JICEKA34

Bonjour, Après éradication virus avec malewarebytes', j'ai fait une analyse avec ZHPDiag puis ZHPFix. Quelqu'un peut-il me dire si je dois supprimer ou non des choses pour rendre mon ordi plus "propre"? Merci d'avance Rapport Rapport de ZHPDiag v1.26.18 par Nicolas Coolman, Update du 11/07/2010 Run at 12/07/2010 16:56:25 ---\\ Web Browser MSIE: Internet Explorer v6.0.2900.2180 MFIE: Mozilla Firefox (3.6.6) ---\\ System Information Platform : Microsoft Windows XP (5.1.2600) Service Pack 2 Processor: x86 Family 6 Model 13 Stepping 6, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 1270 MB (55% free) System drive C: has 4 GB (19%) free of 19 GB ---\\ Logged in mode Computer Name User Name: All Users Names: Unselected Option: Logged in as A ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 4 Go of 19 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 4 Go of 18 Go) E:\ CD-ROM drive (Not Inserted) G:\ Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK ---\\ Processus lancés [MD5.D3FACB34FFF5DB91ADB70987838F8BA7] - (.brother Industries Ltd - brsvc01a.) -- C:\WINDOWS\system32\brsvc01a.exe [57344] [MD5.9E646CD378D4D0C996BAF9BCB18237C7] - (.brother Industries Ltd - brss01a.exe.) -- C:\WINDOWS\system32\brss01a.exe [45056] [MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289] [MD5.C894129D691905499266DE4AD04CA28A] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\System32\igfxtray.exe [155648] [MD5.75566BD38A36BF1C80CEF1D4EAC05F12] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\System32\hkcmd.exe [118784] [MD5.338879395DF79B77565077F9C0727F7B] - (.Agere Systems - SoftModem Messaging Applet.) -- C:\WINDOWS\AGRSMMSG.exe [88107] [MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153] [MD5.E0D6538B62C79FCBF0B27F95FAF3208B] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [246504] [MD5.7DC9C40086BC796B74E9B58C6235A971] - (.NETGEAR - Netgear MFC Application.) -- C:\Program Files\NETGEAR\WPN111\wpn111.exe [884838] [MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089] [MD5.293E66AA529F0FBA1AA56340E293A389] - (.Spigot, Inc. - Application Updater.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe [380928] [MD5.A6B41F3044B2C099BBB5531CAA0551D5] - (.Canal+ Active - CanalPlus.VOD.Service.) -- C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe [188416] [MD5.77AC10DB097DFD0CD3071465B644D0AB] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [MD5.8FC4306F0FFAA592BBA29F9273293D22] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [910296] [MD5.A0002BED9AAB2644437CA4C973AD3AF1] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [14808] [MD5.89B71FD168958B4D7B33D02D66E0FB09] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [475136] ---\\ Pages de recherche d'Internet Explorer (R1) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local> ---\\ Internet Explorer URLSearchHook (R3) R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Bibliothèque d'objets et de contrôles de do.) (No version) -- %SystemRoot%\System32\shdocvw.dll R3 - URLSearchHook: Microsoft Url Search Hook - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} . (.Spigot, Inc. - Search Settings IE.) (1, 2, 3, 16) -- C:\Program Files\pdfforge Toolbar\SearchSettings.dll ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} . (.Spigot, Inc. - Widgi Toolbar for Internet Explorer.) -- C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll ---\\ Applications démarrées automatiquement par le registre (O4) O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [AGRSMMSG] . (.Agere Systems - SoftModem Messaging Applet.) -- C:\Windows\AGRSMMSG.exe O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - Global Startup: NETGEAR WPN111 Smart Wizard.lnk . (.NETGEAR - Netgear MFC Application.) -- C:\Program Files\NETGEAR\WPN111\wpn111.exe O4 - Global Startup: OneNote 2007 - Capture d'écran et lancement.lnk . (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.not file.) - (.not file.) O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633 O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - Page introuvable | Facebook O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} () - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {5852F5ED-8BF4-11D4-A245-0080C6F74284} (isInstalled Class) - http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{85CB6433-628C-4E87-9849-7C445A52AD28}: NameServer = 8.8.8.8 O17 - HKLM\System\CS1\Services\Tcpip\..