Govinda

Bonjour, Merci d'avoir répondu à ma demande d'aide! je vous poste les rapports: Ad report scan: ======= RAPPORT D'AD-REMOVER 2.0.0.1,C | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par C_XX le 23/06/10 à 19:20 Contact: AdRemover.contact@gmail.com Site web: Ad_Remover C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 01:59:48 le 18/07/2010, Mode normal Microsoft® Windows Vista™ Professionnel Service Pack 1 (X86) Gwendal@PC-DE-GWENDAL (LENOVO 77333GG) ============== RECHERCHE ============== 1,Clé trouvée: HKLM\Software\Classes\Interface\{D6094FC6-821F-474C-8D73-C13066CD178D} 0,Clé trouvée: HKCU\Software\Winsudate ============== SCAN ADDITIONNEL ============== ** Mozilla Firefox Version [3.6.6 (fr)] ** -- C:\Users\Gwendal\AppData\Roaming\Mozilla\FireFox\Profiles\8stnpmd9.default\Prefs.js -- browser.download.lastDir, C:\\Users\\Gwendal\\Desktop browser.startup.homepage, hxxp://mail.google.com/mail/?hl=fr#|hxxp://www.agrocampus-ouest.fr/infoglueDeliverLive/ browser.startup.homepage_override.mstone, rv:1.9.2.6 ======================================== ** Internet Explorer Version [8.0.6001.18928] ** [HKCU\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://lenovo.live.com Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\Windows\system32\blank.htm Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Show_ToolBar: yes Start Page: hxxp://mail.google.com/mail/?hl=fr# [HKLM\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://lenovo.live.com Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Delete_Temp_Files_On_Exit: yes Local Page: C:\Windows\System32\blank.htm Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157 [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 2 Fichier(s) C:\Program Files\Ad-Remover\Backup: 2 Fichier(s) C:\Ad-Report-SCAN[1].txt - 18/07/2010 (2086 Octet(s)) Fin à: 02:04:46, 18/07/2010 ============== E.O.F ============== Ad report Clean: ======= RAPPORT D'AD-REMOVER 2.0.0.1,C | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par C_XX le 23/06/10 à 19:20 Contact: AdRemover.contact@gmail.com Site web: Ad_Remover C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 02:20:20 le 18/07/2010, Mode normal Microsoft® Windows Vista™ Professionnel Service Pack 1 (X86) Gwendal@PC-DE-GWENDAL (LENOVO 77333GG) ============== ACTION(S) ============== (!) -- Fichiers temporaires supprimés. 1,Clé supprimée: HKLM\Software\Classes\Interface\{D6094FC6-821F-474C-8D73-C13066CD178D} 0,Clé supprimée: HKCU\Software\Winsudate ============== SCAN ADDITIONNEL ============== ** Mozilla Firefox Version [3.6.6 (fr)] ** -- C:\Users\Gwendal\AppData\Roaming\Mozilla\FireFox\Profiles\8stnpmd9.default\Prefs.js -- browser.download.lastDir, C:\\Users\\Gwendal\\Desktop browser.startup.homepage, hxxp://mail.google.com/mail/?hl=fr#|hxxp://www.agrocampus-ouest.fr/infoglueDeliverLive/ browser.startup.homepage_override.mstone, rv:1.9.2.6 ======================================== ** Internet Explorer Version [8.0.6001.18928] ** [HKCU\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\Windows\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: C:\Windows\System32\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 2 Fichier(s) C:\Program Files\Ad-Remover\Backup: 18 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 18/07/2010 (2315 Octet(s)) C:\Ad-Report-SCAN[1].txt - 18/07/2010 (2215 Octet(s)) C:\Ad-Report-SCAN[2].txt - 18/07/2010 (2271 Octet(s)) Fin à: 02:24:53, 18/07/2010 ============== E.O.F ============== Mbam: alwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4324 Windows 6.0.6001 Service Pack 1 Internet Explorer 8.0.6001.18928 19/07/2010 00:15:08 mbam-log-2010-07-19 (00-15-08).txt Type d'examen: Examen complet (C:\|D:\|E:\|G:\|) Elément(s) analysé(s): 281811 Temps écoulé: 1 heure(s), 25 minute(s), 29 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) et pour finir antiboot: "aucun disque infecté"

Bonjour, Suite à l'ouverture d'un fichier infecté, je me suis retrouvé avec plusieurs virus sur le PC. Avast puis antivir en ont éliminé une partie. Mais quand j'analyse le rapport ZHP (avec ZHP help) il s'avère qu'il m'en reste encore. (non détecté par antivir) J'aimerais savoir si ce que m'annonce ZHP Help concerne réellement des virus, malware... ou si ce sont de faux positifs. Je vous poste mon rapport ZHP: Merci de votre aide Rapport de ZHPDiag v1.26.19 par Nicolas Coolman, Update du 13/07/2010 Run by Gwendal at 13/07/2010 19:44:33 Web site : ZHPDiag Outil de diagnostic Contact : nicolascoolman@yahoo.fr ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18928 MFIE: Mozilla Firefox (3.6.3) ---\\ System Information Platform : Windows Vista Business (6.0.6001) Service Pack 1 Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 2005 MB (48% free) System drive C: has 37 GB (34%) free of 105 GB ---\\ Logged in mode Computer Name: PC-DE-GWENDAL User Name: Gwendal All Users Names: Gwendal, ASPNET, Administrateur, Unselected Option: O1,O45,O61,O65,O82 Logged in as Administrator ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 37 Go of 105 Go) D:\ CD-ROM drive (Not Inserted) E:\ Hard drive, Flash drive, Thumb drive (Free 54 Go of 110 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK ---\\ Processus lancés [MD5.58553A6797130ADD83ECF0B6BF9A7028] - (.Lenovo Group Limited - Presentation Director Fn+F7 handler.) -- C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe [59168] [MD5.C041B22CE11947C5AD4E904177B9B12B] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [820520] [MD5.0C2FA49CE1F334A16CCCDBD92E99B3B3] - (.Lenovo Group Limited - On screen display message handler.) -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [66176] [MD5.686CD234BF4B816291A858782C71269B] - (.Lenovo. - ThinkVantage Active Protection System.) -- C:\Windows\System32\TpShocks.exe [181536] [MD5.B06E54AAFC8AF975FD5159AF8E1896B1] - (.Lenovo Group Ltd. - ThinkPad EasyEject Support Application.) -- C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE [243248] [MD5.0DE084BB8E3F5D134D830319513BD1EA] - (.Lenovo Group Limited - On screen display drawer.) