksd.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_maxthon.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_ns.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_picasa.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_real.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_sd.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_skype.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_talk.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_toolbar.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_wps.gif c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleUpdate.exe c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleUpdateHelper.msi c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdate.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\GoopdateBho.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_ar.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_bg.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_bn.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_ca.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_cs.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_da.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_de.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_el.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_en-GB.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_en.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_es-419.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_es.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_et.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_fa.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_fi.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_fil.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_fr.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_gu.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_hi.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_hr.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_hu.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_id.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_is.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_it.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_iw.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_ja.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_kn.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_ko.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_lt.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_lv.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_ml.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_mr.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_ms.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_nl.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_no.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_or.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_pl.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_pt-BR.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_pt-PT.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_ro.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_ru.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_sk.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_sl.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_sr.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_sv.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_ta.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_te.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_th.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_tr.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_uk.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_ur.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_vi.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_zh-CN.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_zh-TW.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\GoogleUpdate.exe c:\program files\Google\Common\Google Updater c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe c:\program files\PCPitstop c:\program files\PCPitstop\Optimize\optimize_log.txt c:\windows\system32\59E0682C5F.sys c:\windows\Tasks\Google Software Updater.job c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4031931224-3083130229-1089167384-1006Core.job c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4031931224-3083130229-1089167384-1006UA.job . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_Acc9srskwerg ((((((((((((((((((((((((((((( Fichiers créés du 2009-10-04 au 2009-11-04 )))))))))))))))))))))))))))))))))))) . 2009-10-26 19:02 . 2009-10-26 19:02 -------- d-----w- C:\rsit 2009-10-26 12:50 . 2009-10-26 12:50 -------- d-----w- c:\program files\Trend Micro . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-04 11:33 . 2007-09-02 20:02 -------- d-----w- c:\documents and settings\DELAPAMPA\Application Data\uTorrent 2009-11-02 19:01 . 2006-03-05 16:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-11-02 18:54 . 2005-03-07 18:27 84702 ----a-w- c:\windows\system32\perfc00C.dat 2009-11-02 18:54 . 2005-03-07 18:27 510144 ----a-w- c:\windows\system32\perfh00C.dat 2009-11-02 18:50 . 2005-03-08 14:26 17408 ----a-w- c:\windows\system32\drivers\USBCRFT.SYS 2009-10-30 07:14 . 2007-09-02 21:01 -------- d-----w- c:\program files\TF1Vision 2009-10-29 20:14 . 2006-03-05 16:33 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-10-26 12:51 . 2008-10-09 17:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-10-01 08:29 . 2009-10-03 12:47 195440 ------w- c:\windows\system32\MpSigStub.exe 2009-09-11 14:28 . 2008-10-29 21:13 -------- d-----w- c:\documents and settings\DELAPAMPA\Application Data\dvdcss 2009-09-11 14:18 . 2004-08-05 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-10 13:54 . 2008-10-09 17:08 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-10 13:53 . 2008-10-09 17:08 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-04 21:04 . 2004-08-05 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-08-29 07:56 . 2004-08-05 12:00 916480 ------w- c:\windows\system32\wininet.dll 2009-08-26 08:01 . 2004-08-05 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll 2009-08-23 02:28 . 2005-05-19 18:04 99152 ----a-w- c:\documents and settings\DELAPAMPA\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-08-20 13:09 . 2009-08-20 13:09 1193832 ----a-w- c:\windows\system32\FM20.DLL 2009-08-06 17:24 . 2005-03-07 10:37 327896 ----a-w- c:\windows\system32\wucltui.dll 2009-08-06 17:24 . 2005-03-07 10:37 209632 ----a-w- c:\windows\system32\wuweb.dll 2009-08-06 17:24 . 2005-05-26 02:16 44768 ----a-w- c:\windows\system32\wups2.dll 2009-08-06 17:24 . 2005-03-08 16:23 35552 ----a-w- c:\windows\system32\wups.dll 2009-08-06 17:24 . 2005-03-07 10:37 53472 ------w- c:\windows\system32\wuauclt.exe 2009-08-06 17:24 . 2004-08-05 12:00 96480 ----a-w- c:\windows\system32\cdm.dll 2009-08-06 17:23 . 2005-03-08 16:23 575704 ----a-w- c:\windows\system32\wuapi.dll 2009-08-06 17:23 . 2008-04-08 13:26 274288 ----a-w- c:\windows\system32\mucltui.dll 2009-08-06 17:23 . 2007-07-30 17:18 215920 ----a-w- c:\windows\system32\muweb.dll 2009-08-06 17:23 . 2005-03-07 10:37 1929952 ----a-w- c:\windows\system32\wuaueng.dll 2007-11-14 11:57 . 2007-11-14 11:57 135680 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . ((((((((((((((((((((((((((((( SnapShot@2009-10-29_19.56.50 ))))))))))))))))))))))))))))))))))))))))) . + 2005-03-07 18:27 . 2009-11-02 18:54 71320 c:\windows\system32\perfc009.dat - 2005-03-07 18:27 . 2009-10-26 19:03 71320 c:\windows\system32\perfc009.dat + 2005-03-07 18:27 . 2009-11-02 18:54 440654 c:\windows\system32\perfh009.dat - 2005-03-07 18:27 . 2009-10-26 19:03 440654 c:\windows\system32\perfh009.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2008-09-29 1279216] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-24 344064] "PCMService"="c:\program files\Home Cinema\PowerCinema\PCMService.exe" [2004-11-09 81920] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584] "SpybotSnD"="c:\program files\Spybot - Search & Destroy\SpybotSD.exe" [2009-01-26 5365592] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 849280] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 30248] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 46632] "PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528] "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 663552] "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 65536] "ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2008-10-31 37232] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "Dit"="Dit.exe" - c:\windows\Dit.exe [2004-07-20 90112] "CHotkey"="mHotkey.exe" - c:\windows\mHotkey.exe [2004-02-24 508416] "ledpointer"="CNYHKey.exe" - c:\windows\CNYHKey.exe [2004-02-03 5794816] "AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2005-03-04 88209] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-05 44544] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma Loader.lnk.disabled [2005-5-19 1958] Assistant d'Acrobat.lnk.disabled [2005-5-19 1862] BTTray.lnk - c:\program files\MSI\Bluetooth Software\BTTray.exe [2004-3-31 507965] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tkrhoghe] [bU] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\utorrent.exe"= "c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Pando Networks\\Pando\\pando.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "57245:TCP"= 57245:TCP:Pando P2P TCP Listening Port "57245:UDP"= 57245:UDP:Pando P2P UDP Listening Port R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [03/11/2006 18:19 13592] R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [07/03/2005 10:52 945152] R3 FA31X;NETGEAR FA311/FA312 NDIS 5.0 Miniport Driver;c:\windows\system32\drivers\FA31XND5.SYS [18/11/2005 21:17 16007] R3 PRISM_A00;CREATIX 802.11g Driver;c:\windows\system32\drivers\PRISMA00.sys [08/03/2005 16:59 380736] R3 UKBFLT;UKBFLT;c:\windows\system32\drivers\UKBFLT.sys [08/03/2005 15:30 11672] S2 qgehicwx;USB Serial Converter Helper;c:\windows\System32\svchost.exe -k netsvcs [05/08/2004 13:00 14336] S3 CardReaderFilter;Card Reader Filter;c:\windows\system32\drivers\USBCRFT.SYS [08/03/2005 15:26 17408] S3 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?] S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?] S3 PALLADIA;Palladia 300/400 Usb Adsl Modem;c:\windows\system32\drivers\usbiad.sys [16/02/2006 21:22 31547] --- Autres Services/Pilotes en mémoire --- *Deregistered* - mbr . Contenu du dossier 'Tâches planifiées' 2009-10-28 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2009-11-04 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://home.neuf.fr/ uInternet Settings,ProxyServer = pop.free.fr uInternet Settings,ProxyOverride = *.local FF - ProfilePath - c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/webhp?hl=fr FF - prefs.js: network.proxy.type - 4 FF - component: c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\{f592709f-ff4a-4862-b659-4afabda56312}\components\FFAlert.dll FF - component: c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\piclens@cooliris.com\components\cooliris.dll FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll FF - plugin: c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava11.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava12.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava13.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava14.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava32.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJPI150_01.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPOJI610.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava11.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava12.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava13.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava32.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJPI141_01.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOJI610.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - ORPHELINS SUPPRIMES - - - - BHO-{72ED067B-303D-48A2-8211-AFD8D98BE44A} - (no file) BHO-{CAE07211-9B79-4392-B6D6-59C7800ECD9F} - (no file) HKCU-Run-Google Update - c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\GoogleUpdate.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-11-04 12:51 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync] "Name"="ActiveSync" "DisplayName"="Microsoft ActiveSync" "Param1"="ActiveSync" "Type"="wellknown" "Order"=dword:00000001 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings] "Name"="IESettings" "Type"="IESettings" "Order"=dword:00000004 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles] "Name"="MediaFiles" "Type"="MediaFiles" "Order"=dword:00000003 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\NPW] "Name"="NPW" "Param1"="NPW" "Type"="wellknown" "Order"=dword:00000002 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\Outlook] "Name"="Outlook" "DisplayName"="Microsoft Outlook" "Param1"="Outlook" "Type"="wellknown" "Order"=dword:00000000 "State"=dword:00000020 [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|þ»Ñw*] "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(572) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(3588) c:\program files\CyberLink\Shared Files\CLRCEngine.dll c:\windows\HKCYDLL.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\btncopy.dll c:\windows\system32\eappprxy.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\MSI\Bluetooth Software\bin\btwdins.exe c:\program files\Brother\ControlCenter3\brccMCtl.exe c:\program files\Brother\Brmfcmon\BrMfcmon.exe c:\progra~1\COMMON~1\X10\Common\x10nets.exe c:\program files\iPod\bin\iPodService.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Heure de fin: 2009-11-04 12:55 - La machine a redémarré ComboFix-quarantined-files.txt 2009-11-04 11:55 ComboFix2.txt 2009-10-29 20:01 ComboFix3.txt 2008-02-01 12:37 ComboFix4.txt 2008-02-01 12:29 ComboFix5.txt 2009-11-04 11:44 Avant-CF: 32 295 972 864 octets libres Après-CF: 32 140 292 096 octets libres
  13. Le voici !! ComboFix 09-11-03.03 - DELAPAMPA 04/11/2009 19:01.9.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.520 [GMT 1:00] Lancé depuis: c:\documents and settings\DELAPAMPA\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\DELAPAMPA\Bureau\CFScript (1).txt AV: BullGuard 5.0 antivirus *On-access scanning disabled* (Updated) {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913} FW: BullGuard 5.0 firewall *disabled* {2AEF4CB6-61B5-4E60-AF22-D95E75B63FA1} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Grisoft\ c:\program files\Grisoft\\AVG Anti-Spyware 7.5\avgas.exe c:\program files\Grisoft\\AVG Anti-Spyware 7.5\avgasc64.sys c:\program files\Grisoft\\AVG Anti-Spyware 7.5\avgascln.sys c:\program files\Grisoft\\AVG Anti-Spyware 7.5\clsid.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\context.dll c:\program files\Grisoft\\AVG Anti-Spyware 7.5\context64.dll c:\program files\Grisoft\\AVG Anti-Spyware 7.5\engine.dll c:\program files\Grisoft\\AVG Anti-Spyware 7.5\error.txt c:\program files\Grisoft\\AVG Anti-Spyware 7.5\guard.dmp c:\program files\Grisoft\\AVG Anti-Spyware 7.5\guard.err c:\program files\Grisoft\\AVG Anti-Spyware 7.5\guard.exe c:\program files\Grisoft\\AVG Anti-Spyware 7.5\guard.sys c:\program files\Grisoft\\AVG Anti-Spyware 7.5\guard64.sys c:\program files\Grisoft\\AVG Anti-Spyware 7.5\heuristic.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\lang.ini c:\program files\Grisoft\\AVG Anti-Spyware 7.5\shellexecutehook.dll c:\program files\Grisoft\\AVG Anti-Spyware 7.5\shellexecutehook64.dll c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3100.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3101.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3102.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3103.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3104.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3105.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3106.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3107.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3108.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3109.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3110.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3111.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3112.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3113.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3114.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3115.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3116.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3117.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3118.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3119.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3120.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3121.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3122.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3123.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3124.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3125.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3126.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3127.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3128.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3129.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3130.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3131.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3132.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3133.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3134.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3135.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3136.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3137.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3138.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3139.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3140.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3141.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3142.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3143.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3144.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3145.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3146.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3147.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3148.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3149.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3150.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3151.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3152.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3153.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3154.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3155.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3156.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3157.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3158.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3159.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3160.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3161.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3162.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3163.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3164.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3165.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3166.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3167.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3168.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3169.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3170.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3171.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3172.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3173.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3174.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3175.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3176.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3177.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3178.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3179.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3180.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3181.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3182.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3183.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3184.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3185.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3186.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3187.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3188.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3189.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3190.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3191.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3192.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3193.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3194.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3195.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3196.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3197.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3198.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3199.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3200.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3201.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3202.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3203.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3204.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3205.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3206.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3207.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3208.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3209.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3210.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3211.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3212.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3213.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3214.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3215.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3216.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3217.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3218.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3219.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3220.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3221.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3222.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3223.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3224.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3225.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3226.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3227.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3228.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3229.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3230.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3231.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3232.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3233.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3234.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3235.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3236.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3237.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3238.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3239.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3240.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3241.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3242.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3243.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3244.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3245.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3246.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3247.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3248.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3249.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3250.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3251.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3252.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3253.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3254.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3255.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3256.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3257.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3258.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3259.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3260.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3261.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3262.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3263.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3264.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3265.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3266.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3267.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3268.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3269.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3270.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3271.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3272.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3273.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3274.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3275.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3276.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3277.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3278.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3279.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3280.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3281.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3282.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3283.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3284.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3285.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3286.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3287.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3288.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3289.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3290.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3291.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3292.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3293.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3294.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3295.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3296.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3297.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3298.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3299.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3300.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3301.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3302.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3303.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3304.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3305.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3306.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3307.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3308.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3309.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3310.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3311.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3312.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3313.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3314.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3315.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3316.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3317.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3318.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3319.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3320.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3321.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3322.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3323.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3324.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3325.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3326.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3327.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3328.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3329.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3330.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3331.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3332.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3333.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3334.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3335.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3336.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3337.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3338.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Signatures\3339.dat c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Translations\czech.mo c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Translations\english.mo c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Translations\french.mo c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Translations\german.mo c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Translations\italian.mo c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Translations\portuguese.mo c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Translations\slovak.mo c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Translations\spanish.mo c:\program files\Grisoft\\AVG Anti-Spyware 7.5\Uninstall.exe c:\program files\Grisoft\\AVG Anti-Spyware 7.5\updater.ewidolog . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_AVGASCLN -------\Legacy_AVG_ANTI-SPYWARE_DRIVER -------\Legacy_AVG_ANTI-SPYWARE_GUARD -------\Service_AVG Anti-Spyware Driver -------\Service_AVG Anti-Spyware Guard -------\Service_AvgAsCln ((((((((((((((((((((((((((((( Fichiers créés du 2009-10-04 au 2009-11-04 )))))))))))))))))))))))))))))))))))) . 2009-10-26 19:02 . 2009-10-26 19:02 -------- d-----w- C:\rsit 2009-10-26 12:50 . 2009-10-26 12:50 -------- d-----w- c:\program files\Trend Micro . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-04 18:07 . 2005-03-08 14:26 17408 ----a-w- c:\windows\system32\drivers\USBCRFT.SYS 2009-11-04 11:55 . 2005-03-07 18:27 84702 ----a-w- c:\windows\system32\perfc00C.dat 2009-11-04 11:55 . 2005-03-07 18:27 510144 ----a-w- c:\windows\system32\perfh00C.dat 2009-11-04 11:33 . 2007-09-02 20:02 -------- d-----w- c:\documents and settings\DELAPAMPA\Application Data\uTorrent 2009-11-02 19:01 . 2006-03-05 16:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-10-30 07:14 . 2007-09-02 21:01 -------- d-----w- c:\program files\TF1Vision 2009-10-29 20:14 . 2006-03-05 16:33 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-10-26 12:51 . 2008-10-09 17:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-10-01 08:29 . 2009-10-03 12:47 195440 ------w- c:\windows\system32\MpSigStub.exe 2009-09-11 14:28 . 2008-10-29 21:13 -------- d-----w- c:\documents and settings\DELAPAMPA\Application Data\dvdcss 2009-09-11 14:18 . 2004-08-05 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-10 13:54 . 2008-10-09 17:08 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-10 13:53 . 2008-10-09 17:08 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-04 21:04 . 2004-08-05 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-08-29 07:56 . 2004-08-05 12:00 916480 ------w- c:\windows\system32\wininet.dll 2009-08-26 08:01 . 2004-08-05 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll 2009-08-23 02:28 . 2005-05-19 18:04 99152 ----a-w- c:\documents and settings\DELAPAMPA\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-08-20 13:09 . 2009-08-20 13:09 1193832 ----a-w- c:\windows\system32\FM20.DLL 2007-11-14 11:57 . 2007-11-14 11:57 135680 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . ((((((((((((((((((((((((((((( SnapShot@2009-10-29_19.56.50 ))))))))))))))))))))))))))))))))))))))))) . + 2005-03-07 18:27 . 2009-11-04 11:55 71320 c:\windows\system32\perfc009.dat - 2005-03-07 18:27 . 2009-10-26 19:03 71320 c:\windows\system32\perfc009.dat + 2005-03-07 18:27 . 2009-11-04 11:55 440654 c:\windows\system32\perfh009.dat - 2005-03-07 18:27 . 2009-10-26 19:03 440654 c:\windows\system32\perfh009.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2008-09-29 1279216] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-24 344064] "PCMService"="c:\program files\Home Cinema\PowerCinema\PCMService.exe" [2004-11-09 81920] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584] "SpybotSnD"="c:\program files\Spybot - Search & Destroy\SpybotSD.exe" [2009-01-26 5365592] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 849280] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 30248] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 46632] "PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528] "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 663552] "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 65536] "ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2008-10-31 37232] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "Dit"="Dit.exe" - c:\windows\Dit.exe [2004-07-20 90112] "CHotkey"="mHotkey.exe" - c:\windows\mHotkey.exe [2004-02-24 508416] "ledpointer"="CNYHKey.exe" - c:\windows\CNYHKey.exe [2004-02-03 5794816] "AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2005-03-04 88209] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-05 44544] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma Loader.lnk.disabled [2005-5-19 1958] Assistant d'Acrobat.lnk.disabled [2005-5-19 1862] BTTray.lnk - c:\program files\MSI\Bluetooth Software\BTTray.exe [2004-3-31 507965] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\utorrent.exe"= "c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Pando Networks\\Pando\\pando.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "57245:TCP"= 57245:TCP:Pando P2P TCP Listening Port "57245:UDP"= 57245:UDP:Pando P2P UDP Listening Port R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [03/11/2006 18:19 13592] R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [07/03/2005 10:52 945152] R3 FA31X;NETGEAR FA311/FA312 NDIS 5.0 Miniport Driver;c:\windows\system32\drivers\FA31XND5.SYS [18/11/2005 21:17 16007] R3 PRISM_A00;CREATIX 802.11g Driver;c:\windows\system32\drivers\PRISMA00.sys [08/03/2005 16:59 380736] R3 UKBFLT;UKBFLT;c:\windows\system32\drivers\UKBFLT.sys [08/03/2005 15:30 11672] S2 qgehicwx;USB Serial Converter Helper;c:\windows\System32\svchost.exe -k netsvcs [05/08/2004 13:00 14336] S3 CardReaderFilter;Card Reader Filter;c:\windows\system32\drivers\USBCRFT.SYS [08/03/2005 15:26 17408] S3 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?] S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?] S3 PALLADIA;Palladia 300/400 Usb Adsl Modem;c:\windows\system32\drivers\usbiad.sys [16/02/2006 21:22 31547] --- Autres Services/Pilotes en mémoire --- *Deregistered* - mbr . Contenu du dossier 'Tâches planifiées' 2009-11-04 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2009-11-04 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://home.neuf.fr/ uInternet Settings,ProxyServer = pop.free.fr uInternet Settings,ProxyOverride = *.local FF - ProfilePath - c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/webhp?hl=fr FF - prefs.js: network.proxy.type - 4 FF - component: c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\{f592709f-ff4a-4862-b659-4afabda56312}\components\FFAlert.dll FF - component: c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\piclens@cooliris.com\components\cooliris.dll FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-11-04 19:08 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync] "Name"="ActiveSync" "DisplayName"="Microsoft ActiveSync" "Param1"="ActiveSync" "Type"="wellknown" "Order"=dword:00000001 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings] "Name"="IESettings" "Type"="IESettings" "Order"=dword:00000004 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles] "Name"="MediaFiles" "Type"="MediaFiles" "Order"=dword:00000003 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\NPW] "Name"="NPW" "Param1"="NPW" "Type"="wellknown" "Order"=dword:00000002 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\Outlook] "Name"="Outlook" "DisplayName"="Microsoft Outlook" "Param1"="Outlook" "Type"="wellknown" "Order"=dword:00000000 "State"=dword:00000020 [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|þ»Ñw*] "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(576) c:\windows\system32\Ati2evxx.dll c:\windows\system32\adsldpc.dll - - - - - - - > 'explorer.exe'(3096) c:\program files\CyberLink\Shared Files\CLRCEngine.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\eappprxy.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\MSI\Bluetooth Software\bin\btwdins.exe c:\program files\Brother\ControlCenter3\brccMCtl.exe c:\program files\Brother\Brmfcmon\BrMfcmon.exe c:\progra~1\COMMON~1\X10\Common\x10nets.exe c:\program files\iPod\bin\iPodService.exe c:\windows\system32\wscntfy.exe c:\\?\c:\windows\system32\WBEM\WMIADAP.EXE . ************************************************************************** . Heure de fin: 2009-11-04 19:12 - La machine a redémarré ComboFix-quarantined-files.txt 2009-11-04 18:12 ComboFix2.txt 2009-11-04 11:55 ComboFix3.txt 2009-10-29 20:01 ComboFix4.txt 2008-02-01 12:37 ComboFix5.txt 2009-11-04 18:00 Avant-CF: 32 141 766 656 octets libres Après-CF: 32 114 319 360 octets libres
  14. Salut ! Tout s'est déroulé comme décrit dans ton post. Pour AVG, je ne l'utilise plus en fait mais n'arrive pas à l'enlever et de toute façon je compte renouveller tous les soft de sécurité sur mon PC, il me semble que j'ai vu une section détaillée de ce type sur le forum. Je change tout dés que tu écris : " Il eût été plus sûr de ne pas pratiquer le peer to peer, mais j'ai réussi à éradiquer toutes les infections de ton PC" voici les logs : ComboFix 09-11-03.03 - DELAPAMPA 04/11/2009 12:45.8.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.611 [GMT 1:00] Lancé depuis: c:\documents and settings\DELAPAMPA\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\DELAPAMPA\Bureau\CFScript.txt AV: BullGuard 5.0 antivirus *On-access scanning disabled* (Updated) {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913} FW: BullGuard 5.0 firewall *disabled* {2AEF4CB6-61B5-4E60-AF22-D95E75B63FA1} FILE :: "c:\windows\system32\59E0682C5F.sys" "c:\windows\Tasks\Google Software Updater.job" "c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4031931224-3083130229-1089167384-1006Core.job" "c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4031931224-3083130229-1089167384-1006UA.job" . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\Google Updater c:\documents and settings\All Users\Application Data\Google Updater\history\history c:\documents and settings\All Users\Application Data\Google Updater\icons\images_acrobat.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_ar.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_avast.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_chrome.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_desktop.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_earth.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_ff.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_gapps.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_gpy.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_ksd.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_maxthon.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_ns.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_picasa.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_real.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_sd.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_skype.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_talk.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_toolbar.gif c:\documents and settings\All Users\Application Data\Google Updater\icons\images_wps.gif c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleUpdate.exe c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleUpdateHelper.msi c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdate.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\GoopdateBho.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_ar.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_bg.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_bn.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_ca.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_cs.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_da.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_de.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_el.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_en-GB.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_en.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_es-419.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_es.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_et.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_fa.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_fi.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_fil.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_fr.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_gu.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_hi.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_hr.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_hu.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_id.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_is.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_it.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_iw.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_ja.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_kn.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_ko.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_lt.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_lv.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_ml.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_mr.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_ms.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_nl.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_no.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_or.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_pl.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_pt-BR.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_pt-PT.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_ro.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_ru.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_sk.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_sl.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_sr.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_sv.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_ta.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_te.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_th.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_tr.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_uk.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_ur.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_vi.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_zh-CN.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\goopdateres_zh-TW.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\GoogleUpdate.exe c:\program files\Google\Common\Google Updater c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe c:\program files\PCPitstop c:\program files\PCPitstop\Optimize\optimize_log.txt c:\windows\system32\59E0682C5F.sys c:\windows\Tasks\Google Software Updater.job c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4031931224-3083130229-1089167384-1006Core.job c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4031931224-3083130229-1089167384-1006UA.job . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_Acc9srskwerg ((((((((((((((((((((((((((((( Fichiers créés du 2009-10-04 au 2009-11-04 )))))))))))))))))))))))))))))))))))) . 2009-10-26 19:02 . 2009-10-26 19:02 -------- d-----w- C:\rsit 2009-10-26 12:50 . 2009-10-26 12:50 -------- d-----w- c:\program files\Trend Micro . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-04 11:33 . 2007-09-02 20:02 -------- d-----w- c:\documents and settings\DELAPAMPA\Application Data\uTorrent 2009-11-02 19:01 . 2006-03-05 16:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-11-02 18:54 . 2005-03-07 18:27 84702 ----a-w- c:\windows\system32\perfc00C.dat 2009-11-02 18:54 . 2005-03-07 18:27 510144 ----a-w- c:\windows\system32\perfh00C.dat 2009-11-02 18:50 . 2005-03-08 14:26 17408 ----a-w- c:\windows\system32\drivers\USBCRFT.SYS 2009-10-30 07:14 . 2007-09-02 21:01 -------- d-----w- c:\program files\TF1Vision 2009-10-29 20:14 . 2006-03-05 16:33 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-10-26 12:51 . 2008-10-09 17:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-10-01 08:29 . 2009-10-03 12:47 195440 ------w- c:\windows\system32\MpSigStub.exe 2009-09-11 14:28 . 2008-10-29 21:13 -------- d-----w- c:\documents and settings\DELAPAMPA\Application Data\dvdcss 2009-09-11 14:18 . 2004-08-05 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-10 13:54 . 2008-10-09 17:08 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-10 13:53 . 2008-10-09 17:08 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-04 21:04 . 2004-08-05 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-08-29 07:56 . 2004-08-05 12:00 916480 ------w- c:\windows\system32\wininet.dll 2009-08-26 08:01 . 2004-08-05 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll 2009-08-23 02:28 . 2005-05-19 18:04 99152 ----a-w- c:\documents and settings\DELAPAMPA\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-08-20 13:09 . 2009-08-20 13:09 1193832 ----a-w- c:\windows\system32\FM20.DLL 2009-08-06 17:24 . 2005-03-07 10:37 327896 ----a-w- c:\windows\system32\wucltui.dll 2009-08-06 17:24 . 2005-03-07 10:37 209632 ----a-w- c:\windows\system32\wuweb.dll 2009-08-06 17:24 . 2005-05-26 02:16 44768 ----a-w- c:\windows\system32\wups2.dll 2009-08-06 17:24 . 2005-03-08 16:23 35552 ----a-w- c:\windows\system32\wups.dll 2009-08-06 17:24 . 2005-03-07 10:37 53472 ------w- c:\windows\system32\wuauclt.exe 2009-08-06 17:24 . 2004-08-05 12:00 96480 ----a-w- c:\windows\system32\cdm.dll 2009-08-06 17:23 . 2005-03-08 16:23 575704 ----a-w- c:\windows\system32\wuapi.dll 2009-08-06 17:23 . 2008-04-08 13:26 274288 ----a-w- c:\windows\system32\mucltui.dll 2009-08-06 17:23 . 2007-07-30 17:18 215920 ----a-w- c:\windows\system32\muweb.dll 2009-08-06 17:23 . 2005-03-07 10:37 1929952 ----a-w- c:\windows\system32\wuaueng.dll 2007-11-14 11:57 . 2007-11-14 11:57 135680 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . ((((((((((((((((((((((((((((( SnapShot@2009-10-29_19.56.50 ))))))))))))))))))))))))))))))))))))))))) . + 2005-03-07 18:27 . 2009-11-02 18:54 71320 c:\windows\system32\perfc009.dat - 2005-03-07 18:27 . 2009-10-26 19:03 71320 c:\windows\system32\perfc009.dat + 2005-03-07 18:27 . 2009-11-02 18:54 440654 c:\windows\system32\perfh009.dat - 2005-03-07 18:27 . 2009-10-26 19:03 440654 c:\windows\system32\perfh009.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2008-09-29 1279216] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-24 344064] "PCMService"="c:\program files\Home Cinema\PowerCinema\PCMService.exe" [2004-11-09 81920] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584] "SpybotSnD"="c:\program files\Spybot - Search & Destroy\SpybotSD.exe" [2009-01-26 5365592] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 849280] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 30248] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 46632] "PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528] "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 663552] "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 65536] "ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2008-10-31 37232] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "Dit"="Dit.exe" - c:\windows\Dit.exe [2004-07-20 90112] "CHotkey"="mHotkey.exe" - c:\windows\mHotkey.exe [2004-02-24 508416] "ledpointer"="CNYHKey.exe" - c:\windows\CNYHKey.exe [2004-02-03 5794816] "AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2005-03-04 88209] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-05 44544] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma Loader.lnk.disabled [2005-5-19 1958] Assistant d'Acrobat.lnk.disabled [2005-5-19 1862] BTTray.lnk - c:\program files\MSI\Bluetooth Software\BTTray.exe [2004-3-31 507965] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tkrhoghe] [bU] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\utorrent.exe"= "c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Pando Networks\\Pando\\pando.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "57245:TCP"= 57245:TCP:Pando P2P TCP Listening Port "57245:UDP"= 57245:UDP:Pando P2P UDP Listening Port R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [03/11/2006 18:19 13592] R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [07/03/2005 10:52 945152] R3 FA31X;NETGEAR FA311/FA312 NDIS 5.0 Miniport Driver;c:\windows\system32\drivers\FA31XND5.SYS [18/11/2005 21:17 16007] R3 PRISM_A00;CREATIX 802.11g Driver;c:\windows\system32\drivers\PRISMA00.sys [08/03/2005 16:59 380736] R3 UKBFLT;UKBFLT;c:\windows\system32\drivers\UKBFLT.sys [08/03/2005 15:30 11672] S2 qgehicwx;USB Serial Converter Helper;c:\windows\System32\svchost.exe -k netsvcs [05/08/2004 13:00 14336] S3 CardReaderFilter;Card Reader Filter;c:\windows\system32\drivers\USBCRFT.SYS [08/03/2005 15:26 17408] S3 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?] S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?] S3 PALLADIA;Palladia 300/400 Usb Adsl Modem;c:\windows\system32\drivers\usbiad.sys [16/02/2006 21:22 31547] --- Autres Services/Pilotes en mémoire --- *Deregistered* - mbr . Contenu du dossier 'Tâches planifiées' 2009-10-28 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2009-11-04 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://home.neuf.fr/ uInternet Settings,ProxyServer = pop.free.fr uInternet Settings,ProxyOverride = *.local FF - ProfilePath - c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/webhp?hl=fr FF - prefs.js: network.proxy.type - 4 FF - component: c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\{f592709f-ff4a-4862-b659-4afabda56312}\components\FFAlert.dll FF - component: c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\piclens@cooliris.com\components\cooliris.dll FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll FF - plugin: c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava11.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava12.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava13.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava14.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava32.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJPI150_01.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPOJI610.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava11.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava12.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava13.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava32.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJPI141_01.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOJI610.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - ORPHELINS SUPPRIMES - - - - BHO-{72ED067B-303D-48A2-8211-AFD8D98BE44A} - (no file) BHO-{CAE07211-9B79-4392-B6D6-59C7800ECD9F} - (no file) HKCU-Run-Google Update - c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\GoogleUpdate.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-11-04 12:51 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync] "Name"="ActiveSync" "DisplayName"="Microsoft ActiveSync" "Param1"="ActiveSync" "Type"="wellknown" "Order"=dword:00000001 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings] "Name"="IESettings" "Type"="IESettings" "Order"=dword:00000004 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles] "Name"="MediaFiles" "Type"="MediaFiles" "Order"=dword:00000003 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\NPW] "Name"="NPW" "Param1"="NPW" "Type"="wellknown" "Order"=dword:00000002 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\Outlook] "Name"="Outlook" "DisplayName"="Microsoft Outlook" "Param1"="Outlook" "Type"="wellknown" "Order"=dword:00000000 "State"=dword:00000020 [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|þ»Ñw*] "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(572) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(3588) c:\program files\CyberLink\Shared Files\CLRCEngine.dll c:\windows\HKCYDLL.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\btncopy.dll c:\windows\system32\eappprxy.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\MSI\Bluetooth Software\bin\btwdins.exe c:\program files\Brother\ControlCenter3\brccMCtl.exe c:\program files\Brother\Brmfcmon\BrMfcmon.exe c:\progra~1\COMMON~1\X10\Common\x10nets.exe c:\program files\iPod\bin\iPodService.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Heure de fin: 2009-11-04 12:55 - La machine a redémarré ComboFix-quarantined-files.txt 2009-11-04 11:55 ComboFix2.txt 2009-10-29 20:01 ComboFix3.txt 2008-02-01 12:37 ComboFix4.txt 2008-02-01 12:29 ComboFix5.txt 2009-11-04 11:44 Avant-CF: 32 295 972 864 octets libres Après-CF: 32 140 292 096 octets libres Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully kernel: MBR read successfully user & kernel MBR OK Merci de ton aide.
  15. Salut oGu, Merci pour les liens, c'est intéressant mais je te confirme que cela ne me permet pas d'intervention freestyle et c'est sans doute mieux pour mon PC As tu eu le temps de jeter un oeil sur le rapport spybot pour m'indiquer la démarche à suivre, svp ? A+
  16. Salut oGu, Peux tu me dire si une nomenclature existe poru savoir a quoi correspond les lignes débutant par : O4... R2... R3... R4... S2.. etc. C'est juste pour curiosité, j'aimerais savoir à quoi cela correspond. Merci A Bientôt
  17. sacré rapport celui là.... C'est OK, PC otimizer a été supprimé sans soucis particulier.
