Aller au contenu

anubis03

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    14

  • Inscription

  • Dernière visite

anubis03's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. anubis03
    Rapport de ZHPDiag v1.26.49 par Nicolas Coolman, Update du 17/08/2010 Run by thomas at 22/08/2010 12:38:32 Web site : ZHPDiag Outil de diagnostic Contact : nicolascoolman@yahoo.fr ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18943 MFIE: Mozilla Firefox (3.6. ---\\ System Information Platform : Windows Vista Home Premium (6.0.6002) Service Pack 2 Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3068 MB (58% free) System drive C: has 24 GB (10%) free of 224 GB ---\\ Logged in mode Computer Name: PC-DE-THOMAS User Name: thomas All Users Names: xavier, thomas, ASPNET, Administrateur, Unselected Option: O1,O45,O61,O65,O82 Logged in as Administrator ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 24 Go of 224 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 9 Go) E:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK ---\\ Processus lancés [MD5.62B3C9786081ECAAB272A118408D2817] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1045800] [MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153] [MD5.E8B180646BAE9E688D2E6D7EA8DED794] - (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [959976] [MD5.1BA064138A5EE6B61A11A552DC072E57] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe [442467] [MD5.1F373C5DB440D92839DDDF63F5BA2E8A] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [95528] [MD5.BACCDA841C689D1CBA941F478E8ED24B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [910296] [MD5.642FA80C2C43EE609313746AA305DC86] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [14808] [MD5.16A692EDA8253BEB5F3A588055F7869B] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [482304] ---\\ Plugins de navigateurs Opera/Firefox(P1/P2) P2 - FPN:Firefox Plugin Navigator . (.BitTorrent, Inc. - BitTorrent Plugin 1.) -- C:\Program Files\Mozilla Firefox\Plugins\npbittorrent.dll P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFFICE.DLL P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll P2 - FPN: [HKLM] [@bittorrent.com/BitTorrentDNA] - (.BitTorrent, Inc. - Delivery Network Acceleration by BitTorrent™.) -- C:\Program Files\DNA\plugins\npbtdna.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50524.0.) -- C:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.29\npGoogleOneClick8.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=0.9.8a] - (.the VideoLAN Team - Version 0.9.8a, copyright 1996-2008 The VideoLAN Team<br><a href="http.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll P2 - FPN: [HKLM] [@viewpoint.com/VMP] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll (.not file.) P2 - FPN: [HKCU] [@bittorrent.com/BitTorrentDNA] - (.Pas de propriétaire - Pas de description.) -- C:\Users\thomas\Program Files\DNA\plugins\npbtdna.dll (.not file.) ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Création d'une valeur Ini (Created inifile value, mapped to Registry) (F3) F3 - REG:win.ini: load=C:\Users\thomas\AppData\Roaming\mstinit.exe ---\\ Pages de recherche d'Internet Explorer (R1) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Notebook | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Notebook | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk ---\\ Internet Explorer URLSearchHook (R3) R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Run: [ZoneAlarm Client] . (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [sysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll O4 - HKCU\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] I:\Program Files\DAEMON Tools Lite\DTLite.exe (.not file.) O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [bywuursys] . (.Symantec Corporation - RemoteCommand Module.) -- c:\users\thomas\appdata\local\temp\tuspmk.dll O4 - HKCU\..