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe [73776] [MD5.78374C795B65347220250F15186B5C67] - (.Lenovo Group Limited - Maintenance Manager Scheduler.) -- C:\Program Files\Lenovo\AwayTask\AwaySch.EXE [91688] [MD5.260E8EEC64BA16A9D12ED7A97BD2A785] - (.Lenovo Group Limited - ThinkVantage Productivity Center Manager.) -- C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE [120368] [MD5.7B7824CAE247D85E566D4C6EEDFA7C86] - (.Synaptics, Inc. - TouchPad Driver Helper Application.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [110592] [MD5.AD75F6BEE730139A5EF2E2E2DF537B7A] - (.Lenovo Group Limited - CSS Authentication Provider.) -- C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [2630968] [MD5.58C27EBBBEB67A26484A1C50909C002C] - (.Lenovo Group Limited - scheduler_proxy Application.) -- C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [487424] [MD5.BC9B8D182E951E0F3720E1EC66FC06E6] - (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe [1282048] [MD5.636C60C80647D98C778AB59B6B1AA37A] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [150040] [MD5.4F76767FE9C277E835087A39240A5EF6] - (.Lenovo Group Limited - ThinkPad UltraZoom.) -- C:\Program Files\Lenovo\Zoom\TpScrex.exe [91688] [MD5.42E4C0B8F3BDE96A7636922317B1D719] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [178712] [MD5.4EB6F05FD53FC9ADE0A2BE97F1E4C665] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536] [MD5.B88980D609E467DD56FCDCC2D2E574EA] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [154136] [MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248040] [MD5.F89BF6FB6A0B58144285579282630A89] - (.Seagate - Seagate DiscWizard Monitor.) -- C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe [1349392] [MD5.349400FF60F2A20CC889E258E99359C0] - (.Acronis - Monitor for Acronis True Image Backup Archi.) -- C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe [905208] [MD5.80BC10E93C34D96839C6FBC26798325F] - (.Seagate - Seagate Scheduler Helper.) -- C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe [136544] [MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153] [MD5.4FE75B79C9962ACC424594F75359A80D] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe [719664] [MD5.F03FFC962E18F36A922E61F96BE09925] - (.Avanquest Software - Digital Line Detection.) -- C:\Program Files\Digital Line Detect\DLG.exe [50688] [MD5.C6CD6269CDCEC4759B5B75ABE59B5083] - (.Lenovo Group Limited - Password Manager Tray Application.) -- C:\Program Files\Lenovo\Client Security Solution\tvtpwm_tray.exe [927032] [MD5.F4E60FCD357A548726BD5B664E4D7A73] - (.Diskeeper Corporation - DKICON.EXE.) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe [217176] [MD5.49958506B773E40D31832E3EEDA522E7] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [910296] [MD5.BB06F5F89B06B13BD15663A70DCDA2B3] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [475136] ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=explorer.exe ---\\ Pages de recherche d'Internet Explorer (R1) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing ---\\ Internet Explorer URLSearchHook (R3) R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll ---\\ Applications démarrées automatiquement par le registre (O4) O4 - HKLM\..\Run: [TPFNF7] . (.Lenovo Group Limited - Presentation Director Fn+F7 handler.) -- C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [TPHOTKEY] . (.Lenovo Group Limited - On screen display message handler.) -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe O4 - HKLM\..\Run: [TpShocks] . (.Lenovo. - ThinkVantage Active Protection System.) -- C:\Windows\System32\TpShocks.exe O4 - HKLM\..\Run: [EZEJMNAP] . (.Lenovo Group Ltd. - ThinkPad EasyEject Support Application.) -- C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.exe O4 - HKLM\..\Run: [DiskeeperSystray] . (.Diskeeper Corporation - DKICON.EXE.) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe O4 - HKLM\..\Run: [AwaySch] . (.Lenovo Group Limited - Maintenance Manager Scheduler.) -- C:\Program Files\Lenovo\AwayTask\AwaySch.exe O4 - HKLM\..\Run: [LPManager] . (.Lenovo Group Limited - ThinkVantage Productivity Center Manager.) -- C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe O4 - HKLM\..\Run: [cssauth] . (.Lenovo Group Limited - CSS Authentication Provider.) -- C:\Program Files\Lenovo\Client Security Solution\cssauth.exe O4 - HKLM\..\Run: [TVT Scheduler Proxy] . (.Lenovo Group Limited - scheduler_proxy Application.) -- C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe O4 - HKLM\..\Run: [soundMAXPnP] . (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Run: [DiscWizardMonitor.exe] . (.Seagate - Seagate DiscWizard Monitor.) -- C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] . (.Acronis - Monitor for Acronis True Image Backup Archi.) -- C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe O4 - HKLM\..\Run: [seagate Scheduler2 Service] . (.Seagate - Seagate Scheduler Helper.) -- C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\Windows\system32\GPhotos.scr O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~1\Office12\EXCEL.exe O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} . (.not file.) - (.not file.) O9 - Extra button: Xanadu - {5CC384BB-1326-11D5-F4AE-00C04923F885} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Foreignword\Xanadu\bin\IEHotIcon.ico O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~1\Office12\REFBARH.ICO O9 - Extra button: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\ThinkPad\Bluetooth Software\bt_hot_icon.ico ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll O20 - Winlogon Notify: psfus . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\psqlpwd.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) . (.Lenovo - ThinkVantage Access Connections Profile Man.) - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe O23 - Service: Access Connections Main Service (AcSvc) . (.Lenovo - ThinkVantage Access Connections Main Servic.) - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe O23 - Service: Andrea ADI Filters Service (AEADIFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Windows\system32\AEADISRV.