  18. --- Search result list --- Smitfraud-C.: [sBI $14838A4C] Réglages utilisateur (Clé du Registre, nothing done) HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\SYSTEM\ControlSet001\Services\Installer FastClick: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) FastClick: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) FastClick: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) FastClick: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) MediaPlex: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) MediaPlex: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Tradedoubler: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) DoubleClick: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Zedo: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Statcounter: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) MediaPlex: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Tradedoubler: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Tradedoubler: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Tradedoubler: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Adviva: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) BurstMedia: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) BurstMedia: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Zedo: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Zedo: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Zedo: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Zedo: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Zedo: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Adviva: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) BlueStreak: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) --- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) --- 2009-01-26 blindman.exe (1.0.0. 2009-01-26 SDFiles.exe (1.6.1.7) 2009-01-26 SDMain.exe (1.0.0.6) 2009-01-26 SDShred.exe (1.0.2.5) 2009-01-26 SDUpdate.exe (1.6.0.12) 2007-08-31 SDWinSec.exe (1.0.0. 2009-01-26 SpybotSD.exe (1.6.2.46) 2009-03-05 TeaTimer.exe (1.6.6.32) 2009-08-31 unins000.exe (51.49.0.0) 2009-01-26 Update.exe (1.6.0.7) 2009-07-28 advcheck.dll (1.6.3.17) 2007-04-02 aports.dll (2.1.0.0) 2008-06-14 DelZip179.dll (1.79.11.1) 2009-01-26 SDHelper.dll (1.6.2.14) 2008-06-19 sqlite3.dll 2008-10-22 Tools.dll (2.1.6. 2009-01-16 UninsSrv.dll (1.0.0.0) 2009-10-08 Includes\Adware.sbi (*) 2009-10-20 Includes\AdwareC.sbi (*) 2009-01-22 Includes\Cookies.sbi (*) 2009-10-14 Includes\Dialer.sbi (*) 2009-10-13 Includes\DialerC.sbi (*) 2009-01-22 Includes\HeavyDuty.sbi (*) 2009-05-26 Includes\Hijackers.sbi (*) 2009-10-27 Includes\HijackersC.sbi (*) 2009-10-20 Includes\Keyloggers.sbi (*) 2009-10-20 Includes\KeyloggersC.sbi (*) 2009-10-13 Includes\Malware.sbi (*) 2009-10-29 Includes\MalwareC.sbi (*) 2009-03-25 Includes\PUPS.sbi (*) 2009-10-20 Includes\PUPSC.sbi (*) 2009-01-22 Includes\Revision.sbi (*) 2009-01-13 Includes\Security.sbi (*) 2009-10-27 Includes\SecurityC.sbi (*) 2008-06-03 Includes\Spybots.sbi (*) 2008-06-03 Includes\SpybotsC.sbi (*) 2009-10-27 Includes\Spyware.sbi (*) 2009-10-27 Includes\SpywareC.sbi (*) 2009-06-08 Includes\Tracks.uti 2009-10-27 Includes\Trojans.sbi (*) 2009-10-27 Includes\TrojansC.sbi (*) 2008-03-04 Plugins\Chai.dll 2008-03-05 Plugins\Fennel.dll 2008-02-26 Plugins\Mate.dll 2008-12-24 Plugins\TCPIPAddress.dll --- System information --- Windows XP (Build: 2600) Service Pack 3 (5.1.2600) / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Security Update (KB953297) / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) / MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2 / MSXML4SP2: Security update for MSXML4 SP2 (KB936181) / MSXML4SP2: Security update for MSXML4 SP2 (KB954430) / Step By Step Interactive Training / SP2: Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) / Step By Step Interactive Training / SP2: Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) / Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs / Windows / SP1: Microsoft National Language Support Downlevel APIs / Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399) / Windows Media Player: Mise à jour de sécurité pour Lecteur Windows Media (KB952069) / Windows Media Player: Mise à jour de sécurité pour Lecteur Windows Media (KB954155) / Windows Media Player: Mise à jour de sécurité pour Lecteur Windows Media (KB968816) / Windows Media Player: Mise à jour de sécurité pour Lecteur Windows Media (KB973540) / Windows Media Player 10: Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) / Windows Media Player 10: Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) / Windows Media Player 10: Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782) / Windows Media Player 11: Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) / Windows Media Player 11: Correctif pour Lecteur Windows Media 11 (KB939683) / Windows Media Player 11: Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154) / Windows Media Player 11: Mise à jour critique pour Lecteur Windows Media 11 (KB959772) / Windows Media Player 6.4: Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) / Windows XP: Mise à jour de sécurité pour Windows XP (KB923689) / Windows XP: Mise à jour de sécurité pour Windows XP (KB941569) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897) / Windows XP / SP0: Mise à jour pour Windows Internet Explorer 8 (KB971930) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455) / Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP / Windows XP / SP3: Windows XP Service Pack 3 / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB923561) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB938464) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB938464-v2) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB946648) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB950762) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB950974) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951066) / Windows XP / SP4: Mise à jour pour Windows XP (KB951072-v2) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951376-v2) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951698) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951748) / Windows XP / SP4: Mise à jour pour Windows XP (KB951978) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB952004) / Windows XP / SP4: Correctif pour Windows XP (KB952287) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB952954) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB953155) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB953839) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB954211) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB954459) / Windows XP / SP4: Hotfix for Windows XP (KB954550-v5) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB954600) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB955069) / Windows XP / SP4: Mise à jour pour Windows XP (KB955839) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956391) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956572) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956744) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956802) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956803) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956841) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956844) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB957095) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB957097) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958644) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958687) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958690) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958869) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB959426) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960225) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960715) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960803) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960859) / Windows XP / SP4: Correctif pour Windows XP (KB961118) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB961371) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB961373) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB961501) / Windows XP / SP4: Mise à jour pour Windows XP (KB967715) / Windows XP / SP4: Mise à jour pour Windows XP (KB968389) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB968537) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB969059) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB969898) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB970238) / Windows XP / SP4: Correctif pour Windows XP (KB970653-v3) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB971486) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB971557) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB971633) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB971657) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB973346) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB973354) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB973507) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB973525) / Windows XP / SP4: Mise à jour pour Windows XP (KB973815) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB973869) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB974112) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB974571) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB975025) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB975467) --- Startup entries list --- Located: HK_LM:Run, Adobe Reader Speed Launcher command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe size: 39792 MD5: 8B9145D229D4E89D15ACB820D4A3A90F Located: HK_LM:Run, AGRSMMSG command: AGRSMMSG.exe file: C:\WINDOWS\AGRSMMSG.exe size: 88209 MD5: 230EA041666125B6812FE3FF964B2DF3 Located: HK_LM:Run, ASUS Camera ScreenSaver command: C:\WINDOWS\ASScrProlog.exe file: C:\WINDOWS\ASScrProlog.exe size: 37232 MD5: 8EC60DEB42EC2194002481C3297B6D90 Located: HK_LM:Run, ATIPTA command: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe file: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe size: 344064 MD5: 74A0B4382C82DE73BD309C778A8F4815 Located: HK_LM:Run, BrMfcWnd command: C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN file: C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe size: 663552 MD5: 7E6EFC5383FEF3EF852F2C7D41DEE83F Located: HK_LM:Run, CHotkey command: mHotkey.exe file: C:\WINDOWS\mHotkey.exe size: 508416 MD5: 94229807AD00A72B50195F1D3DFB205F Located: HK_LM:Run, ControlCenter3 command: C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun file: C:\Program Files\Brother\ControlCenter3\brctrcen.exe size: 65536 MD5: 8148563E8623EB5AC747297FAED928E0 Located: HK_LM:Run, Dit command: Dit.exe file: C:\WINDOWS\Dit.exe size: 90112 MD5: 38060C4DBB138721CB7757B91ABAA183 Located: HK_LM:Run, e-TF1 command: C:\Program Files\TF1Vision\TF1vision.exe file: C:\Program Files\TF1Vision\TF1vision.exe size: 397312 MD5: 67F4CE7A350519B69A4DE226F2843C92 Located: HK_LM:Run, IndexSearch command: "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" file: C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe size: 46632 MD5: 3983E99D3A28C7EEFFC728643715989D Located: HK_LM:Run, IntelliPoint command: "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" file: C:\Program Files\Microsoft IntelliPoint\ipoint.exe size: 849280 MD5: F4E7979D8ADEBEEDEAD33019A5BD52BF Located: HK_LM:Run, iTunesHelper command: "C:\Program Files\iTunes\iTunesHelper.exe" file: C:\Program Files\iTunes\iTunesHelper.exe size: 342312 MD5: 6B0E8DEE62C0C9695C77F14482DDF178 Located: HK_LM:Run, ledpointer command: CNYHKey.exe file: C:\WINDOWS\CNYHKey.exe size: 5794816 MD5: 785FD48CEC69D07BCD2C1B2C112F00C9 Located: HK_LM:Run, Malwarebytes Anti-Malware (reboot) command: "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript file: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe size: 1312080 MD5: C5FCC0B761069FABD59E41B7C3280DDF Located: HK_LM:Run, PaperPort PTD command: "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" file: C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe size: 30248 MD5: 792D0020117F2F6D3B433193BBAC555E Located: HK_LM:Run, PC Pitstop Optimize Scheduler command: C:\Program Files\PCPitstop\Optimize\PCPOptimize.exe -boot file: C:\Program Files\PCPitstop\Optimize\PCPOptimize.exe size: 2577120 MD5: 62F139B48C9B85C44480C334E2DE26DB Located: HK_LM:Run, PCMService command: "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe" file: C:\Program Files\Home Cinema\PowerCinema\PCMService.exe size: 81920 MD5: 890F7BD18750F3C41ADAA7303C326AD4 Located: HK_LM:Run, PPort11reminder command: "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini file: C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe size: 255528 MD5: 82C94CB8DF55112D06E05030A91F1C3F Located: HK_LM:Run, QuickTime Task command: "C:\Program Files\QuickTime\QTTask.exe" -atboottime file: C:\Program Files\QuickTime\QTTask.exe size: 413696 MD5: 0AB3C83FCB8EF6F56E4FB22089F0D3B9 Located: HK_LM:Run, SpybotSnD command: "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck /autofix /autoclose /waitstart file: C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe size: 5365592 MD5: 0477C2F9171599CA5BC3307FDFBA8D89 Located: HK_LM:Run, SSBkgdUpdate command: "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot file: C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe size: 210472 MD5: 846965AE55A2662B1576C0F392DD1D6E Located: HK_LM:Run, Windows Defender command: "C:\Program Files\Windows Defender\MSASCui.exe" -hide file: C:\Program Files\Windows Defender\MSASCui.exe size: 866584 MD5: 77C03BF23AE56B0A31AE4D5BB4B3D0AC Located: HK_LM:Run, !AVG Anti-Spyware (DISABLED) command: "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized file: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe size: 6731312 MD5: CC6BC45DD5A58158645E7FB2953604FE Located: HK_CU:Run, CTFMON.EXE where: .DEFAULT... command: C:\WINDOWS\system32\CTFMON.EXE file: C:\WINDOWS\system32\CTFMON.EXE size: 15360 MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 Located: HK_CU:Run, DWQueuedReporting where: .DEFAULT... command: "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t file: C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe size: 39264 MD5: 3992F464696B0EEFF236AEF93B1FDBD5 Located: HK_CU:RunOnce, tscuninstall where: .DEFAULT... command: %systemroot%\system32\tscupgrd.exe file: C:\WINDOWS\system32\tscupgrd.exe size: 44544 MD5: D2D52012C5A3CD41FEC0F090A8E47EE7 Located: HK_CU:Run, ccleaner where: S-1-5-21-4031931224-3083130229-1089167384-1006... command: "C:\Program Files\CCleaner\CCleaner.exe" /AUTO file: C:\Program Files\CCleaner\CCleaner.exe size: 1279216 MD5: 77CFC3B07918B58D3A1DB0391EA58212 Located: HK_CU:Run, Google Update where: S-1-5-21-4031931224-3083130229-1089167384-1006... command: "C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c file: C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Google\Update\GoogleUpdate.exe size: 133104 MD5: 626A24ED1228580B9518C01930936DF9 Located: HK_CU:Run, msnmsgr where: S-1-5-21-4031931224-3083130229-1089167384-1006... command: "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background file: C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe size: 5724184 MD5: 97384875B6D03831B2D1820AB8952F67 Located: HK_CU:Run, SpybotSD TeaTimer where: S-1-5-21-4031931224-3083130229-1089167384-1006... command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe size: 2260480 MD5: 390679F7A217A5E73D756276C40AE887 Located: HK_CU:Run, WMPNSCFG where: S-1-5-21-4031931224-3083130229-1089167384-1006... command: C:\Program Files\Windows Media Player\WMPNSCFG.exe file: C:\Program Files\Windows Media Player\WMPNSCFG.exe size: 204288 MD5: 5011A24AECF4D573473BDC15EE84C178 Located: HK_CU:Run, ctfmon.exe where: S-1-5-21-4031931224-3083130229-1089167384-500... command: C:\WINDOWS\system32\ctfmon.exe file: C:\WINDOWS\system32\ctfmon.exe size: 15360 MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 Located: HK_CU:Run, CTFMON.EXE where: S-1-5-18... command: C:\WINDOWS\system32\CTFMON.EXE file: C:\WINDOWS\system32\CTFMON.EXE size: 15360 MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 Located: HK_CU:Run, DWQueuedReporting where: S-1-5-18... command: "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t file: C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe size: 39264 MD5: 3992F464696B0EEFF236AEF93B1FDBD5 Located: HK_CU:RunOnce, tscuninstall where: S-1-5-18... command: %systemroot%\system32\tscupgrd.exe file: C:\WINDOWS\system32\tscupgrd.exe size: 44544 MD5: D2D52012C5A3CD41FEC0F090A8E47EE7 Located: Démarrage (tous utilisateurs), Adobe Gamma Loader.lnk (DISABLED) where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage... command: C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe file: C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe size: 110592 MD5: 5CD0CD0EC4DC5DF459B3AC016764F5AA Located: Démarrage (tous utilisateurs), Assistant d'Acrobat.lnk (DISABLED) where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage... command: C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe file: C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe size: 217193 MD5: 78BFE3201ADA2FE02D1E35D2488E5F55 Located: Démarrage (tous utilisateurs), BTTray.lnk where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage... command: C:\Program Files\MSI\Bluetooth Software\BTTray.exe file: C:\Program Files\MSI\Bluetooth Software\BTTray.exe size: 507965 MD5: 037731588DE041A80BA15D558D976EB6 Located: Démarrage (tous utilisateurs), Microsoft Office.lnk where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage... command: C:\Program Files\Microsoft Office\Office10\OSA.EXE file: C:\Program Files\Microsoft Office\Office10\OSA.EXE size: 83360 MD5: 5BC65464354A9FD3BEAA28E18839734A Located: WinLogon, AtiExtEvent command: Ati2evxx.dll file: Ati2evxx.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, crypt32chain command: crypt32.dll file: crypt32.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, cryptnet command: cryptnet.dll file: cryptnet.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, cscdll command: cscdll.dll file: cscdll.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, dimsntfy command: %SystemRoot%\System32\dimsntfy.dll file: %SystemRoot%\System32\dimsntfy.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, ScCertProp command: wlnotify.dll file: wlnotify.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, Schedule command: wlnotify.dll file: wlnotify.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, sclgntfy command: sclgntfy.dll file: sclgntfy.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, SensLogn command: WlNotify.dll file: WlNotify.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, termsrv command: wlnotify.dll file: wlnotify.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, WgaLogon command: WgaLogon.dll file: WgaLogon.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, wlballoon command: wlnotify.dll file: wlnotify.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! --- Browser helper object list --- {7E853D72-626A-48EC-A868-BA8D5E23E045} () location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: Programme d'aide de l'Assistant de connexion Windows Live Path: C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\ Long name: WindowsLiveLogin.dll Short name: WINDOW~1.DLL Date (created): 17/02/2009 16:11:04 Date (last access): 30/10/2009 01:50:06 Date (last write): 17/02/2009 16:11:04 Filesize: 408440 Attributes: archive MD5: 1A82C1B9BB43385695EFC3A84F6756A2 CRC32: 75E558CA Version: 5.0.818.6 {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: Google Toolbar Helper description: Google toolbar classification: Open for discussion known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll info link: http://toolbar.google.com/ info source: TonyKlein Path: c:\program files\google\ Long name: GoogleToolbar1.dll Short name: GOOGLE~1.DLL Date (created): 14/11/2007 12:56:02 Date (last access): 30/10/2009 01:49:04 Date (last write): 14/11/2007 12:56:02 Filesize: 2436160 Attributes: readonly archive MD5: 6D44E0C3B43D27484FBB355E470C4188 CRC32: 2DE875CD Version: 4.0.1601.4978 {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: Google Toolbar Notifier BHO Path: C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\ Long name: swg.dll Short name: Date (created): 26/03/2009 16:15:40 Date (last access): 30/10/2009 01:49:54 Date (last write): 26/03/2009 16:15:40 Filesize: 668656 Attributes: archive MD5: D1585B06DED161E13B905DC4FFBF7F12 CRC32: 88D5BAA5 Version: 5.1.1309.3572 --- ActiveX list --- {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) DPF name: CLSID name: Shockwave ActiveX Control Installer: C:\WINDOWS\Downloaded Program Files\erma.inf Codebase: http://fpdownload.macromedia.com/get/shock...director/sw.cab description: Macromedia ShockWave Flash Player 7 classification: Legitimate known filename: SWDIR.DLL info link: info source: Patrick M. Kolla Path: C:\WINDOWS\system32\Macromed\Director\ Long name: SwDir.dll Short name: Date (created): 08/03/2005 17:56:00 Date (last access): 30/10/2009 03:12:30 Date (last write): 09/09/2004 14:49:12 Filesize: 54488 Attributes: archive MD5: 943193399C341AC34E842CB07B5F29A0 CRC32: 12DEB8F4 Version: 10.1.0.11 {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) DPF name: CLSID name: Office Update Installation Engine Installer: C:\WINDOWS\Downloaded Program Files\opuc.inf Codebase: http://office.microsoft.com/officeupdate/content/opuc2.cab description: classification: Legitimate known filename: opuc.dll info link: info source: Safer Networking Ltd. Path: C:\WINDOWS\ Long name: opuc.dll Short name: Date (created): 18/01/2005 01:07:18 Date (last access): 30/10/2009 01:47:18 Date (last write): 18/01/2005 01:07:18 Filesize: 326656 Attributes: archive MD5: 20393D64F69F26361A97FD9AFB3C9243 CRC32: 0B4DBA7F Version: 11.0.6466.0 {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) DPF name: CLSID name: WUWebControl Class Installer: C:\WINDOWS\Downloaded Program Files\wuweb.inf Codebase: http://www.update.microsoft.com/windowsupd...b?1206711224812 description: classification: Legitimate known filename: wuweb.dll info link: info source: Safer Networking Ltd. Path: C:\WINDOWS\system32\ Long name: wuweb.dll Short name: Date (created): 07/03/2005 11:38:00 Date (last access): 30/10/2009 03:11:16 Date (last write): 06/08/2009 18:24:18 Filesize: 209632 Attributes: archive MD5: 033AF4CE25B6D871F0DE2C982658E049 CRC32: 2C204902 Version: 7.4.7600.226 {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) DPF name: CLSID name: MUWebControl Class Installer: C:\WINDOWS\Downloaded Program Files\muweb.inf Codebase: http://www.update.microsoft.com/microsoftu...b?1207653252687 description: classification: Legitimate known filename: muweb.dll info link: info source: Safer Networking Ltd. Path: C:\WINDOWS\system32\ Long name: muweb.dll Short name: Date (created): 30/07/2007 18:18:34 Date (last access): 30/10/2009 03:10:40 Date (last write): 06/08/2009 18:23:46 Filesize: 215920 Attributes: archive MD5: A1350D646EF6E57E8F4F33EBE7320D08 CRC32: AB3CA24F Version: 7.4.7600.226 {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} () DPF name: CLSID name: Installer: Codebase: file://C:\Program Files\MDT6\AcDcToday.ocx description: classification: Legitimate known filename: ACDCTO~1.OCX info link: info source: Safer Networking Ltd. {8AD9C840-044E-11D1-B3E9-00805F499D93} (Environnement d'exécution Java 1.4.1_01) DPF name: Environnement d'exécution Java 1.4.1_01 CLSID name: Java Plug-in 1.4.1_01 Installer: Codebase: http://java.sun.com/products/plugin/1.4/ji...indows-i586.cab description: Sun Java classification: Legitimate known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll info link: info source: Patrick M. Kolla Path: C:\Program Files\Java\j2re1.4.1_01\bin\ Long name: NPJPI141_01.dll Short name: NPJPI1~1.DLL Date (created): 22/05/2005 11:50:14 Date (last access): 30/10/2009 01:50:04 Date (last write): 30/09/2002 07:56:06 Filesize: 61548 Attributes: archive MD5: D16C9DD99512FB642DF311FDD365F55C CRC32: 92AC965E Version: 1.4.1.1 {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () DPF name: CLSID name: Installer: C:\WINDOWS\Downloaded Program Files\erma.inf Codebase: http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab description: classification: Open for discussion known filename: info link: info source: Safer Networking Ltd. {AE563720-B4F5-11D4-A415-00108302FDFD} () DPF name: CLSID name: Installer: Codebase: file://C:\Program Files\MDT6\InstBanr.ocx description: classification: Legitimate known filename: INSTBANR.OCX info link: info source: Safer Networking Ltd. {C6637286-300D-11D4-AE0A-0010830243BD} () DPF name: CLSID name: Installer: Codebase: file://C:\Program Files\MDT6\InstFred.ocx description: classification: Legitimate known filename: INSTFRED.OCX info link: info source: Safer Networking Ltd. {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.1_01) DPF name: Environnement d'exécution Java 1.4.1_01 CLSID name: Java Plug-in 1.4.1_01 Installer: Codebase: http://java.sun.com/products/plugin/1.4/ji...indows-i586.cab description: classification: Legitimate known filename: npjpi141_01.dll info link: info source: Safer Networking Ltd. Path: C:\Program Files\Java\j2re1.4.1_01\bin\ Long name: NPJPI141_01.dll Short name: NPJPI1~1.DLL Date (created): 22/05/2005 11:50:14 Date (last access): 30/10/2009 08:09:54 Date (last write): 30/09/2002 07:56:06 Filesize: 61548 Attributes: archive MD5: D16C9DD99512FB642DF311FDD365F55C CRC32: 92AC965E Version: 1.4.1.1 {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) DPF name: CLSID name: Shockwave Flash Object Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf Codebase: http://download.macromedia.com/pub/shockwa...ash/swflash.cab description: Macromedia Shockwave Flash Player classification: Legitimate known filename: info link: info source: Patrick M. Kolla Path: C:\WINDOWS\system32\Macromed\Flash\ Long name: Flash10b.ocx Short name: Date (created): 03/02/2009 03:07:18 Date (last access): 30/10/2009 03:12:30 Date (last write): 03/02/2009 03:07:18 Filesize: 3866528 Attributes: readonly archive MD5: 8AFC17155ED5AB60B7C52D7F553D579C CRC32: 0FBC13F3 Version: 10.0.22.87 {F281A59C-7B65-11D3-8617-0010830243BD} () DPF name: CLSID name: Installer: Codebase: file://C:\Program Files\MDT6\AcPreview.ocx description: classification: Legitimate known filename: ACPREV~1.OCX info link: info source: Safer Networking Ltd. --- Process list --- PID: 0 ( 0) [system] PID: 496 ( 4) \SystemRoot\System32\smss.exe size: 50688 PID: 568 ( 496) \??\C:\WINDOWS\system32\csrss.exe size: 6144 PID: 592 ( 496) \??\C:\WINDOWS\system32\winlogon.exe size: 512000 PID: 636 ( 592) C:\WINDOWS\system32\services.exe size: 111104 MD5: C3FB1D70CB88722267949694BA51759E PID: 648 ( 592) C:\WINDOWS\system32\lsass.exe size: 13312 MD5: 91E6024D6D4DCDECDB36C43ECF9BBECB PID: 800 ( 636) C:\WINDOWS\system32\Ati2evxx.exe size: 425984 MD5: 0EF8098B30264082F64CA4431CA68BB8 PID: 812 ( 636) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: E4BDF223CD75478BF44567B4D5C2634D PID: 884 ( 636) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: E4BDF223CD75478BF44567B4D5C2634D PID: 976 ( 636) C:\Program Files\Windows Defender\MsMpEng.exe size: 13592 MD5: F45DD1E1365D857DD08BC23563370D0E PID: 1016 ( 636) C:\WINDOWS\System32\svchost.exe size: 14336 MD5: E4BDF223CD75478BF44567B4D5C2634D PID: 1052 ( 636) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: E4BDF223CD75478BF44567B4D5C2634D PID: 1228 ( 636) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: E4BDF223CD75478BF44567B4D5C2634D PID: 1408 ( 636) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: E4BDF223CD75478BF44567B4D5C2634D PID: 1456 ( 592) C:\WINDOWS\system32\Ati2evxx.exe size: 425984 MD5: 0EF8098B30264082F64CA4431CA68BB8 PID: 1744 ( 636) C:\WINDOWS\system32\spoolsv.exe size: 57856 MD5: 460E4CE148BD07218DA0B6A3D31885A9 PID: 488 ( 636) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: E4BDF223CD75478BF44567B4D5C2634D PID: 112 ( 636) C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe size: 132424 MD5: 43DC4FC662DF064535E30B17C8B5AB00 PID: 700 ( 636) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe size: 312880 MD5: 5DCD235C061022BCDA9AA48670B64211 PID: 824 ( 636) C:\Program Files\Bonjour\mDNSResponder.exe size: 238888 MD5: 3F56903E124E820AEECE6D471583C6C1 PID: 940 ( 636) C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe size: 135168 MD5: E80FEAEA3F3E75B166ECE8E47CF0A7E9 PID: 1176 ( 636) C:\WINDOWS\System32\svchost.exe size: 14336 MD5: E4BDF223CD75478BF44567B4D5C2634D PID: 1696 ( 636) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: E4BDF223CD75478BF44567B4D5C2634D PID: 364 (1528) C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe size: 344064 MD5: 74A0B4382C82DE73BD309C778A8F4815 PID: 388 (1528) C:\WINDOWS\Dit.exe size: 90112 MD5: 38060C4DBB138721CB7757B91ABAA183 PID: 336 (1528) C:\WINDOWS\mHotkey.exe size: 508416 MD5: 94229807AD00A72B50195F1D3DFB205F PID: 1900 (1528) C:\WINDOWS\CNYHKey.exe size: 5794816 MD5: 785FD48CEC69D07BCD2C1B2C112F00C9 PID: 408 (1528) C:\WINDOWS\AGRSMMSG.exe size: 88209 MD5: 230EA041666125B6812FE3FF964B2DF3 PID: 428 (1528) C:\Program Files\Home Cinema\PowerCinema\PCMService.exe size: 81920 MD5: 890F7BD18750F3C41ADAA7303C326AD4 PID: 448 (1528) C:\Program Files\Windows Defender\MSASCui.exe size: 866584 MD5: 77C03BF23AE56B0A31AE4D5BB4B3D0AC PID: 952 (1528) C:\Program Files\Microsoft IntelliPoint\ipoint.exe size: 849280 MD5: F4E7979D8ADEBEEDEAD33019A5BD52BF PID: 1484 (1528) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe size: 30248 MD5: 792D0020117F2F6D3B433193BBAC555E PID: 1960 (1528) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe size: 663552 MD5: 7E6EFC5383FEF3EF852F2C7D41DEE83F PID: 2280 (1528) C:\Program Files\TF1Vision\TF1vision.exe size: 397312 MD5: 67F4CE7A350519B69A4DE226F2843C92 PID: 2384 (2204) C:\Program Files\Brother\ControlCenter3\brccMCtl.exe size: 536576 MD5: 47F73264CBAAC4981C3393BA8E4339CD PID: 2412 (1528) C:\Program Files\QuickTime\QTTask.exe size: 413696 MD5: 0AB3C83FCB8EF6F56E4FB22089F0D3B9 PID: 2436 (1528) C:\Program Files\iTunes\iTunesHelper.exe size: 342312 MD5: 6B0E8DEE62C0C9695C77F14482DDF178 PID: 2596 (1528) C:\Program Files\Windows Media Player\WMPNSCFG.exe size: 204288 MD5: 5011A24AECF4D573473BDC15EE84C178 PID: 2604 (1960) C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe size: 98304 MD5: 09622B465C5F98600CBA53B758A266F4 PID: 2744 (2664) C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe size: 133104 MD5: 37CE3F960BEEC755D0E04E4140E93638 PID: 3020 (1528) C:\Program Files\MSI\Bluetooth Software\BTTray.exe size: 507965 MD5: 037731588DE041A80BA15D558D976EB6 PID: 1580 ( 636) C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe size: 20480 MD5: 5A0C788C5BC5F2C993CB60940ADCF95E PID: 1120 ( 636) C:\Program Files\iPod\bin\iPodService.exe size: 656168 MD5: F055C1760ABFA52B159985E551EA0EDC PID: 2132 (1016) C:\WINDOWS\system32\wscntfy.exe size: 13824 MD5: 02DA31AB433A6C1110A736C85701DECA PID: 2520 ( 636) C:\WINDOWS\System32\alg.exe size: 44544 MD5: 5E9A6658A2A69AE7EB195113B7A2E7A9 PID: 2228 ( 592) C:\WINDOWS\explorer.exe size: 1037824 MD5: F2317622D29F9FF0F88AEECD5F60F0DD PID: 1420 (2228) C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Google\Chrome\Application\chrome.exe size: 919024 MD5: B4A3C03641392FAC6BE9AEDE2A752548 PID: 1940 (1420) C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Google\Chrome\Application\chrome.exe size: 919024 MD5: B4A3C03641392FAC6BE9AEDE2A752548 PID: 1012 (3900) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe size: 5365592 MD5: 0477C2F9171599CA5BC3307FDFBA8D89 PID: 4 ( 0) System --- Browser start & search pages list --- Spybot - Search & Destroy browser pages report, 30/10/2009 08:09:53 HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page C:\WINDOWS\system32\blank.htm HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page http://home.neuf.fr/ HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@ http://home.microsoft.com/access/autosearch.asp?p=%s HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page C:\WINDOWS\system32\blank.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page http://go.microsoft.com/fwlink/?LinkId=54896 HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page http://go.microsoft.com/fwlink/?LinkId=69157 HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL http://go.microsoft.com/fwlink/?LinkId=69157 HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL http://go.microsoft.com/fwlink/?LinkId=54896 HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm --- Winsock Layered Service Provider list --- --- Uninstall list --- Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal) uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG publisher: Lavasoft help link: http://www.lavasoft.com (AddressBook) Adobe Flash Player 10 ActiveX 10.0.22.87 (Adobe Flash Player ActiveX) uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe publisher: Adobe Systems Incorporated help link: http://www.adobe.com/go/flashplayer_support/ Adobe Flash Player 10 Plugin 10.0.32.18 (Adobe Flash Player Plugin) uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe publisher: Adobe Systems Incorporated Adobe SVG Viewer 3.0 3.0 (Adobe SVG Viewer) version (major): 3 install location: C:\WINDOWS\system32\Adobe\SVG Viewer 3.0 uninstall cmd: C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log publisher: Adobe Systems, Inc. Agere Systems PCI Soft Modem (Agere Systems Soft Modem) uninstall cmd: agrsmdel ATI - Utilitaire de désinstallation du logiciel 6.14.10.1010 (All ATI Software) install location: C:\Program Files\ATI Technologies\UninstallAll uninstall cmd: C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe AnswerWorks Runtime (AnswerWorks) uninstall cmd: C:\WINDOWS\IsUninst.exe -f"C:\Program Files\WexTech\AnswerWorks\Uninst.isu" Asus_LCD_ScreenSaver 1.0.0001 (Asus_LCD_ScreenSaver) version: 16777217 install date: 2008/10/31 uninstall cmd: "C:\WINDOWS\ASUS LCD ScreenSaver Uninstaller.exe" publisher: ASUS ATI Display Driver 8.081-041124a1-019779C-Medion (ATI Display Driver) uninstall cmd: rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean (Branding) C-Media 3D Audio (C-Media Audio) uninstall cmd: C:\WINDOWS\CMIUnInstall.exe C-Media WDM Audio Driver (C-Media Audio Driver) uninstall cmd: C:\WINDOWS\system32\cmirmdrv.exe CCleaner (remove only) (CCleaner) uninstall cmd: "C:\Program Files\CCleaner\uninst.exe" (DirectAnimation) (DirectDrawEx) (DXM_Runtime) eMule (eMule) uninstall cmd: "C:\Program Files\eMule\Uninstall.exe" (expinst) FastStone Image Viewer 2.0.5 2.0.5 (FastStone Image Viewer) uninstall cmd: C:\Program Files\FastStone Image Viewer\uninst.exe publisher: FastStone Soft. (Fontcore) USB Serial Converter Drivers (FTDICOMM) uninstall cmd: C:\WINDOWS\system32\ftdiun2k.exe C:\WINDOWS\system32\ft2kunin.ini Outil de mise à jour Google 2.4.1536.6592 (Google Updater) version (major): 2 version (minor): 4 install location: C:\Program Files\Google\Google Updater uninstall cmd: "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall publisher: Google Inc. help link: http://pack.google.com:80/pack-support?hl=fr&gl=fr HijackThis 2.0.2 2.0.2 (HijackThis) uninstall cmd: "C:\hijackthis\HijackThis.exe" /uninstall publisher: TrendMicro ICE Book Reader Professional 8.2 8.2 (ICE Book Reader Professional) uninstall cmd: C:\Program Files\ICE Book Reader Professional\uninst.exe publisher: ICE Graphics (ICW) Microsoft Internationalized Domain Names Mitigation APIs (IDNMitigationAPIs) install date: 20080402 uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" publisher: Microsoft Corporation (IE40) (IE4Data) (IE5BAKEX) Windows Internet Explorer 7 20070813.185237 (ie7) install date: 20080402 publisher: Microsoft Corporation help link: http://www.microsoft.com/ie Windows Internet Explorer 8 20090308.140743 (ie8) install date: 20090716 uninstall cmd: "C:\WINDOWS\ie8\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://www.microsoft.com/ie (IEData) Install Creator (Install Creator) uninstall cmd: C:\Program Files\Install Creator\Uninstal.exe InterActual Player (InterActual Player) uninstall cmd: C:\Program Files\InterActual\InterActual Player\inuninst.exe (KB884016) (KB884267) (KB885353) (KB885884) (KB886612) (KB887078) (KB887626) (KB888656) (KB889858) (KB891122) Windows Genuine Advantage Validation Tool (KB892130) (KB892130) install date: 20070618 publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=892130 (KB892313) (KB893240) (KB893241) (KB893803) (KB895181) (KB895316) (KB895572) (KB897586) (KB898549) (KB900399) (KB902344) (KB907658) (KB911565) (KB911854) (KB928365.T1_1ToU569_1) (KB929399) (KB936782_WMP11) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) 1 (KB938127-IE7) install date: 20080827 uninstall cmd: "C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=938127 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2) 2 (KB938127-v2-IE7) install date: 20080827 uninstall cmd: "C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=938127-v2 (KB939683) (KB941569) (KB950762) (KB950974) (KB951066) (KB951376-v2) (KB951698) (KB951748) (KB952287) (KB952954) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838) 1 (KB953838-IE7) install date: 20080827 uninstall cmd: "C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=953838 Hotfix for Windows XP (KB954550-v5) 5 (KB954550-v5) install date: 20090823 publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=954550 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390) 1 (KB956390-IE7) install date: 20081016 uninstall cmd: "C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=956390 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215) 1 (KB958215-IE7) install date: 20081213 uninstall cmd: "C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=958215 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714) 1 (KB960714-IE7) install date: 20081219 uninstall cmd: "C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=960714 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260) 1 (KB961260-IE7) install date: 20090211 uninstall cmd: "C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=961260 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027) 1 (KB963027-IE7) install date: 20090419 uninstall cmd: "C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=963027 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897) 1 (KB969897-IE7) install date: 20090612 uninstall cmd: "C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=969897 Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897) 1 (KB969897-IE8) install date: 20090716 uninstall cmd: "C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=969897 Mise à jour pour Windows Internet Explorer 8 (KB971930) 1 (KB971930-IE8) install date: 20090716 uninstall cmd: "C:\WINDOWS\ie8updates\KB971930-IE8\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=971930 Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961) 1 (KB971961-IE8) install date: 20090910 uninstall cmd: "C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=971961 Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260) 1 (KB972260-IE8) install date: 20090807 uninstall cmd: "C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=972260 Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455) 1 (KB974455-IE8) install date: 20091014 uninstall cmd: "C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=974455 (KBKB890927) Microsoft .NET Framework 1.1 Security Update (KB953297) (M953297) uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Macromedia Shockwave Player (Macromedia Shockwave Player) uninstall cmd: C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log Malwarebytes' Anti-Malware (Malwarebytes' Anti-Malware_is1) install date: 20091026 install location: C:\Program Files\Malwarebytes' Anti-Malware\ uninstall cmd: "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" publisher: Malwarebytes Corporation help link: http://www.malwarebytes.org Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033)) uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm (Microsoft .NET Framework 2.0) Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA (Microsoft .NET Framework 2.0 Language Pack - FRA) install location: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=45396 Microsoft .NET Framework 3.5 SP1 (Microsoft .NET Framework 3.5 SP1) install location: C:\WINDOWS\Microsoft.NET\Framework\v3.5\ uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=120337 (Microsoft Interactive Training) uninstall cmd: C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu (MobileOptionPack) Microsoft Money 14 (Money2005b) uninstall cmd: C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120 publisher: Microsoft comments: La base de données d'installation contient la logique et les données requises pour installer Money. help link: http://support.microsoft.com help telephone: 0 825 827 829 Mozilla Firefox (3.0.14) 3.0.14 (fr) (Mozilla Firefox (3.0.14)) install location: C:\Program Files\Mozilla Firefox uninstall cmd: C:\Program Files\Mozilla Firefox\uninstall\helper.exe publisher: Mozilla comments: Mozilla Firefox (MPlayer2) Microsoft Compression Client Pack 1.0 for Windows XP 1 (MSCompPackV1) install date: 20081009 uninstall cmd: "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=74087 (MSI30-Beta1) (MSI30-Beta2) (MSI30-KB884016) (MSI30-RC1) (MSI30-RC2) (MSI30a-KB884016) (MSI31-Beta) (MSI31-RC1) MSN (MSNINST) uninstall cmd: C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP (Nero - Burning Rom!UninstallKey) uninstall cmd: C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL Nero Suite (NeroMultiInstaller!UninstallKey) uninstall cmd: C:\Program Files\Fichiers communs\Ahead\Uninstall\setup.exe /uninstall ExtraUninstallID="" (NeroVision!UninstallKey) uninstall cmd: C:\WINDOWS\UNNeroVision.exe /UNINSTALL (NetMeeting) Neuf - Kit de connexion 7.2.12.0 (Neuf_Kit) uninstall cmd: C:\Program Files\Neuf\Kit\uninstall.exe publisher: Neuf help link: http://abonnes.neuf.fr help telephone: 0892 222 109 Microsoft National Language Support Downlevel APIs (NLSDownlevelMapping) install date: 20080402 uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" publisher: Microsoft Corporation (NMPUninstallKey) uninstall cmd: C:\WINDOWS\UNNMP.exe /UNINSTALL NVIDIA Drivers (NVIDIA Drivers) uninstall cmd: C:\WINDOWS\system32\NVUNINST.EXE UninstallGUI Winamp Remote 2.2008.0508.1530 (Orb) uninstall cmd: "C:\Program Files\Winamp Remote\uninstall.exe" publisher: Orb Networks (OutlookExpress) PC Pitstop Optimize 1.5 1.5.14.0 (PC Pitstop Optimize_is1) install date: 20080405 install location: C:\Program Files\PCPitstop\Optimize\ uninstall cmd: "C:\Program Files\PCPitstop\Optimize\unins000.exe" publisher: PC Pitstop LLC help link: http://www.pcpitstop.com/faq/Optimize.asp (PCHealth) uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Piky Basket 2.0 (Piky Basket_is1) uninstall cmd: "C:\Program Files\Conceptworld\Piky\unins000.exe" publisher: Conceptworld Corporation help link: http://www.conceptworld.com/ PokerFROnline (PokerFROnline) uninstall cmd: C:\PROGRA~1\POKERF~1\UNWISE.EXE C:\PROGRA~1\POKERF~1\INSTALL.LOG (SchedulingAgent) (Shockwave) µTorrent 1.6.1 (uTorrent) install location: C:\Program Files\uTorrent uninstall cmd: "C:\Program Files\uTorrent\uninstall.exe" VLC media player 0.9.6 0.9.6 (VLC media player) uninstall cmd: C:\Program Files\VideoLAN\VLC\uninstall.exe publisher: VideoLAN Team Windows Genuine Advantage Validation Tool (KB892130) 1.7.0069.2 (WGA) install location: %SYSTEMROOT%\system32 publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=892130 Windows Genuine Advantage Notifications (KB905474) 1.7.0018.5 (WgaNotify) install date: 20060710 publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=905474 (WIC) Winamp 5.541 (Winamp) uninstall cmd: "C:\Program Files\Winamp\UninstWA.exe" publisher: Nullsoft, Inc help link: http://forums.winamp.com Windows Media Format 11 runtime (Windows Media Format Runtime) uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll help link: http://go.microsoft.com/fwlink/?LinkId=62768 Lecteur Windows Media 11 (Windows Media Player) uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Windows XP Service Pack 3 20080413.144513 (Windows XP Service) install date: 20080918 uninstall cmd: "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=936929 (Windows XP Service Pack) Archiveur WinRAR (WinRAR archiver) uninstall cmd: C:\Program Files\WinRAR\uninstall.exe (WMCSetup) Windows Media Format 11 runtime (WMFDist11) install date: 20070311 uninstall cmd: "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http: Windows Media Player 11 (wmp11) install date: 20070311 uninstall cmd: "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http: X10 Hardware (X10Hardware) uninstall cmd: C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log (Yahoo! Anti-Spy) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 9.0.30729.4148 ({002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) version: 151025673 version (major): 9 estimated size: 149 install date: 20090807 install source: f:\38a06fc11637f8678d\ uninstall cmd: MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} publisher: Microsoft Corporation MSXML4 Parser 1.0.0 ({01501EBA-EC35-4F9F-8889-3BE346E5DA13}) version: 16777216 version (major): 1 estimated size: 1357 install date: 20060822 install source: C:\PROGRA~1\MICROS~2\AGEOFM~1\ uninstall cmd: MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13} publisher: Microsoft Game Studios contact: Microsoft Game Studios 1.0 ({01958032-9877-4118-B87F-9EFA74B3F15F}) version: 16777216 version (major): 1 install location: C:\Program Files\Adobe\Adobe Version Cue install source: h:\ADOBEC~3\ADOBEV~B uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01958032-9877-4118-B87F-9EFA74B3F15F}\setup.exe" -l0x40c publisher: Adobe Systems, Inc. USB MODEM Driver ({042E2C9D-6647-4C5F-9CEF-387D72023128}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{042E2C9D-6647-4C5F-9CEF-387D72023128}\setup.exe" -l0x9 UNINSTALL Bonjour 1.0.106 ({07287123-B8AC-41CE-8346-3D777245C35B}) version: 16777322 version (major): 1 estimated size: 497 install date: 20090508 install location: C:\Program Files\Bonjour\ install source: C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Apple\Apple Software Update\ uninstall cmd: MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} publisher: Apple Inc. contact: Assistance AppleCare help link: http://www.apple.com/fr/support/ help telephone: (33) 0825 888 024 ATI Control Panel 6.14.10.5134 ({0BEDBD4E-2D34-47B5-9973-57E62B29307C}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" Microsoft IntelliPoint 6.1 6.10.156.0 ({0E4BC542-9CFD-4E97-B586-9F1E5516E7B9}) version: 101318812 version (major): 6 version (minor): 10 estimated size: 11728 install date: 20080328 install source: G:\ipoint\setup\ publisher: Microsoft help link: http://support.microsoft.com/ Java 2 Runtime Environment, SE v1.4.1_01 ({1666FA7C-CB5F-11D6-A78C-00B0D079AF64}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1666FA7C-CB5F-11D6-A78C-00B0D079AF64}\setup.exe" Anytext OpenMG Jukebox ({1C877DA0-5EFF-11D4-9254-0000F460E7A9}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1C877DA0-5EFF-11D4-9254-0000F460E7A9}\setup.exe" -l0x40c UNINSTALL TF1Vision version 1.3.1.5 1.3.1.5 ({1D66CBE2-F5A1-4BBB-A842-B32CC295D6AF}_is1) install date: 20081009 install location: C:\Program Files\TF1Vision\ uninstall cmd: "C:\Program Files\TF1Vision\unins001.exe" publisher: e-TF1 / 1-Click Media LifeFrame2 2.0.22 ({1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) version: 33554454 version (major): 2 estimated size: 10170 install date: 20081031 install source: G:\LifeFrame\data\ uninstall cmd: MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158} publisher: ASUS contact: ASUS Google Earth 4.2.205.5730 ({1E04F83B-2AB9-4301-9EF7-E86307F79C72}) version: 67240141 version (major): 4 version (minor): 2 estimated size: 34092 install date: 20080329 install location: C:\Program Files\Google\Google Earth\ install source: C:\WINDOWS\TEMP\{0AD9D839-1B7F-4653-AA12-BCF71A73CDED}\ uninstall cmd: MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72} publisher: Google QuickTime 7.60.92.0 ({216AB108-2AE1-4130-B3D5-20B2C4C80F8F}) version: 121372764 version (major): 7 version (minor): 60 estimated size: 76133 install date: 20090508 install location: C:\Program Files\QuickTime\ install source: C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Apple\Apple Software Update\ uninstall cmd: MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F} publisher: Apple Inc. contact: Assistance AppleCare help link: http://www.apple.com/fr/support/ help telephone: (33) 0825 888 024 PowerCinema 3.0 ({2637C347-9DAD-11D6-9EA2-00055D0CA761}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" -uninstall CS 7.0.2 ({2C0DAEA5-826C-4A76-B176-56959B99D3F0}) version (major): 7 install location: C:\Program Files\Adobe\Adobe GoLive CS install source: h:\ADOBEC~2\ADOBEG~4 uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C0DAEA5-826C-4A76-B176-56959B99D3F0}\setup.exe" -l0x40c publisher: Adobe Systems, Inc. 3.1.20081127 ({2CCBABCB-6427-4A55-B091-49864623C43F}) version: 20081127 version (major): 3 version (minor): 1 J2SE Runtime Environment 5.0 Update 1 1.5.0.10 ({3248F0A8-6813-11D6-A77B-00B0D0150010}) version: 17104896 version (major): 1 version (minor): 5 estimated size: 153973 install date: 20050308 install source: C:\Documents and Settings\Propriétaire\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150010}\ uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150010} publisher: Sun Microsystems, Inc. contact: http://java.com help link: http://java.com readme: C:\Program Files\Java\jre1.5.0_01\README.txt PaperPort Image Printer 1.00.0000 ({332CC6BF-E6C7-48EE-BA3D-435E576AD67F}) version: 16777216 version (major): 1 estimated size: 2032 install date: 20080920 install location: C:\Program Files\Nuance\Image Printer\ install source: G:\paperport\PaperPort\PrinterDriver\system32\ uninstall cmd: MsiExec.exe /X{332CC6BF-E6C7-48EE-BA3D-435E576AD67F} publisher: Nuance Communications, Inc. MSXML 4.0 SP2 (KB927978) 4.20.9841.0 ({37477865-A3F1-4772-AD43-AAFC6BCFF99F}) version: 68429425 version (major): 4 version (minor): 20 estimated size: 2625 install date: 20061115 install source: d:\7dfe7c412a51fd46c37c4cfc124b\ uninstall cmd: MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} publisher: Microsoft Corporation help link: http://support.microsoft.com/kb/927978 CS ({416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}) version: 50331648 version (major): 3 install location: C:\Program Files\Adobe\Adobe InDesign CS install source: h:\ADOBEC~2\ADOBEI~6\ uninstall cmd: RunDll32 "C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}\zidxp.exe" publisher: Adobe Systems Incorporated Visionneuse Journal Windows Microsoft 1.5.2315.3 ({43DCF766-6838-4F9A-8C91-D92DA586DFA7}) version: 17107211 version (major): 1 version (minor): 5 estimated size: 3555 install date: 20050308 install source: C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\IXP000.TMP\ uninstall cmd: MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7} publisher: Microsoft comments: Visionneuse de documents créés avec l'application Journal Windows. contact: Microsoft USB PC Camera (SN9C102) 4.14.0.0 ({57383270-6F61-4DC8-A9B8-C1745FC29F38}) version: 68026368 install location: C:\Program Files\Sonix\USB PC Camera (SN9C102) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57383270-6F61-4DC8-A9B8-C1745FC29F38}\Setup.exe" -l0x9 Mechanical Desktop 6 6.0.18.3 ({5783F2D7-0103-0409-0000-0060B0CE6BBA}) version: 100663314 version (major): 6 estimated size: 496221 install date: 20051121 install source: G:\ uninstall cmd: MsiExec.exe /I{5783F2D7-0103-0409-0000-0060B0CE6BBA} publisher: Autodesk iTunes 8.1.1.10 ({5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}) version: 134283265 version (major): 8 version (minor): 1 estimated size: 111673 install date: 20090508 install location: C:\Program Files\iTunes\ install source: C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Apple\Apple Software Update\ uninstall cmd: MsiExec.exe /I{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3} publisher: Apple Inc. contact: Assistance AppleCare help link: http://www.apple.com/fr/support/ help telephone: +33 (0) 825 888 024 PowerDVD ({6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) 8.1.2 ({6846389C-BAC0-4374-808E-B120F86AF5D7}) version: 134283266 version (major): 8 version (minor): 1 estimated size: 8180 install date: 20081015 install location: C:\Program Files\Adobe\Security Update\ install source: C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Adobe\Updater5\Install\reader8rdr-fr_FR\ uninstall cmd: MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7} publisher: Adobe Systems, Inc comments: Your Comments contact: Customer Support Department help link: http://www.Adobe.com help telephone: 1-555-555-4505 Apple Software Update 2.1.1.116 ({6956856F-B6B3-4BE0-BA0B-8F495BE32033}) version: 33619969 version (major): 2 version (minor): 1 estimated size: 2208 install date: 20080920 install location: C:\Program Files\Apple Software Update\ install source: C:\DOCUME~1\DELAPA~1\LOCALS~1\Temp\IXP375.TMP\ uninstall cmd: MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} publisher: Apple Inc. contact: Assistance AppleCare help link: http://www.apple.com/fr/support/ help telephone: 0825 888 024 MSXML 4.0 SP2 Parser and SDK 4.20.9818.0 ({716E0306-8318-4364-8B8F-0CC4E9376BAC}) version: 68429402 version (major): 4 version (minor): 20 estimated size: 1259 install date: 20060822 install source: C:\Documents and Settings\DELAPAMPA\Bureau\ uninstall cmd: MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC} publisher: Microsoft Corporation help link: http://www.msdn.microsoft.com/xml Utilitaire de sauvegarde Windows 5.1 ({76EFFC7C-17A6-479D-9E47-8E658C1695AE}) version: 83951616 version (major): 5 version (minor): 1 estimated size: 1273 install date: 20050308 install source: C:\Documents and Settings\Propriétaire\Bureau\ uninstall cmd: MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE} publisher: Microsoft Corporation help link: http://www.microsoft.com/management MSXML 4.0 SP2 (KB954430) 4.20.9870.0 ({86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) version: 68429454 version (major): 4 version (minor): 20 estimated size: 2729 install date: 20081112 install source: f:\d379ddc1a04febe48b04c9c8\ uninstall cmd: MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} publisher: Microsoft Corporation help link: http://support.microsoft.com/kb/954430 Microsoft Office Professional Edition 2003 11.0.8173.0 ({9011040C-6000-11D3-8CFE-0150048383C9}) version: 184557549 version (major): 11 estimated size: 837899 install date: 20091014 install source: G:\ uninstall cmd: MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9} publisher: Microsoft Corporation help link: http://www.microsoft.com/support readme: C:\Program Files\Microsoft Office\OFFICE11\1036\OFREADME.HTM Compatibility Pack for the 2007 Office system 12.0.6215.1000 ({90120000-0020-040C-0000-0000000FF1CE}) version: 201332807 version (major): 12 estimated size: 186969 install date: 20091020 install source: C:\Program Files\MSECache\O2007Cnv\1036\ uninstall cmd: MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE} publisher: Microsoft Corporation help link: http://www.microsoft.com/support Microsoft Outlook 2002 10.0.6626.0 ({911A040C-6000-11D3-8CFE-0050048383C9}) version: 167778786 version (major): 10 estimated size: 151480 install date: 20091014 install source: G:\OUTLOOK\ uninstall cmd: MsiExec.exe /I{911A040C-6000-11D3-8CFE-0050048383C9} publisher: Microsoft Corporation help link: http://www.microsoft.com/support readme: C:\Program Files\Microsoft Office\Office10\1036\OFREAD10.HTM 11 ({91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}) version: 184549376 version (major): 11 install location: C:\Program Files\Adobe\Adobe Illustrator CS install source: "h:\ADOBEC~3\ADOBEI~7" uninstall cmd: RunDll32 "C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}\setup.exe" publisher: Adobe Systems, Inc. Clé Internet de prêt 1.0.0.1 ({93D34EE3-99B3-4DB1-8B0A-0A657466F90D}) version: 16777216 install date: 20090724 install location: C:\Program Files\Clé Internet de prêt install source: L:\installer\ uninstall cmd: "C:\Program Files\InstallShield Installation Information\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}\setup.exe" -runfromtemp -l0x040c -removeonly Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 9.0.30729 ({9A25302D-30C0-39D9-BD6F-21E6EC160475}) version: 151025673 version (major): 9 estimated size: 10524 install date: 20090630 install source: f:\20c2d3f676ff3f0c66\ uninstall cmd: MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} publisher: Microsoft Corporation Microsoft .NET Framework 1.1 French Language Pack 1.1.4322 ({9A394342-4A68-4EBA-85A6-55B559F4E700}) version: 16847074 version (major): 1 version (minor): 1 estimated size: 3138 install date: 20050308 install source: C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\IXP000.TMP\ uninstall cmd: MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} publisher: Microsoft readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1036\RepairRedist.htm Bluetooth Remote Control 0.7.0 ({9B5E5DFB-73C0-4B08-BCBF-BE97AE42993A}) version: 458752 version (minor): 7 estimated size: 3749 install date: 20070620 install source: C:\Documents and Settings\DELAPAMPA\Bureau\ uninstall cmd: MsiExec.exe /I{9B5E5DFB-73C0-4B08-BCBF-BE97AE42993A} publisher: Orion comments: Bluetooth Remote Control for Windows Mobile contact: Jérôme Laban Windows Defender 1.1.1593.21 ({A06275F4-324B-4E85-95E6-87B2CD729401}) version: 16844345 version (major): 1 version (minor): 1 estimated size: 9838 install date: 20070619 install source: C:\Documents and Settings\DELAPAMPA\Local Settings\Temporary Internet Files\Content.IE5\NWQ4XJVT\ uninstall cmd: MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401} publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=55273 Microsoft .NET Framework 3.0 Service Pack 2 3.2.30729 ({A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) version: 50493449 version (major): 3 version (minor): 2 estimated size: 184293 install date: 20090830 install source: f:\62b3de1f88eff48fcec067\dotnetfx30\ uninstall cmd: MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=98075 ({A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB958483) Brother MFL-Pro Suite 1.00 ({A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}) version: 16777216 install date: 20080920 install location: C:\Program Files\Brother\Brmfl07a install source: G:\mflpro\Data\Disk1\ uninstall cmd: "C:\Program Files\InstallShield Installation Information\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Setup.exe" -runfromtemp -l0x040c Brunin03.dll -removeonly publisher: Brother Industries, Ltd. Pando 2.3.0001 ({AB480DA0-7EE9-465D-9C12-4CDE65BF18FB}) version: 33751041 version (major): 2 version (minor): 3 estimated size: 7537 install date: 20090315 install location: C:\Program Files\Pando Networks\Pando\ install source: C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\{02D6B647-B652-4FF2-875E-268CD3382FB2}\ uninstall cmd: MsiExec.exe /I{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB} publisher: Pando Networks Inc. 006.000.000 ({AC76BA86-1033-F400-7760-000000000001}) version: 100663296 version (major): 6 estimated size: 276700 install date: 20050519 install location: C:\Program Files\Adobe\Adobe Acrobat 6.0 install source: h:\ADOBEC~2\ADOBEA~2.0\ uninstall cmd: MsiExec.exe /I{AC76BA86-1033-F400-7760-000000000001} publisher: Adobe Systems comments: Balise d'emplacement des commentaires ARP pour Acrobat. contact: Support clientèle help link: http://www.adobe.com/support/main.html help telephone: 1-800-833-6687 readme: C:\Program Files\Adobe\Adobe Acrobat 6.0\Readme.htm Adobe Reader 8.1.2 - Français 8.1.2 ({AC76BA86-7AD7-1036-7B44-A81200000003}) version: 134283266 version (major): 8 version (minor): 1 estimated size: 102743 install date: 20080711 install source: C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Adobe\Updater5\Install\reader8rdr-fr_FR\ uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003} publisher: Adobe Systems Incorporated comments: contact: Support clientèle help link: http://www.adobe.fr/support/main.html readme: [iNSTALLDIR]Reader\Lisezmoi.htm Adobe Reader 8.1.2 Security Update 1 (KB403742) ({AC76BA86-7AD7-1036-7B44-A81200000003}_Adobe Reader 8.1.2 - Français) help link: http://www.adobe.com/go/kb403742 Apple Mobile Device Support 2.4.1.7 ({AFA20D47-69C3-4030-8DF8-D37466E70F13}) version: 33816577 version (major): 2 version (minor): 4 estimated size: 40965 install date: 20090508 install location: C:\Program Files\Fichiers communs\Apple\Mobile Device Support\ install source: C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Apple\Apple Software Update\ uninstall cmd: MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13} publisher: Apple Inc. contact: Assistance AppleCare help link: http://www.apple.com/fr/support/ help telephone: 1-800-275-2273 TF1Vision version 1.3.1.4 1.3.1.4 ({B1F535AE-F732-44bd-9B6D-0712403945DF}_is1) install date: 20070902 install location: C:\Program Files\TF1Vision\ uninstall cmd: "C:\Program Files\TF1Vision\unins000.exe" publisher: e-TF1 / 1-Click Media Spybot - Search & Destroy 1.6.2 ({B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) install date: 20090831 install location: C:\Program Files\Spybot - Search & Destroy\ uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe" publisher: Safer Networking Limited help link: http://www.safer-networking.org/index.php?page=support ScanSoft PaperPort 11 11.1.0000 ({B6C89654-A6A2-477C-873B-724EC1C56407}) version: 184614912 version (major): 11 version (minor): 1 estimated size: 131602 install date: 20080920 install source: G:\paperport\PaperPort\ uninstall cmd: MsiExec.exe /I{B6C89654-A6A2-477C-873B-724EC1C56407} publisher: Nuance Communications, Inc. comments: SE,PP-0657-056-7121.1 help link: http://www.scansoft.fr PowerProducer ({B7A0CE06-068E-11D6-97FD-0050BACBF861}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall Windows Live Messenger 8.5.1302.1018 ({BADF6744-3787-48F6-B8C9-4C4995401D65}) version: 134546710 version (major): 8 version (minor): 5 estimated size: 32205 install date: 20080927 install source: C:\Program Files\Fichiers communs\WindowsLiveInstaller\MsiSources\ uninstall cmd: MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} publisher: Microsoft Corporation MSXML 4.0 SP2 (KB936181) 4.20.9848.0 ({C04E32E0-0416-434D-AFB9-6969D703A9EF}) version: 68429432 version (major): 4 version (minor): 20 estimated size: 2680 install date: 20070814 install source: c:\29b57d7de9809cb2689d\ uninstall cmd: MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} publisher: Microsoft Corporation help link: http://support.microsoft.com/kb/936181 Microsoft .NET Framework 2.0 Service Pack 2 2.2.30729 ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) version: 33716233 version (major): 2 version (minor): 2 estimated size: 188885 install date: 20091014 install source: f:\62b3de1f88eff48fcec067\dotnetfx20\ uninstall cmd: MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=98073 ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB200003) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB431780) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB946922) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB947748) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB949272) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB952137) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB952677) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB953300) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB953990) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB954832) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB956860) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957541) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957542) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957543) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB958129) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB958481) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB960043) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB974417) Athlon 64 Processor Driver 1.1.0.18 ({C151CE54-E7EA-4804-854B-F515368B0798}) version: 16842752 install location: C:\Program Files\AMD\Athlon 64 Processor Driver uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x40c Microsoft Plus! Digital Media Edition 1.00.00.2239 ({C6A7AF96-4EB1-4AAE-8318-1AB393C64F88}) version: 16777216 version (major): 1 estimated size: 57972 install date: 20050615 install source: C:\DOCUME~1\DELAPA~1\LOCALS~1\Temp\Plus! Digital Media Edition Setup\ uninstall cmd: MsiExec.exe /I{C6A7AF96-4EB1-4AAE-8318-1AB393C64F88} publisher: Microsoft Corporation help link: C:\Program Files\Microsoft Plus! Digital Media Edition\Support.htm help telephone: readme: C:\Program Files\Microsoft Plus! Digital Media Edition\Readme.htm Microsoft .NET Framework 1.1 1.1.4322 ({CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) version: 16847074 version (major): 1 version (minor): 1 estimated size: 91719 install date: 20091014 install source: C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\IXP000.TMP\ uninstall cmd: MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} publisher: Microsoft readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm Microsoft .NET Framework 3.5 SP1 3.5.30729 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}) version: 50690057 version (major): 3 version (minor): 5 estimated size: 75592 install date: 20090902 install source: C:\WINDOWS\TEMP\IXP04B7C.tmp\dotnetfx35\x86\ uninstall cmd: MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} publisher: Microsoft Corporation ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB350003) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) 1 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595) uninstall cmd: C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" publisher: Microsoft Corporation comments: This hotfix is for Microsoft .NET Framework 3.5 SP1. If you later install a more recent service pack, this hotfix will be uninstalled automatically. For more information, visit http://support.microsoft.com/kb/953595. help link: http://support.microsoft.com/kb/953595 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) 1 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484) uninstall cmd: C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" publisher: Microsoft Corporation comments: This hotfix is for Microsoft .NET Framework 3.5 SP1. If you later install a more recent service pack, this hotfix will be uninstalled automatically. For more information, visit http://support.microsoft.com/kb/958484. help link: http://support.microsoft.com/kb/958484 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB960043) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) 1 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) uninstall cmd: C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" publisher: Microsoft Corporation comments: This update is for Microsoft .NET Framework 3.5 SP1. If you later install a more recent service pack, this update will be uninstalled automatically. For more information, visit http://support.microsoft.com/kb/963707. help link: http://support.microsoft.com/kb/963707 USB Wireless Keyboard Driver ({D1955A3A-EA24-4682-8641-43B5B688B09A}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D1955A3A-EA24-4682-8641-43B5B688B09A}\Setup.exe" -l0x40c Assistant de connexion Windows Live 5.000.818.6 ({D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}) version: 83886898 version (major): 5 estimated size: 1981 install date: 20090306 install source: C:\WINDOWS\SoftwareDistribution\Download\c2fec5ba223b0b30f9857505707fd881\img\ uninstall cmd: MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} publisher: Microsoft Corporation Adobe Creative Suite 1.0 ({D52ECEBC-9B20-41A5-81C4-A62DE2367419}) version (major): 2 install location: C:\Program Files\Adobe uninstall cmd: C:\PROGRA~1\INSTAL~1\{D52EC~1\setup.exe /Relaunched=yes /Uninstall /Relaunched=yes publisher: Adobe Systems,Inc. Google Toolbar for Internet Explorer 4.0.0.002 ({DBEA1034-5882-4A88-8033-81C4EF0CFA29}) version: 67108864 version (major): 4 estimated size: 1096 install date: 20071114 install source: C:\Program Files\Google\Installers\ uninstall cmd: MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29} publisher: Google Inc. OpenMG Secure Module 3.0.03 ({E84D2015-4FEB-40CC-A2DD-1A6B8BAC2429}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E84D2015-4FEB-40CC-A2DD-1A6B8BAC2429}\setup.exe" UNINSTALL MicroStar Bluetooth Software 1.4.3.4 ({E98D6792-FC51-4187-9448-CA9BF893384E}) version: 17039363 version (major): 1 version (minor): 4 estimated size: 17286 install date: 20060720 install source: D:\Driver\Bluetooth\ uninstall cmd: MsiExec.exe /X{E98D6792-FC51-4187-9448-CA9BF893384E} publisher: MSI, Inc. help link: www.msi.com.tw help telephone: 886-2-3234-5599 readme: 0 Generic USB CardReader 2.0 ({EA1CB7AC-E221-4822-A789-0ADB051DC498}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA1CB7AC-E221-4822-A789-0ADB051DC498}\Setup.exe" -l0x9 -wUninst CS ({EFB21DE7-8C19-4A88-BB28-A766E16493BC}) version: 134217728 version (major): 8 install location: C:\Program Files\Adobe\Adobe Photoshop CS install source: h:\ADOBEC~3\ADOBEP~9\ uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c publisher: Adobe Systems, Inc. Microsoft .NET Framework 2.0 Language Pack - FRA 1.1.50727.42 ({F196AC50-7C95-42E1-9947-BDAB18BF3C8C}) version: 16893479 version (major): 1 version (minor): 1 estimated size: 9179 install date: 20080409 install source: C:\DOCUME~1\DELAPA~1\LOCALS~1\Temp\IXP000.TMP\ publisher: Microsoft Corporation Sony Net MD Help ({F6BECFE0-74CE-11D5-B8A3-00B0D0D26B88}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6BECFE0-74CE-11D5-B8A3-00B0D0D26B88}\setup.exe" UNINSTALL Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP 1.1.1905.1 ({FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}) version: 16844657 version (major): 1 version (minor): 1 estimated size: 2190 install date: 20050308 install location: C:\Program Files\HighMAT CD Writing Wizard\ install source: C:\WINDOWS\Downloaded Installations\{6424FD23-6544-48BF-99CA-0D0ADC911E1A}\ uninstall cmd: MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F} publisher: Microsoft Corporation readme: C:\Program Files\HighMAT CD Writing Wizard\1036\\HighMAT_readme.htm Windows Live installer 12.0.1471.1025 ({FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}) version: 201328063 version (major): 12 estimated size: 2324 install date: 20080927 install source: C:\DOCUME~1\DELAPA~1\LOCALS~1\Temp\{6CCC7F54-B8E8-4927-B68B-9297FB4D1D40}\ uninstall cmd: MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} publisher: Microsoft Corporation help link: http://get.live.com --- System Services --- Service (registry key): .NET CLR Data Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): .NET CLR Networking Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): .NET Data Provider for Oracle Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): .NET Data Provider for SqlServer Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): .NETFramework Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): 3xHybrid Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: 3xHybrid service Description: The hybrid capture driver Image path: system32\DRIVERS\3xHybrid.sys Image size: 945152 Image MD5: 97165948AF80EDA4A3015EB536A85818 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): Abiosdsk Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 0 Service (registry key): abp480n5 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Acc9srskwerg Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): ACPI Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote ACPI Microsoft Image path: system32\DRIVERS\ACPI.sys Image size: 188672 Image MD5: E5E6DBFC41EA8AAD005CB9A57A96B43B Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): ACPIEC Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): ADILOADER Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: General Purpose USB Driver (adildr.sys) Image path: System32\Drivers\adildr.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 2 Type: 1 Error Control: 1 Service (registry key): adiusbaw Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: USB ADSL WAN Adapter Image path: system32\DRIVERS\adiusbaw.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Adobe LM Service Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Adobe LM Service Description: Adobe LM Service Object name: LocalSystem Image path: "C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe" Image size: 68096 Image MD5: D01DD9E6A7DFE540181147A38B13F43A Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): AdobeVersionCue Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: AdobeVersionCue Object name: LocalSystem Image path: C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe Image size: 61440 Image MD5: FC9D93D13127E3252466D4A33039B54B Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): adpu160m Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): aec Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Suppresseur d'écho acoustique (Noyau Microsoft) Image path: system32\drivers\aec.sys Image size: 142592 Image MD5: 8BED39E3C35D6A489438B8141717A557 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): AFD Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: AFD Description: Environnement de prise en charge de réseau AFD Image path: \SystemRoot\System32\drivers\afd.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): AgereSoftModem Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Agere Systems Soft Modem Image path: system32\DRIVERS\AGRSM.sys Image size: 1066278 Image MD5: 029E01CB2938BEC5AF31BF47B6AF0159 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Aha154x Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): aic78u2 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): aic78xx Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Alerter Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Avertissement Description: Informe les utilisateurs et les ordinateurs sélectionnés des alertes administratives. Si ce service est arrêté, les programmes qui utilisent les alertes administratives ne les recevront pas. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 4 Type: 32 Error Control: 1 Depends On services: LanmanWorkstation Service (registry key): ALG Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service de la passerelle de la couche Application Description: Offre la prise en charge des plug-ins de protocoles tiers pour le Partage de connexion Internet et le Pare-feu Windows. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\alg.exe Image size: 44544 Image MD5: 5E9A6658A2A69AE7EB195113B7A2E7A9 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): AliIde Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): AmdK8 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de processeur AMD Image path: system32\DRIVERS\AmdK8.sys Image size: 43520 Image MD5: 08329F6AE482B184725D2E07E9A79E16 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): amsint Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Apple Mobile Device Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Apple Mobile Device Description: Fournit l’interface pour les appareils mobiles Apple. Object name: LocalSystem Image path: "C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" Image size: 132424 Image MD5: 43DC4FC662DF064535E30B17C8B5AB00 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: Tcpip Service (registry key): AppMgmt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Gestion d'applications Description: Fournit des services d'installation de logiciels tels que Attribuer, Publier et Supprimer. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Service (registry key): Arp1394 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Protocole client ARP 1394 Description: Protocole client ARP 1394 Image path: system32\DRIVERS\arp1394.sys Image size: 60800 Image MD5: B5B8A80875C1DEDEDA8B02765642C32F Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): asc Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): asc3350p Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): asc3550 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): ASP.NET Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): ASP.NET_1.1.4322 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): ASP.NET_2.0.50727 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): aspnet_state Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service d'état ASP.NET Description: Assure la prise en charge des états de session out-of-process pour ASP.NET. En cas d'interruption de ce service, les demandes out-of process ne sont pas traitées. En cas de désactivation du service, le démarrage de tout service qui dépend explicitement de ce service est impossible. Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe Image size: 34312 Image MD5: 0E5E4957549056E2BF2C49F4F6B601AD Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): AsyncMac Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de média asynchrone RAS Description: Pilote de média asynchrone RAS Image path: system32\DRIVERS\asyncmac.sys Image size: 14336 Image MD5: B153AFFAC761E7F5FCFA822B9C4E97BC Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): atapi Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Contrôleur de disque dur IDE/ESDI standard Image path: system32\DRIVERS\atapi.sys Image size: 96512 Image MD5: 9F3A2F5AA6875C72BF062C712CFA2674 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): Atdisk Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 0 Service (registry key): Ati HotKey Poller Registry path: \SYSTEM\CurrentControlSet\Services\ Object name: LocalSystem Image path: %SystemRoot%\system32\Ati2evxx.exe Image size: 425984 Image MD5: 0EF8098B30264082F64CA4431CA68BB8 Control Set: CurrentControlSet Start: 2 Type: 272 Error Control: 1 Service (registry key): ati2mtag Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\DRIVERS\ati2mtag.sys Image size: 872960 Image MD5: 2E51D4E1E03F9024828AD8B5BD55140B Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): atinrvxx Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ATI WDM Rage Theater Video Image path: system32\DRIVERS\atinrvxx.sys Image size: 105984 Image MD5: 74E104ADA8A304774713E9A9A9CB3556 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Atmarpc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Protocole client ATM ARP Description: Protocole client ATM ARP Image path: system32\DRIVERS\atmarpc.sys Image size: 59904 Image MD5: 9916C1225104BA14794209CFA8012159 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): AudioSrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Audio Windows Description: Gère les périphériques audio pour les programmes basés sur Windows. Si ce service est arrêté, les périphériques et les effets audio ne fonctionneront pas correctement. Si ce service est désactivé, les services en dépendant explicitement ne démarreront pas. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: PlugPlay,RpcSs Service (registry key): audstub Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote audio Stub Image path: system32\DRIVERS\audstub.sys Image size: 3072 Image MD5: D9F724AA26C010A217C97606B160ED68 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): AVG Anti-Spyware Driver Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: AVG Anti-Spyware Driver Image path: \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys Image size: 11000 Image MD5: D6F4C1450699901048818B0C3AAF7A17 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): AVG Anti-Spyware Guard Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: AVG Anti-Spyware Guard Object name: LocalSystem Image path: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe Image size: 312880 Image MD5: 5DCD235C061022BCDA9AA48670B64211 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Service (registry key): AvgAsCln Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: AVG Anti-Spyware Clean Driver Image path: System32\DRIVERS\AvgAsCln.sys Image size: 10872 Image MD5: 856B0CEE009946BF2D327E6B24FE7E3F Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): BattC Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Beep Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): BITS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service de transfert intelligent en arrière-plan Description: Transfère des fichiers en tâche de fond en utilisant la bande passante du réseau lors de ses périodes d'inactivité. Si le service est arrêté, des fonctionnalités telles que Windows Update et MSN Explorer ne pourront plus télécharger automatiquement des programmes et d'autres informations. Si ce service est désactivé, tous les services qui en dépendent explicitement peuvent présenter des problèmes de transfert de fichiers s'ils ne disposent pas d'un mécanisme sûr de remplacement pour transférer les fichier Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: Rpcss Service (registry key): Bonjour Service Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service Bonjour Description: Bonjour permet à des applications comme iTunes et Safari d’annoncer et de découvrir des services sur le réseau local. En gardant Bonjour en exécution, vous pouvez vous connecter à des périphériques comme l’Apple TV et à des services logiciels comme le partage iTunes et AirTunes. Si vous désactivez Bonjour, tous les services réseau qui en dépendent de manière explicite ne démarreront pas. Object name: LocalSystem Image path: "C:\Program Files\Bonjour\mDNSResponder.exe" Image size: 238888 Image MD5: 3F56903E124E820AEECE6D471583C6C1 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: Tcpip Service (registry key): Browser Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Explorateur d'ordinateur Description: Tient à jour une liste des ordinateurs présents sur le réseau et fournit cette liste aux ordinateurs désignés comme navigateurs. Si ce service est arrêté, la liste ne sera pas mise ou tenue à jour. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: LanmanWorkstation,LanmanServer Service (registry key): BrScnUsb Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Brother USB Still Image driver Image path: system32\DRIVERS\BrScnUsb.sys Image size: 15295 Image MD5: 92A964547B96D697E5E9ED43B4297F5A Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): btaudio Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Bluetooth Audio Device Image path: system32\drivers\btaudio.sys Image size: 16640 Image MD5: 760B30A34DC9A981A74255E080D4C95E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): BTDriver Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Bluetooth Virtual Communications Driver Image path: system32\DRIVERS\btport.sys Image size: 30235 Image MD5: 0AB3C8276DF52E50AEC183C2E70FD868 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): BTKRNL Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Bluetooth Protocol Stack Image path: system32\drivers\btkrnl.sys Image size: 1260106 Image MD5: 63CAD765A65D573F0C86964634C9B55E Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): btwdins Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Bluetooth Service Object name: LocalSystem Image path: C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe Image size: 135168 Image MD5: E80FEAEA3F3E75B166ECE8E47CF0A7E9 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): BTWDNDIS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Bluetooth LAN Access Server Image path: system32\DRIVERS\btwdndis.sys Image size: 146684 Image MD5: 93AD77D88D94B9CD00EB74AB965372B5 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): BTWUSB Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: WIDCOMM USB Bluetooth Driver Image path: System32\Drivers\btwusb.sys Image size: 52856 Image MD5: FED57FEC0FC5A6DB34F80E9D2EE2A671 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): CardReaderFilter Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Card Reader Filter Image path: \??\C:\WINDOWS\system32\Drivers\USBCRFT.SYS Image size: 17408 Image MD5: 66B71DD7794D3B8A88CCB645896D3E53 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): catchme Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \??\C:\ComboFix\catchme.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): cbidf2k Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): CCDECODE Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Décodeur sous-titre fermé Image path: system32\DRIVERS\CCDECODE.sys Image size: 17024 Image MD5: 0BE5AEF125BE881C4F854C554F2B025C Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): cd20xrnt Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Cdaudio Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): Cdfs Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 2 Error Control: 1 Depends On group: "SCSI CDROM Class" Service (registry key): Cdrom Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de CD-ROM Image path: system32\DRIVERS\cdrom.sys Image size: 62976 Image MD5: 1F4260CC5B42272D71F79E570A27A4FE Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Depends On group: "SCSI miniport" Service (registry key): Changer Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): CiSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service d'indexation Description: Construit un index des contenus et des propriétés des fichiers sur les ordinateurs locaux et distants ; fournit un accès rapide aux fichiers par le biais d'un langage d'interrogation flexible. Object name: LocalSystem Image path: %SystemRoot%\system32\cisvc.exe Image size: 5632 Image MD5: 793EF38A5FD086C3C8E48A8A861562ED Control Set: CurrentControlSet Start: 3 Type: 288 Error Control: 1 Depends On services: RPCSS Service (registry key): ClipSrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Gestionnaire de l'Album Description: Active le Gestionnaire de l'Album afin de stocker les informations et les partager avec des ordinateurs à distance. Si le service est arrêté, le Gestionnaire de l'Album ne pourra pas partager les informations avec des ordinateurs à distance. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: LocalSystem Image path: %SystemRoot%\system32\clipsrv.exe Image size: 33280 Image MD5: 8B30CBB0C07D49B2658FB190946B0E7E Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: NetDDE Service (registry key): clr_optimization_v2.0.50727_32 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: .NET Runtime Optimization Service v2.0.50727_X86 Description: Microsoft .NET Framework NGEN Object name: LocalSystem Image path: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe Image size: 69632 Image MD5: D87ACAED61E417BBA546CED5E7E36D9C Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 0 Service (registry key): CmdIde Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): cmuda Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: C-Media WDM Audio Interface Image path: system32\drivers\cmuda.sys Image size: 804800 Image MD5: B7D9E7D64C1FD830856807E63356178D Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): COMSysApp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Application système COM+ Description: Gère la configuration et le suivi des composants de base COM+ (Component Object Model) . Si le service est arrêté, la plupart des composants de base COM+ ne fonctionneront pas correctement. Si ce service est désactivé, les services qui en dépendent de manière explicite ne pourront pas démarrer. Object name: LocalSystem Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} Image size: 5120 Image MD5: 0DAD93BB0FECF5016AE3C06CBB0A873B Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: rpcss Service (registry key): ContentFilter Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): ContentIndex Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Cpqarray Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): CryptSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: CryptSvc Description: Fournit trois services de gestion : le service de base de données de catalogue, qui confirme la signature des fichiers Windows; le service de racine protégée, qui ajoute et supprime des certificats d'autorité de certification de racine approuvés et le service Clé, qui fournit une aide dans l'inscription de cet ordinateur pour les certificats. Si ce service est arrêté, ces services de gestion ne fonctionneront pas correctement. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): dac2w2k Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 0 Service (registry key): dac960nt Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): DcomLaunch Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Lanceur de processus serveur DCOM Description: Fournit la fonctionnalité de lancement des services DCOM. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost -k DcomLaunch Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): Dhcp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Client DHCP Description: Gère la configuration réseau en inscrivant et en mettant à jour les adresses IP et les noms DNS. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: Tcpip,Afd,NetBT Service (registry key): Disk Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de disque Image path: system32\DRIVERS\disk.sys Image size: 36352 Image MD5: 044452051F3E02E7963599FC8F4F3E25 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Depends On group: "SCSI miniport" Service (registry key): dmadmin Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service d'administration du Gestionnaire de disque logique Description: Configure les lecteurs de disque durs et les volumes. Le service ne s'exécute que pour les processus de configurations puis s'arrête. Object name: LocalSystem Image path: %SystemRoot%\System32\dmadmin.exe /com Image size: 225280 Image MD5: EAD2B8AAEB16E538106D295CD7BD7A48 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs,PlugPlay,DmServer Service (registry key): dmboot Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\drivers\dmboot.sys Image size: 800256 Image MD5: F5DEADD42335FB33EDCA74ECB2F36CBA Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): dmio Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): dmload Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): dmserver Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Gestionnaire de disque logique Description: Détecte et analyse de nouveaux lecteurs de disque durs et envoie les informations de volume de disque au service gestionnaire administratif de disque logique pour la configuration. Si ce service est arrêté, l'état des disques dynamiques et les informations de configuration peuvent devenir obsolètes. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs,PlugPlay Service (registry key): DMusic Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Synthétiseur DLS du noyau Microsoft Image path: system32\drivers\DMusic.sys Image size: 52864 Image MD5: 8A208DFCF89792A484E76C40E5F50B45 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Dnscache Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Client DNS Description: Résout et met en cache les noms DNS pour cet ordinateur. Si ce service est arrêté, l'ordinateur ne pourra pas résoudre les noms DNS et trouver les contrôleurs de domaine Active Directory. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer. Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\system32\svchost.exe -k NetworkService Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: Tcpip Service (registry key): Dot3svc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Configuration automatique de réseau câblé Description: Ce service effectue une authentification IEEE 802.1X sur des interfaces Ethernet Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k dot3svc Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: Ndisuio,eaphost Service (registry key): dpti2o Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): drmkaud Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Filtre de décodeur DRM (Noyau Microsoft) Image path: system32\drivers\drmkaud.sys Image size: 2944 Image MD5: 8F5FCFF8E8848AFAC920905FBD9D33C8 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): EapHost Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service Protocole EAP (Extensible Authentication Protocol) Description: Fournit aux clients Windows un Service Protocole EAP (Extensible Authentication Protocol) Object name: localSystem Image path: %SystemRoot%\System32\svchost.exe -k eapsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): EL90XBC Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de la carte EtherLink XL 90XB/C 3Com Image path: system32\DRIVERS\el90xbc5.sys Image size: 66591 Image MD5: 6E883BF518296A40959131C2304AF714 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): ERSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service de rapport d'erreurs Description: Active le rapport d'erreurs pour les services et les applications s'exécutant sur des environnements non standard. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 0 Depends On services: RpcSs Service (registry key): Eventlog Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Journal des événements Description: Active les messages d'événements émis par les programmes fonctionnant sous Windows et les composants devant être affichés dans l'observateur d'événements. Ce service ne peut être arrêté. Object name: LocalSystem Image path: %SystemRoot%\system32\services.exe Image size: 111104 Image MD5: C3FB1D70CB88722267949694BA51759E Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): EventSystem Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Système d'événements de COM+ Description: Prend en charge le service de notification d'événements système (SENS, System Event Notification Service), qui fournit une distribution automatique d'événements aux composants COM (Component Object Model) abonnés. Si le service est arrêté, SENS sera fermé et ne pourra fournir des informations d'ouverture et de fermeture de session. Si ce service est désactivé, le démarrage de tout service qui en dépend explicitement échouera. Object name: LocalSystem Image path: C:\WINDOWS\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RPCSS Service (registry key): FA312 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de la carte Fast Ethernet FA330/FA312/FA311 NETGEAR Image path: system32\DRIVERS\FA312nd5.sys Image size: 16074 Image MD5: AA855FB8A866281AACB393C1FEAB91AE Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): FA31X Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NETGEAR FA311/FA312 NDIS 5.0 Miniport Driver Image path: system32\DRIVERS\FA31XND5.SYS Image size: 16007 Image MD5: EDA078E155DCB0519B65AA6903FDD267 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Fastfat Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 2 Error Control: 1 Service (registry key): FastUserSwitchingCompatibility Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Compatibilité avec le Changement rapide d'utilisateur Description: Fournit un système de gestion à des applications qui nécessitent de l'Assistance dans un environnement d'utilisateurs multiples. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: TermService Service (registry key): Fax Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Fax Description: Vous permet d'envoyer et de recevoir des télécopies, d'utiliser les ressources de télécopie disponibles sur cet ordinateur ou le réseau. Object name: LocalSystem Image path: %systemroot%\system32\fxssvc.exe Image size: 268800 Image MD5: 305687EB8C8E0A12A0B2BAE387B6E466 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: TapiSrv,RpcSs,PlugPlay,Spooler Service (registry key): Fdc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de contrôleur de lecteur de disquettes Image path: system32\DRIVERS\fdc.sys Image size: 27392 Image MD5: 92CDD60B6730B9F50F6A1A0C1F8CDC81 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Fips Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): FirebirdGuardianDefaultInstance Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Firebird Guardian - DefaultInstance Description: Firebird Server Guardian - www.firebirdsql.org Object name: LocalSystem Image path: C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe -s Image size: 65536 Image MD5: 32A43F342D4EEA700CBEFBF0C1998C0F Control Set: CurrentControlSet Start: 3 Type: 272 Error Control: 1 Service (registry key): FirebirdServerDefaultInstance Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Firebird Server - DefaultInstance Description: Firebird Database Server - www.firebirdsql.org Object name: LocalSystem Image path: C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe -s Image size: 1527893 Image MD5: 6087037D00C24F972BB6888AC908CC2C Control Set: CurrentControlSet Start: 3 Type: 272 Error Control: 1 Service (registry key): Flpydisk Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de lecteur de disquettes Image path: system32\DRIVERS\flpydisk.sys Image size: 20480 Image MD5: 9D27E7B80BFCDF1CDD9B555862D5E7F0 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): FltMgr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: FltMgr Description: File System Filter Manager Driver Image path: system32\drivers\fltmgr.sys Image size: 129792 Image MD5: B2CF4B0786F8212CB92ED2B50C6DB6B0 Control Set: CurrentControlSet Start: 0 Type: 2 Error Control: 1 Service (registry key): FontCache3.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows Presentation Foundation Font Cache 3.0.0.0 Description: Optimizes performance of Windows Presentation Foundation (WPF) applications by caching commonly used font data. WPF applications will start this service if it is not already running. It can be disabled, though doing so will degrade the performance of WPF applications. Object name: NT AUTHORITY\LocalService Image path: C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe Image size: 46104 Image MD5: 8BA7C024070F2B7FDD98ED8A4BA41789 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): Fs_Rec Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 8 Error Control: 0 Service (registry key): FTDIBUS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: USB Serial Converter Driver Image path: system32\drivers\ftdibus.sys Image size: 17490 Image MD5: 209DB1EBF6E40E3A23642AA237946262 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Ftdisk Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote du Gestionnaire de volume Image path: system32\DRIVERS\ftdisk.sys Image size: 126080 Image MD5: A86859B77B908C18C2657F284AA29FE3 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): FTSER2K Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: USB Serial Port Driver Image path: system32\drivers\ftser2k.sys Image size: 45965 Image MD5: D6089B308CB64A737572CF248141DF9B Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): GEARAspiWDM Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: GEAR ASPI Filter Driver Image path: system32\DRIVERS\GEARAspiWDM.sys Image size: 23400 Image MD5: F2F431D1573EE632975C524418655B84 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): GoogleDesktopManager Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: GoogleDesktopManager Object name: LocalSystem Image path: "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" Image size: 1836544 Image MD5: 3547A328006CE6EF209024FA4DDF7900 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): Gpc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Classificateur de paquets générique Description: Classificateur de paquets générique Image path: system32\DRIVERS\msgpc.sys Image size: 35072 Image MD5: 0A02C63C8B144BD8C86B103DEE7C86A2 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): gusvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Google Software Updater Description: Le programme de mise à jour Google permet de maintenir votre logiciel Google à jour. Si ce programme de mise à jour est désactivé ou arrêté, votre logiciel Google ne sera pas mis à jour et présentera des failles de sécurité qui ne pourront pas être résolues. Certaines fonctionnalités peuvent être endommagées. Object name: LocalSystem Image path: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" Image size: 183280 Image MD5: 5467F1FF0AF264566740F67E8B810735 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 0 Depends On services: RPCSS Service (registry key): helpsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Aide et support Description: Permet à l'application Aide et support de fonctionner sur cet ordinateur. Si ce service est arrêté, la fonctionnalité Aide et support ne sera pas disponible. S'il est désactivé, tous les services dépendant explicitement de ce service ne pourront pas démarrer. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RPCSS Service (registry key): HidServ Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: HID Input Service Description: Permet l'accès entrant générique aux périphériques d'interface utilisateur, qui activent et maintiennent l'utilisation des boutons actifs prédéfinis sur le clavier, les contrôles à distance, et d'autres périphériques multimédia. Si ce service est arrêté, les boutons actifs contrôlés par ce service ne fonctionneront pas. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): HidUsb Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de classe HID Microsoft Image path: system32\DRIVERS\hidusb.sys Image size: 10368 Image MD5: CCF82C5EC8A7326C3066DE870C06DAF1 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): hkmsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service Gestion des clés et des certificats d'intégrité Description: Gère les certificats et les clés d'intégrité (utilisés par la NAP) Object name: localSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): hpn Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): HTTP Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: HTTP Description: Ce service implémente le protocole HTTP (HyperText Transfer Protocol). Si ce service est désactivé, tous les services qui en dépendent de manière explicite échoueront au démarrage. Image path: System32\Drivers\HTTP.sys Image size: 264832 Image MD5: F6AACF5BCE2893E0C1754AFEB672E5C9 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): HTTPFilter Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: HTTP SSL Description: Ce service implémente le protocole sécurisé HTTPS (Secure HyperText Transfer Protocol) pour le service HTTP, en utilisant la couche SSL (Secure Socket Layer). Si ce service est désactivé, tous les services qui en dépendent de manière explicite échoueront au démarrage. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k HTTPFilter Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: HTTP Service (registry key): i2omgmt Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): i2omp Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): i8042prt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote pour clavier i8042 et souris sur port PS/2 Image path: system32\DRIVERS\i8042prt.sys Image size: 54144 Image MD5: A09BDC4ED10E3B2E0EC27BB94AF32516 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): IDriverT Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: InstallDriver Table Manager Description: Provides support for the Running Object Table for InstallShield Drivers Object name: LocalSystem Image path: "C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe" Image size: 69632 Image MD5: 1CF03C69B49ACB70C722DF92755C0C8C Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 0 Service (registry key): idsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows CardSpace Description: Securely enables the creation, management, and disclosure of digital identities. Object name: LocalSystem Image path: "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" Image size: 881664 Image MD5: C01AC32DC5C03076CFB852CB5DA5229C Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Service (registry key): Imapi Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de filtre de gravure CD Image path: system32\DRIVERS\imapi.sys Image size: 42112 Image MD5: 083A052659F5310DD8B6A6CB05EDCF8E Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): ImapiService Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service COM de gravage de CD IMAPI Description: Gère le gravage des CD via l'interface série IMAPI (Image Mastering Applications Programming Interface). Si ce service est arrêté, cet ordinateur ne pourra plus enregistrer de CD. Si ce service est désactivé, les services qui en dépendent ne vont pas pouvoir démarrer. Object name: LocalSystem Image path: %systemroot%\system32\imapi.exe Image size: 150528 Image MD5: C4221678BBAA55239C23632875759961 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): inetaccs Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): ini910u Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Inport Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): IntelIde Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Ip6Fw Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote du pare-feu Windows IPv6 Description: Fournit un service de prévention d'intrusion pour un réseau domestique ou de petite entreprise. Image path: system32\drivers\ip6fw.sys Image size: 36608 Image MD5: 3BB22519A194418D5FEC05D800A19AD0 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): IpFilterDriver Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de filtre de trafic IP Description: Pilote de filtre de trafic IP Image path: system32\DRIVERS\ipfltdrv.sys Image size: 32896 Image MD5: 731F22BA402EE4B62748ADAF6363C182 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): IpInIp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de tunnelage IP dans IP Description: Pilote de tunnelage IP dans IP Image path: system32\DRIVERS\ipinip.sys Image size: 20864 Image MD5: B87AB476DCF76E72010632B5550955F5 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): IpNat Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Traducteur d'adresses réseau IP Description: Traducteur d'adresses réseau IP Image path: system32\DRIVERS\ipnat.sys Image size: 152832 Image MD5: CC748EA12C6EFFDE940EE98098BF96BB Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): iPod Service Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service de l’iPod Description: Services de gestion matérielle de l’iPod Object name: LocalSystem Image path: "C:\Program Files\iPod\bin\iPodService.exe" Image size: 656168 Image MD5: F055C1760ABFA52B159985E551EA0EDC Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RpcSs Service (registry key): IPSec Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote IPSEC Description: Pilote IPSEC Image path: system32\DRIVERS\ipsec.sys Image size: 75264 Image MD5: 23C74D75E36E7158768DD63D92789A91 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): IRENUM Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service énumérateur IR Image path: system32\DRIVERS\irenum.sys Image size: 11264 Image MD5: C93C9FF7B04D772627A3646D89F7BF89 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): ISAPISearch Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): isapnp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de bus Plug-and-Play ISA/EISA Image path: system32\DRIVERS\isapnp.sys Image size: 37632 Image MD5: 355836975A67B6554BCA60328CD6CB74 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 3 Service (registry key): Kbdclass Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de la classe Clavier Image path: system32\DRIVERS\kbdclass.sys Image size: 25216 Image MD5: 16813155807C6881F4BFBF6657424659 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): kbdhid Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote HID de clavier Image path: system32\DRIVERS\kbdhid.sys Image size: 14720 Image MD5: 94C59CB884BA010C063687C3A50DCE8E Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): kmixer Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Mélangeur audio Wave de noyau Microsoft Image path: system32\drivers\kmixer.sys Image size: 172416 Image MD5: 692BCF44383D056AED41B045A323D378 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): KSecDD Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): lanmanserver Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Serveur Description: Prend en charge le partage de fichiers, d'impression et des canaux nommés via le réseau pour cet ordinateur. Si ce service est arrêté, ces fonctions ne seront pas disponibles. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): lanmanworkstation Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Station de travail Description: Crée et maintient des connexions de réseau client à des serveurs distants. Si ce service est arrêté, ces connexions ne seront pas disponibles. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): lbrtfdc Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): ldap Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): LicenseService Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): LmHosts Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Assistance TCP/IP NetBIOS Description: Permet la prise en charge pour NetBIOS sur un service TCP/IP (NetBT) et la résolution des noms NetBIOS. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: NetBT,Afd Service (registry key): Messenger Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Affichage des messages Description: Envoie et reçoit les messages des services d'alertes entre les clients et les serveurs. Ce service n'est pas lié à Windows Messenger. Si ce service est arrêté, les messages d'alertes ne seront pas transmis. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 4 Type: 32 Error Control: 1 Depends On services: LanmanWorkstation,NetBIOS,PlugPlay,RpcSS Service (registry key): mnmdd Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): mnmsrvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Partage de Bureau à distance NetMeeting Description: Permet à un utilisateur autorisé d'accéder à cet ordinateur à distance en utilisant NetMeeting sur un réseau intranet d'entreprise. Si ce service est arrêté, le partage du Bureau à distance ne sera pas disponible. Si ce service est désactivé, tous les services qui en dépendent explicitement ne pourront pas démarrer. Object name: LocalSystem Image path: C:\WINDOWS\system32\mnmsrvc.exe Image size: 32768 Image MD5: D3A2870CD96CDA7BCFF3DC54F64087AD Control Set: CurrentControlSet Start: 3 Type: 272 Error Control: 1 Service (registry key): Modem Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): MODEMCSA Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Périphérique de filtrage de flux Unimodem Image path: system32\drivers\MODEMCSA.sys Image size: 16128 Image MD5: 1992E0D143B09653AB0F9C5E04B0FD65 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Mouclass Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de la classe Souris Image path: system32\DRIVERS\mouclass.sys Image size: 23680 Image MD5: 027C01BD7EF3349AAEBC883D8A799EFB Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): mouhid Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote HID de souris Image path: system32\DRIVERS\mouhid.sys Image size: 12288 Image MD5: 124D6846040C79B9C997F78EF4B2A4E5 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): MountMgr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Gestionnaire de point de montage Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): MPE Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Filtre BDA MPE Image path: system32\DRIVERS\MPE.sys Image size: 15232 Image MD5: C0F8E0C2C3C0437CF37C6781896DC3EC Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): mraid35x Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): MRxDAV Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Redirecteur client WebDav Description: Redirecteur client WebDav Image path: system32\DRIVERS\mrxdav.sys Image size: 180608 Image MD5: 11D42BB6206F33FBB3BA0288D3EF81BD Control Set: CurrentControlSet Start: 3 Type: 2 Error Control: 1 Service (registry key): MRxSmb Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: MRXSMB Description: MRXSMB Image path: system32\DRIVERS\mrxsmb.sys Image size: 455296 Image MD5: 60AE98742484E7AB80C3C1450E708148 Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 1 Service (registry key): MSDTC Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Distributed Transaction Coordinator Description: Coordonne les transactions qui comportent plusieurs gestionnaires de ressources, tels que des bases de données, des files d'attente de messages net des systèmes de fichiers. Si ce service est arrêté, ces transactions ne se produiront pas. S'il est désactivé, le démarrage de tout service qui en dépend explicitement échouera. Object name: NT AUTHORITY\NetworkService Image path: C:\WINDOWS\system32\msdtc.exe Image size: 6144 Image MD5: 8648D670AE0D95C95E7BBB5B80661796 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS,SamSS Service (registry key): MSDTC Bridge 3.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Msfs Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 1 Service (registry key): MSIServer Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows Installer Description: Ajoute, modifie et supprime des applications fournies en tant que package Windows Installer (*.msi). Si ce service est désactivé, tous les services qui en dépendent explicitement ne vont pas démarrer. Object name: LocalSystem Image path: %systemroot%\system32\msiexec.exe /V Image size: 78848 Image MD5: 0411F7EE63AE48D2918AB4F2C79AB6C4 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): MSKSSRV Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Proxy de service de répartition Microsoft Image path: system32\drivers\MSKSSRV.sys Image size: 7552 Image MD5: D1575E71568F4D9E14CA56B7B0453BF1 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): MSPCLOCK Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Proxy d'horloge de répartition Microsoft Image path: system32\drivers\MSPCLOCK.sys Image size: 5376 Image MD5: 325BB26842FC7CCC1FCCE2C457317F3E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): MSPQM Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Proxy de gestion de qualité de répartition Microsoft Image path: system32\drivers\MSPQM.sys Image size: 4992 Image MD5: BAD59648BA099DA4A17680B39730CB3D Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): mssmbios Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote BIOS de gestion de systèmes Microsoft Image path: system32\DRIVERS\mssmbios.sys Image size: 15488 Image MD5: AF5F4F3F14A8EA2C26DE30F7A1E17136 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): MSTEE Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Convertisseur en T/site-à-site de répartition Microsoft Image path: system32\drivers\MSTEE.sys Image size: 5504 Image MD5: E53736A9E30C45FA9E7B5EAC55056D1D Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Mup Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Mup Control Set: CurrentControlSet Start: 0 Type: 2 Error Control: 1 Service (registry key): MVDCODEC Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ATI WDM Specialized MVD Codec Image path: system32\DRIVERS\atinmdxx.sys Image size: 13824 Image MD5: 514829ED3E7F140AAC16154106D04981 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NABTSFEC Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Codec NABTS/FEC VBI Image path: system32\DRIVERS\NABTSFEC.sys Image size: 85248 Image MD5: 5B50F1B2A2ED47D560577B221DA734DB Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): napagent Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Agent de protection d'accès réseau Description: Permet aux clients Windows de participer à la protection d'accès réseau Object name: localSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): NDIS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote système NDIS Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): NdisIP Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Connection TV/vidéo Microsoft Image path: system32\DRIVERS\NdisIP.sys Image size: 10880 Image MD5: 7FF1F1FD8609C149AA432F95A8163D97 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NdisTapi Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote TAPI NDIS d'accès distant Description: Pilote TAPI NDIS d'accès distant Image path: system32\DRIVERS\ndistapi.sys Image size: 10112 Image MD5: 1AB3D00C991AB086E69DB84B6C0ED78F Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Ndisuio Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NDIS mode utilisateur E/S Protocole Description: NDIS mode utilisateur E/S Protocole Image path: system32\DRIVERS\ndisuio.sys Image size: 14592 Image MD5: F927A4434C5028758A842943EF1A3849 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NdisWan Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote réseau étendu NDIS d'accès distant Description: Pilote réseau étendu NDIS d'accès distant Image path: system32\DRIVERS\ndiswan.sys Image size: 91520 Image MD5: EDC1531A49C80614B2CFDA43CA8659AB Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NDProxy Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NetBIOS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Interface NetBIOS Description: Interface NetBIOS Image path: system32\DRIVERS\netbios.sys Image size: 34688 Image MD5: 5D81CF9A2F1A3A756B66CF684911CDF0 Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 1 Service (registry key): NetBT Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NetBIOS sur TCP/IP Description: NetBIOS sur TCP/IP Image path: system32\DRIVERS\netbt.sys Image size: 162816 Image MD5: 74B2B2F5BEA5E9A3DC021D685551BD3D Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): NetDDE Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: DDE réseau Description: Fournit le transport en réseau et la sécurité pour l'échange dynamique de données pour les programmes exécutés sur un même ordinateur ou des ordinateurs différents. Si ce service est arrêté, le transport et la sécurité de l'échange dynamique de données seront indisponibles. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: LocalSystem Image path: %SystemRoot%\system32\netdde.exe Image size: 114176 Image MD5: 5C9B1D83755B36237B70F95DF3D46A52 Control Set: CurrentControlSet Start: 4 Type: 32 Error Control: 1 Depends On services: NetDDEDSDM Service (registry key): NetDDEdsdm Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: DSDM DDE réseau Description: Gère l'échange dynamique de données partagées de réseau. Si ce service est arrêté, l'échange dynamique de données partagées de réseau ne sera plus disponible. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: LocalSystem Image path: %SystemRoot%\system32\netdde.exe Image size: 114176 Image MD5: 5C9B1D83755B36237B70F95DF3D46A52 Control Set: CurrentControlSet Start: 4 Type: 32 Error Control: 1 Service (registry key): Netlogon Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Ouverture de session réseau Description: Prend en charge l'authentification directe des événements d'ouverture de session du compte pour les ordinateurs dans un domaine. Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 13312 Image MD5: 91E6024D6D4DCDECDB36C43ECF9BBECB Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: LanmanWorkstation Service (registry key): Netman Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Connexions réseau Description: Prend en charge les objets dans le dossier Connexions réseau et accès à distance, dans lequel vous pouvez afficher à la fois les connexions du réseau local et les connexions à distance. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 288 Error Control: 1 Depends On services: RpcSs Service (registry key): NETMDUSB Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Net MD Image path: System32\Drivers\NETMDUSB.sys Image size: 37087 Image MD5: 42F797EC507060B2223BE182258293C8 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NetTcpPortSharing Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Net.Tcp Port Sharing Service Description: Provides ability to share TCP ports over the net.tcp protocol. Object name: NT AUTHORITY\LocalService Image path: "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" Image size: 132096 Image MD5: D34612C5D02D026535B3095D620626AE Control Set: CurrentControlSet Start: 4 Type: 32 Error Control: 1 Service (registry key): NIC1394 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote réseau 1394 Image path: system32\DRIVERS\nic1394.sys Image size: 61824 Image MD5: E9E47CFB2D461FA0FC75B7A74C6383EA Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Nla Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NLA (Network Location Awareness) Description: Recueille et stocke les informations de configuration et d'emplacement réseau, et notifie les applications quand ces informations changent. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: Tcpip,Afd Service (registry key): Npfs Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 1 Service (registry key): Ntfs Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 2 Error Control: 1 Service (registry key): NtLmSsp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Fournisseur de la prise en charge de sécurité LM NT Description: Assure la sécurité des programmes RPC (appels de procédure distante) qui utilisent des transports autres que des canaux nommés. Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 13312 Image MD5: 91E6024D6D4DCDECDB36C43ECF9BBECB Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Service (registry key): NtmsSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Stockage amovible Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): Null Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): nvatabus Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\DRIVERS\nvatabus.sys Image size: 86144 Image MD5: C8DAA008F9E390B9DA504C1CD0DA1EE9 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 3 Service (registry key): NVENETFD Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NVIDIA nForce Networking Controller Driver Image path: system32\DRIVERS\NVENETFD.sys Image size: 33280 Image MD5: B9995947C8A151370C6B5F5316857042 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): nvnetbus Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NVIDIA Network Bus Enumerator Image path: system32\DRIVERS\nvnetbus.sys Image size: 12928 Image MD5: E425490FF28EC2A3FA089B520A5BE87E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NwlnkFlt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de filtre de trafic IPX Description: Pilote de filtre de trafic IPX Image path: system32\DRIVERS\nwlnkflt.sys Image size: 12416 Image MD5: B305F3FAD35083837EF46A0BBCE2FC57 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On services: NwlnkFwd Service (registry key): NwlnkFwd Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de transfert de trafic IPX Description: Pilote de transfert de trafic IPX Image path: system32\DRIVERS\nwlnkfwd.sys Image size: 32512 Image MD5: C99B3415198D1AAB7227F2C88FD664B9 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): ohci1394 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Contrôleur hôte compatible IEE 1394 VIA OHCI Image path: system32\DRIVERS\ohci1394.sys Image size: 61696 Image MD5: CA33832DF41AFB202EE7AEB05145922F Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): ose Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Office Source Engine Description: Enregistre les fichiers d'installation utilisés pour les mises à jour et les réparations, et est nécessaire au téléchargement des mises à jour d'installation et des rapports d'erreur Watson. Object name: LocalSystem Image path: "C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE" Image size: 89136 Image MD5: 7A56CF3E3F12E8AF599963B16F50FB6A Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): Outlook Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): PALLADIA Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Palladia 300/400 Usb Adsl Modem Image path: system32\DRIVERS\usbiad.sys Image size: 31547 Image MD5: F500B04DEB1E266D21C501D229E63845 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Parport Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de port parallèle Image path: system32\DRIVERS\parport.sys Image size: 80384 Image MD5: 8FD0BDBEA875D06CCF6C945CA9ABAF75 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): PartMgr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Gestionnaire de partition Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): ParVdm Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 0 Depends On services: Parport Depends On group: "Parallel arbitrator" Service (registry key): PCI Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de bus PCI Image path: system32\DRIVERS\pci.sys Image size: 68608 Image MD5: 043410877BDA580C528F45165F7125BC Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 3 Service (registry key): PCIDump Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): PCIIde Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): Pcmcia Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Pcouffin Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Low level access layer for CD devices Image path: System32\Drivers\Pcouffin.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): PCTAVSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: PC Tools AntiVirus Engine Description: The PC Tools AntiVirus Service protects your system against virus and other security threats. If this service is disabled, protection against virus and other security threats is also disabled Object name: LocalSystem Image path: "C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe" Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 2 Type: 272 Error Control: 1 Depends On services: RPCSS Service (registry key): PDCOMP Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): PDFRAME Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): PDRELI Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): PDRFRAME Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): perc2 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): perc2hib Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): PerfDisk Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): PerfNet Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): PerfOS Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): PerfProc Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): pfc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Padus ASPI Shell Image path: system32\drivers\pfc.sys Image size: 10368 Image MD5: 444F122E68DB44C0589227781F3C8B3F Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): PlugPlay Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Plug-and-Play Description: Permet à l'ordinateur de reconnaître et d'adapter les modifications matérielles avec peu ou pas du tout d'intervention de l'utilisateur. Arrêter ou désactiver ce service provoque une instabilité du système. Object name: LocalSystem Image path: %SystemRoot%\system32\services.exe Image size: 111104 Image MD5: C3FB1D70CB88722267949694BA51759E Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): Point32 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft IntelliPoint Filter Driver Image path: system32\DRIVERS\point32.sys Image size: 21760 Image MD5: DCDF0421A1C14F2923E298A30FD7636D Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): PolicyAgent Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Services IPSEC Description: Gère la stratégie de sécurité IP et démarre les pilotes de gestion de sécurité IP et ISAKMP/Oakley (IKE). Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 13312 Image MD5: 91E6024D6D4DCDECDB36C43ECF9BBECB Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RPCSS,Tcpip,IPSec Service (registry key): PptpMiniport Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Miniport réseau étendu (PPTP) Description: Miniport réseau étendu (PPTP) Image path: system32\DRIVERS\raspptp.sys Image size: 48384 Image MD5: EFEEC01B1D3CF84F16DDD24D9D9D8F99 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): PRISM_A00 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: CREATIX 802.11g Driver Image path: system32\DRIVERS\PRISMA00.sys Image size: 380736 Image MD5: A5D938EE86B8CD0D4879D95EDA1CC430 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Processor Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote processeur Image path: system32\DRIVERS\processr.sys Image size: 40064 Image MD5: E19C9632AC828F6F214391E2BDDA11CB Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): ProtectedStorage Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Emplacement protégé Description: Fournit un stockage protégé pour les données sensibles, telles que les clés privées, afin d'empêcher l'accès par des services, des processus ou des utilisateurs non autorisés. Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 13312 Image MD5: 91E6024D6D4DCDECDB36C43ECF9BBECB Control Set: CurrentControlSet Start: 2 Type: 288 Error Control: 1 Depends On services: RpcSs Service (registry key): Ptilink Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de liaison parallèle directe Description: Pilote de liaison parallèle directe Image path: system32\DRIVERS\ptilink.sys Image size: 17792 Image MD5: 80D317BD1C3DBC5D4FE7B1678C60CADD Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): PxHelp20 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: PxHelp20 Image path: System32\Drivers\PxHelp20.sys Image size: 43528 Image MD5: D86B4A68565E444D76457F14172C875A Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): qgehicwx Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: USB Serial Converter Helper Description: Helper for USB Serial Converter Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): ql1080 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Ql10wnt Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): ql12160 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): ql1240 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): ql1280 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): QV2KUX Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Appareil photo numérique Casio Image path: system32\DRIVERS\qv2kux.sys Image size: 3328 Image MD5: 0087F01D35A65B32393CC8BBA46EE4A6 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): RasAcd Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de connexion automatique d'accès distant Description: Pilote de connexion automatique d'accès distant Image path: system32\DRIVERS\rasacd.sys Image size: 8832 Image MD5: FE0D99D6F31E4FAD8159F690D68DED9C Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): RasAuto Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Gestionnaire de connexion automatique d'accès distant Description: Crée une connexion vers un réseau distant à chaque fois qu'un programme référence un nom ou une adresse DNS ou NetBIOS distant. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RasMan,Tapisrv Service (registry key): Rasl2tp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Miniport réseau étendu (L2TP) Description: Miniport réseau étendu (L2TP) Image path: system32\DRIVERS\rasl2tp.sys Image size: 51328 Image MD5: 11B4A627BC9614B885C4969BFA5FF8A6 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): RasMan Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Gestionnaire de connexions d'accès distant Description: Crée une connexion réseau. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: Tapisrv Service (registry key): RasPppoe Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote PPPOE d'accès à distance Description: Pilote PPPOE d'accès à distance Image path: system32\DRIVERS\raspppoe.sys Image size: 41472 Image MD5: 5BC962F2654137C9909C3D4603587DEE Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Raspti Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Parallèle direct Description: Parallèle direct Image path: system32\DRIVERS\raspti.sys Image size: 16512 Image MD5: FDBB1D60066FCFBB7452FD8F9829B242 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Rdbss Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Rdbss Description: Rdbss Image path: system32\DRIVERS\rdbss.sys Image size: 175744 Image MD5: 7AD224AD1A1437FE28D89CF22B17780A Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 1 Service (registry key): RDPCDD Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\DRIVERS\RDPCDD.sys Image size: 4224 Image MD5: 4912D5B403614CE99C28420F75353332 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): RDPDD Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): RDPNP Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): RDPWD Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): RDSessMgr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Gestionnaire de session d'aide sur le Bureau à distance Description: Gère et contrôle l'assistance à distance. Si ce service est arrêté, l'assistance à distance n'est pas disponible. Consultez l'onglet Dépendances avant d'arrêter ce service. Object name: LocalSystem Image path: C:\WINDOWS\system32\sessmgr.exe Image size: 142848 Image MD5: 9F63D9C5B238ED1C375D417EFF3D5BE7 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): redbook Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de filtre de lecture digitale de CD audio Image path: system32\DRIVERS\redbook.sys Image size: 58752 Image MD5: D8EB2A7904DB6C916EB5361878DDCBAE Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): RemoteAccess Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Routage et accès distant Description: Offre aux entreprises des services de routage dans les environnements de réseau local ou étendu. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 4 Type: 32 Error Control: 1 Depends On services: RpcSS Depends On group: NetBIOSGroup Service (registry key): ROOTMODEM Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Legacy Modem Driver Image path: System32\Drivers\RootMdm.sys Image size: 5888 Image MD5: D8B0B4ADE32574B2D9C5CC34DC0DBBE7 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): RpcLocator Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Localisateur d'appels de procédure distante (RPC) Description: Gère la base de données du service de nom RPC. Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\system32\locator.exe Image size: 75264 Image MD5: 499C59A2584F6D4EA41E944DA571D993 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: LanmanWorkstation Service (registry key): RpcSs Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Appel de procédure distante (RPC) Description: Fournit le mappeur du point de sortie et divers services RPC. Object name: NT Authority\NetworkService Image path: %SystemRoot%\system32\svchost -k rpcss Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Service (registry key): RSVP Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: QoS RSVP Description: Fournit la signalisation de réseau et la fonctionnalité d'installation du contrôle de trafic local pour les programmes reconnaissant QoS et les applets de contrôle. Object name: LocalSystem Image path: %SystemRoot%\system32\rsvp.exe Image size: 132608 Image MD5: 414964844F4793ACB868D057E8ED997E Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: TcpIp,Afd,RpcSs Service (registry key): SamSs Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Gestionnaire de comptes de sécurité Description: Stocke les informations de sécurité pour les comptes d'utilisateurs locaux. Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 13312 Image MD5: 91E6024D6D4DCDECDB36C43ECF9BBECB Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RPCSS Service (registry key): sbp2port Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de bus de transport/protocole SBP-2 Image path: system32\DRIVERS\sbp2port.sys Image size: 43904 Image MD5: B244960E5A1DB8E9D5D17086DE37C1E4 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): SCardSvr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Carte à puce Description: Gère l'accès aux cartes à puce lues par cet ordinateur. Si ce service est arrêté, cet ordinateur ne pourra plus lire de cartes à puces. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\SCardSvr.exe Image size: 100352 Image MD5: 67949CC8A865296C1333C96A4E1A2D66 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 0 Depends On services: PlugPlay Service (registry key): Schedule Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Planificateur de tâches Description: Permet à un utilisateur de configurer et de planifier des tâches automatisées sur cet ordinateur. Si ce service est arrêté, ces tâches ne seront pas exécutées à l'heure prévue. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): ScsiPort Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: %SystemRoot%\system32\drivers\scsiport.sys Image size: 96384 Image MD5: 76C465F570E90C28942D52CCB2580A10 Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Secdrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Secdrv Description: SafeDisc driver Image path: system32\DRIVERS\secdrv.sys Image size: 20480 Image MD5: 90A3935D05B494A5A39D37E71F09A677 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): seclogon Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Secondary Logon Description: Permet le démarrage des processus sous d'autres informations d'identification. Si ce service est arrêté, ce type d'ouverture de session sera indisponible. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 288 Error Control: 0 Service (registry key): SENS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Notification d'événement système Description: Scrute les événements système tels que les ouvertures de session Windows et les événements concernant le réseau et l'alimentation. Avertit les abonnés du système d'événements COM+ de ces événements. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: EventSystem Service (registry key): serenum Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Serenum Filter Driver Image path: system32\DRIVERS\serenum.sys Image size: 15744 Image MD5: 0F29512CCD6BEAD730039FB4BD2C85CE Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Serial Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de port série Image path: system32\DRIVERS\serial.sys Image size: 66048 Image MD5: 93D313C31F7AD9EA2B75F26075413C7C Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): ServiceModelEndpoint 3.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): ServiceModelOperation 3.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): ServiceModelService 3.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Sfloppy Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Lecteur de disquettes haute densité Image path: system32\DRIVERS\sfloppy.sys Image size: 11392 Image MD5: 8E6B8C671615D126FDC553D1E2DE5562 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On group: "SCSI miniport" Service (registry key): SharedAccess Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pare-feu Windows / Partage de connexion Internet Description: Assure la traduction d'adresses de réseau, l'adressage, les services de résolution de noms et/ou les services de prévention d'intrusion pour un réseau de petite entreprise ou un réseau domestique. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: Netman,WinMgmt Service (registry key): ShellHWDetection Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Détection matériel noyau Description: Fournit des notifications à des événements matériel de lecture automatique. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 0 Depends On services: RpcSs Service (registry key): Simbad Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): SLIP Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Détrameur décalage BDA Image path: system32\DRIVERS\SLIP.sys Image size: 11136 Image MD5: 866D538EBE33709A5C9F5C62B73B7D14 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): SMSvcHost 3.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Sparrow Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): splitter Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Splitter audio du noyau Microsoft Image path: system32\drivers\splitter.sys Image size: 6272 Image MD5: AB8B92451ECB048A4D1DE7C3FFCB4A9F Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Spooler Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Spouleur d'impression Description: Charge des fichiers en mémoire pour une impression ultérieure. Object name: LocalSystem Image path: %SystemRoot%\system32\spoolsv.exe Image size: 57856 Image MD5: 460E4CE148BD07218DA0B6A3D31885A9 Control Set: CurrentControlSet Start: 2 Type: 272 Error Control: 1 Depends On services: RPCSS Service (registry key): SPTISRV Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Sony SPTI Service Object name: LocalSystem Image path: C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe Image size: 65536 Image MD5: E8DBEBFBFB44F63D487809E830C73DA6 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): sr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de filtre de restauration système Image path: system32\DRIVERS\sr.sys Image size: 73600 Image MD5: 39626E6DC1FB39434EC40C42722B660A Control Set: CurrentControlSet Start: 0 Type: 2 Error Control: 1 Service (registry key): srservice Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service de restauration système Description: Effectue des opérations de restauration du système. Pour arrêter ce service, désactivez Restauration du système dans l'onglet Restauration du système des propriétés du Poste de travail. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): Srv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Srv Description: Srv Image path: system32\DRIVERS\srv.sys Image size: 333952 Image MD5: 3BB03F2BA89D2BE417206C373D2AF17C Control Set: CurrentControlSet Start: 3 Type: 2 Error Control: 1 Service (registry key): SSDPSRV Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service de découvertes SSDP Description: Active la découverte de périphériques Plug and Play universels sur votre réseau domestique. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: HTTP Service (registry key): ssmdrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ssmdrv Description: Avira Snapshot Driver Image path: system32\DRIVERS\ssmdrv.sys Image size: 28352 Image MD5: 3D2829FDE1C52FC64DA5413889CE4DEE Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): stisvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Acquisition d'image Windows (WIA) Description: Fournit des services d'acquisition d'images pour les scanneurs et les appareils photo. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k imgsvc Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): streamip Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: BDA IPSink Image path: system32\DRIVERS\StreamIP.sys Image size: 15232 Image MD5: 77813007BA6265C4B6098187E6ED79D2 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): swenum Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de bus logiciel Image path: system32\DRIVERS\swenum.sys Image size: 4352 Image MD5: 3941D127AEF12E93ADDF6FE6EE027E0F Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): swmidi Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Synthétiseur de table de sons GC noyau Microsoft Image path: system32\drivers\swmidi.sys Image size: 56576 Image MD5: 8CE882BCC6CF8A62F2B2323D95CB3D01 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): SwPrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: MS Software Shadow Copy Provider Description: Gère les copies logicielles de clichés instantanés de volumes créés par le service de cliché instantané de volumes. Si ce service est arrêté, les copies logicielles de clichés instantanés ne peuvent pas être gérées. Si le service est désactivé, les services qui en dépendent ne pourront pas démarrer. Object name: LocalSystem Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{169C76FE-7B88-41DF-AB63-D00A21C134B2} Image size: 5120 Image MD5: 0DAD93BB0FECF5016AE3C06CBB0A873B Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 0 Depends On services: rpcss Service (registry key): swwd Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): symc810 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): symc8xx Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): sym_hi Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): sym_u3 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): sysaudio Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Périphérique audio système du noyau Microsoft Image path: system32\drivers\sysaudio.sys Image size: 60800 Image MD5: 8B83F3ED0F1688B4958F77CD6D2BF290 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): SysmonLog Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Journaux et alertes de performance Description: Collecte les données de performances des ordinateurs locaux ou distants basés sur des paramètres planifiés préconfigurés, puis écrit les données dans un journal ou déclenche une alerte. Si ce service est arrêté, les informations de performances ne seront pas collectées. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: NT Authority\NetworkService Image path: %SystemRoot%\system32\smlogsvc.exe Image size: 93184 Image MD5: 0899061318A6B1D9596AABFC77F45E44 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): TapiSrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Téléphonie Description: Fournit la prise en charge des API de téléphonie (TAPI) pour les programmes contrôlant les périphériques de téléphonie, les connexions vocales basées sur le protocole IP, sur l'ordinateur local, via le réseau local, sur le serveur où ce service fonctionne également. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: PlugPlay,RpcSs Service (registry key): Tcpip Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote du protocole TCP/IP Description: Pilote du protocole TCP/IP Image path: system32\DRIVERS\tcpip.sys Image size: 361600 Image MD5: 9AEFA14BD6B182D61E3119FA5F436D3D Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Depends On services: IPSec Service (registry key): TDPIPE Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): TDTCP Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): TermDD Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de périphérique terminal Image path: system32\DRIVERS\termdd.sys Image size: 40840 Image MD5: 88155247177638048422893737429D9E Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): TermService Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Services Terminal Server Description: Permet à plusieurs utilisateurs de se connecter en même temps à un ordinateur, tout en affichant les bureaux et les applications sur les ordinateurs distants. Contient les fonctions sous-jacentes de Bureau à distance (y compris le Bureau à distance pour les administrateurs), le Changement rapide d'utilisateur, l'Assistance à distance et le service Terminal Server. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost -k DComLaunch Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RPCSS Service (registry key): Themes Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Thèmes Description: Fournit un système de gestion de thème de l'expérience utilisateur. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): TosIde Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): TrkWks Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Client de suivi de lien distribué Description: Maintient les liens entre les fichiers NTFS au sein d'un ordinateur ou de plusieurs ordinateurs dans un domaine de réseau. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): TSDDD Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Udfs Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 2 Error Control: 1 Service (registry key): UKBFLT Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\DRIVERS\UKBFLT.sys Image size: 11672 Image MD5: 121B9EB8372F9309B12A2C698F655F84 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): ultra Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Update Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de mise à jour microcode Image path: system32\DRIVERS\update.sys Image size: 384768 Image MD5: 402DDC88356B1BAC0EE3DD1580C76A31 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): upnphost Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Hôte de périphérique universel Plug-and-Play Description: Offre la prise en charge des périphériques hôtes universels Plug-and-Play. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: SSDPSRV,HTTP Service (registry key): UPS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Onduleur Description: Gère un onduleur connecté à l'ordinateur. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\ups.exe Image size: 18432 Image MD5: 1EDC93D7BD731B5CA6248AE245099B60 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): USBAAPL Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Apple Mobile USB Driver Image path: System32\Drivers\usbaapl.sys Image size: 36864 Image MD5: 026F7F224F088EE11E383BCA448FFF81 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbaudio Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote USB audio (WDM) Image path: system32\drivers\usbaudio.sys Image size: 60032 Image MD5: E919708DB44ED8543A7C017953148330 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbccgp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote parent générique USB Microsoft Image path: system32\DRIVERS\usbccgp.sys Image size: 32128 Image MD5: 173F317CE0DB8E21322E71B7E60A27E8 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbehci Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0 Image path: system32\DRIVERS\usbehci.sys Image size: 30208 Image MD5: 65DCF09D0E37D4C6B11B5B0B76D470A7 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbhub Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de concentrateur standard USB Microsoft Image path: system32\DRIVERS\usbhub.sys Image size: 59520 Image MD5: 1AB3CDDE553B6E064D2E754EFE20285C Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbohci Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote miniport de contrôleur hôte ouvert USB Microsoft Image path: system32\DRIVERS\usbohci.sys Image size: 17152 Image MD5: 0DAECCE65366EA32B162F85F07C6753B Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbprint Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Classe d'imprimantes USB Microsoft Image path: system32\DRIVERS\usbprint.sys Image size: 25856 Image MD5: A717C8721046828520C9EDF31288FC00 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbscan Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de scanneur USB Image path: system32\DRIVERS\usbscan.sys Image size: 15104 Image MD5: A0B8CF9DEB1184FBDD20784A58FA75D4 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): USBSTOR Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de stockage de masse USB Image path: system32\DRIVERS\USBSTOR.SYS Image size: 26368 Image MD5: A32426D9B14A089EAA1D922E0C5801A9 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbvideo Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Périphérique vidéo USB (WDM) Image path: System32\Drivers\usbvideo.sys Image size: 121984 Image MD5: 63BBFCA7F390F4C49ED4B96BFB1633E0 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usb_rndisx Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Carte ISDN USB Image path: system32\DRIVERS\usb8023x.sys Image size: 12800 Image MD5: B6CC50279D6CD28E090A5D33244ADC9A Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usnjsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service Messenger Sharing Folders USN Journal Reader Description: Service installé par Messenger pour permettre les opérations de partage Object name: LocalSystem Image path: "C:\Program Files\Windows Live\Messenger\usnsvc.exe" Image size: 98328 Image MD5: 9D19B042A4FD5C02195071EA2FE0C821 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: rpcss,eventlog Service (registry key): VgaSave Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Carte vidéo VGA. Description: Gère la carte vidéo VGA pour offrir un affichage de base. Image path: \SystemRoot\System32\drivers\vga.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): ViaIde Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): VolSnap Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): VSS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Cliché instantané de volume Description: Gère et implémente les clichés instantanés de volumes pour les sauvegardes et autres utilisations. Si ce service est arrêté, les clichés instantanés ne seront pas disponibles pour la sauvegarde et la sauvegarde échouera. Si ce service est désactivé, les services en dépendant explicitement ne démarreront pas. Object name: LocalSystem Image path: %SystemRoot%\System32\vssvc.exe Image size: 295424 Image MD5: 5A4DA252B2C0550AB83D129C02CF6C19 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): VxD Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): W32Time Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Horloge Windows Description: Conserve la synchronisation de la date et de l'heure sur tous les clients et serveurs sur le réseau. Si ce service est arrêté, la synchronisation de la date et de l'heure sera indisponible. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): Wanarp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote ARP IP d'accès distant Description: Pilote ARP IP d'accès distant Image path: system32\DRIVERS\wanarp.sys Image size: 34560 Image MD5: E20B95BAEDB550F32DD489265C1DA1F6 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): WDICA Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): wdmaud Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote WINMM de compatibilité audio WDM Microsoft Image path: system32\drivers\wdmaud.sys Image size: 83072 Image MD5: 6768ACF64B18196494413695F0C3A00F Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): WebClient Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: WebClient Description: Permet à un programme fonctionnant sous Windows de créer, modifier et accéder à des fichiers Internet. Si ce service est arrêté, Ces fonctions ne seront pas disponibles. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: MRxDAV Service (registry key): WinDefend Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows Defender Description: Permet de protéger les utilisateurs des logiciels malveillants, des logiciels espions et des autres logiciels potentiellement indésirables Object name: LocalSystem Image path: "C:\Program Files\Windows Defender\MsMpEng.exe" Image size: 13592 Image MD5: F45DD1E1365D857DD08BC23563370D0E Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: RpcSs Service (registry key): Windows Workflow Foundation 3.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): winmgmt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Infrastructure de gestion Windows Description: Fournit une interface commune et un modèle objet pour accéder aux informations de gestion du système d'exploitation, des périphériques, des applications et des services. Si ce service est arrêté, la plupart des logiciels sur base Windows ne fonctionneront pas correctement. Si ce service est désactivé, tout service qui en dépend explicitement ne démarrera pas. Object name: LocalSystem Image path: %systemroot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 0 Depends On services: RPCSS Service (registry key): Winsock Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 4 Error Control: 1 Service (registry key): WinSock2 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): WinTrust Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): WLSetupSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows Live Setup Service Description: Windows Live Setup Service Object name: LocalSystem Image path: "C:\Program Files\Windows Live\installer\WLSetupSvc.exe" Image size: 266240 Image MD5: 94A85E956A065E23E0010A6A7826243B Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): WmdmPmSN Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service de numéro de série du lecteur multimédia portable Description: Extrait le numéro de série d'un lecteur multimédia portable connecté à cet ordinateur. Si ce service est interrompu, le contenu protégé risque de ne pas être téléchargé sur le périphérique. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Service (registry key): Wmi Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): WmiApRpl Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): WmiApSrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Carte de performance WMI Description: Fournit des informations concernant la bibliothèque de performance à partir des fournisseurs HiPerf WMI. Object name: LocalSystem Image path: C:\WINDOWS\system32\wbem\wmiapsrv.exe Image size: 126464 Image MD5: 4E8E8A58F56B25D0795F484E5EB7F898 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): WMPNetworkSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service Partage réseau du Lecteur Windows Media Description: Partage les bibliothèques du Lecteur Windows Media avec des lecteurs réseau et des appareils multimédias qui utilisent le Plug-and-Play universel Object name: NT AUTHORITY\NetworkService Image path: "C:\Program Files\Windows Media Player\WMPNetwk.exe" Image size: 918016 Image MD5: C9BEA742CE225CC993C9465FDDAE4656 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: upnphost,http,HTTPFilter Service (registry key): WpdUsb Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: WpdUsb Image path: system32\DRIVERS\wpdusb.sys Image size: 38528 Image MD5: CF4DEF1BF66F06964DC0D91844239104 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): WS2IFSL Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 Image path: \SystemRoot\System32\drivers\ws2ifsl.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): wscsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Centre de sécurité Description: Analyse les paramètres de sécurité et les configurations du système. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs,winmgmt Service (registry key): WSTCODEC Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Codec Teletext standard Image path: system32\DRIVERS\WSTCODEC.SYS Image size: 19200 Image MD5: C98B39829C2BBD34E454150633C62C78 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): wuauserv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Mises à jour automatiques Description: Autorise le téléchargement et l'installation des mises à jour de Windows. Si ce service est désactivé, cet ordinateur ne pourra pas utiliser la fonctionnalité Mises à jour automatiques, ni accéder au site Web Windows Update. Object name: LocalSystem Image path: %systemroot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): WudfPf Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows Driver Foundation - User-mode Driver Framework Platform Driver Description: Provide communciation services for UMDF components. Image path: system32\DRIVERS\WudfPf.sys Image size: 77568 Image MD5: F15FEAFFFBB3644CCC80C5DA584E6311 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): WudfRd Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows Driver Foundation - User-mode Driver Framework Reflector Description: Reflect device requests to user-mode driver drivers Image path: system32\DRIVERS\wudfrd.sys Image size: 82944 Image MD5: 28B524262BCE6DE1F7EF9F510BA3985B Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): WudfSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows Driver Foundation - User-mode Driver Framework Description: Manages user-mode driver host processes Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k WudfServiceGroup Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: PlugPlay Service (registry key): WZCSVC Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Configuration automatique sans fil Description: Fournit la configuration automatique des cartes 802.11 Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs,Ndisuio Service (registry key): x10nets Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: X10 Device Network Service Object name: LocalSystem Image path: C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe Image size: 20480 Image MD5: 5A0C788C5BC5F2C993CB60940ADCF95E Control Set: CurrentControlSet Start: 3 Type: 272 Error Control: 1 Depends On services: RPCSS Service (registry key): X10UIF Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: %DESCRIPTION% Image path: System32\Drivers\x10uif.sys Image size: 10761 Image MD5: 2A35913CFE96E7B19097C9A1C3BC5182 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): xmlprov Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service d'approvisionnement réseau Description: Gère les fichiers de configuration XML en fonction du domaine pour l'approvisionnement réseau automatique. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): ZTEusbmdm6k Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ZTE Proprietary USB Driver Image path: system32\DRIVERS\ZTEusbmdm6k.sys Image size: 103936 Image MD5: 1D4EB2E5FC4276CD5E9B862D349F68BD Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): ZTEusbnmea Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ZTE NMEA Port Image path: system32\DRIVERS\ZTEusbnmea.sys Image size: 103936 Image MD5: 1D4EB2E5FC4276CD5E9B862D349F68BD Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): ZTEusbser6k Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ZTE Diagnostic Port Image path: system32\DRIVERS\ZTEusbser6k.sys Image size: 103936 Image MD5: 1D4EB2E5FC4276CD5E9B862D349F68BD Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): {22B15CB7-55AD-4997-A2AB-DA4931DF6907} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {4786659F-6F77-4ABA-A0B2-CF58C4DA049C} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {4A4F4127-6D87-4E60-ABA6-8703D1F04AA3} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {4A8F31E8-1388-4D1A-9238-5FA601C7EA6D} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {5F1E1A1F-3B24-44E5-A0A2-39636A959AFD} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {747D6A93-476E-44F3-A048-98D012DA1F42} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {ABD87786-C102-40F2-AD75-FD5BCC6C2359} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {CB170183-142B-457F-9812-D7999CB679AA} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {DD10E0AB-38EE-4F68-AA59-34353D4196AB} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): CLASSPNP_2 Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \??\C:\WINDOWS\system32\drivers\CLASSPNP_2.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): disk_2 Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \??\C:\WINDOWS\system32\drivers\disk_2.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): mbr Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \??\C:\DOCUME~1\DELAPA~1\LOCALS~1\Temp\mbr.sys Image size: 0 Image MD5: D41D --- Search result list --- Smitfraud-C.: [sBI $14838A4C] Réglages utilisateur (Clé du Registre, nothing done) HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\SYSTEM\ControlSet001\Services\Installer FastClick: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) FastClick: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) FastClick: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) FastClick: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) MediaPlex: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) MediaPlex: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Tradedoubler: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) DoubleClick: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Zedo: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Statcounter: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) MediaPlex: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Tradedoubler: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Tradedoubler: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Tradedoubler: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Adviva: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) BurstMedia: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) BurstMedia: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Zedo: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Zedo: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Zedo: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Zedo: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Zedo: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) Adviva: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) BlueStreak: Cookie traceur (Chrome: Chrome) (Cookie, nothing done) --- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) --- 2009-01-26 blindman.exe (1.0.0. 2009-01-26 SDFiles.exe (1.6.1.7) 2009-01-26 SDMain.exe (1.0.0.6) 2009-01-26 SDShred.exe (1.0.2.5) 2009-01-26 SDUpdate.exe (1.6.0.12) 2007-08-31 SDWinSec.exe (1.0.0. 2009-01-26 SpybotSD.exe (1.6.2.46) 2009-03-05 TeaTimer.exe (1.6.6.32) 2009-08-31 unins000.exe (51.49.0.0) 2009-01-26 Update.exe (1.6.0.7) 2009-07-28 advcheck.dll (1.6.3.17) 2007-04-02 aports.dll (2.1.0.0) 2008-06-14 DelZip179.dll (1.79.11.1) 2009-01-26 SDHelper.dll (1.6.2.14) 2008-06-19 sqlite3.dll 2008-10-22 Tools.dll (2.1.6. 2009-01-16 UninsSrv.dll (1.0.0.0) 2009-10-08 Includes\Adware.sbi (*) 2009-10-20 Includes\AdwareC.sbi (*) 2009-01-22 Includes\Cookies.sbi (*) 2009-10-14 Includes\Dialer.sbi (*) 2009-10-13 Includes\DialerC.sbi (*) 2009-01-22 Includes\HeavyDuty.sbi (*) 2009-05-26 Includes\Hijackers.sbi (*) 2009-10-27 Includes\HijackersC.sbi (*) 2009-10-20 Includes\Keyloggers.sbi (*) 2009-10-20 Includes\KeyloggersC.sbi (*) 2009-10-13 Includes\Malware.sbi (*) 2009-10-29 Includes\MalwareC.sbi (*) 2009-03-25 Includes\PUPS.sbi (*) 2009-10-20 Includes\PUPSC.sbi (*) 2009-01-22 Includes\Revision.sbi (*) 2009-01-13 Includes\Security.sbi (*) 2009-10-27 Includes\SecurityC.sbi (*) 2008-06-03 Includes\Spybots.sbi (*) 2008-06-03 Includes\SpybotsC.sbi (*) 2009-10-27 Includes\Spyware.sbi (*) 2009-10-27 Includes\SpywareC.sbi (*) 2009-06-08 Includes\Tracks.uti 2009-10-27 Includes\Trojans.sbi (*) 2009-10-27 Includes\TrojansC.sbi (*) 2008-03-04 Plugins\Chai.dll 2008-03-05 Plugins\Fennel.dll 2008-02-26 Plugins\Mate.dll 2008-12-24 Plugins\TCPIPAddress.dll --- System information --- Windows XP (Build: 2600) Service Pack 3 (5.1.2600) / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Security Update (KB953297) / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) / MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2 / MSXML4SP2: Security update for MSXML4 SP2 (KB936181) / MSXML4SP2: Security update for MSXML4 SP2 (KB954430) / Step By Step Interactive Training / SP2: Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) / Step By Step Interactive Training / SP2: Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) / Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs / Windows / SP1: Microsoft National Language Support Downlevel APIs / Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399) / Windows Media Player: Mise à jour de sécurité pour Lecteur Windows Media (KB952069) / Windows Media Player: Mise à jour de sécurité pour Lecteur Windows Media (KB954155) / Windows Media Player: Mise à jour de sécurité pour Lecteur Windows Media (KB968816) / Windows Media Player: Mise à jour de sécurité pour Lecteur Windows Media (KB973540) / Windows Media Player 10: Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) / Windows Media Player 10: Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) / Windows Media Player 10: Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782) / Windows Media Player 11: Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) / Windows Media Player 11: Correctif pour Lecteur Windows Media 11 (KB939683) / Windows Media Player 11: Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154) / Windows Media Player 11: Mise à jour critique pour Lecteur Windows Media 11 (KB959772) / Windows Media Player 6.4: Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) / Windows XP: Mise à jour de sécurité pour Windows XP (KB923689) / Windows XP: Mise à jour de sécurité pour Windows XP (KB941569) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897) / Windows XP / SP0: Mise à jour pour Windows Internet Explorer 8 (KB971930) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260) / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455) / Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP / Windows XP / SP3: Windows XP Service Pack 3 / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB923561) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB938464) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB938464-v2) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB946648) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB950762) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB950974) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951066) / Windows XP / SP4: Mise à jour pour Windows XP (KB951072-v2) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951376-v2) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951698) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB951748) / Windows XP / SP4: Mise à jour pour Windows XP (KB951978) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB952004) / Windows XP / SP4: Correctif pour Windows XP (KB952287) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB952954) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB953155) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB953839) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB954211) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB954459) / Windows XP / SP4: Hotfix for Windows XP (KB954550-v5) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB954600) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB955069) / Windows XP / SP4: Mise à jour pour Windows XP (KB955839) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956391) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956572) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956744) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956802) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956803) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956841) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB956844) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB957095) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB957097) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958644) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958687) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958690) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB958869) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB959426) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960225) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960715) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960803) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB960859) / Windows XP / SP4: Correctif pour Windows XP (KB961118) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB961371) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB961373) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB961501) / Windows XP / SP4: Mise à jour pour Windows XP (KB967715) / Windows XP / SP4: Mise à jour pour Windows XP (KB968389) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB968537) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB969059) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB969898) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB970238) / Windows XP / SP4: Correctif pour Windows XP (KB970653-v3) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB971486) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB971557) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB971633) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB971657) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB973346) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB973354) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB973507) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB973525) / Windows XP / SP4: Mise à jour pour Windows XP (KB973815) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB973869) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB974112) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB974571) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB975025) / Windows XP / SP4: Mise à jour de sécurité pour Windows XP (KB975467) --- Startup entries list --- Located: HK_LM:Run, Adobe Reader Speed Launcher command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe size: 39792 MD5: 8B9145D229D4E89D15ACB820D4A3A90F Located: HK_LM:Run, AGRSMMSG command: AGRSMMSG.exe file: C:\WINDOWS\AGRSMMSG.exe size: 88209 MD5: 230EA041666125B6812FE3FF964B2DF3 Located: HK_LM:Run, ASUS Camera ScreenSaver command: C:\WINDOWS\ASScrProlog.exe file: C:\WINDOWS\ASScrProlog.exe size: 37232 MD5: 8EC60DEB42EC2194002481C3297B6D90 Located: HK_LM:Run, ATIPTA command: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe file: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe size: 344064 MD5: 74A0B4382C82DE73BD309C778A8F4815 Located: HK_LM:Run, BrMfcWnd command: C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN file: C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe size: 663552 MD5: 7E6EFC5383FEF3EF852F2C7D41DEE83F Located: HK_LM:Run, CHotkey command: mHotkey.exe file: C:\WINDOWS\mHotkey.exe size: 508416 MD5: 94229807AD00A72B50195F1D3DFB205F Located: HK_LM:Run, ControlCenter3 command: C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun file: C:\Program Files\Brother\ControlCenter3\brctrcen.exe size: 65536 MD5: 8148563E8623EB5AC747297FAED928E0 Located: HK_LM:Run, Dit command: Dit.exe file: C:\WINDOWS\Dit.exe size: 90112 MD5: 38060C4DBB138721CB7757B91ABAA183 Located: HK_LM:Run, e-TF1 command: C:\Program Files\TF1Vision\TF1vision.exe file: C:\Program Files\TF1Vision\TF1vision.exe size: 397312 MD5: 67F4CE7A350519B69A4DE226F2843C92 Located: HK_LM:Run, IndexSearch command: "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" file: C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe size: 46632 MD5: 3983E99D3A28C7EEFFC728643715989D Located: HK_LM:Run, IntelliPoint command: "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" file: C:\Program Files\Microsoft IntelliPoint\ipoint.exe size: 849280 MD5: F4E7979D8ADEBEEDEAD33019A5BD52BF Located: HK_LM:Run, iTunesHelper command: "C:\Program Files\iTunes\iTunesHelper.exe" file: C:\Program Files\iTunes\iTunesHelper.exe size: 342312 MD5: 6B0E8DEE62C0C9695C77F14482DDF178 Located: HK_LM:Run, ledpointer command: CNYHKey.exe file: C:\WINDOWS\CNYHKey.exe size: 5794816 MD5: 785FD48CEC69D07BCD2C1B2C112F00C9 Located: HK_LM:Run, Malwarebytes Anti-Malware (reboot) command: "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript file: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe size: 1312080 MD5: C5FCC0B761069FABD59E41B7C3280DDF Located: HK_LM:Run, PaperPort PTD command: "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" file: C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe size: 30248 MD5: 792D0020117F2F6D3B433193BBAC555E Located: HK_LM:Run, PC Pitstop Optimize Scheduler command: C:\Program Files\PCPitstop\Optimize\PCPOptimize.exe -boot file: C:\Program Files\PCPitstop\Optimize\PCPOptimize.exe size: 2577120 MD5: 62F139B48C9B85C44480C334E2DE26DB Located: HK_LM:Run, PCMService command: "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe" file: C:\Program Files\Home Cinema\PowerCinema\PCMService.exe size: 81920 MD5: 890F7BD18750F3C41ADAA7303C326AD4 Located: HK_LM:Run, PPort11reminder command: "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini file: C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe size: 255528 MD5: 82C94CB8DF55112D06E05030A91F1C3F Located: HK_LM:Run, QuickTime Task command: "C:\Program Files\QuickTime\QTTask.exe" -atboottime file: C:\Program Files\QuickTime\QTTask.exe size: 413696 MD5: 0AB3C83FCB8EF6F56E4FB22089F0D3B9 Located: HK_LM:Run, SpybotSnD command: "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck /autofix /autoclose /waitstart file: C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe size: 5365592 MD5: 0477C2F9171599CA5BC3307FDFBA8D89 Located: HK_LM:Run, SSBkgdUpdate command: "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot file: C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe size: 210472 MD5: 846965AE55A2662B1576C0F392DD1D6E Located: HK_LM:Run, Windows Defender command: "C:\Program Files\Windows Defender\MSASCui.exe" -hide file: C:\Program Files\Windows Defender\MSASCui.exe size: 866584 MD5: 77C03BF23AE56B0A31AE4D5BB4B3D0AC Located: HK_LM:Run, !AVG Anti-Spyware (DISABLED) command: "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized file: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe size: 6731312 MD5: CC6BC45DD5A58158645E7FB2953604FE Located: HK_CU:Run, CTFMON.EXE where: .DEFAULT... command: C:\WINDOWS\system32\CTFMON.EXE file: C:\WINDOWS\system32\CTFMON.EXE size: 15360 MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 Located: HK_CU:Run, DWQueuedReporting where: .DEFAULT... command: "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t file: C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe size: 39264 MD5: 3992F464696B0EEFF236AEF93B1FDBD5 Located: HK_CU:RunOnce, tscuninstall where: .DEFAULT... command: %systemroot%\system32\tscupgrd.exe file: C:\WINDOWS\system32\tscupgrd.exe size: 44544 MD5: D2D52012C5A3CD41FEC0F090A8E47EE7 Located: HK_CU:Run, ccleaner where: S-1-5-21-4031931224-3083130229-1089167384-1006... command: "C:\Program Files\CCleaner\CCleaner.exe" /AUTO file: C:\Program Files\CCleaner\CCleaner.exe size: 1279216 MD5: 77CFC3B07918B58D3A1DB0391EA58212 Located: HK_CU:Run, Google Update where: S-1-5-21-4031931224-3083130229-1089167384-1006... command: "C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c file: C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Google\Update\GoogleUpdate.exe size: 133104 MD5: 626A24ED1228580B9518C01930936DF9 Located: HK_CU:Run, msnmsgr where: S-1-5-21-4031931224-3083130229-1089167384-1006... command: "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background file: C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe size: 5724184 MD5: 97384875B6D03831B2D1820AB8952F67 Located: HK_CU:Run, SpybotSD TeaTimer where: S-1-5-21-4031931224-3083130229-1089167384-1006... command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe size: 2260480 MD5: 390679F7A217A5E73D756276C40AE887 Located: HK_CU:Run, WMPNSCFG where: S-1-5-21-4031931224-3083130229-1089167384-1006... command: C:\Program Files\Windows Media Player\WMPNSCFG.exe file: C:\Program Files\Windows Media Player\WMPNSCFG.exe size: 204288 MD5: 5011A24AECF4D573473BDC15EE84C178 Located: HK_CU:Run, ctfmon.exe where: S-1-5-21-4031931224-3083130229-1089167384-500... command: C:\WINDOWS\system32\ctfmon.exe file: C:\WINDOWS\system32\ctfmon.exe size: 15360 MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 Located: HK_CU:Run, CTFMON.EXE where: S-1-5-18... command: C:\WINDOWS\system32\CTFMON.EXE file: C:\WINDOWS\system32\CTFMON.EXE size: 15360 MD5: 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 Located: HK_CU:Run, DWQueuedReporting where: S-1-5-18... command: "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t file: C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe size: 39264 MD5: 3992F464696B0EEFF236AEF93B1FDBD5 Located: HK_CU:RunOnce, tscuninstall where: S-1-5-18... command: %systemroot%\system32\tscupgrd.exe file: C:\WINDOWS\system32\tscupgrd.exe size: 44544 MD5: D2D52012C5A3CD41FEC0F090A8E47EE7 Located: Démarrage (tous utilisateurs), Adobe Gamma Loader.lnk (DISABLED) where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage... command: C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe file: C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe size: 110592 MD5: 5CD0CD0EC4DC5DF459B3AC016764F5AA Located: Démarrage (tous utilisateurs), Assistant d'Acrobat.lnk (DISABLED) where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage... command: C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe file: C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe size: 217193 MD5: 78BFE3201ADA2FE02D1E35D2488E5F55 Located: Démarrage (tous utilisateurs), BTTray.lnk where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage... command: C:\Program Files\MSI\Bluetooth Software\BTTray.exe file: C:\Program Files\MSI\Bluetooth Software\BTTray.exe size: 507965 MD5: 037731588DE041A80BA15D558D976EB6 Located: Démarrage (tous utilisateurs), Microsoft Office.lnk where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage... command: C:\Program Files\Microsoft Office\Office10\OSA.EXE file: C:\Program Files\Microsoft Office\Office10\OSA.EXE size: 83360 MD5: 5BC65464354A9FD3BEAA28E18839734A Located: WinLogon, AtiExtEvent command: Ati2evxx.dll file: Ati2evxx.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, crypt32chain command: crypt32.dll file: crypt32.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, cryptnet command: cryptnet.dll file: cryptnet.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, cscdll command: cscdll.dll file: cscdll.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, dimsntfy command: %SystemRoot%\System32\dimsntfy.dll file: %SystemRoot%\System32\dimsntfy.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, ScCertProp command: wlnotify.dll file: wlnotify.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, Schedule command: wlnotify.dll file: wlnotify.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, sclgntfy command: sclgntfy.dll file: sclgntfy.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, SensLogn command: WlNotify.dll file: WlNotify.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, termsrv command: wlnotify.dll file: wlnotify.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, WgaLogon command: WgaLogon.dll file: WgaLogon.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, wlballoon command: wlnotify.dll file: wlnotify.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! --- Browser helper object list --- {7E853D72-626A-48EC-A868-BA8D5E23E045} () location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: Programme d'aide de l'Assistant de connexion Windows Live Path: C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\ Long name: WindowsLiveLogin.dll Short name: WINDOW~1.DLL Date (created): 17/02/2009 16:11:04 Date (last access): 30/10/2009 01:50:06 Date (last write): 17/02/2009 16:11:04 Filesize: 408440 Attributes: archive MD5: 1A82C1B9BB43385695EFC3A84F6756A2 CRC32: 75E558CA Version: 5.0.818.6 {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: Google Toolbar Helper description: Google toolbar classification: Open for discussion known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll info link: http://toolbar.google.com/ info source: TonyKlein Path: c:\program files\google\ Long name: GoogleToolbar1.dll Short name: GOOGLE~1.DLL Date (created): 14/11/2007 12:56:02 Date (last access): 30/10/2009 01:49:04 Date (last write): 14/11/2007 12:56:02 Filesize: 2436160 Attributes: readonly archive MD5: 6D44E0C3B43D27484FBB355E470C4188 CRC32: 2DE875CD Version: 4.0.1601.4978 {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: Google Toolbar Notifier BHO Path: C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\ Long name: swg.dll Short name: Date (created): 26/03/2009 16:15:40 Date (last access): 30/10/2009 01:49:54 Date (last write): 26/03/2009 16:15:40 Filesize: 668656 Attributes: archive MD5: D1585B06DED161E13B905DC4FFBF7F12 CRC32: 88D5BAA5 Version: 5.1.1309.3572 --- ActiveX list --- {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) DPF name: CLSID name: Shockwave ActiveX Control Installer: C:\WINDOWS\Downloaded Program Files\erma.inf Codebase: http://fpdownload.macromedia.com/get/shock...director/sw.cab description: Macromedia ShockWave Flash Player 7 classification: Legitimate known filename: SWDIR.DLL info link: info source: Patrick M. Kolla Path: C:\WINDOWS\system32\Macromed\Director\ Long name: SwDir.dll Short name: Date (created): 08/03/2005 17:56:00 Date (last access): 30/10/2009 03:12:30 Date (last write): 09/09/2004 14:49:12 Filesize: 54488 Attributes: archive MD5: 943193399C341AC34E842CB07B5F29A0 CRC32: 12DEB8F4 Version: 10.1.0.11 {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) DPF name: CLSID name: Office Update Installation Engine Installer: C:\WINDOWS\Downloaded Program Files\opuc.inf Codebase: http://office.microsoft.com/officeupdate/content/opuc2.cab description: classification: Legitimate known filename: opuc.dll info link: info source: Safer Networking Ltd. Path: C:\WINDOWS\ Long name: opuc.dll Short name: Date (created): 18/01/2005 01:07:18 Date (last access): 30/10/2009 01:47:18 Date (last write): 18/01/2005 01:07:18 Filesize: 326656 Attributes: archive MD5: 20393D64F69F26361A97FD9AFB3C9243 CRC32: 0B4DBA7F Version: 11.0.6466.0 {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) DPF name: CLSID name: WUWebControl Class Installer: C:\WINDOWS\Downloaded Program Files\wuweb.inf Codebase: http://www.update.microsoft.com/windowsupd...b?1206711224812 description: classification: Legitimate known filename: wuweb.dll info link: info source: Safer Networking Ltd. Path: C:\WINDOWS\system32\ Long name: wuweb.dll Short name: Date (created): 07/03/2005 11:38:00 Date (last access): 30/10/2009 03:11:16 Date (last write): 06/08/2009 18:24:18 Filesize: 209632 Attributes: archive MD5: 033AF4CE25B6D871F0DE2C982658E049 CRC32: 2C204902 Version: 7.4.7600.226 {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) DPF name: CLSID name: MUWebControl Class Installer: C:\WINDOWS\Downloaded Program Files\muweb.inf Codebase: http://www.update.microsoft.com/microsoftu...b?1207653252687 description: classification: Legitimate known filename: muweb.dll info link: info source: Safer Networking Ltd. Path: C:\WINDOWS\system32\ Long name: muweb.dll Short name: Date (created): 30/07/2007 18:18:34 Date (last access): 30/10/2009 03:10:40 Date (last write): 06/08/2009 18:23:46 Filesize: 215920 Attributes: archive MD5: A1350D646EF6E57E8F4F33EBE7320D08 CRC32: AB3CA24F Version: 7.4.7600.226 {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} () DPF name: CLSID name: Installer: Codebase: file://C:\Program Files\MDT6\AcDcToday.ocx description: classification: Legitimate known filename: ACDCTO~1.OCX info link: info source: Safer Networking Ltd. {8AD9C840-044E-11D1-B3E9-00805F499D93} (Environnement d'exécution Java 1.4.1_01) DPF name: Environnement d'exécution Java 1.4.1_01 CLSID name: Java Plug-in 1.4.1_01 Installer: Codebase: http://java.sun.com/products/plugin/1.4/ji...indows-i586.cab description: Sun Java classification: Legitimate known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll info link: info source: Patrick M. Kolla Path: C:\Program Files\Java\j2re1.4.1_01\bin\ Long name: NPJPI141_01.dll Short name: NPJPI1~1.DLL Date (created): 22/05/2005 11:50:14 Date (last access): 30/10/2009 01:50:04 Date (last write): 30/09/2002 07:56:06 Filesize: 61548 Attributes: archive MD5: D16C9DD99512FB642DF311FDD365F55C CRC32: 92AC965E Version: 1.4.1.1 {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () DPF name: CLSID name: Installer: C:\WINDOWS\Downloaded Program Files\erma.inf Codebase: http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab description: classification: Open for discussion known filename: info link: info source: Safer Networking Ltd. {AE563720-B4F5-11D4-A415-00108302FDFD} () DPF name: CLSID name: Installer: Codebase: file://C:\Program Files\MDT6\InstBanr.ocx description: classification: Legitimate known filename: INSTBANR.OCX info link: info source: Safer Networking Ltd. {C6637286-300D-11D4-AE0A-0010830243BD} () DPF name: CLSID name: Installer: Codebase: file://C:\Program Files\MDT6\InstFred.ocx description: classification: Legitimate known filename: INSTFRED.OCX info link: info source: Safer Networking Ltd. {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.1_01) DPF name: Environnement d'exécution Java 1.4.1_01 CLSID name: Java Plug-in 1.4.1_01 Installer: Codebase: http://java.sun.com/products/plugin/1.4/ji...indows-i586.cab description: classification: Legitimate known filename: npjpi141_01.dll info link: info source: Safer Networking Ltd. Path: C:\Program Files\Java\j2re1.4.1_01\bin\ Long name: NPJPI141_01.dll Short name: NPJPI1~1.DLL Date (created): 22/05/2005 11:50:14 Date (last access): 30/10/2009 08:09:54 Date (last write): 30/09/2002 07:56:06 Filesize: 61548 Attributes: archive MD5: D16C9DD99512FB642DF311FDD365F55C CRC32: 92AC965E Version: 1.4.1.1 {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) DPF name: CLSID name: Shockwave Flash Object Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf Codebase: http://download.macromedia.com/pub/shockwa...ash/swflash.cab description: Macromedia Shockwave Flash Player classification: Legitimate known filename: info link: info source: Patrick M. Kolla Path: C:\WINDOWS\system32\Macromed\Flash\ Long name: Flash10b.ocx Short name: Date (created): 03/02/2009 03:07:18 Date (last access): 30/10/2009 03:12:30 Date (last write): 03/02/2009 03:07:18 Filesize: 3866528 Attributes: readonly archive MD5: 8AFC17155ED5AB60B7C52D7F553D579C CRC32: 0FBC13F3 Version: 10.0.22.87 {F281A59C-7B65-11D3-8617-0010830243BD} () DPF name: CLSID name: Installer: Codebase: file://C:\Program Files\MDT6\AcPreview.ocx description: classification: Legitimate known filename: ACPREV~1.OCX info link: info source: Safer Networking Ltd. --- Process list --- PID: 0 ( 0) [system] PID: 496 ( 4) \SystemRoot\System32\smss.exe size: 50688 PID: 568 ( 496) \??\C:\WINDOWS\system32\csrss.exe size: 6144 PID: 592 ( 496) \??\C:\WINDOWS\system32\winlogon.exe size: 512000 PID: 636 ( 592) C:\WINDOWS\system32\services.exe size: 111104 MD5: C3FB1D70CB88722267949694BA51759E PID: 648 ( 592) C:\WINDOWS\system32\lsass.exe size: 13312 MD5: 91E6024D6D4DCDECDB36C43ECF9BBECB PID: 800 ( 636) C:\WINDOWS\system32\Ati2evxx.exe size: 425984 MD5: 0EF8098B30264082F64CA4431CA68BB8 PID: 812 ( 636) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: E4BDF223CD75478BF44567B4D5C2634D PID: 884 ( 636) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: E4BDF223CD75478BF44567B4D5C2634D PID: 976 ( 636) C:\Program Files\Windows Defender\MsMpEng.exe size: 13592 MD5: F45DD1E1365D857DD08BC23563370D0E PID: 1016 ( 636) C:\WINDOWS\System32\svchost.exe size: 14336 MD5: E4BDF223CD75478BF44567B4D5C2634D PID: 1052 ( 636) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: E4BDF223CD75478BF44567B4D5C2634D PID: 1228 ( 636) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: E4BDF223CD75478BF44567B4D5C2634D PID: 1408 ( 636) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: E4BDF223CD75478BF44567B4D5C2634D PID: 1456 ( 592) C:\WINDOWS\system32\Ati2evxx.exe size: 425984 MD5: 0EF8098B30264082F64CA4431CA68BB8 PID: 1744 ( 636) C:\WINDOWS\system32\spoolsv.exe size: 57856 MD5: 460E4CE148BD07218DA0B6A3D31885A9 PID: 488 ( 636) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: E4BDF223CD75478BF44567B4D5C2634D PID: 112 ( 636) C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe size: 132424 MD5: 43DC4FC662DF064535E30B17C8B5AB00 PID: 700 ( 636) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe size: 312880 MD5: 5DCD235C061022BCDA9AA48670B64211 PID: 824 ( 636) C:\Program Files\Bonjour\mDNSResponder.exe size: 238888 MD5: 3F56903E124E820AEECE6D471583C6C1 PID: 940 ( 636) C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe size: 135168 MD5: E80FEAEA3F3E75B166ECE8E47CF0A7E9 PID: 1176 ( 636) C:\WINDOWS\System32\svchost.exe size: 14336 MD5: E4BDF223CD75478BF44567B4D5C2634D PID: 1696 ( 636) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: E4BDF223CD75478BF44567B4D5C2634D PID: 364 (1528) C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe size: 344064 MD5: 74A0B4382C82DE73BD309C778A8F4815 PID: 388 (1528) C:\WINDOWS\Dit.exe size: 90112 MD5: 38060C4DBB138721CB7757B91ABAA183 PID: 336 (1528) C:\WINDOWS\mHotkey.exe size: 508416 MD5: 94229807AD00A72B50195F1D3DFB205F PID: 1900 (1528) C:\WINDOWS\CNYHKey.exe size: 5794816 MD5: 785FD48CEC69D07BCD2C1B2C112F00C9 PID: 408 (1528) C:\WINDOWS\AGRSMMSG.exe size: 88209 MD5: 230EA041666125B6812FE3FF964B2DF3 PID: 428 (1528) C:\Program Files\Home Cinema\PowerCinema\PCMService.exe size: 81920 MD5: 890F7BD18750F3C41ADAA7303C326AD4 PID: 448 (1528) C:\Program Files\Windows Defender\MSASCui.exe size: 866584 MD5: 77C03BF23AE56B0A31AE4D5BB4B3D0AC PID: 952 (1528) C:\Program Files\Microsoft IntelliPoint\ipoint.exe size: 849280 MD5: F4E7979D8ADEBEEDEAD33019A5BD52BF PID: 1484 (1528) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe size: 30248 MD5: 792D0020117F2F6D3B433193BBAC555E PID: 1960 (1528) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe size: 663552 MD5: 7E6EFC5383FEF3EF852F2C7D41DEE83F PID: 2280 (1528) C:\Program Files\TF1Vision\TF1vision.exe size: 397312 MD5: 67F4CE7A350519B69A4DE226F2843C92 PID: 2384 (2204) C:\Program Files\Brother\ControlCenter3\brccMCtl.exe size: 536576 MD5: 47F73264CBAAC4981C3393BA8E4339CD PID: 2412 (1528) C:\Program Files\QuickTime\QTTask.exe size: 413696 MD5: 0AB3C83FCB8EF6F56E4FB22089F0D3B9 PID: 2436 (1528) C:\Program Files\iTunes\iTunesHelper.exe size: 342312 MD5: 6B0E8DEE62C0C9695C77F14482DDF178 PID: 2596 (1528) C:\Program Files\Windows Media Player\WMPNSCFG.exe size: 204288 MD5: 5011A24AECF4D573473BDC15EE84C178 PID: 2604 (1960) C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe size: 98304 MD5: 09622B465C5F98600CBA53B758A266F4 PID: 2744 (2664) C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe size: 133104 MD5: 37CE3F960BEEC755D0E04E4140E93638 PID: 3020 (1528) C:\Program Files\MSI\Bluetooth Software\BTTray.exe size: 507965 MD5: 037731588DE041A80BA15D558D976EB6 PID: 1580 ( 636) C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe size: 20480 MD5: 5A0C788C5BC5F2C993CB60940ADCF95E PID: 1120 ( 636) C:\Program Files\iPod\bin\iPodService.exe size: 656168 MD5: F055C1760ABFA52B159985E551EA0EDC PID: 2132 (1016) C:\WINDOWS\system32\wscntfy.exe size: 13824 MD5: 02DA31AB433A6C1110A736C85701DECA PID: 2520 ( 636) C:\WINDOWS\System32\alg.exe size: 44544 MD5: 5E9A6658A2A69AE7EB195113B7A2E7A9 PID: 2228 ( 592) C:\WINDOWS\explorer.exe size: 1037824 MD5: F2317622D29F9FF0F88AEECD5F60F0DD PID: 1420 (2228) C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Google\Chrome\Application\chrome.exe size: 919024 MD5: B4A3C03641392FAC6BE9AEDE2A752548 PID: 1940 (1420) C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Google\Chrome\Application\chrome.exe size: 919024 MD5: B4A3C03641392FAC6BE9AEDE2A752548 PID: 1012 (3900) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe size: 5365592 MD5: 0477C2F9171599CA5BC3307FDFBA8D89 PID: 4 ( 0) System --- Browser start & search pages list --- Spybot - Search & Destroy browser pages report, 30/10/2009 08:09:53 HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page C:\WINDOWS\system32\blank.htm HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page http://home.neuf.fr/ HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@ http://home.microsoft.com/access/autosearch.asp?p=%s HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page C:\WINDOWS\system32\blank.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page http://go.microsoft.com/fwlink/?LinkId=54896 HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page http://go.microsoft.com/fwlink/?LinkId=69157 HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL http://go.microsoft.com/fwlink/?LinkId=69157 HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL http://go.microsoft.com/fwlink/?LinkId=54896 HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm --- Winsock Layered Service Provider list --- --- Uninstall list --- Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal) uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG publisher: Lavasoft help link: http://www.lavasoft.com (AddressBook) Adobe Flash Player 10 ActiveX 10.0.22.87 (Adobe Flash Player ActiveX) uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe publisher: Adobe Systems Incorporated help link: http://www.adobe.com/go/flashplayer_support/ Adobe Flash Player 10 Plugin 10.0.32.18 (Adobe Flash Player Plugin) uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe publisher: Adobe Systems Incorporated Adobe SVG Viewer 3.0 3.0 (Adobe SVG Viewer) version (major): 3 install location: C:\WINDOWS\system32\Adobe\SVG Viewer 3.0 uninstall cmd: C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log publisher: Adobe Systems, Inc. Agere Systems PCI Soft Modem (Agere Systems Soft Modem) uninstall cmd: agrsmdel ATI - Utilitaire de désinstallation du logiciel 6.14.10.1010 (All ATI Software) install location: C:\Program Files\ATI Technologies\UninstallAll uninstall cmd: C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe AnswerWorks Runtime (AnswerWorks) uninstall cmd: C:\WINDOWS\IsUninst.exe -f"C:\Program Files\WexTech\AnswerWorks\Uninst.isu" Asus_LCD_ScreenSaver 1.0.0001 (Asus_LCD_ScreenSaver) version: 16777217 install date: 2008/10/31 uninstall cmd: "C:\WINDOWS\ASUS LCD ScreenSaver Uninstaller.exe" publisher: ASUS ATI Display Driver 8.081-041124a1-019779C-Medion (ATI Display Driver) uninstall cmd: rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean (Branding) C-Media 3D Audio (C-Media Audio) uninstall cmd: C:\WINDOWS\CMIUnInstall.exe C-Media WDM Audio Driver (C-Media Audio Driver) uninstall cmd: C:\WINDOWS\system32\cmirmdrv.exe CCleaner (remove only) (CCleaner) uninstall cmd: "C:\Program Files\CCleaner\uninst.exe" (DirectAnimation) (DirectDrawEx) (DXM_Runtime) eMule (eMule) uninstall cmd: "C:\Program Files\eMule\Uninstall.exe" (expinst) FastStone Image Viewer 2.0.5 2.0.5 (FastStone Image Viewer) uninstall cmd: C:\Program Files\FastStone Image Viewer\uninst.exe publisher: FastStone Soft. (Fontcore) USB Serial Converter Drivers (FTDICOMM) uninstall cmd: C:\WINDOWS\system32\ftdiun2k.exe C:\WINDOWS\system32\ft2kunin.ini Outil de mise à jour Google 2.4.1536.6592 (Google Updater) version (major): 2 version (minor): 4 install location: C:\Program Files\Google\Google Updater uninstall cmd: "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall publisher: Google Inc. help link: http://pack.google.com:80/pack-support?hl=fr&gl=fr HijackThis 2.0.2 2.0.2 (HijackThis) uninstall cmd: "C:\hijackthis\HijackThis.exe" /uninstall publisher: TrendMicro ICE Book Reader Professional 8.2 8.2 (ICE Book Reader Professional) uninstall cmd: C:\Program Files\ICE Book Reader Professional\uninst.exe publisher: ICE Graphics (ICW) Microsoft Internationalized Domain Names Mitigation APIs (IDNMitigationAPIs) install date: 20080402 uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" publisher: Microsoft Corporation (IE40) (IE4Data) (IE5BAKEX) Windows Internet Explorer 7 20070813.185237 (ie7) install date: 20080402 publisher: Microsoft Corporation help link: http://www.microsoft.com/ie Windows Internet Explorer 8 20090308.140743 (ie8) install date: 20090716 uninstall cmd: "C:\WINDOWS\ie8\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://www.microsoft.com/ie (IEData) Install Creator (Install Creator) uninstall cmd: C:\Program Files\Install Creator\Uninstal.exe InterActual Player (InterActual Player) uninstall cmd: C:\Program Files\InterActual\InterActual Player\inuninst.exe (KB884016) (KB884267) (KB885353) (KB885884) (KB886612) (KB887078) (KB887626) (KB888656) (KB889858) (KB891122) Windows Genuine Advantage Validation Tool (KB892130) (KB892130) install date: 20070618 publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=892130 (KB892313) (KB893240) (KB893241) (KB893803) (KB895181) (KB895316) (KB895572) (KB897586) (KB898549) (KB900399) (KB902344) (KB907658) (KB911565) (KB911854) (KB928365.T1_1ToU569_1) (KB929399) (KB936782_WMP11) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) 1 (KB938127-IE7) install date: 20080827 uninstall cmd: "C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=938127 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2) 2 (KB938127-v2-IE7) install date: 20080827 uninstall cmd: "C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=938127-v2 (KB939683) (KB941569) (KB950762) (KB950974) (KB951066) (KB951376-v2) (KB951698) (KB951748) (KB952287) (KB952954) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838) 1 (KB953838-IE7) install date: 20080827 uninstall cmd: "C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=953838 Hotfix for Windows XP (KB954550-v5) 5 (KB954550-v5) install date: 20090823 publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=954550 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390) 1 (KB956390-IE7) install date: 20081016 uninstall cmd: "C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=956390 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215) 1 (KB958215-IE7) install date: 20081213 uninstall cmd: "C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=958215 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714) 1 (KB960714-IE7) install date: 20081219 uninstall cmd: "C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=960714 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260) 1 (KB961260-IE7) install date: 20090211 uninstall cmd: "C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=961260 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027) 1 (KB963027-IE7) install date: 20090419 uninstall cmd: "C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=963027 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897) 1 (KB969897-IE7) install date: 20090612 uninstall cmd: "C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=969897 Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897) 1 (KB969897-IE8) install date: 20090716 uninstall cmd: "C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=969897 Mise à jour pour Windows Internet Explorer 8 (KB971930) 1 (KB971930-IE8) install date: 20090716 uninstall cmd: "C:\WINDOWS\ie8updates\KB971930-IE8\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=971930 Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961) 1 (KB971961-IE8) install date: 20090910 uninstall cmd: "C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=971961 Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260) 1 (KB972260-IE8) install date: 20090807 uninstall cmd: "C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=972260 Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455) 1 (KB974455-IE8) install date: 20091014 uninstall cmd: "C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=974455 (KBKB890927) Microsoft .NET Framework 1.1 Security Update (KB953297) (M953297) uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Macromedia Shockwave Player (Macromedia Shockwave Player) uninstall cmd: C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log Malwarebytes' Anti-Malware (Malwarebytes' Anti-Malware_is1) install date: 20091026 install location: C:\Program Files\Malwarebytes' Anti-Malware\ uninstall cmd: "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" publisher: Malwarebytes Corporation help link: http://www.malwarebytes.org Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033)) uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm (Microsoft .NET Framework 2.0) Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA (Microsoft .NET Framework 2.0 Language Pack - FRA) install location: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=45396 Microsoft .NET Framework 3.5 SP1 (Microsoft .NET Framework 3.5 SP1) install location: C:\WINDOWS\Microsoft.NET\Framework\v3.5\ uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=120337 (Microsoft Interactive Training) uninstall cmd: C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu (MobileOptionPack) Microsoft Money 14 (Money2005b) uninstall cmd: C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120 publisher: Microsoft comments: La base de données d'installation contient la logique et les données requises pour installer Money. help link: http://support.microsoft.com help telephone: 0 825 827 829 Mozilla Firefox (3.0.14) 3.0.14 (fr) (Mozilla Firefox (3.0.14)) install location: C:\Program Files\Mozilla Firefox uninstall cmd: C:\Program Files\Mozilla Firefox\uninstall\helper.exe publisher: Mozilla comments: Mozilla Firefox (MPlayer2) Microsoft Compression Client Pack 1.0 for Windows XP 1 (MSCompPackV1) install date: 20081009 uninstall cmd: "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=74087 (MSI30-Beta1) (MSI30-Beta2) (MSI30-KB884016) (MSI30-RC1) (MSI30-RC2) (MSI30a-KB884016) (MSI31-Beta) (MSI31-RC1) MSN (MSNINST) uninstall cmd: C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP (Nero - Burning Rom!UninstallKey) uninstall cmd: C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL Nero Suite (NeroMultiInstaller!UninstallKey) uninstall cmd: C:\Program Files\Fichiers communs\Ahead\Uninstall\setup.exe /uninstall ExtraUninstallID="" (NeroVision!UninstallKey) uninstall cmd: C:\WINDOWS\UNNeroVision.exe /UNINSTALL (NetMeeting) Neuf - Kit de connexion 7.2.12.0 (Neuf_Kit) uninstall cmd: C:\Program Files\Neuf\Kit\uninstall.exe publisher: Neuf help link: http://abonnes.neuf.fr help telephone: 0892 222 109 Microsoft National Language Support Downlevel APIs (NLSDownlevelMapping) install date: 20080402 uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" publisher: Microsoft Corporation (NMPUninstallKey) uninstall cmd: C:\WINDOWS\UNNMP.exe /UNINSTALL NVIDIA Drivers (NVIDIA Drivers) uninstall cmd: C:\WINDOWS\system32\NVUNINST.EXE UninstallGUI Winamp Remote 2.2008.0508.1530 (Orb) uninstall cmd: "C:\Program Files\Winamp Remote\uninstall.exe" publisher: Orb Networks (OutlookExpress) PC Pitstop Optimize 1.5 1.5.14.0 (PC Pitstop Optimize_is1) install date: 20080405 install location: C:\Program Files\PCPitstop\Optimize\ uninstall cmd: "C:\Program Files\PCPitstop\Optimize\unins000.exe" publisher: PC Pitstop LLC help link: http://www.pcpitstop.com/faq/Optimize.asp (PCHealth) uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Piky Basket 2.0 (Piky Basket_is1) uninstall cmd: "C:\Program Files\Conceptworld\Piky\unins000.exe" publisher: Conceptworld Corporation help link: http://www.conceptworld.com/ PokerFROnline (PokerFROnline) uninstall cmd: C:\PROGRA~1\POKERF~1\UNWISE.EXE C:\PROGRA~1\POKERF~1\INSTALL.LOG (SchedulingAgent) (Shockwave) µTorrent 1.6.1 (uTorrent) install location: C:\Program Files\uTorrent uninstall cmd: "C:\Program Files\uTorrent\uninstall.exe" VLC media player 0.9.6 0.9.6 (VLC media player) uninstall cmd: C:\Program Files\VideoLAN\VLC\uninstall.exe publisher: VideoLAN Team Windows Genuine Advantage Validation Tool (KB892130) 1.7.0069.2 (WGA) install location: %SYSTEMROOT%\system32 publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=892130 Windows Genuine Advantage Notifications (KB905474) 1.7.0018.5 (WgaNotify) install date: 20060710 publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=905474 (WIC) Winamp 5.541 (Winamp) uninstall cmd: "C:\Program Files\Winamp\UninstWA.exe" publisher: Nullsoft, Inc help link: http://forums.winamp.com Windows Media Format 11 runtime (Windows Media Format Runtime) uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll help link: http://go.microsoft.com/fwlink/?LinkId=62768 Lecteur Windows Media 11 (Windows Media Player) uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Windows XP Service Pack 3 20080413.144513 (Windows XP Service) install date: 20080918 uninstall cmd: "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=936929 (Windows XP Service Pack) Archiveur WinRAR (WinRAR archiver) uninstall cmd: C:\Program Files\WinRAR\uninstall.exe (WMCSetup) Windows Media Format 11 runtime (WMFDist11) install date: 20070311 uninstall cmd: "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http: Windows Media Player 11 (wmp11) install date: 20070311 uninstall cmd: "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http: X10 Hardware (X10Hardware) uninstall cmd: C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log (Yahoo! Anti-Spy) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 9.0.30729.4148 ({002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) version: 151025673 version (major): 9 estimated size: 149 install date: 20090807 install source: f:\38a06fc11637f8678d\ uninstall cmd: MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} publisher: Microsoft Corporation MSXML4 Parser 1.0.0 ({01501EBA-EC35-4F9F-8889-3BE346E5DA13}) version: 16777216 version (major): 1 estimated size: 1357 install date: 20060822 install source: C:\PROGRA~1\MICROS~2\AGEOFM~1\ uninstall cmd: MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13} publisher: Microsoft Game Studios contact: Microsoft Game Studios 1.0 ({01958032-9877-4118-B87F-9EFA74B3F15F}) version: 16777216 version (major): 1 install location: C:\Program Files\Adobe\Adobe Version Cue install source: h:\ADOBEC~3\ADOBEV~B uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01958032-9877-4118-B87F-9EFA74B3F15F}\setup.exe" -l0x40c publisher: Adobe Systems, Inc. USB MODEM Driver ({042E2C9D-6647-4C5F-9CEF-387D72023128}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{042E2C9D-6647-4C5F-9CEF-387D72023128}\setup.exe" -l0x9 UNINSTALL Bonjour 1.0.106 ({07287123-B8AC-41CE-8346-3D777245C35B}) version: 16777322 version (major): 1 estimated size: 497 install date: 20090508 install location: C:\Program Files\Bonjour\ install source: C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Apple\Apple Software Update\ uninstall cmd: MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} publisher: Apple Inc. contact: Assistance AppleCare help link: http://www.apple.com/fr/support/ help telephone: (33) 0825 888 024 ATI Control Panel 6.14.10.5134 ({0BEDBD4E-2D34-47B5-9973-57E62B29307C}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" Microsoft IntelliPoint 6.1 6.10.156.0 ({0E4BC542-9CFD-4E97-B586-9F1E5516E7B9}) version: 101318812 version (major): 6 version (minor): 10 estimated size: 11728 install date: 20080328 install source: G:\ipoint\setup\ publisher: Microsoft help link: http://support.microsoft.com/ Java 2 Runtime Environment, SE v1.4.1_01 ({1666FA7C-CB5F-11D6-A78C-00B0D079AF64}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1666FA7C-CB5F-11D6-A78C-00B0D079AF64}\setup.exe" Anytext OpenMG Jukebox ({1C877DA0-5EFF-11D4-9254-0000F460E7A9}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1C877DA0-5EFF-11D4-9254-0000F460E7A9}\setup.exe" -l0x40c UNINSTALL TF1Vision version 1.3.1.5 1.3.1.5 ({1D66CBE2-F5A1-4BBB-A842-B32CC295D6AF}_is1) install date: 20081009 install location: C:\Program Files\TF1Vision\ uninstall cmd: "C:\Program Files\TF1Vision\unins001.exe" publisher: e-TF1 / 1-Click Media LifeFrame2 2.0.22 ({1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) version: 33554454 version (major): 2 estimated size: 10170 install date: 20081031 install source: G:\LifeFrame\data\ uninstall cmd: MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158} publisher: ASUS contact: ASUS Google Earth 4.2.205.5730 ({1E04F83B-2AB9-4301-9EF7-E86307F79C72}) version: 67240141 version (major): 4 version (minor): 2 estimated size: 34092 install date: 20080329 install location: C:\Program Files\Google\Google Earth\ install source: C:\WINDOWS\TEMP\{0AD9D839-1B7F-4653-AA12-BCF71A73CDED}\ uninstall cmd: MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72} publisher: Google QuickTime 7.60.92.0 ({216AB108-2AE1-4130-B3D5-20B2C4C80F8F}) version: 121372764 version (major): 7 version (minor): 60 estimated size: 76133 install date: 20090508 install location: C:\Program Files\QuickTime\ install source: C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Apple\Apple Software Update\ uninstall cmd: MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F} publisher: Apple Inc. contact: Assistance AppleCare help link: http://www.apple.com/fr/support/ help telephone: (33) 0825 888 024 PowerCinema 3.0 ({2637C347-9DAD-11D6-9EA2-00055D0CA761}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" -uninstall CS 7.0.2 ({2C0DAEA5-826C-4A76-B176-56959B99D3F0}) version (major): 7 install location: C:\Program Files\Adobe\Adobe GoLive CS install source: h:\ADOBEC~2\ADOBEG~4 uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C0DAEA5-826C-4A76-B176-56959B99D3F0}\setup.exe" -l0x40c publisher: Adobe Systems, Inc. 3.1.20081127 ({2CCBABCB-6427-4A55-B091-49864623C43F}) version: 20081127 version (major): 3 version (minor): 1 J2SE Runtime Environment 5.0 Update 1 1.5.0.10 ({3248F0A8-6813-11D6-A77B-00B0D0150010}) version: 17104896 version (major): 1 version (minor): 5 estimated size: 153973 install date: 20050308 install source: C:\Documents and Settings\Propriétaire\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150010}\ uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150010} publisher: Sun Microsystems, Inc. contact: http://java.com help link: http://java.com readme: C:\Program Files\Java\jre1.5.0_01\README.txt PaperPort Image Printer 1.00.0000 ({332CC6BF-E6C7-48EE-BA3D-435E576AD67F}) version: 16777216 version (major): 1 estimated size: 2032 install date: 20080920 install location: C:\Program Files\Nuance\Image Printer\ install source: G:\paperport\PaperPort\PrinterDriver\system32\ uninstall cmd: MsiExec.exe /X{332CC6BF-E6C7-48EE-BA3D-435E576AD67F} publisher: Nuance Communications, Inc. MSXML 4.0 SP2 (KB927978) 4.20.9841.0 ({37477865-A3F1-4772-AD43-AAFC6BCFF99F}) version: 68429425 version (major): 4 version (minor): 20 estimated size: 2625 install date: 20061115 install source: d:\7dfe7c412a51fd46c37c4cfc124b\ uninstall cmd: MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} publisher: Microsoft Corporation help link: http://support.microsoft.com/kb/927978 CS ({416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}) version: 50331648 version (major): 3 install location: C:\Program Files\Adobe\Adobe InDesign CS install source: h:\ADOBEC~2\ADOBEI~6\ uninstall cmd: RunDll32 "C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}\zidxp.exe" publisher: Adobe Systems Incorporated Visionneuse Journal Windows Microsoft 1.5.2315.3 ({43DCF766-6838-4F9A-8C91-D92DA586DFA7}) version: 17107211 version (major): 1 version (minor): 5 estimated size: 3555 install date: 20050308 install source: C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\IXP000.TMP\ uninstall cmd: MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7} publisher: Microsoft comments: Visionneuse de documents créés avec l'application Journal Windows. contact: Microsoft USB PC Camera (SN9C102) 4.14.0.0 ({57383270-6F61-4DC8-A9B8-C1745FC29F38}) version: 68026368 install location: C:\Program Files\Sonix\USB PC Camera (SN9C102) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57383270-6F61-4DC8-A9B8-C1745FC29F38}\Setup.exe" -l0x9 Mechanical Desktop 6 6.0.18.3 ({5783F2D7-0103-0409-0000-0060B0CE6BBA}) version: 100663314 version (major): 6 estimated size: 496221 install date: 20051121 install source: G:\ uninstall cmd: MsiExec.exe /I{5783F2D7-0103-0409-0000-0060B0CE6BBA} publisher: Autodesk iTunes 8.1.1.10 ({5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}) version: 134283265 version (major): 8 version (minor): 1 estimated size: 111673 install date: 20090508 install location: C:\Program Files\iTunes\ install source: C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Apple\Apple Software Update\ uninstall cmd: MsiExec.exe /I{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3} publisher: Apple Inc. contact: Assistance AppleCare help link: http://www.apple.com/fr/support/ help telephone: +33 (0) 825 888 024 PowerDVD ({6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) 8.1.2 ({6846389C-BAC0-4374-808E-B120F86AF5D7}) version: 134283266 version (major): 8 version (minor): 1 estimated size: 8180 install date: 20081015 install location: C:\Program Files\Adobe\Security Update\ install source: C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Adobe\Updater5\Install\reader8rdr-fr_FR\ uninstall cmd: MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7} publisher: Adobe Systems, Inc comments: Your Comments contact: Customer Support Department help link: http://www.Adobe.com help telephone: 1-555-555-4505 Apple Software Update 2.1.1.116 ({6956856F-B6B3-4BE0-BA0B-8F495BE32033}) version: 33619969 version (major): 2 version (minor): 1 estimated size: 2208 install date: 20080920 install location: C:\Program Files\Apple Software Update\ install source: C:\DOCUME~1\DELAPA~1\LOCALS~1\Temp\IXP375.TMP\ uninstall cmd: MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} publisher: Apple Inc. contact: Assistance AppleCare help link: http://www.apple.com/fr/support/ help telephone: 0825 888 024 MSXML 4.0 SP2 Parser and SDK 4.20.9818.0 ({716E0306-8318-4364-8B8F-0CC4E9376BAC}) version: 68429402 version (major): 4 version (minor): 20 estimated size: 1259 install date: 20060822 install source: C:\Documents and Settings\DELAPAMPA\Bureau\ uninstall cmd: MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC} publisher: Microsoft Corporation help link: http://www.msdn.microsoft.com/xml Utilitaire de sauvegarde Windows 5.1 ({76EFFC7C-17A6-479D-9E47-8E658C1695AE}) version: 83951616 version (major): 5 version (minor): 1 estimated size: 1273 install date: 20050308 install source: C:\Documents and Settings\Propriétaire\Bureau\ uninstall cmd: MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE} publisher: Microsoft Corporation help link: http://www.microsoft.com/management MSXML 4.0 SP2 (KB954430) 4.20.9870.0 ({86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) version: 68429454 version (major): 4 version (minor): 20 estimated size: 2729 install date: 20081112 install source: f:\d379ddc1a04febe48b04c9c8\ uninstall cmd: MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} publisher: Microsoft Corporation help link: http://support.microsoft.com/kb/954430 Microsoft Office Professional Edition 2003 11.0.8173.0 ({9011040C-6000-11D3-8CFE-0150048383C9}) version: 184557549 version (major): 11 estimated size: 837899 install date: 20091014 install source: G:\ uninstall cmd: MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9} publisher: Microsoft Corporation help link: http://www.microsoft.com/support readme: C:\Program Files\Microsoft Office\OFFICE11\1036\OFREADME.HTM Compatibility Pack for the 2007 Office system 12.0.6215.1000 ({90120000-0020-040C-0000-0000000FF1CE}) version: 201332807 version (major): 12 estimated size: 186969 install date: 20091020 install source: C:\Program Files\MSECache\O2007Cnv\1036\ uninstall cmd: MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE} publisher: Microsoft Corporation help link: http://www.microsoft.com/support Microsoft Outlook 2002 10.0.6626.0 ({911A040C-6000-11D3-8CFE-0050048383C9}) version: 167778786 version (major): 10 estimated size: 151480 install date: 20091014 install source: G:\OUTLOOK\ uninstall cmd: MsiExec.exe /I{911A040C-6000-11D3-8CFE-0050048383C9} publisher: Microsoft Corporation help link: http://www.microsoft.com/support readme: C:\Program Files\Microsoft Office\Office10\1036\OFREAD10.HTM 11 ({91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}) version: 184549376 version (major): 11 install location: C:\Program Files\Adobe\Adobe Illustrator CS install source: "h:\ADOBEC~3\ADOBEI~7" uninstall cmd: RunDll32 "C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}\setup.exe" publisher: Adobe Systems, Inc. Clé Internet de prêt 1.0.0.1 ({93D34EE3-99B3-4DB1-8B0A-0A657466F90D}) version: 16777216 install date: 20090724 install location: C:\Program Files\Clé Internet de prêt install source: L:\installer\ uninstall cmd: "C:\Program Files\InstallShield Installation Information\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}\setup.exe" -runfromtemp -l0x040c -removeonly Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 9.0.30729 ({9A25302D-30C0-39D9-BD6F-21E6EC160475}) version: 151025673 version (major): 9 estimated size: 10524 install date: 20090630 install source: f:\20c2d3f676ff3f0c66\ uninstall cmd: MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} publisher: Microsoft Corporation Microsoft .NET Framework 1.1 French Language Pack 1.1.4322 ({9A394342-4A68-4EBA-85A6-55B559F4E700}) version: 16847074 version (major): 1 version (minor): 1 estimated size: 3138 install date: 20050308 install source: C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\IXP000.TMP\ uninstall cmd: MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} publisher: Microsoft readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1036\RepairRedist.htm Bluetooth Remote Control 0.7.0 ({9B5E5DFB-73C0-4B08-BCBF-BE97AE42993A}) version: 458752 version (minor): 7 estimated size: 3749 install date: 20070620 install source: C:\Documents and Settings\DELAPAMPA\Bureau\ uninstall cmd: MsiExec.exe /I{9B5E5DFB-73C0-4B08-BCBF-BE97AE42993A} publisher: Orion comments: Bluetooth Remote Control for Windows Mobile contact: Jérôme Laban Windows Defender 1.1.1593.21 ({A06275F4-324B-4E85-95E6-87B2CD729401}) version: 16844345 version (major): 1 version (minor): 1 estimated size: 9838 install date: 20070619 install source: C:\Documents and Settings\DELAPAMPA\Local Settings\Temporary Internet Files\Content.IE5\NWQ4XJVT\ uninstall cmd: MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401} publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=55273 Microsoft .NET Framework 3.0 Service Pack 2 3.2.30729 ({A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) version: 50493449 version (major): 3 version (minor): 2 estimated size: 184293 install date: 20090830 install source: f:\62b3de1f88eff48fcec067\dotnetfx30\ uninstall cmd: MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=98075 ({A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB958483) Brother MFL-Pro Suite 1.00 ({A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}) version: 16777216 install date: 20080920 install location: C:\Program Files\Brother\Brmfl07a install source: G:\mflpro\Data\Disk1\ uninstall cmd: "C:\Program Files\InstallShield Installation Information\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Setup.exe" -runfromtemp -l0x040c Brunin03.dll -removeonly publisher: Brother Industries, Ltd. Pando 2.3.0001 ({AB480DA0-7EE9-465D-9C12-4CDE65BF18FB}) version: 33751041 version (major): 2 version (minor): 3 estimated size: 7537 install date: 20090315 install location: C:\Program Files\Pando Networks\Pando\ install source: C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\{02D6B647-B652-4FF2-875E-268CD3382FB2}\ uninstall cmd: MsiExec.exe /I{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB} publisher: Pando Networks Inc. 006.000.000 ({AC76BA86-1033-F400-7760-000000000001}) version: 100663296 version (major): 6 estimated size: 276700 install date: 20050519 install location: C:\Program Files\Adobe\Adobe Acrobat 6.0 install source: h:\ADOBEC~2\ADOBEA~2.0\ uninstall cmd: MsiExec.exe /I{AC76BA86-1033-F400-7760-000000000001} publisher: Adobe Systems comments: Balise d'emplacement des commentaires ARP pour Acrobat. contact: Support clientèle help link: http://www.adobe.com/support/main.html help telephone: 1-800-833-6687 readme: C:\Program Files\Adobe\Adobe Acrobat 6.0\Readme.htm Adobe Reader 8.1.2 - Français 8.1.2 ({AC76BA86-7AD7-1036-7B44-A81200000003}) version: 134283266 version (major): 8 version (minor): 1 estimated size: 102743 install date: 20080711 install source: C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Adobe\Updater5\Install\reader8rdr-fr_FR\ uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003} publisher: Adobe Systems Incorporated comments: contact: Support clientèle help link: http://www.adobe.fr/support/main.html readme: [iNSTALLDIR]Reader\Lisezmoi.htm Adobe Reader 8.1.2 Security Update 1 (KB403742) ({AC76BA86-7AD7-1036-7B44-A81200000003}_Adobe Reader 8.1.2 - Français) help link: http://www.adobe.com/go/kb403742 Apple Mobile Device Support 2.4.1.7 ({AFA20D47-69C3-4030-8DF8-D37466E70F13}) version: 33816577 version (major): 2 version (minor): 4 estimated size: 40965 install date: 20090508 install location: C:\Program Files\Fichiers communs\Apple\Mobile Device Support\ install source: C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Apple\Apple Software Update\ uninstall cmd: MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13} publisher: Apple Inc. contact: Assistance AppleCare help link: http://www.apple.com/fr/support/ help telephone: 1-800-275-2273 TF1Vision version 1.3.1.4 1.3.1.4 ({B1F535AE-F732-44bd-9B6D-0712403945DF}_is1) install date: 20070902 install location: C:\Program Files\TF1Vision\ uninstall cmd: "C:\Program Files\TF1Vision\unins000.exe" publisher: e-TF1 / 1-Click Media Spybot - Search & Destroy 1.6.2 ({B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) install date: 20090831 install location: C:\Program Files\Spybot - Search & Destroy\ uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe" publisher: Safer Networking Limited help link: http://www.safer-networking.org/index.php?page=support ScanSoft PaperPort 11 11.1.0000 ({B6C89654-A6A2-477C-873B-724EC1C56407}) version: 184614912 version (major): 11 version (minor): 1 estimated size: 131602 install date: 20080920 install source: G:\paperport\PaperPort\ uninstall cmd: MsiExec.exe /I{B6C89654-A6A2-477C-873B-724EC1C56407} publisher: Nuance Communications, Inc. comments: SE,PP-0657-056-7121.1 help link: http://www.scansoft.fr PowerProducer ({B7A0CE06-068E-11D6-97FD-0050BACBF861}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall Windows Live Messenger 8.5.1302.1018 ({BADF6744-3787-48F6-B8C9-4C4995401D65}) version: 134546710 version (major): 8 version (minor): 5 estimated size: 32205 install date: 20080927 install source: C:\Program Files\Fichiers communs\WindowsLiveInstaller\MsiSources\ uninstall cmd: MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} publisher: Microsoft Corporation MSXML 4.0 SP2 (KB936181) 4.20.9848.0 ({C04E32E0-0416-434D-AFB9-6969D703A9EF}) version: 68429432 version (major): 4 version (minor): 20 estimated size: 2680 install date: 20070814 install source: c:\29b57d7de9809cb2689d\ uninstall cmd: MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} publisher: Microsoft Corporation help link: http://support.microsoft.com/kb/936181 Microsoft .NET Framework 2.0 Service Pack 2 2.2.30729 ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) version: 33716233 version (major): 2 version (minor): 2 estimated size: 188885 install date: 20091014 install source: f:\62b3de1f88eff48fcec067\dotnetfx20\ uninstall cmd: MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=98073 ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB200003) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB431780) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB946922) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB947748) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB949272) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB952137) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB952677) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB953300) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB953990) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB954832) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB956860) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957541) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957542) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957543) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB958129) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB958481) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB960043) ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB974417) Athlon 64 Processor Driver 1.1.0.18 ({C151CE54-E7EA-4804-854B-F515368B0798}) version: 16842752 install location: C:\Program Files\AMD\Athlon 64 Processor Driver uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x40c Microsoft Plus! Digital Media Edition 1.00.00.2239 ({C6A7AF96-4EB1-4AAE-8318-1AB393C64F88}) version: 16777216 version (major): 1 estimated size: 57972 install date: 20050615 install source: C:\DOCUME~1\DELAPA~1\LOCALS~1\Temp\Plus! Digital Media Edition Setup\ uninstall cmd: MsiExec.exe /I{C6A7AF96-4EB1-4AAE-8318-1AB393C64F88} publisher: Microsoft Corporation help link: C:\Program Files\Microsoft Plus! Digital Media Edition\Support.htm help telephone: readme: C:\Program Files\Microsoft Plus! Digital Media Edition\Readme.htm Microsoft .NET Framework 1.1 1.1.4322 ({CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) version: 16847074 version (major): 1 version (minor): 1 estimated size: 91719 install date: 20091014 install source: C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\IXP000.TMP\ uninstall cmd: MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} publisher: Microsoft readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm Microsoft .NET Framework 3.5 SP1 3.5.30729 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}) version: 50690057 version (major): 3 version (minor): 5 estimated size: 75592 install date: 20090902 install source: C:\WINDOWS\TEMP\IXP04B7C.tmp\dotnetfx35\x86\ uninstall cmd: MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} publisher: Microsoft Corporation ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB350003) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) 1 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595) uninstall cmd: C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" publisher: Microsoft Corporation comments: This hotfix is for Microsoft .NET Framework 3.5 SP1. If you later install a more recent service pack, this hotfix will be uninstalled automatically. For more information, visit http://support.microsoft.com/kb/953595. help link: http://support.microsoft.com/kb/953595 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) 1 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484) uninstall cmd: C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" publisher: Microsoft Corporation comments: This hotfix is for Microsoft .NET Framework 3.5 SP1. If you later install a more recent service pack, this hotfix will be uninstalled automatically. For more information, visit http://support.microsoft.com/kb/958484. help link: http://support.microsoft.com/kb/958484 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB960043) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) 1 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) uninstall cmd: C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" publisher: Microsoft Corporation comments: This update is for Microsoft .NET Framework 3.5 SP1. If you later install a more recent service pack, this update will be uninstalled automatically. For more information, visit http://support.microsoft.com/kb/963707. help link: http://support.microsoft.com/kb/963707 USB Wireless Keyboard Driver ({D1955A3A-EA24-4682-8641-43B5B688B09A}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D1955A3A-EA24-4682-8641-43B5B688B09A}\Setup.exe" -l0x40c Assistant de connexion Windows Live 5.000.818.6 ({D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}) version: 83886898 version (major): 5 estimated size: 1981 install date: 20090306 install source: C:\WINDOWS\SoftwareDistribution\Download\c2fec5ba223b0b30f9857505707fd881\img\ uninstall cmd: MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} publisher: Microsoft Corporation Adobe Creative Suite 1.0 ({D52ECEBC-9B20-41A5-81C4-A62DE2367419}) version (major): 2 install location: C:\Program Files\Adobe uninstall cmd: C:\PROGRA~1\INSTAL~1\{D52EC~1\setup.exe /Relaunched=yes /Uninstall /Relaunched=yes publisher: Adobe Systems,Inc. Google Toolbar for Internet Explorer 4.0.0.002 ({DBEA1034-5882-4A88-8033-81C4EF0CFA29}) version: 67108864 version (major): 4 estimated size: 1096 install date: 20071114 install source: C:\Program Files\Google\Installers\ uninstall cmd: MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29} publisher: Google Inc. OpenMG Secure Module 3.0.03 ({E84D2015-4FEB-40CC-A2DD-1A6B8BAC2429}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E84D2015-4FEB-40CC-A2DD-1A6B8BAC2429}\setup.exe" UNINSTALL MicroStar Bluetooth Software 1.4.3.4 ({E98D6792-FC51-4187-9448-CA9BF893384E}) version: 17039363 version (major): 1 version (minor): 4 estimated size: 17286 install date: 20060720 install source: D:\Driver\Bluetooth\ uninstall cmd: MsiExec.exe /X{E98D6792-FC51-4187-9448-CA9BF893384E} publisher: MSI, Inc. help link: www.msi.com.tw help telephone: 886-2-3234-5599 readme: 0 Generic USB CardReader 2.0 ({EA1CB7AC-E221-4822-A789-0ADB051DC498}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA1CB7AC-E221-4822-A789-0ADB051DC498}\Setup.exe" -l0x9 -wUninst CS ({EFB21DE7-8C19-4A88-BB28-A766E16493BC}) version: 134217728 version (major): 8 install location: C:\Program Files\Adobe\Adobe Photoshop CS install source: h:\ADOBEC~3\ADOBEP~9\ uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c publisher: Adobe Systems, Inc. Microsoft .NET Framework 2.0 Language Pack - FRA 1.1.50727.42 ({F196AC50-7C95-42E1-9947-BDAB18BF3C8C}) version: 16893479 version (major): 1 version (minor): 1 estimated size: 9179 install date: 20080409 install source: C:\DOCUME~1\DELAPA~1\LOCALS~1\Temp\IXP000.TMP\ publisher: Microsoft Corporation Sony Net MD Help ({F6BECFE0-74CE-11D5-B8A3-00B0D0D26B88}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6BECFE0-74CE-11D5-B8A3-00B0D0D26B88}\setup.exe" UNINSTALL Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP 1.1.1905.1 ({FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}) version: 16844657 version (major): 1 version (minor): 1 estimated size: 2190 install date: 20050308 install location: C:\Program Files\HighMAT CD Writing Wizard\ install source: C:\WINDOWS\Downloaded Installations\{6424FD23-6544-48BF-99CA-0D0ADC911E1A}\ uninstall cmd: MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F} publisher: Microsoft Corporation readme: C:\Program Files\HighMAT CD Writing Wizard\1036\\HighMAT_readme.htm Windows Live installer 12.0.1471.1025 ({FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}) version: 201328063 version (major): 12 estimated size: 2324 install date: 20080927 install source: C:\DOCUME~1\DELAPA~1\LOCALS~1\Temp\{6CCC7F54-B8E8-4927-B68B-9297FB4D1D40}\ uninstall cmd: MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} publisher: Microsoft Corporation help link: http://get.live.com --- System Services --- Service (registry key): .NET CLR Data Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): .NET CLR Networking Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): .NET Data Provider for Oracle Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): .NET Data Provider for SqlServer Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): .NETFramework Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): 3xHybrid Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: 3xHybrid service Description: The hybrid capture driver Image path: system32\DRIVERS\3xHybrid.sys Image size: 945152 Image MD5: 97165948AF80EDA4A3015EB536A85818 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): Abiosdsk Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 0 Service (registry key): abp480n5 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Acc9srskwerg Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): ACPI Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote ACPI Microsoft Image path: system32\DRIVERS\ACPI.sys Image size: 188672 Image MD5: E5E6DBFC41EA8AAD005CB9A57A96B43B Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): ACPIEC Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): ADILOADER Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: General Purpose USB Driver (adildr.sys) Image path: System32\Drivers\adildr.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 2 Type: 1 Error Control: 1 Service (registry key): adiusbaw Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: USB ADSL WAN Adapter Image path: system32\DRIVERS\adiusbaw.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Adobe LM Service Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Adobe LM Service Description: Adobe LM Service Object name: LocalSystem Image path: "C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe" Image size: 68096 Image MD5: D01DD9E6A7DFE540181147A38B13F43A Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): AdobeVersionCue Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: AdobeVersionCue Object name: LocalSystem Image path: C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe Image size: 61440 Image MD5: FC9D93D13127E3252466D4A33039B54B Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): adpu160m Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): aec Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Suppresseur d'écho acoustique (Noyau Microsoft) Image path: system32\drivers\aec.sys Image size: 142592 Image MD5: 8BED39E3C35D6A489438B8141717A557 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): AFD Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: AFD Description: Environnement de prise en charge de réseau AFD Image path: \SystemRoot\System32\drivers\afd.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): AgereSoftModem Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Agere Systems Soft Modem Image path: system32\DRIVERS\AGRSM.sys Image size: 1066278 Image MD5: 029E01CB2938BEC5AF31BF47B6AF0159 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Aha154x Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): aic78u2 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): aic78xx Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Alerter Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Avertissement Description: Informe les utilisateurs et les ordinateurs sélectionnés des alertes administratives. Si ce service est arrêté, les programmes qui utilisent les alertes administratives ne les recevront pas. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 4 Type: 32 Error Control: 1 Depends On services: LanmanWorkstation Service (registry key): ALG Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service de la passerelle de la couche Application Description: Offre la prise en charge des plug-ins de protocoles tiers pour le Partage de connexion Internet et le Pare-feu Windows. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\alg.exe Image size: 44544 Image MD5: 5E9A6658A2A69AE7EB195113B7A2E7A9 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): AliIde Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): AmdK8 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de processeur AMD Image path: system32\DRIVERS\AmdK8.sys Image size: 43520 Image MD5: 08329F6AE482B184725D2E07E9A79E16 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): amsint Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Apple Mobile Device Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Apple Mobile Device Description: Fournit l’interface pour les appareils mobiles Apple. Object name: LocalSystem Image path: "C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" Image size: 132424 Image MD5: 43DC4FC662DF064535E30B17C8B5AB00 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: Tcpip Service (registry key): AppMgmt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Gestion d'applications Description: Fournit des services d'installation de logiciels tels que Attribuer, Publier et Supprimer. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Service (registry key): Arp1394 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Protocole client ARP 1394 Description: Protocole client ARP 1394 Image path: system32\DRIVERS\arp1394.sys Image size: 60800 Image MD5: B5B8A80875C1DEDEDA8B02765642C32F Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): asc Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): asc3350p Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): asc3550 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): ASP.NET Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): ASP.NET_1.1.4322 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): ASP.NET_2.0.50727 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): aspnet_state Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service d'état ASP.NET Description: Assure la prise en charge des états de session out-of-process pour ASP.NET. En cas d'interruption de ce service, les demandes out-of process ne sont pas traitées. En cas de désactivation du service, le démarrage de tout service qui dépend explicitement de ce service est impossible. Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe Image size: 34312 Image MD5: 0E5E4957549056E2BF2C49F4F6B601AD Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): AsyncMac Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de média asynchrone RAS Description: Pilote de média asynchrone RAS Image path: system32\DRIVERS\asyncmac.sys Image size: 14336 Image MD5: B153AFFAC761E7F5FCFA822B9C4E97BC Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): atapi Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Contrôleur de disque dur IDE/ESDI standard Image path: system32\DRIVERS\atapi.sys Image size: 96512 Image MD5: 9F3A2F5AA6875C72BF062C712CFA2674 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): Atdisk Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 0 Service (registry key): Ati HotKey Poller Registry path: \SYSTEM\CurrentControlSet\Services\ Object name: LocalSystem Image path: %SystemRoot%\system32\Ati2evxx.exe Image size: 425984 Image MD5: 0EF8098B30264082F64CA4431CA68BB8 Control Set: CurrentControlSet Start: 2 Type: 272 Error Control: 1 Service (registry key): ati2mtag Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\DRIVERS\ati2mtag.sys Image size: 872960 Image MD5: 2E51D4E1E03F9024828AD8B5BD55140B Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): atinrvxx Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ATI WDM Rage Theater Video Image path: system32\DRIVERS\atinrvxx.sys Image size: 105984 Image MD5: 74E104ADA8A304774713E9A9A9CB3556 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Atmarpc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Protocole client ATM ARP Description: Protocole client ATM ARP Image path: system32\DRIVERS\atmarpc.sys Image size: 59904 Image MD5: 9916C1225104BA14794209CFA8012159 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): AudioSrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Audio Windows Description: Gère les périphériques audio pour les programmes basés sur Windows. Si ce service est arrêté, les périphériques et les effets audio ne fonctionneront pas correctement. Si ce service est désactivé, les services en dépendant explicitement ne démarreront pas. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: PlugPlay,RpcSs Service (registry key): audstub Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote audio Stub Image path: system32\DRIVERS\audstub.sys Image size: 3072 Image MD5: D9F724AA26C010A217C97606B160ED68 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): AVG Anti-Spyware Driver Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: AVG Anti-Spyware Driver Image path: \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys Image size: 11000 Image MD5: D6F4C1450699901048818B0C3AAF7A17 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): AVG Anti-Spyware Guard Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: AVG Anti-Spyware Guard Object name: LocalSystem Image path: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe Image size: 312880 Image MD5: 5DCD235C061022BCDA9AA48670B64211 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Service (registry key): AvgAsCln Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: AVG Anti-Spyware Clean Driver Image path: System32\DRIVERS\AvgAsCln.sys Image size: 10872 Image MD5: 856B0CEE009946BF2D327E6B24FE7E3F Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): BattC Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Beep Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): BITS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service de transfert intelligent en arrière-plan Description: Transfère des fichiers en tâche de fond en utilisant la bande passante du réseau lors de ses périodes d'inactivité. Si le service est arrêté, des fonctionnalités telles que Windows Update et MSN Explorer ne pourront plus télécharger automatiquement des programmes et d'autres informations. Si ce service est désactivé, tous les services qui en dépendent explicitement peuvent présenter des problèmes de transfert de fichiers s'ils ne disposent pas d'un mécanisme sûr de remplacement pour transférer les fichier Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: Rpcss Service (registry key): Bonjour Service Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service Bonjour Description: Bonjour permet à des applications comme iTunes et Safari d’annoncer et de découvrir des services sur le réseau local. En gardant Bonjour en exécution, vous pouvez vous connecter à des périphériques comme l’Apple TV et à des services logiciels comme le partage iTunes et AirTunes. Si vous désactivez Bonjour, tous les services réseau qui en dépendent de manière explicite ne démarreront pas. Object name: LocalSystem Image path: "C:\Program Files\Bonjour\mDNSResponder.exe" Image size: 238888 Image MD5: 3F56903E124E820AEECE6D471583C6C1 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: Tcpip Service (registry key): Browser Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Explorateur d'ordinateur Description: Tient à jour une liste des ordinateurs présents sur le réseau et fournit cette liste aux ordinateurs désignés comme navigateurs. Si ce service est arrêté, la liste ne sera pas mise ou tenue à jour. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: LanmanWorkstation,LanmanServer Service (registry key): BrScnUsb Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Brother USB Still Image driver Image path: system32\DRIVERS\BrScnUsb.sys Image size: 15295 Image MD5: 92A964547B96D697E5E9ED43B4297F5A Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): btaudio Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Bluetooth Audio Device Image path: system32\drivers\btaudio.sys Image size: 16640 Image MD5: 760B30A34DC9A981A74255E080D4C95E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): BTDriver Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Bluetooth Virtual Communications Driver Image path: system32\DRIVERS\btport.sys Image size: 30235 Image MD5: 0AB3C8276DF52E50AEC183C2E70FD868 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): BTKRNL Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Bluetooth Protocol Stack Image path: system32\drivers\btkrnl.sys Image size: 1260106 Image MD5: 63CAD765A65D573F0C86964634C9B55E Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): btwdins Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Bluetooth Service Object name: LocalSystem Image path: C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe Image size: 135168 Image MD5: E80FEAEA3F3E75B166ECE8E47CF0A7E9 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): BTWDNDIS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Bluetooth LAN Access Server Image path: system32\DRIVERS\btwdndis.sys Image size: 146684 Image MD5: 93AD77D88D94B9CD00EB74AB965372B5 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): BTWUSB Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: WIDCOMM USB Bluetooth Driver Image path: System32\Drivers\btwusb.sys Image size: 52856 Image MD5: FED57FEC0FC5A6DB34F80E9D2EE2A671 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): CardReaderFilter Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Card Reader Filter Image path: \??\C:\WINDOWS\system32\Drivers\USBCRFT.SYS Image size: 17408 Image MD5: 66B71DD7794D3B8A88CCB645896D3E53 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): catchme Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \??\C:\ComboFix\catchme.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): cbidf2k Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): CCDECODE Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Décodeur sous-titre fermé Image path: system32\DRIVERS\CCDECODE.sys Image size: 17024 Image MD5: 0BE5AEF125BE881C4F854C554F2B025C Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): cd20xrnt Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Cdaudio Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): Cdfs Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 2 Error Control: 1 Depends On group: "SCSI CDROM Class" Service (registry key): Cdrom Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de CD-ROM Image path: system32\DRIVERS\cdrom.sys Image size: 62976 Image MD5: 1F4260CC5B42272D71F79E570A27A4FE Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Depends On group: "SCSI miniport" Service (registry key): Changer Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): CiSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service d'indexation Description: Construit un index des contenus et des propriétés des fichiers sur les ordinateurs locaux et distants ; fournit un accès rapide aux fichiers par le biais d'un langage d'interrogation flexible. Object name: LocalSystem Image path: %SystemRoot%\system32\cisvc.exe Image size: 5632 Image MD5: 793EF38A5FD086C3C8E48A8A861562ED Control Set: CurrentControlSet Start: 3 Type: 288 Error Control: 1 Depends On services: RPCSS Service (registry key): ClipSrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Gestionnaire de l'Album Description: Active le Gestionnaire de l'Album afin de stocker les informations et les partager avec des ordinateurs à distance. Si le service est arrêté, le Gestionnaire de l'Album ne pourra pas partager les informations avec des ordinateurs à distance. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: LocalSystem Image path: %SystemRoot%\system32\clipsrv.exe Image size: 33280 Image MD5: 8B30CBB0C07D49B2658FB190946B0E7E Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: NetDDE Service (registry key): clr_optimization_v2.0.50727_32 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: .NET Runtime Optimization Service v2.0.50727_X86 Description: Microsoft .NET Framework NGEN Object name: LocalSystem Image path: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe Image size: 69632 Image MD5: D87ACAED61E417BBA546CED5E7E36D9C Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 0 Service (registry key): CmdIde Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): cmuda Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: C-Media WDM Audio Interface Image path: system32\drivers\cmuda.sys Image size: 804800 Image MD5: B7D9E7D64C1FD830856807E63356178D Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): COMSysApp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Application système COM+ Description: Gère la configuration et le suivi des composants de base COM+ (Component Object Model) . Si le service est arrêté, la plupart des composants de base COM+ ne fonctionneront pas correctement. Si ce service est désactivé, les services qui en dépendent de manière explicite ne pourront pas démarrer. Object name: LocalSystem Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} Image size: 5120 Image MD5: 0DAD93BB0FECF5016AE3C06CBB0A873B Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: rpcss Service (registry key): ContentFilter Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): ContentIndex Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Cpqarray Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): CryptSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: CryptSvc Description: Fournit trois services de gestion : le service de base de données de catalogue, qui confirme la signature des fichiers Windows; le service de racine protégée, qui ajoute et supprime des certificats d'autorité de certification de racine approuvés et le service Clé, qui fournit une aide dans l'inscription de cet ordinateur pour les certificats. Si ce service est arrêté, ces services de gestion ne fonctionneront pas correctement. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): dac2w2k Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 0 Service (registry key): dac960nt Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): DcomLaunch Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Lanceur de processus serveur DCOM Description: Fournit la fonctionnalité de lancement des services DCOM. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost -k DcomLaunch Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): Dhcp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Client DHCP Description: Gère la configuration réseau en inscrivant et en mettant à jour les adresses IP et les noms DNS. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: Tcpip,Afd,NetBT Service (registry key): Disk Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de disque Image path: system32\DRIVERS\disk.sys Image size: 36352 Image MD5: 044452051F3E02E7963599FC8F4F3E25 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Depends On group: "SCSI miniport" Service (registry key): dmadmin Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service d'administration du Gestionnaire de disque logique Description: Configure les lecteurs de disque durs et les volumes. Le service ne s'exécute que pour les processus de configurations puis s'arrête. Object name: LocalSystem Image path: %SystemRoot%\System32\dmadmin.exe /com Image size: 225280 Image MD5: EAD2B8AAEB16E538106D295CD7BD7A48 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs,PlugPlay,DmServer Service (registry key): dmboot Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\drivers\dmboot.sys Image size: 800256 Image MD5: F5DEADD42335FB33EDCA74ECB2F36CBA Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): dmio Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): dmload Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): dmserver Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Gestionnaire de disque logique Description: Détecte et analyse de nouveaux lecteurs de disque durs et envoie les informations de volume de disque au service gestionnaire administratif de disque logique pour la configuration. Si ce service est arrêté, l'état des disques dynamiques et les informations de configuration peuvent devenir obsolètes. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs,PlugPlay Service (registry key): DMusic Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Synthétiseur DLS du noyau Microsoft Image path: system32\drivers\DMusic.sys Image size: 52864 Image MD5: 8A208DFCF89792A484E76C40E5F50B45 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Dnscache Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Client DNS Description: Résout et met en cache les noms DNS pour cet ordinateur. Si ce service est arrêté, l'ordinateur ne pourra pas résoudre les noms DNS et trouver les contrôleurs de domaine Active Directory. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer. Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\system32\svchost.exe -k NetworkService Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: Tcpip Service (registry key): Dot3svc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Configuration automatique de réseau câblé Description: Ce service effectue une authentification IEEE 802.1X sur des interfaces Ethernet Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k dot3svc Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: Ndisuio,eaphost Service (registry key): dpti2o Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): drmkaud Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Filtre de décodeur DRM (Noyau Microsoft) Image path: system32\drivers\drmkaud.sys Image size: 2944 Image MD5: 8F5FCFF8E8848AFAC920905FBD9D33C8 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): EapHost Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service Protocole EAP (Extensible Authentication Protocol) Description: Fournit aux clients Windows un Service Protocole EAP (Extensible Authentication Protocol) Object name: localSystem Image path: %SystemRoot%\System32\svchost.exe -k eapsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): EL90XBC Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de la carte EtherLink XL 90XB/C 3Com Image path: system32\DRIVERS\el90xbc5.sys Image size: 66591 Image MD5: 6E883BF518296A40959131C2304AF714 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): ERSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service de rapport d'erreurs Description: Active le rapport d'erreurs pour les services et les applications s'exécutant sur des environnements non standard. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 0 Depends On services: RpcSs Service (registry key): Eventlog Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Journal des événements Description: Active les messages d'événements émis par les programmes fonctionnant sous Windows et les composants devant être affichés dans l'observateur d'événements. Ce service ne peut être arrêté. Object name: LocalSystem Image path: %SystemRoot%\system32\services.exe Image size: 111104 Image MD5: C3FB1D70CB88722267949694BA51759E Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): EventSystem Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Système d'événements de COM+ Description: Prend en charge le service de notification d'événements système (SENS, System Event Notification Service), qui fournit une distribution automatique d'événements aux composants COM (Component Object Model) abonnés. Si le service est arrêté, SENS sera fermé et ne pourra fournir des informations d'ouverture et de fermeture de session. Si ce service est désactivé, le démarrage de tout service qui en dépend explicitement échouera. Object name: LocalSystem Image path: C:\WINDOWS\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RPCSS Service (registry key): FA312 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de la carte Fast Ethernet FA330/FA312/FA311 NETGEAR Image path: system32\DRIVERS\FA312nd5.sys Image size: 16074 Image MD5: AA855FB8A866281AACB393C1FEAB91AE Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): FA31X Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NETGEAR FA311/FA312 NDIS 5.0 Miniport Driver Image path: system32\DRIVERS\FA31XND5.SYS Image size: 16007 Image MD5: EDA078E155DCB0519B65AA6903FDD267 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Fastfat Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 2 Error Control: 1 Service (registry key): FastUserSwitchingCompatibility Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Compatibilité avec le Changement rapide d'utilisateur Description: Fournit un système de gestion à des applications qui nécessitent de l'Assistance dans un environnement d'utilisateurs multiples. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: TermService Service (registry key): Fax Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Fax Description: Vous permet d'envoyer et de recevoir des télécopies, d'utiliser les ressources de télécopie disponibles sur cet ordinateur ou le réseau. Object name: LocalSystem Image path: %systemroot%\system32\fxssvc.exe Image size: 268800 Image MD5: 305687EB8C8E0A12A0B2BAE387B6E466 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: TapiSrv,RpcSs,PlugPlay,Spooler Service (registry key): Fdc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de contrôleur de lecteur de disquettes Image path: system32\DRIVERS\fdc.sys Image size: 27392 Image MD5: 92CDD60B6730B9F50F6A1A0C1F8CDC81 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Fips Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): FirebirdGuardianDefaultInstance Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Firebird Guardian - DefaultInstance Description: Firebird Server Guardian - www.firebirdsql.org Object name: LocalSystem Image path: C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe -s Image size: 65536 Image MD5: 32A43F342D4EEA700CBEFBF0C1998C0F Control Set: CurrentControlSet Start: 3 Type: 272 Error Control: 1 Service (registry key): FirebirdServerDefaultInstance Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Firebird Server - DefaultInstance Description: Firebird Database Server - www.firebirdsql.org Object name: LocalSystem Image path: C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe -s Image size: 1527893 Image MD5: 6087037D00C24F972BB6888AC908CC2C Control Set: CurrentControlSet Start: 3 Type: 272 Error Control: 1 Service (registry key): Flpydisk Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de lecteur de disquettes Image path: system32\DRIVERS\flpydisk.sys Image size: 20480 Image MD5: 9D27E7B80BFCDF1CDD9B555862D5E7F0 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): FltMgr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: FltMgr Description: File System Filter Manager Driver Image path: system32\drivers\fltmgr.sys Image size: 129792 Image MD5: B2CF4B0786F8212CB92ED2B50C6DB6B0 Control Set: CurrentControlSet Start: 0 Type: 2 Error Control: 1 Service (registry key): FontCache3.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows Presentation Foundation Font Cache 3.0.0.0 Description: Optimizes performance of Windows Presentation Foundation (WPF) applications by caching commonly used font data. WPF applications will start this service if it is not already running. It can be disabled, though doing so will degrade the performance of WPF applications. Object name: NT AUTHORITY\LocalService Image path: C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe Image size: 46104 Image MD5: 8BA7C024070F2B7FDD98ED8A4BA41789 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): Fs_Rec Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 8 Error Control: 0 Service (registry key): FTDIBUS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: USB Serial Converter Driver Image path: system32\drivers\ftdibus.sys Image size: 17490 Image MD5: 209DB1EBF6E40E3A23642AA237946262 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Ftdisk Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote du Gestionnaire de volume Image path: system32\DRIVERS\ftdisk.sys Image size: 126080 Image MD5: A86859B77B908C18C2657F284AA29FE3 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): FTSER2K Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: USB Serial Port Driver Image path: system32\drivers\ftser2k.sys Image size: 45965 Image MD5: D6089B308CB64A737572CF248141DF9B Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): GEARAspiWDM Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: GEAR ASPI Filter Driver Image path: system32\DRIVERS\GEARAspiWDM.sys Image size: 23400 Image MD5: F2F431D1573EE632975C524418655B84 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): GoogleDesktopManager Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: GoogleDesktopManager Object name: LocalSystem Image path: "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" Image size: 1836544 Image MD5: 3547A328006CE6EF209024FA4DDF7900 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): Gpc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Classificateur de paquets générique Description: Classificateur de paquets générique Image path: system32\DRIVERS\msgpc.sys Image size: 35072 Image MD5: 0A02C63C8B144BD8C86B103DEE7C86A2 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): gusvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Google Software Updater Description: Le programme de mise à jour Google permet de maintenir votre logiciel Google à jour. Si ce programme de mise à jour est désactivé ou arrêté, votre logiciel Google ne sera pas mis à jour et présentera des failles de sécurité qui ne pourront pas être résolues. Certaines fonctionnalités peuvent être endommagées. Object name: LocalSystem Image path: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" Image size: 183280 Image MD5: 5467F1FF0AF264566740F67E8B810735 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 0 Depends On services: RPCSS Service (registry key): helpsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Aide et support Description: Permet à l'application Aide et support de fonctionner sur cet ordinateur. Si ce service est arrêté, la fonctionnalité Aide et support ne sera pas disponible. S'il est désactivé, tous les services dépendant explicitement de ce service ne pourront pas démarrer. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RPCSS Service (registry key): HidServ Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: HID Input Service Description: Permet l'accès entrant générique aux périphériques d'interface utilisateur, qui activent et maintiennent l'utilisation des boutons actifs prédéfinis sur le clavier, les contrôles à distance, et d'autres périphériques multimédia. Si ce service est arrêté, les boutons actifs contrôlés par ce service ne fonctionneront pas. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): HidUsb Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de classe HID Microsoft Image path: system32\DRIVERS\hidusb.sys Image size: 10368 Image MD5: CCF82C5EC8A7326C3066DE870C06DAF1 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): hkmsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service Gestion des clés et des certificats d'intégrité Description: Gère les certificats et les clés d'intégrité (utilisés par la NAP) Object name: localSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): hpn Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): HTTP Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: HTTP Description: Ce service implémente le protocole HTTP (HyperText Transfer Protocol). Si ce service est désactivé, tous les services qui en dépendent de manière explicite échoueront au démarrage. Image path: System32\Drivers\HTTP.sys Image size: 264832 Image MD5: F6AACF5BCE2893E0C1754AFEB672E5C9 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): HTTPFilter Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: HTTP SSL Description: Ce service implémente le protocole sécurisé HTTPS (Secure HyperText Transfer Protocol) pour le service HTTP, en utilisant la couche SSL (Secure Socket Layer). Si ce service est désactivé, tous les services qui en dépendent de manière explicite échoueront au démarrage. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k HTTPFilter Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: HTTP Service (registry key): i2omgmt Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): i2omp Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): i8042prt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote pour clavier i8042 et souris sur port PS/2 Image path: system32\DRIVERS\i8042prt.sys Image size: 54144 Image MD5: A09BDC4ED10E3B2E0EC27BB94AF32516 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): IDriverT Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: InstallDriver Table Manager Description: Provides support for the Running Object Table for InstallShield Drivers Object name: LocalSystem Image path: "C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe" Image size: 69632 Image MD5: 1CF03C69B49ACB70C722DF92755C0C8C Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 0 Service (registry key): idsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows CardSpace Description: Securely enables the creation, management, and disclosure of digital identities. Object name: LocalSystem Image path: "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" Image size: 881664 Image MD5: C01AC32DC5C03076CFB852CB5DA5229C Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Service (registry key): Imapi Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de filtre de gravure CD Image path: system32\DRIVERS\imapi.sys Image size: 42112 Image MD5: 083A052659F5310DD8B6A6CB05EDCF8E Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): ImapiService Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service COM de gravage de CD IMAPI Description: Gère le gravage des CD via l'interface série IMAPI (Image Mastering Applications Programming Interface). Si ce service est arrêté, cet ordinateur ne pourra plus enregistrer de CD. Si ce service est désactivé, les services qui en dépendent ne vont pas pouvoir démarrer. Object name: LocalSystem Image path: %systemroot%\system32\imapi.exe Image size: 150528 Image MD5: C4221678BBAA55239C23632875759961 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): inetaccs Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): ini910u Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Inport Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): IntelIde Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Ip6Fw Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote du pare-feu Windows IPv6 Description: Fournit un service de prévention d'intrusion pour un réseau domestique ou de petite entreprise. Image path: system32\drivers\ip6fw.sys Image size: 36608 Image MD5: 3BB22519A194418D5FEC05D800A19AD0 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): IpFilterDriver Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de filtre de trafic IP Description: Pilote de filtre de trafic IP Image path: system32\DRIVERS\ipfltdrv.sys Image size: 32896 Image MD5: 731F22BA402EE4B62748ADAF6363C182 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): IpInIp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de tunnelage IP dans IP Description: Pilote de tunnelage IP dans IP Image path: system32\DRIVERS\ipinip.sys Image size: 20864 Image MD5: B87AB476DCF76E72010632B5550955F5 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): IpNat Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Traducteur d'adresses réseau IP Description: Traducteur d'adresses réseau IP Image path: system32\DRIVERS\ipnat.sys Image size: 152832 Image MD5: CC748EA12C6EFFDE940EE98098BF96BB Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): iPod Service Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service de l’iPod Description: Services de gestion matérielle de l’iPod Object name: LocalSystem Image path: "C:\Program Files\iPod\bin\iPodService.exe" Image size: 656168 Image MD5: F055C1760ABFA52B159985E551EA0EDC Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RpcSs Service (registry key): IPSec Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote IPSEC Description: Pilote IPSEC Image path: system32\DRIVERS\ipsec.sys Image size: 75264 Image MD5: 23C74D75E36E7158768DD63D92789A91 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): IRENUM Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service énumérateur IR Image path: system32\DRIVERS\irenum.sys Image size: 11264 Image MD5: C93C9FF7B04D772627A3646D89F7BF89 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): ISAPISearch Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): isapnp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de bus Plug-and-Play ISA/EISA Image path: system32\DRIVERS\isapnp.sys Image size: 37632 Image MD5: 355836975A67B6554BCA60328CD6CB74 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 3 Service (registry key): Kbdclass Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de la classe Clavier Image path: system32\DRIVERS\kbdclass.sys Image size: 25216 Image MD5: 16813155807C6881F4BFBF6657424659 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): kbdhid Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote HID de clavier Image path: system32\DRIVERS\kbdhid.sys Image size: 14720 Image MD5: 94C59CB884BA010C063687C3A50DCE8E Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): kmixer Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Mélangeur audio Wave de noyau Microsoft Image path: system32\drivers\kmixer.sys Image size: 172416 Image MD5: 692BCF44383D056AED41B045A323D378 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): KSecDD Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): lanmanserver Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Serveur Description: Prend en charge le partage de fichiers, d'impression et des canaux nommés via le réseau pour cet ordinateur. Si ce service est arrêté, ces fonctions ne seront pas disponibles. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): lanmanworkstation Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Station de travail Description: Crée et maintient des connexions de réseau client à des serveurs distants. Si ce service est arrêté, ces connexions ne seront pas disponibles. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): lbrtfdc Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): ldap Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): LicenseService Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): LmHosts Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Assistance TCP/IP NetBIOS Description: Permet la prise en charge pour NetBIOS sur un service TCP/IP (NetBT) et la résolution des noms NetBIOS. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: NetBT,Afd Service (registry key): Messenger Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Affichage des messages Description: Envoie et reçoit les messages des services d'alertes entre les clients et les serveurs. Ce service n'est pas lié à Windows Messenger. Si ce service est arrêté, les messages d'alertes ne seront pas transmis. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 4 Type: 32 Error Control: 1 Depends On services: LanmanWorkstation,NetBIOS,PlugPlay,RpcSS Service (registry key): mnmdd Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): mnmsrvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Partage de Bureau à distance NetMeeting Description: Permet à un utilisateur autorisé d'accéder à cet ordinateur à distance en utilisant NetMeeting sur un réseau intranet d'entreprise. Si ce service est arrêté, le partage du Bureau à distance ne sera pas disponible. Si ce service est désactivé, tous les services qui en dépendent explicitement ne pourront pas démarrer. Object name: LocalSystem Image path: C:\WINDOWS\system32\mnmsrvc.exe Image size: 32768 Image MD5: D3A2870CD96CDA7BCFF3DC54F64087AD Control Set: CurrentControlSet Start: 3 Type: 272 Error Control: 1 Service (registry key): Modem Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): MODEMCSA Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Périphérique de filtrage de flux Unimodem Image path: system32\drivers\MODEMCSA.sys Image size: 16128 Image MD5: 1992E0D143B09653AB0F9C5E04B0FD65 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Mouclass Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de la classe Souris Image path: system32\DRIVERS\mouclass.sys Image size: 23680 Image MD5: 027C01BD7EF3349AAEBC883D8A799EFB Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): mouhid Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote HID de souris Image path: system32\DRIVERS\mouhid.sys Image size: 12288 Image MD5: 124D6846040C79B9C997F78EF4B2A4E5 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): MountMgr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Gestionnaire de point de montage Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): MPE Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Filtre BDA MPE Image path: system32\DRIVERS\MPE.sys Image size: 15232 Image MD5: C0F8E0C2C3C0437CF37C6781896DC3EC Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): mraid35x Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): MRxDAV Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Redirecteur client WebDav Description: Redirecteur client WebDav Image path: system32\DRIVERS\mrxdav.sys Image size: 180608 Image MD5: 11D42BB6206F33FBB3BA0288D3EF81BD Control Set: CurrentControlSet Start: 3 Type: 2 Error Control: 1 Service (registry key): MRxSmb Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: MRXSMB Description: MRXSMB Image path: system32\DRIVERS\mrxsmb.sys Image size: 455296 Image MD5: 60AE98742484E7AB80C3C1450E708148 Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 1 Service (registry key): MSDTC Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Distributed Transaction Coordinator Description: Coordonne les transactions qui comportent plusieurs gestionnaires de ressources, tels que des bases de données, des files d'attente de messages net des systèmes de fichiers. Si ce service est arrêté, ces transactions ne se produiront pas. S'il est désactivé, le démarrage de tout service qui en dépend explicitement échouera. Object name: NT AUTHORITY\NetworkService Image path: C:\WINDOWS\system32\msdtc.exe Image size: 6144 Image MD5: 8648D670AE0D95C95E7BBB5B80661796 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS,SamSS Service (registry key): MSDTC Bridge 3.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Msfs Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 1 Service (registry key): MSIServer Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows Installer Description: Ajoute, modifie et supprime des applications fournies en tant que package Windows Installer (*.msi). Si ce service est désactivé, tous les services qui en dépendent explicitement ne vont pas démarrer. Object name: LocalSystem Image path: %systemroot%\system32\msiexec.exe /V Image size: 78848 Image MD5: 0411F7EE63AE48D2918AB4F2C79AB6C4 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): MSKSSRV Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Proxy de service de répartition Microsoft Image path: system32\drivers\MSKSSRV.sys Image size: 7552 Image MD5: D1575E71568F4D9E14CA56B7B0453BF1 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): MSPCLOCK Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Proxy d'horloge de répartition Microsoft Image path: system32\drivers\MSPCLOCK.sys Image size: 5376 Image MD5: 325BB26842FC7CCC1FCCE2C457317F3E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): MSPQM Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Proxy de gestion de qualité de répartition Microsoft Image path: system32\drivers\MSPQM.sys Image size: 4992 Image MD5: BAD59648BA099DA4A17680B39730CB3D Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): mssmbios Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote BIOS de gestion de systèmes Microsoft Image path: system32\DRIVERS\mssmbios.sys Image size: 15488 Image MD5: AF5F4F3F14A8EA2C26DE30F7A1E17136 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): MSTEE Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Convertisseur en T/site-à-site de répartition Microsoft Image path: system32\drivers\MSTEE.sys Image size: 5504 Image MD5: E53736A9E30C45FA9E7B5EAC55056D1D Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Mup Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Mup Control Set: CurrentControlSet Start: 0 Type: 2 Error Control: 1 Service (registry key): MVDCODEC Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ATI WDM Specialized MVD Codec Image path: system32\DRIVERS\atinmdxx.sys Image size: 13824 Image MD5: 514829ED3E7F140AAC16154106D04981 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NABTSFEC Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Codec NABTS/FEC VBI Image path: system32\DRIVERS\NABTSFEC.sys Image size: 85248 Image MD5: 5B50F1B2A2ED47D560577B221DA734DB Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): napagent Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Agent de protection d'accès réseau Description: Permet aux clients Windows de participer à la protection d'accès réseau Object name: localSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): NDIS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote système NDIS Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): NdisIP Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Connection TV/vidéo Microsoft Image path: system32\DRIVERS\NdisIP.sys Image size: 10880 Image MD5: 7FF1F1FD8609C149AA432F95A8163D97 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NdisTapi Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote TAPI NDIS d'accès distant Description: Pilote TAPI NDIS d'accès distant Image path: system32\DRIVERS\ndistapi.sys Image size: 10112 Image MD5: 1AB3D00C991AB086E69DB84B6C0ED78F Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Ndisuio Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NDIS mode utilisateur E/S Protocole Description: NDIS mode utilisateur E/S Protocole Image path: system32\DRIVERS\ndisuio.sys Image size: 14592 Image MD5: F927A4434C5028758A842943EF1A3849 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NdisWan Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote réseau étendu NDIS d'accès distant Description: Pilote réseau étendu NDIS d'accès distant Image path: system32\DRIVERS\ndiswan.sys Image size: 91520 Image MD5: EDC1531A49C80614B2CFDA43CA8659AB Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NDProxy Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NetBIOS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Interface NetBIOS Description: Interface NetBIOS Image path: system32\DRIVERS\netbios.sys Image size: 34688 Image MD5: 5D81CF9A2F1A3A756B66CF684911CDF0 Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 1 Service (registry key): NetBT Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NetBIOS sur TCP/IP Description: NetBIOS sur TCP/IP Image path: system32\DRIVERS\netbt.sys Image size: 162816 Image MD5: 74B2B2F5BEA5E9A3DC021D685551BD3D Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): NetDDE Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: DDE réseau Description: Fournit le transport en réseau et la sécurité pour l'échange dynamique de données pour les programmes exécutés sur un même ordinateur ou des ordinateurs différents. Si ce service est arrêté, le transport et la sécurité de l'échange dynamique de données seront indisponibles. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: LocalSystem Image path: %SystemRoot%\system32\netdde.exe Image size: 114176 Image MD5: 5C9B1D83755B36237B70F95DF3D46A52 Control Set: CurrentControlSet Start: 4 Type: 32 Error Control: 1 Depends On services: NetDDEDSDM Service (registry key): NetDDEdsdm Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: DSDM DDE réseau Description: Gère l'échange dynamique de données partagées de réseau. Si ce service est arrêté, l'échange dynamique de données partagées de réseau ne sera plus disponible. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: LocalSystem Image path: %SystemRoot%\system32\netdde.exe Image size: 114176 Image MD5: 5C9B1D83755B36237B70F95DF3D46A52 Control Set: CurrentControlSet Start: 4 Type: 32 Error Control: 1 Service (registry key): Netlogon Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Ouverture de session réseau Description: Prend en charge l'authentification directe des événements d'ouverture de session du compte pour les ordinateurs dans un domaine. Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 13312 Image MD5: 91E6024D6D4DCDECDB36C43ECF9BBECB Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: LanmanWorkstation Service (registry key): Netman Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Connexions réseau Description: Prend en charge les objets dans le dossier Connexions réseau et accès à distance, dans lequel vous pouvez afficher à la fois les connexions du réseau local et les connexions à distance. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 288 Error Control: 1 Depends On services: RpcSs Service (registry key): NETMDUSB Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Net MD Image path: System32\Drivers\NETMDUSB.sys Image size: 37087 Image MD5: 42F797EC507060B2223BE182258293C8 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NetTcpPortSharing Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Net.Tcp Port Sharing Service Description: Provides ability to share TCP ports over the net.tcp protocol. Object name: NT AUTHORITY\LocalService Image path: "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" Image size: 132096 Image MD5: D34612C5D02D026535B3095D620626AE Control Set: CurrentControlSet Start: 4 Type: 32 Error Control: 1 Service (registry key): NIC1394 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote réseau 1394 Image path: system32\DRIVERS\nic1394.sys Image size: 61824 Image MD5: E9E47CFB2D461FA0FC75B7A74C6383EA Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Nla Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NLA (Network Location Awareness) Description: Recueille et stocke les informations de configuration et d'emplacement réseau, et notifie les applications quand ces informations changent. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: Tcpip,Afd Service (registry key): Npfs Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 1 Service (registry key): Ntfs Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 2 Error Control: 1 Service (registry key): NtLmSsp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Fournisseur de la prise en charge de sécurité LM NT Description: Assure la sécurité des programmes RPC (appels de procédure distante) qui utilisent des transports autres que des canaux nommés. Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 13312 Image MD5: 91E6024D6D4DCDECDB36C43ECF9BBECB Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Service (registry key): NtmsSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Stockage amovible Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): Null Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): nvatabus Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\DRIVERS\nvatabus.sys Image size: 86144 Image MD5: C8DAA008F9E390B9DA504C1CD0DA1EE9 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 3 Service (registry key): NVENETFD Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NVIDIA nForce Networking Controller Driver Image path: system32\DRIVERS\NVENETFD.sys Image size: 33280 Image MD5: B9995947C8A151370C6B5F5316857042 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): nvnetbus Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NVIDIA Network Bus Enumerator Image path: system32\DRIVERS\nvnetbus.sys Image size: 12928 Image MD5: E425490FF28EC2A3FA089B520A5BE87E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NwlnkFlt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de filtre de trafic IPX Description: Pilote de filtre de trafic IPX Image path: system32\DRIVERS\nwlnkflt.sys Image size: 12416 Image MD5: B305F3FAD35083837EF46A0BBCE2FC57 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On services: NwlnkFwd Service (registry key): NwlnkFwd Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de transfert de trafic IPX Description: Pilote de transfert de trafic IPX Image path: system32\DRIVERS\nwlnkfwd.sys Image size: 32512 Image MD5: C99B3415198D1AAB7227F2C88FD664B9 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): ohci1394 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Contrôleur hôte compatible IEE 1394 VIA OHCI Image path: system32\DRIVERS\ohci1394.sys Image size: 61696 Image MD5: CA33832DF41AFB202EE7AEB05145922F Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): ose Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Office Source Engine Description: Enregistre les fichiers d'installation utilisés pour les mises à jour et les réparations, et est nécessaire au téléchargement des mises à jour d'installation et des rapports d'erreur Watson. Object name: LocalSystem Image path: "C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE" Image size: 89136 Image MD5: 7A56CF3E3F12E8AF599963B16F50FB6A Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): Outlook Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): PALLADIA Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Palladia 300/400 Usb Adsl Modem Image path: system32\DRIVERS\usbiad.sys Image size: 31547 Image MD5: F500B04DEB1E266D21C501D229E63845 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Parport Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de port parallèle Image path: system32\DRIVERS\parport.sys Image size: 80384 Image MD5: 8FD0BDBEA875D06CCF6C945CA9ABAF75 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): PartMgr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Gestionnaire de partition Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): ParVdm Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 0 Depends On services: Parport Depends On group: "Parallel arbitrator" Service (registry key): PCI Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de bus PCI Image path: system32\DRIVERS\pci.sys Image size: 68608 Image MD5: 043410877BDA580C528F45165F7125BC Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 3 Service (registry key): PCIDump Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): PCIIde Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): Pcmcia Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Pcouffin Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Low level access layer for CD devices Image path: System32\Drivers\Pcouffin.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): PCTAVSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: PC Tools AntiVirus Engine Description: The PC Tools AntiVirus Service protects your system against virus and other security threats. If this service is disabled, protection against virus and other security threats is also disabled Object name: LocalSystem Image path: "C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe" Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 2 Type: 272 Error Control: 1 Depends On services: RPCSS Service (registry key): PDCOMP Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): PDFRAME Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): PDRELI Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): PDRFRAME Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): perc2 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): perc2hib Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): PerfDisk Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): PerfNet Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): PerfOS Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): PerfProc Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): pfc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Padus ASPI Shell Image path: system32\drivers\pfc.sys Image size: 10368 Image MD5: 444F122E68DB44C0589227781F3C8B3F Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): PlugPlay Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Plug-and-Play Description: Permet à l'ordinateur de reconnaître et d'adapter les modifications matérielles avec peu ou pas du tout d'intervention de l'utilisateur. Arrêter ou désactiver ce service provoque une instabilité du système. Object name: LocalSystem Image path: %SystemRoot%\system32\services.exe Image size: 111104 Image MD5: C3FB1D70CB88722267949694BA51759E Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): Point32 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft IntelliPoint Filter Driver Image path: system32\DRIVERS\point32.sys Image size: 21760 Image MD5: DCDF0421A1C14F2923E298A30FD7636D Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): PolicyAgent Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Services IPSEC Description: Gère la stratégie de sécurité IP et démarre les pilotes de gestion de sécurité IP et ISAKMP/Oakley (IKE). Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 13312 Image MD5: 91E6024D6D4DCDECDB36C43ECF9BBECB Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RPCSS,Tcpip,IPSec Service (registry key): PptpMiniport Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Miniport réseau étendu (PPTP) Description: Miniport réseau étendu (PPTP) Image path: system32\DRIVERS\raspptp.sys Image size: 48384 Image MD5: EFEEC01B1D3CF84F16DDD24D9D9D8F99 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): PRISM_A00 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: CREATIX 802.11g Driver Image path: system32\DRIVERS\PRISMA00.sys Image size: 380736 Image MD5: A5D938EE86B8CD0D4879D95EDA1CC430 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Processor Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote processeur Image path: system32\DRIVERS\processr.sys Image size: 40064 Image MD5: E19C9632AC828F6F214391E2BDDA11CB Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): ProtectedStorage Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Emplacement protégé Description: Fournit un stockage protégé pour les données sensibles, telles que les clés privées, afin d'empêcher l'accès par des services, des processus ou des utilisateurs non autorisés. Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 13312 Image MD5: 91E6024D6D4DCDECDB36C43ECF9BBECB Control Set: CurrentControlSet Start: 2 Type: 288 Error Control: 1 Depends On services: RpcSs Service (registry key): Ptilink Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de liaison parallèle directe Description: Pilote de liaison parallèle directe Image path: system32\DRIVERS\ptilink.sys Image size: 17792 Image MD5: 80D317BD1C3DBC5D4FE7B1678C60CADD Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): PxHelp20 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: PxHelp20 Image path: System32\Drivers\PxHelp20.sys Image size: 43528 Image MD5: D86B4A68565E444D76457F14172C875A Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): qgehicwx Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: USB Serial Converter Helper Description: Helper for USB Serial Converter Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): ql1080 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Ql10wnt Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): ql12160 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): ql1240 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): ql1280 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): QV2KUX Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Appareil photo numérique Casio Image path: system32\DRIVERS\qv2kux.sys Image size: 3328 Image MD5: 0087F01D35A65B32393CC8BBA46EE4A6 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): RasAcd Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de connexion automatique d'accès distant Description: Pilote de connexion automatique d'accès distant Image path: system32\DRIVERS\rasacd.sys Image size: 8832 Image MD5: FE0D99D6F31E4FAD8159F690D68DED9C Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): RasAuto Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Gestionnaire de connexion automatique d'accès distant Description: Crée une connexion vers un réseau distant à chaque fois qu'un programme référence un nom ou une adresse DNS ou NetBIOS distant. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RasMan,Tapisrv Service (registry key): Rasl2tp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Miniport réseau étendu (L2TP) Description: Miniport réseau étendu (L2TP) Image path: system32\DRIVERS\rasl2tp.sys Image size: 51328 Image MD5: 11B4A627BC9614B885C4969BFA5FF8A6 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): RasMan Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Gestionnaire de connexions d'accès distant Description: Crée une connexion réseau. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: Tapisrv Service (registry key): RasPppoe Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote PPPOE d'accès à distance Description: Pilote PPPOE d'accès à distance Image path: system32\DRIVERS\raspppoe.sys Image size: 41472 Image MD5: 5BC962F2654137C9909C3D4603587DEE Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Raspti Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Parallèle direct Description: Parallèle direct Image path: system32\DRIVERS\raspti.sys Image size: 16512 Image MD5: FDBB1D60066FCFBB7452FD8F9829B242 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Rdbss Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Rdbss Description: Rdbss Image path: system32\DRIVERS\rdbss.sys Image size: 175744 Image MD5: 7AD224AD1A1437FE28D89CF22B17780A Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 1 Service (registry key): RDPCDD Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\DRIVERS\RDPCDD.sys Image size: 4224 Image MD5: 4912D5B403614CE99C28420F75353332 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): RDPDD Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): RDPNP Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): RDPWD Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): RDSessMgr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Gestionnaire de session d'aide sur le Bureau à distance Description: Gère et contrôle l'assistance à distance. Si ce service est arrêté, l'assistance à distance n'est pas disponible. Consultez l'onglet Dépendances avant d'arrêter ce service. Object name: LocalSystem Image path: C:\WINDOWS\system32\sessmgr.exe Image size: 142848 Image MD5: 9F63D9C5B238ED1C375D417EFF3D5BE7 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): redbook Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de filtre de lecture digitale de CD audio Image path: system32\DRIVERS\redbook.sys Image size: 58752 Image MD5: D8EB2A7904DB6C916EB5361878DDCBAE Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): RemoteAccess Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Routage et accès distant Description: Offre aux entreprises des services de routage dans les environnements de réseau local ou étendu. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 4 Type: 32 Error Control: 1 Depends On services: RpcSS Depends On group: NetBIOSGroup Service (registry key): ROOTMODEM Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Legacy Modem Driver Image path: System32\Drivers\RootMdm.sys Image size: 5888 Image MD5: D8B0B4ADE32574B2D9C5CC34DC0DBBE7 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): RpcLocator Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Localisateur d'appels de procédure distante (RPC) Description: Gère la base de données du service de nom RPC. Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\system32\locator.exe Image size: 75264 Image MD5: 499C59A2584F6D4EA41E944DA571D993 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: LanmanWorkstation Service (registry key): RpcSs Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Appel de procédure distante (RPC) Description: Fournit le mappeur du point de sortie et divers services RPC. Object name: NT Authority\NetworkService Image path: %SystemRoot%\system32\svchost -k rpcss Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Service (registry key): RSVP Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: QoS RSVP Description: Fournit la signalisation de réseau et la fonctionnalité d'installation du contrôle de trafic local pour les programmes reconnaissant QoS et les applets de contrôle. Object name: LocalSystem Image path: %SystemRoot%\system32\rsvp.exe Image size: 132608 Image MD5: 414964844F4793ACB868D057E8ED997E Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: TcpIp,Afd,RpcSs Service (registry key): SamSs Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Gestionnaire de comptes de sécurité Description: Stocke les informations de sécurité pour les comptes d'utilisateurs locaux. Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 13312 Image MD5: 91E6024D6D4DCDECDB36C43ECF9BBECB Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RPCSS Service (registry key): sbp2port Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de bus de transport/protocole SBP-2 Image path: system32\DRIVERS\sbp2port.sys Image size: 43904 Image MD5: B244960E5A1DB8E9D5D17086DE37C1E4 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): SCardSvr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Carte à puce Description: Gère l'accès aux cartes à puce lues par cet ordinateur. Si ce service est arrêté, cet ordinateur ne pourra plus lire de cartes à puces. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\SCardSvr.exe Image size: 100352 Image MD5: 67949CC8A865296C1333C96A4E1A2D66 Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 0 Depends On services: PlugPlay Service (registry key): Schedule Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Planificateur de tâches Description: Permet à un utilisateur de configurer et de planifier des tâches automatisées sur cet ordinateur. Si ce service est arrêté, ces tâches ne seront pas exécutées à l'heure prévue. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): ScsiPort Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: %SystemRoot%\system32\drivers\scsiport.sys Image size: 96384 Image MD5: 76C465F570E90C28942D52CCB2580A10 Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Secdrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Secdrv Description: SafeDisc driver Image path: system32\DRIVERS\secdrv.sys Image size: 20480 Image MD5: 90A3935D05B494A5A39D37E71F09A677 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): seclogon Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Secondary Logon Description: Permet le démarrage des processus sous d'autres informations d'identification. Si ce service est arrêté, ce type d'ouverture de session sera indisponible. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 288 Error Control: 0 Service (registry key): SENS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Notification d'événement système Description: Scrute les événements système tels que les ouvertures de session Windows et les événements concernant le réseau et l'alimentation. Avertit les abonnés du système d'événements COM+ de ces événements. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: EventSystem Service (registry key): serenum Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Serenum Filter Driver Image path: system32\DRIVERS\serenum.sys Image size: 15744 Image MD5: 0F29512CCD6BEAD730039FB4BD2C85CE Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Serial Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de port série Image path: system32\DRIVERS\serial.sys Image size: 66048 Image MD5: 93D313C31F7AD9EA2B75F26075413C7C Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): ServiceModelEndpoint 3.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): ServiceModelOperation 3.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): ServiceModelService 3.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Sfloppy Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Lecteur de disquettes haute densité Image path: system32\DRIVERS\sfloppy.sys Image size: 11392 Image MD5: 8E6B8C671615D126FDC553D1E2DE5562 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On group: "SCSI miniport" Service (registry key): SharedAccess Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pare-feu Windows / Partage de connexion Internet Description: Assure la traduction d'adresses de réseau, l'adressage, les services de résolution de noms et/ou les services de prévention d'intrusion pour un réseau de petite entreprise ou un réseau domestique. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: Netman,WinMgmt Service (registry key): ShellHWDetection Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Détection matériel noyau Description: Fournit des notifications à des événements matériel de lecture automatique. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 0 Depends On services: RpcSs Service (registry key): Simbad Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): SLIP Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Détrameur décalage BDA Image path: system32\DRIVERS\SLIP.sys Image size: 11136 Image MD5: 866D538EBE33709A5C9F5C62B73B7D14 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): SMSvcHost 3.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Sparrow Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): splitter Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Splitter audio du noyau Microsoft Image path: system32\drivers\splitter.sys Image size: 6272 Image MD5: AB8B92451ECB048A4D1DE7C3FFCB4A9F Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Spooler Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Spouleur d'impression Description: Charge des fichiers en mémoire pour une impression ultérieure. Object name: LocalSystem Image path: %SystemRoot%\system32\spoolsv.exe Image size: 57856 Image MD5: 460E4CE148BD07218DA0B6A3D31885A9 Control Set: CurrentControlSet Start: 2 Type: 272 Error Control: 1 Depends On services: RPCSS Service (registry key): SPTISRV Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Sony SPTI Service Object name: LocalSystem Image path: C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe Image size: 65536 Image MD5: E8DBEBFBFB44F63D487809E830C73DA6 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): sr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de filtre de restauration système Image path: system32\DRIVERS\sr.sys Image size: 73600 Image MD5: 39626E6DC1FB39434EC40C42722B660A Control Set: CurrentControlSet Start: 0 Type: 2 Error Control: 1 Service (registry key): srservice Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service de restauration système Description: Effectue des opérations de restauration du système. Pour arrêter ce service, désactivez Restauration du système dans l'onglet Restauration du système des propriétés du Poste de travail. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): Srv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Srv Description: Srv Image path: system32\DRIVERS\srv.sys Image size: 333952 Image MD5: 3BB03F2BA89D2BE417206C373D2AF17C Control Set: CurrentControlSet Start: 3 Type: 2 Error Control: 1 Service (registry key): SSDPSRV Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service de découvertes SSDP Description: Active la découverte de périphériques Plug and Play universels sur votre réseau domestique. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: HTTP Service (registry key): ssmdrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ssmdrv Description: Avira Snapshot Driver Image path: system32\DRIVERS\ssmdrv.sys Image size: 28352 Image MD5: 3D2829FDE1C52FC64DA5413889CE4DEE Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): stisvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Acquisition d'image Windows (WIA) Description: Fournit des services d'acquisition d'images pour les scanneurs et les appareils photo. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k imgsvc Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): streamip Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: BDA IPSink Image path: system32\DRIVERS\StreamIP.sys Image size: 15232 Image MD5: 77813007BA6265C4B6098187E6ED79D2 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): swenum Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de bus logiciel Image path: system32\DRIVERS\swenum.sys Image size: 4352 Image MD5: 3941D127AEF12E93ADDF6FE6EE027E0F Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): swmidi Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Synthétiseur de table de sons GC noyau Microsoft Image path: system32\drivers\swmidi.sys Image size: 56576 Image MD5: 8CE882BCC6CF8A62F2B2323D95CB3D01 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): SwPrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: MS Software Shadow Copy Provider Description: Gère les copies logicielles de clichés instantanés de volumes créés par le service de cliché instantané de volumes. Si ce service est arrêté, les copies logicielles de clichés instantanés ne peuvent pas être gérées. Si le service est désactivé, les services qui en dépendent ne pourront pas démarrer. Object name: LocalSystem Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{169C76FE-7B88-41DF-AB63-D00A21C134B2} Image size: 5120 Image MD5: 0DAD93BB0FECF5016AE3C06CBB0A873B Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 0 Depends On services: rpcss Service (registry key): swwd Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): symc810 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): symc8xx Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): sym_hi Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): sym_u3 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): sysaudio Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Périphérique audio système du noyau Microsoft Image path: system32\drivers\sysaudio.sys Image size: 60800 Image MD5: 8B83F3ED0F1688B4958F77CD6D2BF290 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): SysmonLog Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Journaux et alertes de performance Description: Collecte les données de performances des ordinateurs locaux ou distants basés sur des paramètres planifiés préconfigurés, puis écrit les données dans un journal ou déclenche une alerte. Si ce service est arrêté, les informations de performances ne seront pas collectées. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: NT Authority\NetworkService Image path: %SystemRoot%\system32\smlogsvc.exe Image size: 93184 Image MD5: 0899061318A6B1D9596AABFC77F45E44 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): TapiSrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Téléphonie Description: Fournit la prise en charge des API de téléphonie (TAPI) pour les programmes contrôlant les périphériques de téléphonie, les connexions vocales basées sur le protocole IP, sur l'ordinateur local, via le réseau local, sur le serveur où ce service fonctionne également. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: PlugPlay,RpcSs Service (registry key): Tcpip Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote du protocole TCP/IP Description: Pilote du protocole TCP/IP Image path: system32\DRIVERS\tcpip.sys Image size: 361600 Image MD5: 9AEFA14BD6B182D61E3119FA5F436D3D Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Depends On services: IPSec Service (registry key): TDPIPE Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): TDTCP Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): TermDD Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de périphérique terminal Image path: system32\DRIVERS\termdd.sys Image size: 40840 Image MD5: 88155247177638048422893737429D9E Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): TermService Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Services Terminal Server Description: Permet à plusieurs utilisateurs de se connecter en même temps à un ordinateur, tout en affichant les bureaux et les applications sur les ordinateurs distants. Contient les fonctions sous-jacentes de Bureau à distance (y compris le Bureau à distance pour les administrateurs), le Changement rapide d'utilisateur, l'Assistance à distance et le service Terminal Server. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost -k DComLaunch Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RPCSS Service (registry key): Themes Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Thèmes Description: Fournit un système de gestion de thème de l'expérience utilisateur. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): TosIde Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): TrkWks Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Client de suivi de lien distribué Description: Maintient les liens entre les fichiers NTFS au sein d'un ordinateur ou de plusieurs ordinateurs dans un domaine de réseau. Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): TSDDD Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Udfs Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 2 Error Control: 1 Service (registry key): UKBFLT Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\DRIVERS\UKBFLT.sys Image size: 11672 Image MD5: 121B9EB8372F9309B12A2C698F655F84 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): ultra Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Update Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de mise à jour microcode Image path: system32\DRIVERS\update.sys Image size: 384768 Image MD5: 402DDC88356B1BAC0EE3DD1580C76A31 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): upnphost Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Hôte de périphérique universel Plug-and-Play Description: Offre la prise en charge des périphériques hôtes universels Plug-and-Play. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: SSDPSRV,HTTP Service (registry key): UPS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Onduleur Description: Gère un onduleur connecté à l'ordinateur. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\ups.exe Image size: 18432 Image MD5: 1EDC93D7BD731B5CA6248AE245099B60 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): USBAAPL Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Apple Mobile USB Driver Image path: System32\Drivers\usbaapl.sys Image size: 36864 Image MD5: 026F7F224F088EE11E383BCA448FFF81 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbaudio Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote USB audio (WDM) Image path: system32\drivers\usbaudio.sys Image size: 60032 Image MD5: E919708DB44ED8543A7C017953148330 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbccgp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote parent générique USB Microsoft Image path: system32\DRIVERS\usbccgp.sys Image size: 32128 Image MD5: 173F317CE0DB8E21322E71B7E60A27E8 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbehci Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0 Image path: system32\DRIVERS\usbehci.sys Image size: 30208 Image MD5: 65DCF09D0E37D4C6B11B5B0B76D470A7 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbhub Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de concentrateur standard USB Microsoft Image path: system32\DRIVERS\usbhub.sys Image size: 59520 Image MD5: 1AB3CDDE553B6E064D2E754EFE20285C Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbohci Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote miniport de contrôleur hôte ouvert USB Microsoft Image path: system32\DRIVERS\usbohci.sys Image size: 17152 Image MD5: 0DAECCE65366EA32B162F85F07C6753B Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbprint Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Classe d'imprimantes USB Microsoft Image path: system32\DRIVERS\usbprint.sys Image size: 25856 Image MD5: A717C8721046828520C9EDF31288FC00 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbscan Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de scanneur USB Image path: system32\DRIVERS\usbscan.sys Image size: 15104 Image MD5: A0B8CF9DEB1184FBDD20784A58FA75D4 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): USBSTOR Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote de stockage de masse USB Image path: system32\DRIVERS\USBSTOR.SYS Image size: 26368 Image MD5: A32426D9B14A089EAA1D922E0C5801A9 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbvideo Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Périphérique vidéo USB (WDM) Image path: System32\Drivers\usbvideo.sys Image size: 121984 Image MD5: 63BBFCA7F390F4C49ED4B96BFB1633E0 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usb_rndisx Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Carte ISDN USB Image path: system32\DRIVERS\usb8023x.sys Image size: 12800 Image MD5: B6CC50279D6CD28E090A5D33244ADC9A Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usnjsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service Messenger Sharing Folders USN Journal Reader Description: Service installé par Messenger pour permettre les opérations de partage Object name: LocalSystem Image path: "C:\Program Files\Windows Live\Messenger\usnsvc.exe" Image size: 98328 Image MD5: 9D19B042A4FD5C02195071EA2FE0C821 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: rpcss,eventlog Service (registry key): VgaSave Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Carte vidéo VGA. Description: Gère la carte vidéo VGA pour offrir un affichage de base. Image path: \SystemRoot\System32\drivers\vga.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): ViaIde Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): VolSnap Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): VSS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Cliché instantané de volume Description: Gère et implémente les clichés instantanés de volumes pour les sauvegardes et autres utilisations. Si ce service est arrêté, les clichés instantanés ne seront pas disponibles pour la sauvegarde et la sauvegarde échouera. Si ce service est désactivé, les services en dépendant explicitement ne démarreront pas. Object name: LocalSystem Image path: %SystemRoot%\System32\vssvc.exe Image size: 295424 Image MD5: 5A4DA252B2C0550AB83D129C02CF6C19 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): VxD Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): W32Time Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Horloge Windows Description: Conserve la synchronisation de la date et de l'heure sur tous les clients et serveurs sur le réseau. Si ce service est arrêté, la synchronisation de la date et de l'heure sera indisponible. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): Wanarp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote ARP IP d'accès distant Description: Pilote ARP IP d'accès distant Image path: system32\DRIVERS\wanarp.sys Image size: 34560 Image MD5: E20B95BAEDB550F32DD489265C1DA1F6 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): WDICA Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): wdmaud Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Pilote WINMM de compatibilité audio WDM Microsoft Image path: system32\drivers\wdmaud.sys Image size: 83072 Image MD5: 6768ACF64B18196494413695F0C3A00F Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): WebClient Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: WebClient Description: Permet à un programme fonctionnant sous Windows de créer, modifier et accéder à des fichiers Internet. Si ce service est arrêté, Ces fonctions ne seront pas disponibles. Si ce service est désactivé, tout service en dépendant explicitement ne démarrera pas. Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: MRxDAV Service (registry key): WinDefend Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows Defender Description: Permet de protéger les utilisateurs des logiciels malveillants, des logiciels espions et des autres logiciels potentiellement indésirables Object name: LocalSystem Image path: "C:\Program Files\Windows Defender\MsMpEng.exe" Image size: 13592 Image MD5: F45DD1E1365D857DD08BC23563370D0E Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: RpcSs Service (registry key): Windows Workflow Foundation 3.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): winmgmt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Infrastructure de gestion Windows Description: Fournit une interface commune et un modèle objet pour accéder aux informations de gestion du système d'exploitation, des périphériques, des applications et des services. Si ce service est arrêté, la plupart des logiciels sur base Windows ne fonctionneront pas correctement. Si ce service est désactivé, tout service qui en dépend explicitement ne démarrera pas. Object name: LocalSystem Image path: %systemroot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 0 Depends On services: RPCSS Service (registry key): Winsock Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 4 Error Control: 1 Service (registry key): WinSock2 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): WinTrust Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): WLSetupSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows Live Setup Service Description: Windows Live Setup Service Object name: LocalSystem Image path: "C:\Program Files\Windows Live\installer\WLSetupSvc.exe" Image size: 266240 Image MD5: 94A85E956A065E23E0010A6A7826243B Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): WmdmPmSN Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service de numéro de série du lecteur multimédia portable Description: Extrait le numéro de série d'un lecteur multimédia portable connecté à cet ordinateur. Si ce service est interrompu, le contenu protégé risque de ne pas être téléchargé sur le périphérique. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Service (registry key): Wmi Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): WmiApRpl Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): WmiApSrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Carte de performance WMI Description: Fournit des informations concernant la bibliothèque de performance à partir des fournisseurs HiPerf WMI. Object name: LocalSystem Image path: C:\WINDOWS\system32\wbem\wmiapsrv.exe Image size: 126464 Image MD5: 4E8E8A58F56B25D0795F484E5EB7F898 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): WMPNetworkSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service Partage réseau du Lecteur Windows Media Description: Partage les bibliothèques du Lecteur Windows Media avec des lecteurs réseau et des appareils multimédias qui utilisent le Plug-and-Play universel Object name: NT AUTHORITY\NetworkService Image path: "C:\Program Files\Windows Media Player\WMPNetwk.exe" Image size: 918016 Image MD5: C9BEA742CE225CC993C9465FDDAE4656 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: upnphost,http,HTTPFilter Service (registry key): WpdUsb Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: WpdUsb Image path: system32\DRIVERS\wpdusb.sys Image size: 38528 Image MD5: CF4DEF1BF66F06964DC0D91844239104 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): WS2IFSL Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 Image path: \SystemRoot\System32\drivers\ws2ifsl.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): wscsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Centre de sécurité Description: Analyse les paramètres de sécurité et les configurations du système. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs,winmgmt Service (registry key): WSTCODEC Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Codec Teletext standard Image path: system32\DRIVERS\WSTCODEC.SYS Image size: 19200 Image MD5: C98B39829C2BBD34E454150633C62C78 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): wuauserv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Mises à jour automatiques Description: Autorise le téléchargement et l'installation des mises à jour de Windows. Si ce service est désactivé, cet ordinateur ne pourra pas utiliser la fonctionnalité Mises à jour automatiques, ni accéder au site Web Windows Update. Object name: LocalSystem Image path: %systemroot%\system32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): WudfPf Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows Driver Foundation - User-mode Driver Framework Platform Driver Description: Provide communciation services for UMDF components. Image path: system32\DRIVERS\WudfPf.sys Image size: 77568 Image MD5: F15FEAFFFBB3644CCC80C5DA584E6311 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): WudfRd Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows Driver Foundation - User-mode Driver Framework Reflector Description: Reflect device requests to user-mode driver drivers Image path: system32\DRIVERS\wudfrd.sys Image size: 82944 Image MD5: 28B524262BCE6DE1F7EF9F510BA3985B Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): WudfSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Windows Driver Foundation - User-mode Driver Framework Description: Manages user-mode driver host processes Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k WudfServiceGroup Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: PlugPlay Service (registry key): WZCSVC Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Configuration automatique sans fil Description: Fournit la configuration automatique des cartes 802.11 Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs,Ndisuio Service (registry key): x10nets Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: X10 Device Network Service Object name: LocalSystem Image path: C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe Image size: 20480 Image MD5: 5A0C788C5BC5F2C993CB60940ADCF95E Control Set: CurrentControlSet Start: 3 Type: 272 Error Control: 1 Depends On services: RPCSS Service (registry key): X10UIF Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: %DESCRIPTION% Image path: System32\Drivers\x10uif.sys Image size: 10761 Image MD5: 2A35913CFE96E7B19097C9A1C3BC5182 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): xmlprov Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service d'approvisionnement réseau Description: Gère les fichiers de configuration XML en fonction du domaine pour l'approvisionnement réseau automatique. Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 14336 Image MD5: E4BDF223CD75478BF44567B4D5C2634D Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): ZTEusbmdm6k Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ZTE Proprietary USB Driver Image path: system32\DRIVERS\ZTEusbmdm6k.sys Image size: 103936 Image MD5: 1D4EB2E5FC4276CD5E9B862D349F68BD Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): ZTEusbnmea Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ZTE NMEA Port Image path: system32\DRIVERS\ZTEusbnmea.sys Image size: 103936 Image MD5: 1D4EB2E5FC4276CD5E9B862D349F68BD Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): ZTEusbser6k Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ZTE Diagnostic Port Image path: system32\DRIVERS\ZTEusbser6k.sys Image size: 103936 Image MD5: 1D4EB2E5FC4276CD5E9B862D349F68BD Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): {22B15CB7-55AD-4997-A2AB-DA4931DF6907} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {4786659F-6F77-4ABA-A0B2-CF58C4DA049C} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {4A4F4127-6D87-4E60-ABA6-8703D1F04AA3} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {4A8F31E8-1388-4D1A-9238-5FA601C7EA6D} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {5F1E1A1F-3B24-44E5-A0A2-39636A959AFD} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {747D6A93-476E-44F3-A048-98D012DA1F42} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {ABD87786-C102-40F2-AD75-FD5BCC6C2359} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {CB170183-142B-457F-9812-D7999CB679AA} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {DD10E0AB-38EE-4F68-AA59-34353D4196AB} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): CLASSPNP_2 Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \??\C:\WINDOWS\system32\drivers\CLASSPNP_2.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): disk_2 Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \??\C:\WINDOWS\system32\drivers\disk_2.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): mbr Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \??\C:\DOCUME~1\DELAPA~1\LOCALS~1\Temp\mbr.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): nvatabus_2 Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \??\C:\WINDOWS\system32\drivers\nvatabus_2.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): nvatabus_2 Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \??\C:\WINDOWS\system32\drivers\nvatabus_2.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1