\{85CB6433-628C-4E87-9849-7C445A52AD28}: NameServer = 8.8.8.8 O17 - HKLM\System\CS3\Services\Tcpip\..\{85CB6433-628C-4E87-9849-7C445A52AD28}: NameServer = 8.8.8.8 ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\System32\igfxsrvc.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\System32\WgaLogon.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\System32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\System32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Application Updater (Application Updater) . (.Spigot, Inc. - Application Updater.) - C:\Program Files\Application Updater\ApplicationUpdater.exe O23 - Service: BrSplService (Brother XP spl Service) . (.brother Industries Ltd - brsvc01a.) - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: CanalPlus.VOD (CanalPlus.VOD) . (.Canal+ Active - CanalPlus.VOD.Service.) - C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Pas de propriétaire - Pas de description.) -- "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp11.inf O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Pas de propriétaire - Pas de description.) -- "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r12.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: avgio (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys O41 - Driver: avipbb (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\system32\DRIVERS\avipbb.sys O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys ---\\ Logiciels installés (O42) O42 - Logiciel: 7-Zip 4.60 beta - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] O42 - Logiciel: Adobe Acrobat 5.0 - (.Adobe Systems, Inc..) [HKLM] O42 - Logiciel: Adobe Digital Editions - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Adobe Reader 8.1.5 - Français - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Agere Systems AC'97 Modem - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Akamai NetSession Interface - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] O42 - Logiciel: Brother HL-5250DN - (.Brother.) [HKLM] O42 - Logiciel: CANAL+ CANALSAT A LA DEMANDE - (.CanalPlus.) [HKLM] O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] O42 - Logiciel: Crystal Reports for .NET Framework 2.0 (x86) - (.Business Objects.) [HKLM] O42 - Logiciel: DVD Decoder Pak for Windows XP - ([email protected].) [HKLM] O42 - Logiciel: Delta - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EPSON TWAIN 5 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: GIMP 2.6.7 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: IKEA Home Planner - (.IKEA IT.) [HKLM] O42 - Logiciel: Intel® Extreme Graphics 2 Driver - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: J2SE Runtime Environment 5.0 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: Java 6 Update 18 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: Java 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: KB408682 - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: KompoZer 0.8b3 - (.KompoZer.) [HKLM] O42 - Logiciel: LeapFrog Connect - (.Leapfrog.) [HKLM] O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: MSXML 6 Service Pack 2 (KB973686) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office OneNote 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft SQL Server 2005 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft SQL Server 2005 Tools Express Edition - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft SQL Server 2008 Common Files - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft SQL Server 2008 RsFx Driver - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft SQL Server Native Client - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft SQL Server Setup Support Files (English) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft SQL Server VSS Writer - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Virtual PC 2007 SP1 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Mozilla Firefox (3.6.6) - (.Mozilla.) [HKLM] O42 - Logiciel: NETGEAR RangeMax Wireless USB 2.0 Adapter WPN111 - (.NETGEAR.) [HKLM] O42 - Logiciel: OpenOffice.org 3.1 - (.OpenOffice.org.) [HKLM] O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951550) - (.Microsoft.) [HKLM] O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951944) - (.Microsoft.) [HKLM] O42 - Logiciel: Sql Server Customer Experience Improvement Program - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb977719) - (.Microsoft.) [HKLM] O42 - Logiciel: VLC media player 1.0.5 - (.VideoLAN Team.) [HKLM] O42 - Logiciel: Windows Driver Package - LeapFrog (FlyUsb) USB (06/15/2007 1.0.0.6) - (.LeapFrog.) [HKLM] O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Search 4.0 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows XP Service Pack 2 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: pdfforge Toolbar v1.1.2 - (.Spigot, Inc..) [HKLM] ---\\ HKCU & HKLM Software Keys [HKCU\Software\7-ZIP] [HKCU\Software\ASProtect] [HKCU\Software\Adobe] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Aurigma] [HKCU\Software\Avira] [HKCU\Software\BitDefender] [HKCU\Software\Brother] [HKCU\Software\CanonBJ] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\EPSON] [HKCU\Software\GameXzone] [HKCU\Software\Google] [HKCU\Software\IM Providers] [HKCU\Software\Intelore] [HKCU\Software\JEDI-VCL] [HKCU\Software\JavaSoft] [HKCU\Software\LinkedIn] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\LogiGear] [HKCU\Software\Lost Treasures Of El Dorado] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\OpenOffice.org] [HKCU\Software\PDFCreator] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\RealNetworks] [HKCU\Software\Rixler Software] [HKCU\Software\Search Settings] [HKCU\Software\Skyline] [HKCU\Software\Softwin] [HKCU\Software\Trolltech] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VRZJ8K91NT] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\pdfforge] [HKLM\Software\781] [HKLM\Software\Adobe] [HKLM\Software\Agere] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Application Updater] [HKLM\Software\Avira] [HKLM\Software\BCL Technologies] [HKLM\Software\BitDefender] [HKLM\Software\Boonty] [HKLM\Software\C07ft5Y] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Conduit] [HKLM\Software\Crystal Decisions] [HKLM\Software\EACADEMY] [HKLM\Software\EPSON] [HKLM\Software\Environment] [HKLM\Software\FullCircle] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\LEAD Technologies, Inc.] [HKLM\Software\Licenses] [HKLM\Software\MDC] [HKLM\Software\Macromedia] [HKLM\Software\Macrovision] [HKLM\Software\Memsoft] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NETGEAR] [HKLM\Software\ODBC] [HKLM\Software\OpenOffice.org] [HKLM\Software\PDFCreator] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\QSR] [HKLM\Software\RegisteredApplications] [HKLM\Software\SEIKO EPSON CORP.] [HKLM\Software\Schlumberger] [HKLM\Software\Search Settings] [HKLM\Software\Secure] [HKLM\Software\Sun Microsystems] [HKLM\Software\TerminalStudio] [HKLM\Software\VideoLAN] [HKLM\Software\WebUpdate] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Windows] [HKLM\Software\X-AVCSD] [HKLM\Software\Xing Technology Corp.] [HKLM\Software\Yahoo] [HKLM\Software\brother] [HKLM\Software\mozilla.org] [HKLM\Software\pdfforge] ---\\ Contenu des dossiers Program Files (O43) O43 - CFD:Common File Directory ----D- C:\Program Files\7-Zip O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Application Updater O43 - CFD:Common File Directory ----D- C:\Program Files\Avira O43 - CFD:Common File Directory ----D- C:\Program Files\BCDIKpes O43 - CFD:Common File Directory ----D- C:\Program Files\BitDefender O43 - CFD:Common File Directory ----D- C:\Program Files\Boonty O43 - CFD:Common File Directory ----D- C:\Program Files\BoontyGames O43 - CFD:Common File Directory ----D- C:\Program Files\Brother O43 - CFD:Common File Directory ----D- C:\Program Files\Brownie O43 - CFD:Common File Directory ----D- C:\Program Files\Canal O43 - CFD:Common File Directory ----D- C:\Program Files\Canal+ O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications O43 - CFD:Common File Directory ----D- C:\Program Files\DibaNet O43 - CFD:Common File Directory ----D- C:\Program Files\DIFX O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs O43 - CFD:Common File Directory ----D- C:\Program Files\FileZilla-3.3.3 O43 - CFD:Common File Directory ----D- C:\Program Files\GIMP-2.0 O43 - CFD:Common File Directory ----D- C:\Program Files\Google O43 - CFD:Common File Directory ----D- C:\Program Files\IKEA HomePlanner O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer O43 - CFD:Common File Directory ----D- C:\Program Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\JRE O43 - CFD:Common File Directory ----D- C:\Program Files\LeapFrog O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD:Common File Directory ----D- C:\Program Files\McDonaldsFairies O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office Outlook Connector O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Virtual PC O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio 8 O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache O43 - CFD:Common File Directory ----D- C:\Program Files\MSN O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Games O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 6.0 O43 - CFD:Common File Directory ----D- C:\Program Files\NETGEAR O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 3 O43 - CFD:Common File Directory ----D- C:\Program Files\openoffice3.0.0 O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express O43 - CFD:Common File Directory ----D- C:\Program Files\PDFCreator O43 - CFD:Common File Directory ----D- C:\Program Files\pdfforge Toolbar O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime O43 - CFD:Common File Directory ----D- C:\Program Files\Real O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Desktop Search O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Connect 2 O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate O43 - CFD:Common File Directory ----D- C:\Program Files\xerox O43 - CFD:Common File Directory ----D- C:\Program Files\Yahoo! O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPFix O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe AIR O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Akamai O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\BitDefender O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\BOONTY Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Business Objects O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DESIGNER O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Java O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Memsoft O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Real O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Wise Installation Wizard ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.29CE07A1284F886A5B22A08BDE28BB51] - 12/07/2010 - 15:39:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\brwmark.ini [549] O44 - LFC:[MD5.00000000000000000000000000000000] - 12/07/2010 - 15:03:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1409549] O44 - LFC:[MD5.6716D7322840DAB092F22D481EA209F1] - 12/07/2010 - 15:02:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [2206] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 12/07/2010 - 15:01:23 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 12/07/2010 - 14:20:05 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [38224] O44 - LFC:[MD5.67B48A903430C6D4FB58CBACA1866601] - 12/07/2010 - 14:20:01 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [20952] O44 - LFC:[MD5.AD606950BD50931B9715911A4B558EB0] - 11/07/2010 - 12:34:34 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc009.dat [69164] O44 - LFC:[MD5.063E1BE04579F7005C647C728C80E35D] - 11/07/2010 - 12:34:34 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [91422] O44 - LFC:[MD5.4D75AADF2D7EFE46C80BDA174337B9C8] - 11/07/2010 - 12:34:34 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh009.dat [436268] O44 - LFC:[MD5.282FD8BF5158556F075E4BB4D1F2BA73] - 11/07/2010 - 12:34:34 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [528074] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll O46 - SEH:ShellExecuteHooks - Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll ---\\ Export de clé d'application autorisée (ECAA) (O47) O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\livecall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\Windows Live\Messenger\livecall.exe O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Outlook.) (.not file.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) (.not file.) -- C:\Program Files\Messenger\msmsgs.exe O47 - AAKE:Key Export SP - "C:\Program Files\XBMC\XBMC.