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Diskeeper (Diskeeper) . (.Diskeeper Corporation - DKSERVICE.EXE.) - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: ThinkPad PM Service (IBMPMSVC) . (.Lenovo - ThinkPad Power Management Service.) - C:\Windows\system32\ibmpmsvc.exe O23 - Service: Service de base IPS (IPSSVC) . (.Lenovo Group Limited - IPS Core Service.) - C:\Windows\system32\IPSSVC.exe O23 - Service: IviRegMgr (IviRegMgr) . (.InterVideo - RegMgr Module.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Roxio Upnp Server 9 (Roxio Upnp Server 9) . (.Sonic Solutions - Roxio UPnP Service 9.) - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: Seagate Scheduler2 Service (SgtSch2Svc) . (.Seagate - Seagate Scheduler 2.) - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe O23 - Service: System Update (SUService) . (.Lenovo Group Limited - ThinkVantage System Update Service.) - c:\program files\lenovo\system update\suservice.exe O23 - Service: ThinkVantage Registry Monitor Service (ThinkVantage Registry Monitor Service) . (.Lenovo Group Limited - ThinkVantage Registry Monitor Service.) - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) . (.Pas de propriétaire - Pas de description.) - c:\System32\TPHDEXLG.exe O23 - Service: Incrustation (TPHKSVC) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe O23 - Service: TSS Core Service (TSSCoreService) . (.IBM - tvttcsd Application.) - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe O23 - Service: TVT Backup Protection Service (TVT Backup Protection Service) . (.Pas de propriétaire - rrpservice Module.) - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe O23 - Service: TVT Backup Service (TVT Backup Service) . (.Lenovo Group Limited - Rescue and Recovery Backup Service.) - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe O23 - Service: TVT Scheduler (TVT Scheduler) . (.Lenovo Group Limited - ThinkVantage Scheduler.) - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) . (.Pas de propriétaire - Pas de description.) - %ProgramFiles%\Windows Media Player\wmpnetwk.exe O23 - Service: XAudioService (XAudioService) . (.Conexant Systems, Inc. - Modem Audio Service.) - C:\Windows\system32\DRIVERS\xaudio.exe ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3764767647-1150422980-3012415056-1005Core.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3764767647-1150422980-3012415056-1005UA.job ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Pas de propriétaire - Pas de description.) -- "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.1 r53.) -- C:\Windows\system32\Macromed\Flash\Flash10h.ocx ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: avgio (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys O41 - Driver: avipbb (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\system32\DRIVERS\avipbb.sys O41 - Driver: (DLACDBHM) . (.Roxio - Shared Driver Component.) - C:\Windows\system32\Drivers\DLACDBHM.sys O41 - Driver: (DLARTL_M) . (.Roxio - Shared Driver Component.) - C:\Windows\system32\Drivers\DLARTL_M.sys O41 - Driver: Lenovo System Interface Driver (lenovo.smi) . (.Lenovo Group Limited - SMI Driver for Lenovo system.) - C:\Windows\system32\DRIVERS\smiif32.sys O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys O41 - Driver: (TPPWRIF) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\drivers\Tppwr32v.sys ---\\ Logiciels installés (O42) O42 - Logiciel: 7-Zip 4.65 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Access - Aide - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Adobe Reader 8.2.3 - Français - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] O42 - Logiciel: BitTorrent - (.BitTorrent, Inc.) [HKLM] O42 - Logiciel: CCleaner (remove only) - (.Piriform.) [HKLM] O42 - Logiciel: Canon G.726 WMP-Decoder - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Canon MovieEdit Task for ZoomBrowser EX - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Canon RAW Image Task for ZoomBrowser EX - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Canon Utilities CameraWindow - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Canon Utilities CameraWindow DC - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Canon Utilities MyCamera - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Canon Utilities MyCamera DC - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Canon Utilities PhotoStitch - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Canon Utilities RemoteCapture DC - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Canon Utilities RemoteCapture Task for ZoomBrowser EX - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Canon Utilities ZoomBrowser EX - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Canon ZoomBrowser EX Memory Card Utility - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Client Security Solution - (.Lenovo Group Limited.) [HKLM] O42 - Logiciel: Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] O42 - Logiciel: Diskeeper Home - (.Diskeeper Corporation.) [HKLM] O42 - Logiciel: DivX Plus Web Player - (.DivX,Inc..) [HKLM] O42 - Logiciel: Drag-to-Disc - (.Sonic Solutions.) [HKLM] O42 - Logiciel: Facebook Plug-In - (.Facebook, Inc..) [HKCU] O42 - Logiciel: Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Freez FLV to AVI/MPEG/WMV Converter - (.www.smallvideosoft.com.) [HKLM] O42 - Logiciel: GanttProject - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Gestionnaire d'alimentation ThinkPad - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Gestionnaire de contacts professionnels pour Outlook 2007 SP1 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Gestionnaire de présentation - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Google Talk Plugin - (.Google.) [HKLM] O42 - Logiciel: Half-Life - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Help Center - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Incrustation - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Integrated Camera - (.Sonix.) [HKLM] O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Intel® PRO Network Connections Drivers - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: InterVideo WinDVD - (.InterVideo Inc..) [HKLM] O42 - Logiciel: Java 6 Update 2 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: Java 6 Update 20 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: Lenovo Registration - (.Lenovo - Leader Technologies.) [HKLM] O42 - Logiciel: Lenovo System Interface Driver - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: MSVC80_x86 - (.Nokia.