  19. Merci de ton aide, voici le rapport que tu m'as demandé ma connexion n'a pas bougé d'un pouce C'est quoi PC Pitstop optimizer ? je ne l'ai pas ComboFix 09-10-28.08 - DELAPAMPA 29/10/2009 20:50.7.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.464 [GMT 1:00] Lancé depuis: c:\documents and settings\DELAPAMPA\Bureau\ComboFix.exe AV: BullGuard 5.0 antivirus *On-access scanning disabled* (Updated) {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913} FW: BullGuard 5.0 firewall *disabled* {2AEF4CB6-61B5-4E60-AF22-D95E75B63FA1} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\InfoSat.txt c:\windows\Fonts\acrsec.fon c:\windows\system32\drivers\etc\lmhosts c:\windows\system32\dumphive.exe c:\windows\system32\SrchSTS.exe c:\windows\system32\tmp.reg Une copie infectée de c:\windows\system32\drivers\AGP440.sys a été trouvée et désinfectée Copie restaurée à partir de - c:\windows\ServicePackFiles\i386\agp440.sys . ((((((((((((((((((((((((((((( Fichiers créés du 2009-09-28 au 2009-10-29 )))))))))))))))))))))))))))))))))))) . 2009-10-26 19:02 . 2009-10-26 19:02 -------- d-----w- C:\rsit 2009-10-26 12:50 . 2009-10-26 12:50 -------- d-----w- c:\program files\Trend Micro 2009-10-03 12:47 . 2009-10-01 09:29 195440 ------w- c:\windows\system32\MpSigStub.exe . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-29 19:56 . 2005-03-08 14:26 17408 ----a-w- c:\windows\system32\drivers\USBCRFT.SYS 2009-10-29 19:33 . 2006-03-05 16:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-10-29 10:04 . 2007-11-14 11:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2009-10-29 06:48 . 2007-09-02 20:02 -------- d-----w- c:\documents and settings\DELAPAMPA\Application Data\uTorrent 2009-10-26 19:03 . 2005-03-07 18:27 84702 ----a-w- c:\windows\system32\perfc00C.dat 2009-10-26 19:03 . 2005-03-07 18:27 510144 ----a-w- c:\windows\system32\perfh00C.dat 2009-10-26 12:51 . 2008-10-09 17:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-09-11 14:28 . 2008-10-29 21:13 -------- d-----w- c:\documents and settings\DELAPAMPA\Application Data\dvdcss 2009-09-11 14:18 . 2004-08-05 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-10 13:54 . 2008-10-09 17:08 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-10 13:53 . 2008-10-09 17:08 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-04 21:04 . 2004-08-05 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-08-31 16:42 . 2006-03-05 16:33 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-08-31 10:49 . 2006-07-06 16:38 -------- d-----w- c:\program files\Microsoft ActiveSync 2009-08-29 07:56 . 2004-08-05 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2009-08-26 08:01 . 2004-08-05 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll 2009-08-23 02:28 . 2005-05-19 18:04 99152 ----a-w- c:\documents and settings\DELAPAMPA\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-08-20 13:09 . 2009-08-20 13:09 1193832 ----a-w- c:\windows\system32\FM20.DLL 2009-08-06 17:24 . 2005-03-07 10:37 327896 ----a-w- c:\windows\system32\wucltui.dll 2009-08-06 17:24 . 2005-03-07 10:37 209632 ----a-w- c:\windows\system32\wuweb.dll 2009-08-06 17:24 . 2005-05-26 02:16 44768 ----a-w- c:\windows\system32\wups2.dll 2009-08-06 17:24 . 2005-03-08 16:23 35552 ----a-w- c:\windows\system32\wups.dll 2009-08-06 17:24 . 2005-03-07 10:37 53472 ----a-w- c:\windows\system32\wuauclt.exe 2009-08-06 17:24 . 2004-08-05 12:00 96480 ----a-w- c:\windows\system32\cdm.dll 2009-08-06 17:23 . 2005-03-08 16:23 575704 ----a-w- c:\windows\system32\wuapi.dll 2009-08-06 17:23 . 2008-04-08 13:26 274288 ----a-w- c:\windows\system32\mucltui.dll 2009-08-06 17:23 . 2007-07-30 17:18 215920 ----a-w- c:\windows\system32\muweb.dll 2009-08-06 17:23 . 2005-03-07 10:37 1929952 ----a-w- c:\windows\system32\wuaueng.dll 2009-08-05 09:00 . 2004-08-05 12:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll 2009-08-04 20:58 . 2004-08-05 12:00 2191232 ----a-w- c:\windows\system32\ntoskrnl.exe 2009-08-04 17:28 . 2004-08-04 00:48 2068096 ----a-w- c:\windows\system32\ntkrnlpa.exe 2007-11-14 11:57 . 2007-11-14 11:57 135680 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll 2005-06-15 18:57 . 2005-06-13 20:41 56 --sha-r- c:\windows\system32\59E0682C5F.sys . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2008-09-29 1279216] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288] "Google Update"="c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-07-01 133104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-24 344064] "PCMService"="c:\program files\Home Cinema\PowerCinema\PCMService.exe" [2004-11-09 81920] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584] "SpybotSnD"="c:\program files\Spybot - Search & Destroy\SpybotSD.exe" [2009-01-26 5365592] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 849280] "PC Pitstop Optimize Scheduler"="c:\program files\PCPitstop\Optimize\PCPOptimize.exe" [2008-03-26 2577120] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 30248] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 46632] "PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528] "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 663552] "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 65536] "e-TF1"="c:\program files\TF1Vision\TF1vision.exe" [2008-03-05 397312] "ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2008-10-31 37232] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "Dit"="Dit.exe" - c:\windows\Dit.exe [2004-07-20 90112] "CHotkey"="mHotkey.exe" - c:\windows\mHotkey.exe [2004-02-24 508416] "ledpointer"="CNYHKey.exe" - c:\windows\CNYHKey.exe [2004-02-03 5794816] "AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2005-03-04 88209] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-05 44544] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma Loader.lnk.disabled [2005-5-19 1958] Assistant d'Acrobat.lnk.disabled [2005-5-19 1862] BTTray.lnk - c:\program files\MSI\Bluetooth Software\BTTray.exe [2004-3-31 507965] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\utorrent.exe"= "c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Pando Networks\\Pando\\pando.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "57245:TCP"= 57245:TCP:Pando P2P TCP Listening Port "57245:UDP"= 57245:UDP:Pando P2P UDP Listening Port R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [03/11/2006 18:19 13592] R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [07/03/2005 10:52 945152] R3 FA31X;NETGEAR FA311/FA312 NDIS 5.0 Miniport Driver;c:\windows\system32\drivers\FA31XND5.SYS [18/11/2005 21:17 16007] R3 PRISM_A00;CREATIX 802.11g Driver;c:\windows\system32\drivers\PRISMA00.sys [08/03/2005 16:59 380736] R3 UKBFLT;UKBFLT;c:\windows\system32\drivers\UKBFLT.sys [08/03/2005 15:30 11672] S2 qgehicwx;USB Serial Converter Helper;c:\windows\System32\svchost.exe -k netsvcs [05/08/2004 13:00 14336] S3 CardReaderFilter;Card Reader Filter;c:\windows\system32\drivers\USBCRFT.SYS [08/03/2005 15:26 17408] S3 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?] S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?] S3 PALLADIA;Palladia 300/400 Usb Adsl Modem;c:\windows\system32\drivers\usbiad.sys [16/02/2006 21:22 31547] S4 Acc9srskwerg;Acc9srskwerg; [x] --- Autres Services/Pilotes en mémoire --- *NewlyCreated* - CLASSPNP_2 *NewlyCreated* - MBR *Deregistered* - CLASSPNP_2 *Deregistered* - mbr . Contenu du dossier 'Tâches planifiées' 2009-10-28 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2009-10-29 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-11-14 15:15] 2009-10-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4031931224-3083130229-1089167384-1006Core.job - c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-07-01 11:55] 2009-10-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4031931224-3083130229-1089167384-1006UA.job - c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-07-01 11:55] 2009-10-29 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://home.neuf.fr/ uInternet Settings,ProxyServer = pop.free.fr uInternet Settings,ProxyOverride = *.local FF - ProfilePath - c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/webhp?hl=fr FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1396957&SearchSource=2&q= FF - prefs.js: network.proxy.type - 4 FF - component: c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\{f592709f-ff4a-4862-b659-4afabda56312}\components\FFAlert.dll FF - component: c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\piclens@cooliris.com\components\cooliris.dll FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll FF - plugin: c:\documents and settings\DELAPAMPA\Application Data\Mozilla\Firefox\Profiles\g0h14aus.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll FF - plugin: c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava11.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava12.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava13.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava14.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJava32.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPJPI150_01.dll FF - plugin: c:\program files\Java\jre1.5.0_01\bin\NPOJI610.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava11.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava12.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava13.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava32.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJPI141_01.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOJI610.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - ORPHELINS SUPPRIMES - - - - BHO-{72ED067B-303D-48A2-8211-AFD8D98BE44A} - (no file) BHO-{CAE07211-9B79-4392-B6D6-59C7800ECD9F} - (no file) Toolbar-ID - (no file) HKLM-Run-Cmaudio - cmicnfg.cpl Notify-tkrhoghe - (no file) SafeBoot-AVG Anti-Spyware Driver ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-10-29 20:56 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync] "Name"="ActiveSync" "DisplayName"="Microsoft ActiveSync" "Param1"="ActiveSync" "Type"="wellknown" "Order"=dword:00000001 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings] "Name"="IESettings" "Type"="IESettings" "Order"=dword:00000004 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles] "Name"="MediaFiles" "Type"="MediaFiles" "Order"=dword:00000003 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\NPW] "Name"="NPW" "Param1"="NPW" "Type"="wellknown" "Order"=dword:00000002 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-4031931224-3083130229-1089167384-1006\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\Outlook] "Name"="Outlook" "DisplayName"="Microsoft Outlook" "Param1"="Outlook" "Type"="wellknown" "Order"=dword:00000000 "State"=dword:00000020 [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|þ»Ñw*] "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(592) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(2228) c:\program files\CyberLink\Shared Files\CLRCEngine.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\btncopy.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\eappprxy.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\MSI\Bluetooth Software\bin\btwdins.exe c:\program files\Brother\ControlCenter3\brccMCtl.exe c:\program files\Brother\Brmfcmon\BrMfcmon.exe c:\documents and settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe c:\progra~1\COMMON~1\X10\Common\x10nets.exe c:\program files\iPod\bin\iPodService.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Heure de fin: 2009-10-29 21:01 - La machine a redémarré ComboFix-quarantined-files.txt 2009-10-29 20:01 ComboFix2.txt 2008-02-01 12:37 ComboFix3.txt 2008-02-01 12:29 ComboFix4.txt 2008-01-29 13:17 ComboFix5.txt 2009-10-29 19:47 Avant-CF: 639 180 800 octets libres Après-CF: 651 141 120 octets libres WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect - - End Of File - - 5D8C1495E30225A4B9C428D09DFCC6C2
  20. Voici le rapport MBAM que tu m'as demandé Malwarebytes' Anti-Malware 1.41 Version de la base de données: 3034 Windows 5.1.2600 Service Pack 3 26/10/2009 18:25:13 mbam-log-2009-10-26 (18-25-13).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 203047 Temps écoulé: 39 minute(s), 40 second(s) Processus mémoire infecté(s): 6 Module(s) mémoire infecté(s): 2 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 15 Elément(s) de données du Registre infecté(s): 7 Dossier(s) infecté(s): 5 Fichier(s) infecté(s): 31 Processus mémoire infecté(s): C:\WINDOWS\system32\restorer64_a.exe (SpamTool.Agent) -> Unloaded process successfully. C:\Documents and Settings\DELAPAMPA\Application Data\seres.exe (Trojan.FakeAlert) -> Unloaded process successfully. C:\Documents and Settings\DELAPAMPA\restorer64_a.exe (SpamTool.Agent) -> Unloaded process successfully. C:\Documents and Settings\DELAPAMPA\Application Data\svcst.exe (Trojan.FakeAlert) -> Unloaded process successfully. C:\WINDOWS\system32\qtplugin.exe (Rootkit.Agent) -> Unloaded process successfully. C:\WINDOWS\TEMP\wpv101255703227.exe (Trojan.Agent) -> Unloaded process successfully. Module(s) mémoire infecté(s): C:\WINDOWS\system32\_scui.cpl (Trojan.FakeAlert) -> Delete on reboot. C:\WINDOWS\system32\cpcp.cpo (Trojan.Agent) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\antiviruspro_2010 (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\AntivirusPro_2010 (Rogue.AntiVirusPro2010) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ESENT\Process\lizkavd (Trojan.FakeAlert) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\02292318 (Trojan.FakeAlert.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\restorer64_a (SpamTool.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mserv (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\restorer64_a (SpamTool.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\promoreg (Trojan.Dropper) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus pro 2010 (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{0656a137-b161-cadd-9777-e37a75727e78} (Fake.Dropped.Malware) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysgif32 (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\registrymonitor1 (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\don't load\scui.cpl (Hijack.SecurityCenter) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\don't load\wscui.cpl (Hijack.SecurityCenter) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Regedit32 (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RList (Malware.Trace) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe rundll32.exe cpcp.cpo bef0regiiav) Good: (Explorer.exe) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\Documents and Settings\All Users\Application Data\02292318 (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\AntivirusPro_2010 (Rogue.AntiVirusPro2010) -> Quarantined and deleted successfully. C:\Program Files\AntivirusPro_2010\data (Rogue.AntiVirusPro2010) -> Quarantined and deleted successfully. C:\Program Files\AntivirusPro_2010\Microsoft.VC80.CRT (Rogue.AntiVirusPro2010) -> Quarantined and deleted successfully. C:\Documents and Settings\DELAPAMPA\Menu Démarrer\Programmes\AntivirusPro_2010 (Rogue.AntiVirusPro2010) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Documents and Settings\All Users\Application Data\02292318\02292318.exe (Trojan.FakeAlert.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\restorer64_a.exe (SpamTool.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\DELAPAMPA\Application Data\seres.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Documents and Settings\DELAPAMPA\restorer64_a.exe (SpamTool.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\DELAPAMPA\Application Data\svcst.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\_scui.cpl (Trojan.FakeAlert) -> Delete on reboot. C:\WINDOWS\TEMP\_ex-08.exe (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Program Files\AntivirusPro_2010\AntivirusPro_2010.exe (Rogue.Installer) -> Quarantined and deleted successfully. C:\Documents and Settings\DELAPAMPA\Application Data\lizkavd.exe (Rogue.Installer) -> Quarantined and deleted successfully. C:\Documents and Settings\DELAPAMPA\Local Settings\Temp\kffscszx.dat (Rootkit.Agent) -> Quarantined and deleted successfully. C:\Program Files\AntivirusPro_2010\Uninstall.exe (Rogue.Installer) -> Quarantined and deleted successfully. C:\Program Files\AntivirusPro_2010\wscui.cpl (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Program Files\AntivirusPro_2010\AVEngn.dll (Rogue.AntiVirusPro2010) -> Quarantined and deleted successfully. C:\Program Files\AntivirusPro_2010\htmlayout.dll (Rogue.AntiVirusPro2010) -> Quarantined and deleted successfully. C:\Program Files\AntivirusPro_2010\pthreadVC2.dll (Rogue.AntiVirusPro2010) -> Quarantined and deleted successfully. C:\Program Files\AntivirusPro_2010\data\daily.cvd (Rogue.AntiVirusPro2010) -> Quarantined and deleted successfully. C:\Program Files\AntivirusPro_2010\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest (Rogue.AntiVirusPro2010) -> Quarantined and deleted successfully. C:\Program Files\AntivirusPro_2010\Microsoft.VC80.CRT\msvcm80.dll (Rogue.AntiVirusPro2010) -> Quarantined and deleted successfully. C:\Program Files\AntivirusPro_2010\Microsoft.VC80.CRT\msvcp80.dll (Rogue.AntiVirusPro2010) -> Quarantined and deleted successfully. C:\Program Files\AntivirusPro_2010\Microsoft.VC80.CRT\msvcr80.dll (Rogue.AntiVirusPro2010) -> Quarantined and deleted successfully. C:\Documents and Settings\DELAPAMPA\Menu Démarrer\Programmes\AntivirusPro_2010\AntivirusPro_2010.lnk (Rogue.AntiVirusPro2010) -> Quarantined and deleted successfully. C:\Documents and Settings\DELAPAMPA\Menu Démarrer\Programmes\AntivirusPro_2010\Uninstall.lnk (Rogue.AntiVirusPro2010) -> Quarantined and deleted successfully. C:\Documents and Settings\DELAPAMPA\Menu Démarrer\Programmes\Démarrage\zavupd32.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\cpcp.cpo (Trojan.Agent) -> Delete on reboot. C:\Documents and Settings\DELAPAMPA\Bureau\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully. C:\Documents and Settings\DELAPAMPA\Menu Démarrer\Programmes\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully. C:\WINDOWS\TEMP\wpv101255703227.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\DELAPAMPA\Application Data\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\qtplugin.exe (Rootkit.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\DELAPAMPA\Bureau\AntivirusPro_2010.lnk (Rogue.AntiVirusPro2010) -> Quarantined and deleted successfully. C:\Documents and Settings\DELAPAMPA\Application Data\Microsoft\Internet Explorer\Quick Launch\AntivirusPro_2010.lnk (Rogue.AntiVirusPro2010) -> Quarantined and deleted successfully. D'avance merci de te taper toutes ces lignes qui m'eurent laissé perplexe pour ma part !! t'as bien raison ça claque le passé simple et ça se perd A +
  21. Rebonjour Oui tu as raison, je l'ai scanné par MBAM deux fois et je t'ai envoyé le deuxième, autant pour moi, je te poste le premier rapport dés que je serais sur place. Merci.
  22. Salut Merci de ton aide. J'ai suivi la procédure que tu m'as indiqué et déjà, pas mal de problème sont résolus : réapparition du bureau, suppression de pas mal de malware grâce à MBAM mais toujours blocage du centre de sécurité notamment pour l'antivirus et l'antispam de windows defender. Je te poste les rapports ici : Malwarebytes' Anti-Malware 1.41 Version de la base de données: 3034 Windows 5.1.2600 Service Pack 3 26/10/2009 20:53:37 mbam-log-2009-10-26 (20-53-37).txt Type de recherche: Examen complet (A:\|C:\|D:\|E:\|F:\|) Eléments examinés: 224952 Temps écoulé: 44 minute(s), 23 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Logfile of random's system information tool 1.06 (written by random/random) Run by DELAPAMPA at 2009-10-26 20:02:12 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 1 GB (1%) free of 94 GB Total RAM: 1023 MB (37% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:02:19, on 26/10/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\Dit.exe C:\WINDOWS\mHotkey.exe C:\WINDOWS\CNYHKey.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Home Cinema\PowerCinema\PCMService.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\TF1Vision\TF1vision.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe C:\Program Files\MSI\Bluetooth Software\BTTray.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\rundll32.exe C:\Documents and Settings\DELAPAMPA\Mes documents\Downloads\RSIT.exe C:\Program Files\Trend Micro\HijackThis\DELAPAMPA.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = pop.free.fr R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {72ED067B-303D-48A2-8211-AFD8D98BE44A} - (no file) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: (no name) - {CAE07211-9B79-4392-B6D6-59C7800ECD9F} - (no file) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [spybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck /autofix /autoclose /waitstart O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [PC Pitstop Optimize Scheduler] C:\Program Files\PCPitstop\Optimize\PCPOptimize.exe -boot O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [indexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [e-TF1] C:\Program Files\TF1Vision\TF1vision.exe O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\ASScrProlog.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk.disabled O4 - Global Startup: Assistant d'Acrobat.lnk.disabled O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1206711224812 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1207653252687 O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file://C:\Program Files\MDT6\AcDcToday.ocx O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} - file://C:\Program Files\MDT6\InstBanr.ocx O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} - file://C:\Program Files\MDT6\InstFred.ocx O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file://C:\Program Files\MDT6\AcPreview.ocx O20 - Winlogon Notify: tkrhoghe - C:\WINDOWS\ O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - Unknown owner - C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe (file missing) O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 12393 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\Google Software Updater.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4031931224-3083130229-1089167384-1006Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4031931224-3083130229-1089167384-1006UA.job C:\WINDOWS\tasks\MP Scheduled Scan.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72ED067B-303D-48A2-8211-AFD8D98BE44A}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-11-14 2436160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] AcroIEToolbarHelper Class - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-26 668656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAE07211-9B79-4392-B6D6-59C7800ECD9F}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-11-14 2436160] ID [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-11-24 344064] "Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd [] "Dit"=C:\WINDOWS\Dit.exe [2004-07-20 90112] "CHotkey"=C:\WINDOWS\mHotkey.exe [2004-02-24 508416] "ledpointer"=C:\WINDOWS\CNYHKey.exe [2004-02-03 5794816] "AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2005-03-04 88209] "PCMService"=C:\Program Files\Home Cinema\PowerCinema\PCMService.exe [2004-11-09 81920] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584] "SpybotSnD"=C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe [2009-01-26 5365592] "IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2007-02-06 849280] "PC Pitstop Optimize Scheduler"=C:\Program Files\PCPitstop\Optimize\PCPOptimize.exe [2008-03-26 2577120] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] "SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472] "PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-01-29 30248] "IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-01-29 46632] "PPort11reminder"=C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-02-01 255528] "BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-03-12 663552] "ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2007-01-26 65536] "e-TF1"=C:\Program Files\TF1Vision\TF1vision.exe [2008-03-05 397312] "ASUS Camera ScreenSaver"=C:\WINDOWS\ASScrProlog.exe [2008-10-31 37232] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312] "DWQueuedReporting"=C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe [2007-03-22 39264] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2008-09-29 1279216] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288] ""= [] "Google Update"=C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-07-01 133104] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Adobe Gamma Loader.lnk.disabled - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe Assistant d'Acrobat.lnk.disabled - C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe BTTray.lnk - C:\Program Files\MSI\Bluetooth Software\BTTray.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2004-11-24 94208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tkrhoghe] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224] "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2007-05-30 79408] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "legalnoticecaption"= "legalnoticetext"= [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent" "C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb" "C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray" "C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Pando Networks\Pando\pando.exe"="C:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled:Pando Application" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" ======File associations====== .scr - open - C:\WINDOWS\NOTEPAD.EXE "%1" .scr - install - .scr - config - ======List of files/folders created in the last 1 months====== 2009-10-26 20:02:12 ----D---- C:\rsit 2009-10-26 13:50:03 ----D---- C:\Program Files\Trend Micro 2009-10-03 13:47:36 ----N---- C:\WINDOWS\system32\MpSigStub.exe ======List of files/folders modified in the last 1 months====== 2009-10-26 20:01:56 ----D---- C:\WINDOWS\Prefetch 2009-10-26 20:00:07 ----D---- C:\WINDOWS\TEMP 2009-10-26 19:59:34 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-10-26 19:59:20 ----D---- C:\WINDOWS 2009-10-26 19:59:07 ----SD---- C:\WINDOWS\Tasks 2009-10-26 19:59:06 ----A---- C:\WINDOWS\ModemLog_Bluetooth Modem.txt 2009-10-26 19:58:00 ----N---- C:\WINDOWS\SchedLgU.Txt 2009-10-26 18:31:34 ----D---- C:\WINDOWS\system32 2009-10-26 18:31:32 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-10-26 18:30:25 ----D---- C:\WINDOWS\system32\CatRoot2 2009-10-26 18:25:13 ----RAD---- C:\Program Files 2009-10-26 13:57:33 ----D---- C:\Program Files\Mozilla Firefox 2009-10-26 13:51:43 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-10-26 13:51:39 ----D---- C:\WINDOWS\system32\drivers 2009-10-26 08:01:19 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater 2009-10-23 17:39:46 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-10-21 19:32:23 ----D---- C:\Documents and Settings\DELAPAMPA\Application Data\uTorrent 2009-10-21 18:34:14 ----A---- C:\WINDOWS\NeroDigital.ini 2009-10-20 01:45:42 ----SHD---- C:\WINDOWS\Installer 2009-10-20 01:45:42 ----SHD---- C:\Config.Msi 2009-10-15 11:35:35 ----D---- C:\WINDOWS\Microsoft.NET 2009-10-15 11:35:33 ----RSD---- C:\WINDOWS\assembly 2009-10-15 11:27:20 ----D---- C:\WINDOWS\Debug 2009-10-14 21:30:50 ----D---- C:\WINDOWS\WinSxS 2009-10-14 21:28:35 ----HD---- C:\WINDOWS\inf 2009-10-14 21:28:11 ----D---- C:\Program Files\Internet Explorer 2009-10-14 21:27:40 ----HD---- C:\WINDOWS\$hf_mig$ 2009-10-14 21:22:44 ----A---- C:\WINDOWS\win.ini 2009-10-03 13:20:52 ----D---- C:\WINDOWS\Help 2009-10-02 19:01:57 ----A---- C:\WINDOWS\system32\MRT.exe 2009-09-30 12:49:44 ----D---- C:\Documents and Settings\DELAPAMPA\Application Data\Adobe 2009-09-30 12:49:44 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 43520] R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys [] R1 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys [2007-05-30 10872] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032] R3 3xHybrid;3xHybrid service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2004-10-06 945152] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-11-24 872960] R3 atinrvxx;ATI WDM Rage Theater Video; C:\WINDOWS\system32\DRIVERS\atinrvxx.sys [2004-08-03 105984] R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2004-03-31 16640] R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2004-03-31 30235] R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2004-03-31 146684] R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2004-12-17 804800] R3 FA31X;NETGEAR FA311/FA312 NDIS 5.0 Miniport Driver; C:\WINDOWS\system32\DRIVERS\FA31XND5.SYS [2002-05-15 16007] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288] R3 MVDCODEC;ATI WDM Specialized MVD Codec; C:\WINDOWS\system32\DRIVERS\atinmdxx.sys [2004-08-03 13824] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-10-20 33280] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-10-20 12928] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368] R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-11-08 21760] R3 PRISM_A00;CREATIX 802.11g Driver; C:\WINDOWS\system32\DRIVERS\PRISMA00.sys [2004-01-16 380736] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888] R3 UKBFLT;UKBFLT; C:\WINDOWS\system32\DRIVERS\UKBFLT.sys [2003-12-19 11672] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984] S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [] S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [] S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-03-04 1066278] S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295] S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2004-03-31 52856] S3 CardReaderFilter;Card Reader Filter; \??\C:\WINDOWS\system32\Drivers\USBCRFT.SYS [] S3 catchme;catchme; \??\C:\DOCUME~1\DELAPA~1\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591] S3 FA312;Pilote de la carte Fast Ethernet FA330/FA312/FA311 NETGEAR; C:\WINDOWS\system32\DRIVERS\FA312nd5.sys [2001-08-17 16074] S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2000-11-07 17490] S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2000-11-07 45965] S3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128] S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 NETMDUSB;Net MD; C:\WINDOWS\System32\Drivers\NETMDUSB.sys [2001-12-11 37087] S3 PALLADIA;Palladia 300/400 Usb Adsl Modem; C:\WINDOWS\system32\DRIVERS\usbiad.sys [2004-07-14 31547] S3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [] S3 QV2KUX;Appareil photo numérique Casio; C:\WINDOWS\system32\DRIVERS\qv2kux.sys [2001-08-17 3328] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usb_rndisx;Carte ISDN USB; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-26 36864] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 X10UIF;%DESCRIPTION%; C:\WINDOWS\System32\Drivers\x10uif.sys [2001-11-14 10761] S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys [2008-07-08 103936] S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys [2008-07-08 103936] S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys [2008-07-08 103936] S4 Acc9srskwerg;Acc9srskwerg; C:\WINDOWS\system32\drivers\Acc9srskwerg.sys [] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-11-24 425984] R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 btwdins;Bluetooth Service; C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe [2004-03-31 135168] R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168] R3 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-26 183280] S2 PCTAVSvc;PC Tools AntiVirus Engine; C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe [] S2 qgehicwx;USB Serial Converter Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2005-05-19 68096] S3 AdobeVersionCue;AdobeVersionCue; C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe [2003-10-22 61440] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe [2004-12-13 65536] S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe [2004-12-13 1527893] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-11-14 1836544] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 SPTISRV;Sony SPTI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe [2002-03-13 65536] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- info.txt logfile of random's system information tool 1.06 2009-10-26 20:02:21 ======Uninstall list====== -->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNNMP.exe /UNINSTALL -->MsiExec.exe /I{AC76BA86-1033-F400-7760-000000000001} -->RunDll32 "C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}\zidxp.exe" -->RunDll32 "C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}\setup.exe" -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01958032-9877-4118-B87F-9EFA74B3F15F}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C0DAEA5-826C-4A76-B176-56959B99D3F0}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf µTorrent-->"C:\Program Files\uTorrent\uninstall.exe" Ad-Aware SE Personal-->C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7} Adobe Creative Suite-->C:\PROGRA~1\INSTAL~1\{D52EC~1\setup.exe /Relaunched=yes /Uninstall /Relaunched=yes Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003} Adobe SVG Viewer 3.0-->C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log Agere Systems PCI Soft Modem-->agrsmdel AnswerWorks Runtime-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\WexTech\AnswerWorks\Uninst.isu" Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} Asus_LCD_ScreenSaver-->"C:\WINDOWS\ASUS LCD ScreenSaver Uninstaller.exe" Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x40c ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean Bluetooth Remote Control-->MsiExec.exe /I{9B5E5DFB-73C0-4B08-BCBF-BE97AE42993A} Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} Brother MFL-Pro Suite-->"C:\Program Files\InstallShield Installation Information\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Setup.exe" -runfromtemp -l0x040c Brunin03.dll -removeonly CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Clé Internet de prêt-->"C:\Program Files\InstallShield Installation Information\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}\setup.exe" -runfromtemp -l0x040c -removeonly C-Media 3D Audio-->C:\WINDOWS\CMIUnInstall.exe C-Media WDM Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE} Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" eMule-->"C:\Program Files\eMule\Uninstall.exe" Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F} FastStone Image Viewer 2.0.5-->C:\Program Files\FastStone Image Viewer\uninst.exe Generic USB CardReader 2.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA1CB7AC-E221-4822-A789-0ADB051DC498}\Setup.exe" -l0x9 -wUninst Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72} Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29} HijackThis 2.0.2-->"C:\hijackthis\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" ICE Book Reader Professional 8.2-->C:\Program Files\ICE Book Reader Professional\uninst.exe Install Creator-->C:\Program Files\Install Creator\Uninstal.exe InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe iTunes-->MsiExec.exe /I{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3} J2SE Runtime Environment 5.0 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150010} Java 2 Runtime Environment, SE v1.4.1_01-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1666FA7C-CB5F-11D6-A78C-00B0D079AF64}\setup.exe" Anytext Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall LifeFrame2-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158} Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Mechanical Desktop 6-->MsiExec.exe /I{5783F2D7-0103-0409-0000-0060B0CE6BBA} Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft Money-->C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120 Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9} Microsoft Outlook 2002-->MsiExec.exe /I{911A040C-6000-11D3-8CFE-0050048383C9} Microsoft Plus! Digital Media Edition-->MsiExec.exe /I{C6A7AF96-4EB1-4AAE-8318-1AB393C64F88} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} MicroStar Bluetooth Software-->MsiExec.exe /X{E98D6792-FC51-4187-9448-CA9BF893384E} Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB971930)-->"C:\WINDOWS\ie8updates\KB971930-IE8\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe Mozilla Firefox (3.0.14)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC} MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13} Nero Suite-->C:\Program Files\Fichiers communs\Ahead\Uninstall\setup.exe /uninstall ExtraUninstallID="" Neuf - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe NVIDIA Drivers-->C:\WINDOWS\system32\NVUNINST.EXE UninstallGUI OpenMG Jukebox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1C877DA0-5EFF-11D4-9254-0000F460E7A9}\setup.exe" -l0x40c UNINSTALL OpenMG Secure Module 3.0.03-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E84D2015-4FEB-40CC-A2DD-1A6B8BAC2429}\setup.exe" UNINSTALL Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall Pando-->MsiExec.exe /I{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB} PaperPort Image Printer-->MsiExec.exe /X{332CC6BF-E6C7-48EE-BA3D-435E576AD67F} PC Pitstop Optimize 1.5-->"C:\Program Files\PCPitstop\Optimize\unins000.exe" Piky Basket 2.0-->"C:\Program Files\Conceptworld\Piky\unins000.exe" PokerFROnline-->C:\PROGRA~1\POKERF~1\UNWISE.EXE C:\PROGRA~1\POKERF~1\INSTALL.LOG PowerCinema 3.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" -uninstall PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F} ScanSoft PaperPort 11-->MsiExec.exe /I{B6C89654-A6A2-477C-873B-724EC1C56407} Sony Net MD Help-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6BECFE0-74CE-11D5-B8A3-00B0D0D26B88}\setup.exe" UNINSTALL Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" TF1Vision version 1.3.1.4-->"C:\Program Files\TF1Vision\unins000.exe" TF1Vision version 1.3.1.5-->"C:\Program Files\TF1Vision\unins001.exe" Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" USB MODEM Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{042E2C9D-6647-4C5F-9CEF-387D72023128}\setup.exe" -l0x9 UNINSTALL USB PC Camera (SN9C102)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57383270-6F61-4DC8-A9B8-C1745FC29F38}\Setup.exe" -l0x9 USB Serial Converter Drivers-->C:\WINDOWS\system32\ftdiun2k.exe C:\WINDOWS\system32\ft2kunin.ini USB Wireless Keyboard Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D1955A3A-EA24-4682-8641-43B5B688B09A}\Setup.exe" -l0x40c Utilitaire de sauvegarde Windows-->MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE} Visionneuse Journal Windows Microsoft-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7} VLC media player 0.9.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe Winamp Remote-->"C:\Program Files\Winamp Remote\uninstall.exe" Winamp-->"C:\Program Files\Winamp\UninstWA.exe" Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401} Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" X10 Hardware-->C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log ======Hosts File====== 127.0.0.1 babe.the-killer.bz 127.0.0.1 www.babe.the-killer.bz 127.0.0.1 babe.k-lined.com 127.0.0.1 www.babe.k-lined.com 127.0.0.1 did.i-used.cc 127.0.0.1 www.did.i-used.cc 127.0.0.1 coolwwwsearch.com 127.0.0.1 www.coolwwwsearch.com 127.0.0.1 coolwebsearch.com 127.0.0.1 www.coolwebsearch.com ======Security center information====== AV: BullGuard 5.0 antivirus (disabled) FW: BullGuard 5.0 firewall (disabled) ======System event log====== Computer Name: MEDIO19MAI05 Event Code: 7023 Message: Le service Gestion d'applications s'est arrêté avec l'erreur : Le module spécifié est introuvable. Record Number: 8863 Source Name: Service Control Manager Time Written: 20090831125001.000000+120 Event Type: erreur User: Computer Name: MEDIO19MAI05 Event Code: 7036 Message: Le service Gestion d'applications est entré dans l'état : arrêté. Record Number: 8862 Source Name: Service Control Manager Time Written: 20090831125001.000000+120 Event Type: Informations User: Computer Name: MEDIO19MAI05 Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Gestion d'applications. Record Number: 8861 Source Name: Service Control Manager Time Written: 20090831125001.000000+120 Event Type: Informations User: MEDIO19MAI05\DELAPAMPA Computer Name: MEDIO19MAI05 Event Code: 7023 Message: Le service Gestion d'applications s'est arrêté avec l'erreur : Le module spécifié est introuvable. Record Number: 8860 Source Name: Service Control Manager Time Written: 20090831125001.000000+120 Event Type: erreur User: Computer Name: MEDIO19MAI05 Event Code: 7036 Message: Le service Gestion d'applications est entré dans l'état : arrêté. Record Number: 8859 Source Name: Service Control Manager Time Written: 20090831125001.000000+120 Event Type: Informations User: =====Application event log===== Computer Name: MEDIO19MAI05 Event Code: 0 Message: Record Number: 8784 Source Name: btwdins Time Written: 20090824173755.000000+120 Event Type: Informations User: Computer Name: MEDIO19MAI05 Event Code: 0 Message: Record Number: 8783 Source Name: gusvc Time Written: 20090824125200.000000+120 Event Type: Informations User: Computer Name: MEDIO19MAI05 Event Code: 0 Message: Record Number: 8782 Source Name: gusvc Time Written: 20090824125100.000000+120 Event Type: Informations User: Computer Name: MEDIO19MAI05 Event Code: 0 Message: Record Number: 8781 Source Name: gusvc Time Written: 20090824115300.000000+120 Event Type: Informations User: Computer Name: MEDIO19MAI05 Event Code: 0 Message: Record Number: 8780 Source Name: gusvc Time Written: 20090824115200.000000+120 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Fichiers communs\Autodesk Shared;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 31 Stepping 0, AuthenticAMD "PROCESSOR_REVISION"=1f00 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_01\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.5.0_01\lib\ext\QTJava.zip -----------------EOF-----------------
  23. Bonjour à tous, Dans la famille "je suis un blaireau qui ne sécurise pas son PC correctement", je me présente comme un cas d'école. J'ai voulu lire un fichier P2P et après une tentative vaine, un message de windows defender s'est inscrit en bas à droite m'informant que j'étais infecté par de multiple trucs et qu' ANTIVIRUS PRO 2010 était la solution à mon problème Aprés recherche sur ce forum j'ai noté que le problème a touché déjà quelques utilisateurs ici et là. Le symptôme principal est que mon bureau est désormais sur fond jaune poussin et ne permet plus d'accéder aux icônes... entre autres. Aussi je vous demande de bien vouloir m'aider à me débarasser de cette ...de, svp. Précision Je suis sous XP 2003 SP3. J'ai fait un rapport HI jack this que je vous joins ci -dessous pour un premier diagnostic... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:50:13, on 26/10/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\Dit.exe C:\WINDOWS\mHotkey.exe C:\WINDOWS\CNYHKey.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Home Cinema\PowerCinema\PCMService.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\TF1Vision\TF1vision.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\Temp\wpv101255703227.exe C:\WINDOWS\system32\qtplugin.exe C:\WINDOWS\system32\restorer64_a.exe C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe C:\Documents and Settings\DELAPAMPA\Application Data\seres.exe C:\Documents and Settings\DELAPAMPA\restorer64_a.exe C:\Documents and Settings\DELAPAMPA\Application Data\svcst.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSI\Bluetooth Software\BTTray.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\WinRAR\WinRAR.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = pop.free.fr R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: Shell=Explorer.exe rundll32.exe cpcp.cpo bef0regiiav O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {72ED067B-303D-48A2-8211-AFD8D98BE44A} - (no file) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: (no name) - {CAE07211-9B79-4392-B6D6-59C7800ECD9F} - (no file) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [spybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck /autofix /autoclose /waitstart O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [PC Pitstop Optimize Scheduler] C:\Program Files\PCPitstop\Optimize\PCPOptimize.exe -boot O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [indexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [e-TF1] C:\Program Files\TF1Vision\TF1vision.exe O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\ASScrProlog.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t O4 - HKLM\..\Run: [sysgif32] C:\WINDOWS\Temp\wpv101255703227.exe O4 - HKLM\..\Run: [restorer64_a] C:\WINDOWS\system32\restorer64_a.exe O4 - HKLM\..\Run: [02292318] C:\DOCUME~1\ALLUSE~1\APPLIC~1\02292318\02292318.exe O4 - HKLM\..\Run: [PromoReg] C:\WINDOWS\Temp\_ex-08.exe O4 - HKLM\..\Run: [RegistryMonitor1] C:\WINDOWS\system32\qtplugin.exe O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe O4 - HKLM\..\Run: [Antivirus Pro 2010] "C:\Program Files\AntivirusPro_2010\AntivirusPro_2010.exe" /hide O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\DELAPAMPA\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [restorer64_a] C:\Documents and Settings\DELAPAMPA\restorer64_a.exe O4 - HKCU\..\Run: [mserv] C:\Documents and Settings\DELAPAMPA\Application Data\seres.exe O4 - HKCU\..\Run: [svchost] C:\Documents and Settings\DELAPAMPA\Application Data\svcst.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user') O4 - Startup: zavupd32.exe O4 - Global Startup: Adobe Gamma Loader.lnk.disabled O4 - Global Startup: Assistant d'Acrobat.lnk.disabled O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1206711224812 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1207653252687 O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file://C:\Program Files\MDT6\AcDcToday.ocx O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} - file://C:\Program Files\MDT6\InstBanr.ocx O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} - file://C:\Program Files\MDT6\InstFred.ocx O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file://C:\Program Files\MDT6\AcPreview.ocx O20 - Winlogon Notify: tkrhoghe - C:\WINDOWS\ O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - Unknown owner - C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe (file missing) O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 13555 bytes MERCI DE VOTRE AIDE.
×
×
  • Créer...