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\XBMC\XBMC.exe O47 - AAKE:Key Export SP - "C:\Program Files\Real\RealPlayer\realplay.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\Real\RealPlayer\realplay.exe O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office OneNote.) (.not file.) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.exe O47 - AAKE:Key Export SP - "D:\leapfrog\LeapFrog Connect Tag\bin\TAGMonitor.exe" [Enabled] .(.LeapFrog Enterprises, Inc. - Tag Device Monitor.) (.not file.) -- D:\leapfrog\LeapFrog Connect Tag\bin\TAGMonitor.exe O47 - AAKE:Key Export SP - "D:\leapfrog\LeapFrog Connect Tag\bin\LeapFrogConnectTag.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- D:\leapfrog\LeapFrog Connect Tag\bin\LeapFrogConnectTag.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\livecall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\Windows Live\Messenger\livecall.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ MountPoints2 Shell Key (MPSK) (O51) O51 - MPSK:{56ee3f80-5e09-11dd-83cc-001b2fb2ba67}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- wd_windows_tools\WDSetup.exe (.not file.) O51 - MPSK:{97638800-c41b-11dc-8302-001b2fb2ba67}\Shell\AutoRun\command. (.XsVZRWaVZLqlyx - Pas de description.) -- G:\U3ROM/flyhigh.exe O51 - MPSK:{97638800-c41b-11dc-8302-001b2fb2ba67}\Shell\explore\command. (.XsVZRWaVZLqlyx - Pas de description.) -- G:\U3ROM/flyhigh.exe O51 - MPSK:{97638800-c41b-11dc-8302-001b2fb2ba67}\Shell\open\command. (.XsVZRWaVZLqlyx - Pas de description.) -- G:\U3ROM/flyhigh.exe O51 - MPSK:{cdc117c3-b708-11de-85fc-001b2fb2ba67}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\LaunchU3.exe -a (.not file.) ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\System32\l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\WINDOWS\System32\l3codecp.acm O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\l3codecp.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\WINDOWS\System32\l3codecp.acm ---\\ ShareTools MSconfig StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe O53 - SMSR:HKLM\...\startupreg\Canal Widget [Key] . (.Pas de propriétaire - Pas de description.) -- c:\Program Files\Canal\Canal Widget\Launcher.exe O53 - SMSR:HKLM\...\startupreg\CANAL+ CANALSAT A LA DEMANDE [Key] . (.Canal+ - Lancer CANAL+ CANALSAT A LA DEMANDE.) -- C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe O53 - SMSR:HKLM\...\startupreg\FlashPlayerUpdate [Key] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe O53 - SMSR:HKLM\...\startupreg\MSMSGS [Key] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O53 - SMSR:HKLM\...\startupreg\MsnMsgr [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe O53 - SMSR:HKLM\...\startupreg\SearchSettings [Key] . (.Spigot, Inc. - Search Settings application.) -- C:\Program Files\pdfforge Toolbar\SearchSettings.exe O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Java\jre6\bin\jusched.exe O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O53 - SMSR:HKLM\...\startupreg\TagMonitor [Key] . (.LeapFrog Enterprises, Inc. - Tag Device Monitor.) -- D:\leapfrog\LeapFrog Connect Tag\bin\TagMonitor.exe O53 - SMSR:HKLM\...\startupreg\TkBellExe [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys ---\\ Liste des outils de nettoyage (LATC) (O63) O63 - Logiciel: ZHPDiag 1.26 - (.Nicolas Coolman.) ---\\ Liste des services Legacy (LALS) (O64) O64 - Services: CurCS - C:\Windows\system32\DRIVERS\AegisP.sys - AEGIS Protocol (IEEE 802.1x) v3.2.0.3 (AegisP) .(.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) - LEGACY_AEGISP O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\sched.exe - Avira AntiVir Planificateur (AntiVirSchedulerService) .(.Avira GmbH - Antivirus Scheduler.) - LEGACY_ANTIVIRSCHEDULERSERVICE O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avguard.exe - Avira AntiVir Guard (AntiVirService) .(.Avira GmbH - Antivirus On-Access Service.) - LEGACY_ANTIVIRSERVICE O64 - Services: CurCS - C:\Program Files\Application Updater\ApplicationUpdater.exe - Application Updater (Application Updater) .