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 Parser and SDK - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Maintenance Manager - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Medal of Honor Allied Assault - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Message Center - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Message Center Plus - (.Lenovo Group Limited.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Age of Empires II - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft Office 2003 Web Components - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office 2007 Primary Interop Assemblies - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Small Business Connectivity Components - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft SQL Server Native Client - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft SQL Server VSS Writer - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Mozilla Firefox (3.6.3) - (.Mozilla.) [HKLM] O42 - Logiciel: Mozilla Thunderbird (3.0.5) - (.Mozilla.) [HKLM] O42 - Logiciel: Multimedia Center For Think Offerings - (.Roxio.) [HKLM] O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM] O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM] O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] O42 - Logiciel: PC-Doctor 5 pour Windows - (.PC-Doctor, Inc..) [HKLM] O42 - Logiciel: Package de pilotes Windows - Nokia Modem (06/01/2009 4.1) - (.Nokia.) [HKLM] O42 - Logiciel: Package de pilotes Windows - Nokia Modem (06/01/2009 7.01.0.3) - (.Nokia.) [HKLM] O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] O42 - Logiciel: RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] O42 - Logiciel: Registry Patch of Enabling Device Initiated Power Management(DIPM) on SATA for Windows Vista - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Registry patch for Windows Vista USB S3 PM Enablement - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Registry patch of Changing Timing of IDLE IRP by Finger Print Driver for Windows Vista - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Registry patch to improve USB device detection on resume from sleep for Windows Vista - (.Lenovo Group Limited.) [HKLM] O42 - Logiciel: Rescue and Recovery - (.Lenovo Group Limited.) [HKLM] O42 - Logiciel: Seagate DiscWizard - (.Seagate.) [HKLM] O42 - Logiciel: Sierra Utilities - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Simulateur de marché version 0.1.2 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Skype™ 4.2 - (.Skype Technologies S.A..) [HKLM] O42 - Logiciel: Sonic Icons for Lenovo - (.Lenovo.) [HKLM] O42 - Logiciel: SoundMAX - (.Analog Devices.) [HKLM] O42 - Logiciel: Supplément à Productivity Center pour ThinkPad - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: System Migration Assistant - (.Lenovo Group Limited..) [HKLM] O42 - Logiciel: System Update - (.Lenovo.) [HKLM] O42 - Logiciel: Système de protection active ThinkVantage - (.Lenovo.) [HKLM] O42 - Logiciel: TV sur PC - (.SFR.) [HKLM] O42 - Logiciel: ThinkPad Bluetooth with Enhanced Data Rate Software 6.0.1.4900 - (.Lenovo.) [HKLM] O42 - Logiciel: ThinkPad FullScreen Magnifier - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ThinkPad Mobility Center Customization - (.Lenovo.) [HKLM] O42 - Logiciel: ThinkPad Modem - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ThinkPad Power Management Driver - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ThinkPad UltraNav Driver - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ThinkVantage Access Connections - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ThinkVantage Productivity Center - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ThinkVantage Technologies Welcome Message - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Utilitaire ThinkPad EasyEject - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Utilitaire ThinkPad UltraNav - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053 - (.DivX, Inc.) [HKLM] O42 - Logiciel: VLC media player 1.0.1 - (.VideoLAN Team.) [HKLM] O42 - Logiciel: Virtualis Crédit Mutuel - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Wallpapers - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: WinRAR archiver - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Windows Driver Package - Intel (e1express) Net (04/26/2007 9.7.240.0) - (.Intel.) [HKLM] O42 - Logiciel: Windows Driver Package - Intel (iaStor) hdc (02/12/2007 7.0.0.1020) - (.Intel.) [HKLM] O42 - Logiciel: Windows Driver Package - Intel System (09/15/2006 7.0.0.1011) - (.Intel.) [HKLM] O42 - Logiciel: Windows Driver Package - Intel System (09/15/2006 8.0.0.1008) - (.Intel.) [HKLM] O42 - Logiciel: Windows Driver Package - Intel System (09/15/2006 8.0.0.1010) - (.Intel.) [HKLM] O42 - Logiciel: Windows Driver Package - Intel System (09/15/2006 8.2.0.1000) - (.Intel.) [HKLM] O42 - Logiciel: Windows Driver Package - Intel USB (09/15/2006 8.0.0.1008) - (.Intel.) [HKLM] O42 - Logiciel: Windows Driver Package - Intel hdc (11/15/2006 8.2.0.1011) - (.Intel.) [HKLM] O42 - Logiciel: Windows Driver Package - Intel hdc (12/06/2006 6.8.0.3002) - (.Intel.) [HKLM] O42 - Logiciel: Windows Driver Package - Lenovo (IBMPMDRV) System (05/31/2007 1.43) - (.Lenovo.) [HKLM] O42 - Logiciel: Xanadu - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ZebHelpProcess 2.35 - (.Nicolas Coolman.) [HKLM] ---\\ HKCU & HKLM Software Keys [HKCU\Software\2015] [HKCU\Software\7-Zip] [HKCU\Software\ACE Compression Software] [HKCU\Software\ACS] [HKCU\Software\ALWIL Software] [HKCU\Software\Adobe] [HKCU\Software\Analog Devices] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Avira] [HKCU\Software\Blizzard Entertainment] [HKCU\Software\Borland] [HKCU\Software\CDDB] [HKCU\Software\Canon] [HKCU\Software\Canon_Inc_IC] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CoreAAC] [HKCU\Software\DT Soft] [HKCU\Software\DVD Shrink] [HKCU\Software\DivXNetworks] [HKCU\Software\Etiam] [HKCU\Software\Gabest] [HKCU\Software\Google] [HKCU\Software\IBM] [HKCU\Software\Intel] [HKCU\Software\InterVideo] [HKCU\Software\JavaSoft] [HKCU\Software\Lake] [HKCU\Software\Leadertech] [HKCU\Software\Lenovo] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\MicroVision] [HKCU\Software\MimarSinan] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\Nokia] [HKCU\Software\ODBC] [HKCU\Software\Pinnacle Systems] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\RealNetworks] [HKCU\Software\Roxio] [HKCU\Software\Seagate] [HKCU\Software\Skype] [HKCU\Software\Sonic Solutions] [HKCU\Software\Sonic] [HKCU\Software\Sony Corporation] [HKCU\Software\Synaptics] [HKCU\Software\Trolltech] [HKCU\Software\VOB] [HKCU\Software\Valve] [HKCU\Software\Widcomm] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Winsudate] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\flv2avi] [HKCU\Software\goalbit] [HKLM\Software\ACE Compression Software] [HKLM\Software\ALWIL Software] [HKLM\Software\APEC] [HKLM\Software\Acronis] [HKLM\Software\Adobe] [HKLM\Software\Analog Devices] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Avira] [HKLM\Software\BVRP Software, Inc] [HKLM\Software\Borland] [HKLM\Software\C07ft5Y] [HKLM\Software\CXT] [HKLM\Software\Canon] [HKLM\Software\Canon_Inc_IC] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Conexant Systems Inc ] [HKLM\Software\Conexant] [HKLM\Software\DDNI] [HKLM\Software\DT Soft] [HKLM\Software\Debug] [HKLM\Software\Diskeeper Corporation] [HKLM\Software\DivXNetworks] [HKLM\Software\EA GAMES] [HKLM\Software\Electronic Arts] [HKLM\Software\Foreignword] [HKLM\Software\Google] [HKLM\Software\IBM] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\InterVideo Inc.] [HKLM\Software\InterVideo] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Lenovo] [HKLM\Software\Macromedia] [HKLM\Software\Macserlen] [HKLM\Software\MicroVision] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Neuf] [HKLM\Software\Nokia] [HKLM\Software\ODBC] [HKLM\Software\PC Connectivity Solution] [HKLM\Software\PC-Doctor] [HKLM\Software\PCSuite] [HKLM\Software\Pinnacle Systems] [HKLM\Software\Policies] [HKLM\Software\Protector Suite QL] [HKLM\Software\Protector Suite] [HKLM\Software\RealNetworks] [HKLM\Software\RegisteredApplications] [HKLM\Software\RichFX] [HKLM\Software\Roxio] [HKLM\Software\S3R521] [HKLM\Software\SONIX] [HKLM\Software\Seagate] [HKLM\Software\Sierra On-Line] [HKLM\Software\Sierra OnLine] [HKLM\Software\Skype] [HKLM\Software\Sonic] [HKLM\Software\Symantec] [HKLM\Software\Synaptics] [HKLM\Software\ThinkVantage] [HKLM\Software\UIU] [HKLM\Software\Valve] [HKLM\Software\VideoLAN] [HKLM\Software\Virtual Token] [HKLM\Software\Volatile] [HKLM\Software\WOW6432Node] [HKLM\Software\Widcomm] [HKLM\Software\WinRAR] [HKLM\Software\Windows] [HKLM\Software\X-AVCSD] [HKLM\Software\Xing Technology Corp.] [HKLM\Software\illiminable] [HKLM\Software\mozilla.org] ---\\ Contenu des dossiers Program Files (O43) O43 - CFD:Common File Directory ----D- C:\Program Files\7-Zip O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Aide mémoire O43 - CFD:Common File Directory ----D- C:\Program Files\Alwil Software O43 - CFD:Common File Directory ----D- C:\Program Files\Analog Devices O43 - CFD:Common File Directory ----D- C:\Program Files\APEC O43 - CFD:Common File Directory ----D- C:\Program Files\Avira O43 - CFD:Common File Directory ----D- C:\Program Files\BitTorrent O43 - CFD:Common File Directory ----D- C:\Program Files\Canon O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files O43 - CFD:Common File Directory ----D- C:\Program Files\CONEXANT O43 - CFD:Common File Directory ----D- C:\Program Files\Counter-Strike 1.6 Ultimate Edition 2010 by ScrEAm O43 - CFD:Common File Directory ----D- C:\Program Files\DAEMON Tools Lite O43 - CFD:Common File Directory ----D- C:\Program Files\DAEMON Tools Toolbar O43 - CFD:Common File Directory ----D- C:\Program Files\DIFX O43 - CFD:Common File Directory ----D- C:\Program Files\Digital Line Detect O43 - CFD:Common File Directory ----D- C:\Program Files\Diskeeper Corporation O43 - CFD:Common File Directory ----D- C:\Program Files\DivX O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Shrink O43 - CFD:Common File Directory ----D- C:\Program Files\EA GAMES O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs O43 - CFD:Common File Directory ----D- C:\Program Files\Foreignword O43 - CFD:Common File Directory ----D- C:\Program Files\GanttProject O43 - CFD:Common File Directory ----D- C:\Program Files\GoalbitTeam O43 - CFD:Common File Directory ----D- C:\Program Files\Google O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Download Manager O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer O43 - CFD:Common File Directory ----D- C:\Program Files\InterVideo O43 - CFD:Common File Directory ----D- C:\Program Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\Lenovo O43 - CFD:Common File Directory ----D- C:\Program Files\Lenovo Group Limited O43 - CFD:Common File Directory ----D- C:\Program Files\Lenovo Registration O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Small Business O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Thunderbird O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0 O43 - CFD:Common File Directory ----D- C:\Program Files\NetWaiting O43 - CFD:Common File Directory ----D- C:\Program Files\Nokia O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 3 O43 - CFD:Common File Directory ----D- C:\Program Files\PC Connectivity Solution O43 - CFD:Common File Directory ----D- C:\Program Files\PCDR5 O43 - CFD:Common File Directory ----D- C:\Program Files\Picasa2 O43 - CFD:Common File Directory ----D- C:\Program Files\Pinnacle O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime O43 - CFD:Common File Directory ----D- C:\Program Files\Real O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies O43 - CFD:Common File Directory ----D- C:\Program Files\Roxio O43 - CFD:Common File Directory ----D- C:\Program Files\Seagate O43 - CFD:Common File Directory ----D- C:\Program Files\SFR O43 - CFD:Common File Directory ----D- C:\Program Files\Sierra On-Line O43 - CFD:Common File Directory R---D- C:\Program Files\Skype O43 - CFD:Common File Directory ----D- C:\Program Files\Smallvideosoft O43 - CFD:Common File Directory ----D- C:\Program Files\Sonic Icons for Lenovo O43 - CFD:Common File Directory ----D- C:\Program Files\Synaptics O43 - CFD:Common File Directory ----D- C:\Program Files\ThinkPad O43 - CFD:Common File Directory ----D- C:\Program Files\ThinkVantage O43 - CFD:Common File Directory ----D- C:\Program Files\ThinkVantage Fingerprint Software O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN O43 - CFD:Common File Directory ----D- C:\Program Files\Virtualis O43 - CFD:Common File Directory ----D- C:\Program Files\Warcraft III O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live Toolbar O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR O43 - CFD:Common File Directory ----D- C:\Program Files\ZebHelpProcess O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Borland Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Canon O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DivX Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InterVideo O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Lenovo O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Nokia O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PCSuite O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Real O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Roxio Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Seagate O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\snp2uvc O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Sonic Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SureThing Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SWF Studio O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Symantec Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\ThinkVantage Fingerprint Software O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\xing shared ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.AEA907C369375155C87240CB52BE451A] - 13/07/2010 - 18:39:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\TPAPSLOG.LOG [594432] O44 - LFC:[MD5.00000000000000000000000000000000] - 13/07/2010 - 18:23:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1761312] O44 - LFC:[MD5.C066C632BBFE0B662AEC732602615F4B] - 13/07/2010 - 18:23:09 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\PDOXUSRS.NET [13030] O44 - LFC:[MD5.B1747001DF7AAB22AC98AC45654D985B] - 13/07/2010 - 17:46:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\TPHDLOG0.LOG [410112] O44 - LFC:[MD5.92433F7A3CF09B612D637F7B5ADD380C] - 13/07/2010 - 14:47:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PROCDB.INI [25311] O44 - LFC:[MD5.7169A4FB06EE478D6F812961F8A45417] - 13/07/2010 - 14:46:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\IPSCtrl.INI [380] O44 - LFC:[MD5.78FB75A63B1C435A7CD197B87ED0AE14] - 13/07/2010 - 14:45:37 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.E3531607CBBAE871AC9567D95B32E801] - 13/07/2010 - 14:45:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [510] O44 - LFC:[MD5.700B60B0F3BE307D55AA66BE5E86FEAE] - 12/07/2010 - 18:58:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI [1592082] O44 - LFC:[MD5.40BB8CDA512F180FBD63065BDA13C393] - 12/07/2010 - 18:58:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc009.dat [117144] O44 - LFC:[MD5.8E1D1D1F8ECCCBDCB4395B53445C7882] - 12/07/2010 - 18:58:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc00C.dat [143542] O44 - LFC:[MD5.4CD679177AF8A3815E23E2B2E3EBE8D6] - 12/07/2010 - 18:58:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh009.dat [625582] O44 - LFC:[MD5.9478DA78149709D03CDE3AA4C70A9EE2] - 12/07/2010 - 18:58:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh00C.dat [713554] O44 - LFC:[MD5.AD9BD66A862116E79CB45BB6BE46055F] - 11/07/2010 - 09:18:13 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\Windows\System32\drivers\avipbb.sys [96104] O44 - LFC:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 11/07/2010 - 09:18:13 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\System32\drivers\avgntflt.sys [56816] O44 - LFC:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 11/07/2010 - 09:18:12 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\System32\drivers\ssmdrv.sys [28520] O44 - LFC:[MD5.4BC02BD73338C3A26265F5C64DBEC770] - 10/07/2010 - 13:31:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\BDEADMIN.CPL [183808] O44 - LFC:[MD5.8C25E347F5E2C2BCA9B5258A68B72AE7] - 10/07/2010 - 13:31:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\DBCLIENT.DLL [210032] O44 - LFC:[MD5.816C860A964065907CDE17ECB744AECC] - 04/07/2010 - 19:13:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [12348] O44 - LFC:[MD5.B60F4491CFA5FF6E81E743D9F1040B9A] - 28/06/2010 - 13:42:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\FNTCACHE.DAT [427560] O44 - LFC:[MD5.B7D2E9AD748BCAC1180AAA6894CAA9F4] - 28/06/2010 - 13:28:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\msxml4-KB973688-enu.LOG [281350] O44 - LFC:[MD5.33798B26A32F9788FD2968F117C6B7B2] - 28/06/2010 - 13:25:22 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [34304] O44 - LFC:[MD5.700291E989B010CF342035987E147E73] - 28/06/2010 - 13:25:22 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [289792] O44 - LFC:[MD5.F6F4AA0FC0C4BECB48089FF70553B545] - 28/06/2010 - 13:25:15 ---A- . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm [62464] O44 - LFC:[MD5.01C47C2ECED034EF6F8C1552A97CFF00] - 20/06/2010 - 08:55:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\config.nt [2577] O44 - LFC:[MD5.B8F7C6CA5F8E97249853DBE1DADD1FBC] - 16/06/2010 - 05:28:12 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\deployJava1.dll [411368] O44 - LFC:[MD5.43F7CA0473BB0FC9DD44ECF328B8D1FA] - 16/06/2010 - 05:28:12 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\java.exe [145184] O44 - LFC:[MD5.4E8CC8BDEBED5AD93539612D4D316FDF] - 16/06/2010 - 05:28:12 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\javaw.exe [145184] O44 - LFC:[MD5.9D452D6B1ED99F88C327349A644EB3A2] - 16/06/2010 - 05:28:12 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\System32\javaws.exe [153376] O44 - LFC:[MD5.3EA691D4D6F355FBC0AC2CA713CF8163] - 16/06/2010 - 05:28:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\jupdate-1.6.0_20-b02.log [3114] ---\\ MountPoints2 Shell Key (MPSK) (O51) O51 - MPSK:{5968932b-6b0f-11de-bb42-00215c7e5c33}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- G:\dupler\\kromirani.exe (.not file.) O51 - MPSK:{5968932b-6b0f-11de-bb42-00215c7e5c33}\Shell\explore\command. (.Pas de propriétaire - Pas de description.) -- G:\dupler\\\kromirani.exe (.not file.) O51 - MPSK:{5968932b-6b0f-11de-bb42-00215c7e5c33}\Shell\open\command. (.Pas de propriétaire - Pas de description.) -- G:\dupler\\\kromirani.exe (.not file.) O51 - MPSK:{59689331-6b0f-11de-bb42-00215c7e5c33}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- G:\LaunchU3.exe -a (.not file.) O51 - MPSK:{7a50d3c7-840b-11df-bbaf-001fe21c7068}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\SRCEMOJE///nedajeee.exe (.not file.) ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \Drivers32\"VIDC.IV41"="IR41_32.AX" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\Windows\System32\IR41_32.AX O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ---\\ ShareTools MSconfig StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\ACTray [Key] . (.Lenovo - ThinkVantage Access Connections AC Tray Mo.) -- C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe O53 - SMSR:HKLM\...\startupreg\ACWLIcon [Key] . (.Lenovo - ThinkVantage Access Connections Wireless la.) -- C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe O53 - SMSR:HKLM\...\startupreg\AMSG [Key] . (.LENOVO - Message Center.) -- C:\Program Files\ThinkVantage\AMSG\Amsg.exe O53 - SMSR:HKLM\...\startupreg\Google Update [Key] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Gwendal\AppData\Local\Google\Update\GoogleUpdate.exe O53 - SMSR:HKLM\...\startupreg\LenovoOobeOffers [Key] . (.lenovo - FirstRunOffersLauncher.) -- c:\SWTOOLS\LenovoWelcome\LenovoOobeOffers.exe O53 - SMSR:HKLM\...\startupreg\Message Center Plus [Key] . (.Pas de propriétaire - Message Center Plus Launcher.) -- C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe O53 - SMSR:HKLM\...\startupreg\PC Suite Tray [Key] . (.Nokia - Nokia Launch Application.) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe O53 - SMSR:HKLM\...\startupreg\Pinnacle WebUpdater [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Pinnacle\Shared Files\Programs\WebUpdater\WebUpdater.exe O53 - SMSR:HKLM\...\startupreg\PinnacleDriverCheck [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\PSDrvCheck.exe O53 - SMSR:HKLM\...\startupreg\PMCRemote [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe O53 - SMSR:HKLM\...\startupreg\PMCS [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe O53 - SMSR:HKLM\...\startupreg\RoxioDragToDisc [Key] . (.Roxio - Drag To Disc Application.) -- C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc.exe O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O53 - SMSR:HKLM\...\startupreg\TVT Scheduler Proxy [Key] . (.Lenovo Group Limited - scheduler_proxy Application.) -- C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe O53 - SMSR:HKLM\...\startupreg\WMPNSCFG [Key] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe O53 - SMSR:HKLM\...\startupreg\Xanadu [Key] . (.Foreignword - Xanadu.) -- C:\Program Files\Foreignword\Xanadu\Xanadu.exe ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=credssp.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "DisableCAD"=1 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=145 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:[MD5.A51EA92451897824C5C7474A160AF773] - 04/10/2007 - 15:14:44 ---A- . (.Analog Devices, Inc. - High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\ADIHdAud.sys O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 25/11/2009 - 11:19:02 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys O58 - SDL:[MD5.AD9BD66A862116E79CB45BB6BE46055F] - 30/03/2009 - 09:32:47 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\Windows\system32\drivers\avipbb.sys O58 - SDL:[MD5.4A8A2AA0706B659175169DECF198E9D7] - 09/02/2009 - 07:37:46 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\system32\drivers\ccdcmb.sys O58 - SDL:[MD5.FD3E61831095AC62E6840D986B5A2016] - 09/02/2009 - 07:37:46 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\system32\drivers\ccdcmbo.sys O58 - SDL:[MD5.8DAD27DD28A4274866767C89C0BF154F] - 07/10/2008 - 15:04:22 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys O58 - SDL:[MD5.F8A25F1DD8B2C332CBC663E3579566E7] - 03/01/2010 - 00:07:42 ---A- . (.Lenovo (United States) Inc. - SMBIOS Driver.) -- C:\Windows\system32\drivers\psadd.sys O58 - SDL:[MD5.C3BF55189AA92B8F919108EF9E4ACCAE] - 11/03/2010 - 13:15:08 ---A- . (.Acronis - Acronis Snapshot API.) -- C:\Windows\system32\drivers\snapman.sys O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 11/05/2009 - 09:11:52 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys O58 - SDL:[MD5.3B7B6779EB231F731BBA8F9FE67AADFC] - 11/03/2010 - 13:15:01 ---A- . (.Acronis - Acronis Try&Decide and Restore Points Volume Filter Driver.) -- C:\Windows\system32\drivers\tdrpman.sys O58 - SDL:[MD5.B0B3122BFF3910E0BA97014045467778] - 11/03/2010 - 13:15:21 ---A- . (.Acronis - Acronis True Image File System Filter.) -- C:\Windows\system32\drivers\tifsfilt.sys O58 - SDL:[MD5.13BFE330880AC0CE8672D00AA5AFF738] - 11/03/2010 - 13:15:20 ---A- . (.Acronis - Acronis True Image Backup Archive