(.Spigot, Inc. - Application Updater.) - LEGACY_APPLICATION_UPDATER O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB O64 - Services: CurCS - (.not file.) - bdfsfltr (bdfsfltr) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDFSFLTR O64 - Services: CurCS - (.not file.) - bdftdif (bdftdif) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDFTDIF O64 - Services: CurCS - (.not file.) - BDSelfPr (BDSelfPr) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDSELFPR O64 - Services: CurCS - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe - Boonty Games (Boonty Games) .(.BOONTY - System Level Service Utility.) - LEGACY_BOONTY_GAMES O64 - Services: CurCS - C:\WINDOWS\system32\brsvc01a.exe - BrSplService (Brother XP spl Service) .(.brother Industries Ltd - brsvc01a.) - LEGACY_BROTHER_XP_SPL_SERVICE O64 - Services: CurCS - C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe - CanalPlus.VOD (CanalPlus.VOD) .(.Canal+ Active - CanalPlus.VOD.Service.) - LEGACY_CANALPLUS.VOD O64 - Services: CurCS - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH O64 - Services: CurCS - C:\WINDOWS\system32\DNINDIS5.sys - DNINDIS5 NDIS Protocol Driver (DNINDIS5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) - LEGACY_DNINDIS5 O64 - Services: CurCS - (.not file.) - febzyuc (febzyuc) .(.Pas de propriétaire - Pas de description.) - LEGACY_FEBZYUC O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MBAMSWISSARMY.sys - MBAMSwissArmy (MBAMSwissArmy) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMSWISSARMY O64 - Services: CurCS - (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR O64 - Services: CurCS - (.not file.) - mountmgr (mountmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MOUNTMGR O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS O64 - Services: CurCS - (.not file.) - PartMgr (PartMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARTMGR O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP O64 - Services: CurCS - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS O64 - Services: CurCS - (.not file.) - SSHNAS (SSHNAS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SSHNAS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE O64 - Services: CurCS - (.not file.) - Gestionnaire de téléchargement (uploadmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_UPLOADMGR ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Pas de propriétaire - Pas de description.) -- "%programfiles%\Internet Explorer\iexplore.exe" (.not file.) O68 - StartMenuInternet: <MSN Explorer> <>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\MSN6.exe ---\\ Search Browser Infection (SBI) (O69) O69 - SBI: prefs.js [Karine Gauche - 6t5fmiuw.default] user_pref("extensions.snipit.askTbInstalled", true); HKCU\Software\Microsoft\Internet Explorer\MenuExt\E&xporter vers Microsoft Excel O69 - SBI: SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A}- (@ieframe.dll,-12512) - {searchTerms} - Bing O69 - SBI: SearchScopes {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - Google ---\\ Recherche d'infection Master Boot Record (O80) Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover Run by Karine Gauche at 12/07/2010 16:56:31 device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys intelide.sys PCIIDEX.SYS kernel: MBR read successfully user & kernel MBR OK ---\\ Infection BT - BHO/Toolbar (Possible) R3 - URLSearchHook: Microsoft Url Search Hook - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} . (.Spigot, Inc. - Search Settings IE.) (1, 2, 3, 16) -- C:\Program Files\pdfforge Toolbar\SearchSettings.dll [HKCU\Software\Search Settings] [HKLM\Software\Search Settings] O53 - SMSR:HKLM\...\startupreg\SearchSettings [Key] . (.Spigot, Inc. - Search Settings application.) -- C:\Program Files\pdfforge Toolbar\SearchSettings.exe End of the scan (651 lines in 00mn 06s)

Bonjour, Merci: j'ai fait tout. J'ai refait un scan après suppressions: il n'y a plus rien. Merci!

Bonjour, Je viens de découvrir une infection par Trojan.FakeAV.Lao. J'ai avira en résident, qui a lancé l'alerte, mais ne peut supprimer. J'ai lancé Bitdefender en ligne qui a confirmé le virus et le lieu d'infection. Ma première question: comment supprimer ce virus, qui ralentit beaucoup mon ordinateur? Deuxième question: J'utilise régulièrement ccleaner pour nettoyer mes disques, mais pour aller plus loin dans le nettoyage (et éventuellement faciliter la suppression du virus), j'ai utilisé ZHPDiag. Maintenant, je ne supprimerai rien seule, donc je fais appel à vos services. Merci d'avance pour votre aide