Explorer.) -- C:\Windows\system32\drivers\timntr.sys O58 - SDL:[MD5.587E643A4E2FFD9A00F114B057CEB773] - 09/02/2009 - 07:37:48 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\Windows\system32\drivers\usbser_lowerflt.sys O58 - SDL:[MD5.FCA6A196D47CB972A0E4ADC0DB9CD17C] - 09/02/2009 - 07:37:56 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\Windows\system32\drivers\usbser_lowerfltj.sys ---\\ Liste des outils de nettoyage (LATC) (O63) O63 - Logiciel: ZHPDiag 1.26 - (.Nicolas Coolman.) ---\\ Liste des services Legacy (LALS) (O64) O64 - Services: CurCS - (.not file.) - aswFsBlk (aswFsBlk) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWFSBLK O64 - Services: CurCS - (.not file.) - aswMonFlt (aswMonFlt) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWMONFLT O64 - Services: CurCS - (.not file.) - aswRdr (aswRdr) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWRDR O64 - Services: CurCS - (.not file.) - avast! Self Protection (aswSP) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWSP O64 - Services: CurCS - (.not file.) - avast! Network Shield Support (aswTdi) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWTDI O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB O64 - Services: CurCS - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP O64 - Services: CurCS - C:\Windows\system32\DLA\DLABMFSM.sys - DLABMFSM (DLABMFSM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLABMFSM O64 - Services: CurCS - C:\Windows\system32\DLA\DLABOIOM.sys - DLABOIOM (DLABOIOM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLABOIOM O64 - Services: CurCS - C:\Windows\system32\DLA\DLADResM.sys - DLADResM (DLADResM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLADRESM O64 - Services: CurCS - C:\Windows\system32\DLA\DLAIFS_M.sys - DLAIFS_M (DLAIFS_M) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAIFS_M O64 - Services: CurCS - C:\Windows\system32\DLA\DLAOPIOM.sys - DLAOPIOM (DLAOPIOM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAOPIOM O64 - Services: CurCS - C:\Windows\system32\DLA\DLAPoolM.sys - DLAPoolM (DLAPoolM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAPOOLM O64 - Services: CurCS - C:\Windows\system32\Drivers\DLARTL_M.sys - DLARTL_M (DLARTL_M) .(.Roxio - Shared Driver Component.) - LEGACY_DLARTL_M O64 - Services: CurCS - C:\Windows\system32\DLA\DLAUDFAM.sys - DLAUDFAM (DLAUDFAM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAUDFAM O64 - Services: CurCS - C:\Windows\system32\DLA\DLAUDF_M.sys - DLAUDF_M (DLAUDF_M) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAUDF_M O64 - Services: CurCS - C:\Windows\system32\Drivers\DRVNDDM.sys - DRVNDDM (DRVNDDM) .(.Roxio - Device Driver Manager.) - LEGACY_DRVNDDM O64 - Services: CurCS - (.not file.) - Symantec Eraser Control driver (eeCtrl) .(.Pas de propriétaire - Pas de description.) - LEGACY_EECTRL O64 - Services: CurCS - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT O64 - Services: CurCS - C:\Windows\system32\DRIVERS\smiif32.sys - Lenovo System Interface Driver (lenovo.smi) .(.Lenovo Group Limited - SMI Driver for Lenovo system.) - LEGACY_LENOVO.SMI O64 - Services: CurCS - (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR O64 - Services: CurCS - (.not file.) - NetGroup Packet Filter Driver (NPF) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPF O64 - Services: CurCS - C:\Windows\system32\DRIVERS\PROCDD.sys - Pilote de support IPS (PROCDD) .(.Lenovo Group Limited - IPS Helper Driver.) - LEGACY_PROCDD O64 - Services: CurCS - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV O64 - Services: CurCS - C:\Program Files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys - SMI Helper Driver (smihlp) (smihlp) .(.Pas de propriétaire - Pas de description.) - LEGACY_SMIHLP O64 - Services: CurCS - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR O64 - Services: CurCS - C:\Windows\system32\Drivers\sptd.sys - sptd (sptd) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPTD O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe - stllssvr (stllssvr) .(.MicroVision Development, Inc. - SureThing Labelflash Disc Printer Service M.) - LEGACY_STLLSSVR O64 - Services: CurCS - C:\Windows\system32\DRIVERS\tifsfilt.sys - Seagate DiscWizard FS Filter (tifsfilter) .(.Acronis - Acronis True Image File System Filter.) - LEGACY_TIFSFILTER O64 - Services: CurCS - C:\Windows\system32\drivers\Tppwr32v.sys - TPPWRIF (TPPWRIF) .(.Pas de propriétaire - Pas de description.) - LEGACY_TPPWRIF O64 - Services: CurCS - C:\Windows\system32\DRIVERS\tvtfilter.sys - tvtfilter (tvtfilter) .(.Lenovo - Rescue and Recovery filter driver.) - LEGACY_TVTFILTER O64 - Services: CurCS - C:\Windows\system32\DRIVERS\xaudio.sys - XAudio (XAudio) .(.Conexant Systems, Inc. - Modem Audio Device Driver.) - LEGACY_XAUDIO ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (SBI) (O69) HKCU\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver HKCU\Software\Microsoft\Internet Explorer\MenuExt\E&xporter vers Microsoft Excel HKCU\Software\Microsoft\Internet Explorer\MenuExt\Envoyer au périphérique &Bluetooth... HKCU\Software\Microsoft\Internet Explorer\MenuExt\Envoyer l'&image au périphérique Bluetooth... O69 - SBI: SearchScopes {280D138F-105F-409C-B5E4-F41157E83017} [DefaultScope] - (Google) - Google ---\\ Recherche d'infection Master Boot Record (O80) Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover Run by Gwendal at 13/07/2010 19:45:10 device: opened successfully user: MBR read successfully called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys spng.sys >>UNKNOWN [0x84F90938]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\atapi -> 0x84fd91f8 Warning: possible MBR rootkit infection ! user & kernel MBR OK Use "Recovery Console" command "fixmbr" to clear infection ! Use "ZHPFix" command "MBRFix" to clear infection ! Message: Certains émulateurs de CD/DVD peuvent hooker le pilote atapi de façon légitime. Voici quelques émulateurs : Message: Alcohol xx%, CDSpace, Circle Virtual CD, CloneCD, Daemon Tools, Virtual CloneDrive, Virtual CD, VirtualDrive, WinCDEmu,... End of the scan (821 lines in 00mn 36s)