\Run: [xxxyxwaudio] . (.Symantec Corporation - RemoteCommand Module.) -- c:\users\thomas\appdata\local\temp\cbbxww.dll O4 - HKCU\..\Run: [eMuleAutoStart] I:\Program Files\eMule\emule.exe (.not file.) O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKUS\S-1-5-21-1799347306-592565796-315375610-1000\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O4 - HKUS\S-1-5-21-1799347306-592565796-315375610-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - HKUS\S-1-5-21-1799347306-592565796-315375610-1000\..\Run: [DAEMON Tools Lite] I:\Program Files\DAEMON Tools Lite\DTLite.exe (.not file.) O4 - HKUS\S-1-5-21-1799347306-592565796-315375610-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-21-1799347306-592565796-315375610-1000\..\Run: [bywuursys] . (.Symantec Corporation - RemoteCommand Module.) -- c:\users\thomas\appdata\local\temp\tuspmk.dll O4 - HKUS\S-1-5-21-1799347306-592565796-315375610-1000\..\Run: [xxxyxwaudio] . (.Symantec Corporation - RemoteCommand Module.) -- c:\users\thomas\appdata\local\temp\cbbxww.dll O4 - HKUS\S-1-5-21-1799347306-592565796-315375610-1000\..\Run: [eMuleAutoStart] I:\Program Files\eMule\emule.exe (.not file.) O4 - HKUS\S-1-5-21-1799347306-592565796-315375610-1000\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe O4 - Global Startup: Xfire.lnk . (.Pas de propriétaire - Pas de description.) -- I:\Program Files\Xfire\Xfire.exe ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} . (.not file.) - (.not file.) O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~3\OFFICE11\REFBARH.ICO ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{B88FDC44-9597-4D71-AC5B-6058889F8698}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{C54D7858-F414-4167-AC89-F53E7FA75C58}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{B88FDC44-9597-4D71-AC5B-6058889F8698}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{C54D7858-F414-4167-AC89-F53E7FA75C58}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{B88FDC44-9597-4D71-AC5B-6058889F8698}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{C54D7858-F414-4167-AC89-F53E7FA75C58}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Service Google Update (gupdate1cab16e97677860) (gupdate1cab16e97677860) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Service (hpsrv) . (.Hewlett-Packard Corporation - HpService.) - C:\Windows\system32\Hpservice.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 187.6.) - C:\Windows\system32\nvvsvc.exe O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) . (.Pas de propriétaire - CLCapSvc Module.) - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) . (.Pas de propriétaire - CLSched Module.) - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe O23 - Service: Recovery Service for Windows (Recovery Service for Windows) . (.Pas de propriétaire - STServices.) - C:\Windows\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Audio Service (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe O23 - Service: TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\Windows\System32\ZoneLabs\vsmon.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.) ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{594DB747-C41A-4E50-8412-995363E234E7}.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_06\bin\regutils.dll O40 - ASIC: LightScribe Control Panel - {10880D85-AAD9-4558-ABDC-2AB1552D831F} . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSRunOnce.exe O40 - ASIC: Macromedia Shockwave Director 10.1 - {166B1BCA-3F9C-11CF-8075-444553540000} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\Windows\system32\Adobe\Director\SwDir.dll O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 9.0 r124.) -- C:\Windows\system32\Macromed\Flash\Flash9f.ocx ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: avgio (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys O41 - Driver: avipbb (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\system32\DRIVERS\avipbb.sys O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys O41 - Driver: Zone Alarm Firewall Driver (Vsdatant) . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - C:\Windows\system32\DRIVERS\vsdatant.sys ---\\ Logiciels installés (O42) O42 - Logiciel: ActiveCheck component for HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {254C37AA-6B72-4300-84F6-98A82419187E} O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Flash Player ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Reader 8.1.2 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A81200000003} O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- {1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A} O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player O42 - Logiciel: Algodoo Phun edition v5.28 - (.Algoryx.) [HKLM] -- Phun O42 - Logiciel: Analyseur et SDK MSXML 4.0 SP2 - (.Microsoft Corporation.) [HKLM] -- {716E0306-8318-4364-8B8F-0CC4E9376BAC} O42 - Logiciel: Antimalware Doctor - (.Pas de propriétaire.) [HKCU] -- Antimalware Doctor O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: BSPKMBeta0.2 Installer - (.Pas de propriétaire.) [HKLM] -- BSPKMBeta0.2 Installer O42 - Logiciel: Battlefield 1942 - (.Pas de propriétaire.) [HKLM] -- {698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65} O42 - Logiciel: Battlestations: Pacific - (.Eidos plc.) [HKLM] -- {BBAB6D5D-1DD4-4D46-B5D9-121DCAB17DEC} O42 - Logiciel: BitTorrent - (.BitTorrent, Inc.) [HKCU] -- BitTorrent O42 - Logiciel: Blender (remove only) - (.Pas de propriétaire.) [HKLM] -- Blender O42 - Logiciel: CCleaner (remove only) - (.Pas de propriétaire.) [HKLM] -- CCleaner O42 - Logiciel: Call of Duty Modern Warfare 2 - (.Setup by frogs.) [HKLM] -- {3CDF9C0F-6C77-4307-80A6-0A9D47C174D8}_is1 O42 - Logiciel: Call of Duty® - World at War - (.Activision.) [HKLM] -- InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F} O42 - Logiciel: Call of Juarez - Bound in Blood - (.Ubisoft.) [HKLM] -- InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A} O42 - Logiciel: Command & Conquer 3 - (.Nom de votre société.) [HKLM] -- {DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32} O42 - Logiciel: Command & Conquer™ Red Alert™ 3 - (.Electronic Arts.) [HKLM] -- {296D8550-CB06-48E4-9A8B-E5034FB64715} O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D} O42 - Logiciel: DDS Converter 2.1 - (.Pas de propriétaire.) [HKLM] -- DDS Converter 2.1 O42 - Logiciel: DNA - (.BitTorrent Inc..) [HKCU] -- BitTorrent DNA O42 - Logiciel: DesertCombat 0.7 - (.Pas de propriétaire.) [HKLM] -- DesertCombat O42 - Logiciel: ESU for Microsoft Vista - (.Hewlett-Packard.) [HKLM] -- {3877C901-7B90-4727-A639-B6ED2DD59D43} O42 - Logiciel: GTA San Andreas - (.Rockstar Games.) [HKLM] -- {D417C96A-FCC7-4590-A1BB-FAF73F5BC98E} O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {B131E59D-202C-43C6-84C9-68F0C37541F1} O42 - Logiciel: Google SketchUp 7 - (.Google, Inc..) [HKLM] -- {5AD045DF-11AA-473D-B4AA-2A4F0E213047} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {F7B0939E-58DF-11DF-B3A6-005056806466} O42 - Logiciel: HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B} O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21} O42 - Logiciel: HP Doc Viewer - (.Hewlett-Packard.) [HKLM] -- {082702D5-5DD8-4600-BCE5-48B15174687F} O42 - Logiciel: HP Easy Setup - Frontend - (.Hewlett-Packard.) [HKLM] -- {51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A} O42 - Logiciel: HP Help and Support - (.Hewlett-Packard.) [HKLM] -- {E333CA5F-00ED-4EEF-90E5-6A33A8FE969F} O42 - Logiciel: HP Quick Launch Buttons 6.40 D1 - (.Hewlett-Packard.) [HKLM] -- {34D2AB40-150D-475D-AE32-BD23FB5EE355} O42 - Logiciel: HP QuickPlay 3.7 - (.Hewlett-Packard.) [HKLM] -- {45D707E9-F3C4-11D9-A373-0050BAE317E1} O42 - Logiciel: HP QuickTouch 1.00 D2 - (.Hewlett-Packard.) [HKLM] -- {30DAA715-5032-40F9-A0AE-95C9AEBB3E3F} O42 - Logiciel: HP Total Care Advisor - (.Hewlett-Packard.) [HKLM] -- {f32502b5-5b64-4882-bf61-77f23edcac4f} O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F} O42 - Logiciel: HP User Guides 0103 - (.Hewlett-Packard.) [HKLM] -- {B8169E45-8E23-430B-91D1-EC64540C8ED0} O42 - Logiciel: HP Wireless Assistant - (.Hewlett-Packard.) [HKLM] -- {340F521E-3576-4E1A-B75C-EB0ACF751379} O42 - Logiciel: HPAsset component for HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {669D4A35-146B-4314-89F1-1AC3D7B88367} O42 - Logiciel: HPNetworkAssistant - (.Hewlett-Packard..) [HKLM] -- {228C6B46-64E2-404E-898A-EF0830603EF4} O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: IDT Audio - (.IDT.) [HKLM] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001} O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31} O42 - Logiciel: JMicron JMB38X Flash Media Controller - (.JMicron Technology Corp..) [HKLM] -- {26604C7E-A313-4D12-867F-7C6E7820BE4C} O42 - Logiciel: Java 6 Update 6 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160060} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5} O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: LightScribe System Software 1.12.33.2 - (.LightScribe.) [HKLM] -- {582287DA-0806-4AC0-BF19-C15E3A466034} O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: MSI v2 to redistribute Rigs of Rods - (.Pricorde.) [HKLM] -- {36592557-65CE-4A4D-9970-764F17E0AFD3} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware O42 - Logiciel: Messenger Plus! Live - (.Yuna Software.) [HKLM] -- Messenger Plus! Live O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033) O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} O42 - Logiciel: Microsoft Games for Windows - LIVE - (.Microsoft Corporation.) [HKLM] -- {A1C962E2-2426-49C6-A38B-9A07E40D607C} O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM] -- {00C5F4F4-62F9-40D7-8000-AD8A9CD0C669} O42 - Logiciel: Microsoft Office Live Add-in 1.3 - (.Microsoft Corporation.) [HKLM] -- {57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95120000-0122-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9} O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5} O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB} O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {A49F249F-0C91-497F-86DF-B2585E8E76B7} O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710} O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE} O42 - Logiciel: Mozilla Firefox (3.6. - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6. O42 - Logiciel: My HP Games - (.WildTangent.) [HKLM] -- WildTangent hp Master Uninstall O42 - Logiciel: NASA World Wind 1.4 - (.Pas de propriétaire.) [HKLM] -- NASA World Wind 1.4 O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {B83FC356-B7C0-441F-8A4D-D71E088E7974} O42 - Logiciel: Nexus: The Jupiter Incident - (.Nom de votre société.) [HKLM] -- {63BB4E50-0CC2-47AB-AC01-CBCD657B1FF4} O42 - Logiciel: Nexus: The Jupiter Incident - Multiplayer Demo - (.Mithis.) [HKLM] -- {54316F1C-4E8F-43B8-AB51-DFA69FE800AC} O42 - Logiciel: No Hope - (.Pas de propriétaire.) [HKCU] -- No Hope O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN O42 - Logiciel: OGA Notifier 2.0.0048.0 - (.Microsoft Corporation.) [HKLM] -- {B2544A03-10D0-4E5E-BA69-0362FFC20D18} O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238} O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A} O42 - Logiciel: Paint.NET v3.5.5 - (.dotPDN LLC.) [HKLM] -- {F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0} O42 - Logiciel: PlayLinc - (.SCI.) [HKLM] -- {2158685C-E2B3-4026-B0A1-0FFE31837AFD} O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658} O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: ProtectSmart Hard Drive Protection - (.Hewlett-Packard.) [HKLM] -- {9D615069-AA8F-4E89-AE9D-77AAE90F529F} O42 - Logiciel: Prototype - (.Activision.) [HKLM] -- InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A} O42 - Logiciel: PunkBuster Services - (.Even Balance, Inc..) [HKLM] -- PunkBusterSvc O42 - Logiciel: QuickPlay SlingPlayer 0.4.6 - (.SlingMedia.) [HKLM] -- SlingMedia.QPSlingPlayer O42 - Logiciel: RUNAWAY: A TWIST OF FATE (Français) - (.Focus Home Interactive.) [HKLM] -- RUNAWAY: A TWIST OF FATE (fr) O42 - Logiciel: Realtek 8169 8168 8101E 8102E Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0 O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem O42 - Logiciel: SGCSim v5.1.0 - (.SGCSim.com.) [HKLM] -- {BF926BD5-83E9-417F-BC56-1AC181A13168} O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A} O42 - Logiciel: San Andreas Mod Installer - (.cpmusick.) [HKLM] -- San Andreas Mod Installer1.1 O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {981029E0-7FC9-4CF3-AB39-6F133621921A} O42 - Logiciel: Skype™ 4.2 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36} O42 - Logiciel: Sniper Elite - (.Pas de propriétaire.) [HKLM] -- {A979B2D8-E3EE-4523-A26C-4AF0A6809280} O42 - Logiciel: Star Wars Empire at War - (.LucasArts.) [HKLM] -- {99AE7207-8612-4DBA-A8F8-BAE5C633390D} O42 - Logiciel: Star Wars Empire at War Forces of Corruption - (.LucasArts.) [HKLM] -- {6592FDEC-2C1A-413A-9985-25FEC2F0848D} O42 - Logiciel: Steiners Advanced Units Mod 3.2.5 - (.SMG.) [HKLM] -- Steiners Advanced Units Mod O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey O42 - Logiciel: System Requirements Lab - (.Pas de propriétaire.) [HKLM] -- SystemRequirementsLab O42 - Logiciel: Tom Clancy's Rainbow Six 3: Raven Shield - (.Pas de propriétaire.) [HKLM] -- {AF131494-F5D8-45C5-938C-D5F020CF1B0D} O42 - Logiciel: Tom Clancy's Rainbow Six Vegas - (.Ubisoft.) [HKLM] -- {5731C0A8-B266-451A-8D3F-8066AA21836F} O42 - Logiciel: Uninstall MEC2 - (.DERELICT STUDIOS.) [HKLM] -- {9CDAE8D9-1EB8-4595-89C3-21DB7CC16EAA}_is1 O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: VLC media player 0.9.8a - (.VideoLAN Team.) [HKLM] -- VLC media player O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {ED00D08A-3C5F-488D-93A0-A04F21F23956} O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {53B20C18-D8D4-4588-8737-9BBFE303C354} O42 - Logiciel: Windows Live OneCare safety scanner - (.Microsoft Corporation.) [HKLM] -- Windows Live OneCare safety scanner O42 - Logiciel: Windows Live OneCare safety scanner - (.Microsoft Corporation.) [HKLM] -- {FE0646A7-19D0-41B4-A2BB-2C35D644270D} O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {F7D27C70-90F5-49B9-B188-0A133C0CE353} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA} O42 - Logiciel: World in Conflict - (.Ubisoft Entertainment.) [HKLM] -- {F11ADC64-C89E-47F4-A0B3-3665FF859397} O42 - Logiciel: ZoneAlarm - (.Check Point, Inc.) [HKLM] -- ZoneAlarm O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule O42 - Logiciel: eToro - (.Pas de propriétaire.) [HKLM] -- eToro O42 - Logiciel: gamedata - (.Pas de propriétaire.) [HKLM] -- gamedata O42 - Logiciel: muvee autoProducer 6.1 - (.muvee Technologies.) [HKLM] -- {35F83303-C0C0-46B7-B8A8-ADA7C2AC5645} ---\\ HKCU & HKLM Software Keys [HKCU\Software\2f050e55bc20a67fc7fa8aadb0531b72] [HKCU\Software\3rd Eye Solutions] [HKCU\Software\AC3Filter] [HKCU\Software\ACE Compression Software] [HKCU\Software\ACP] [HKCU\Software\ASProtect] [HKCU\Software\Adobe] [HKCU\Software\Ahnlab] [HKCU\Software\Aleksandar Puskas Software] [HKCU\Software\America Online] [HKCU\Software\Antimalware Doctor Inc] [HKCU\Software\AppDataLow\Software\Adobe] [HKCU\Software\AppDataLow\Software\Macromedia] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Avira] [HKCU\Software\Blizzard Entertainment] [HKCU\Software\Bugsplat] [HKCU\Software\Burda] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CyberLink] [HKCU\Software\Cygnus Solutions] [HKCU\Software\DT Soft] [HKCU\Software\Electronic Arts] [HKCU\Software\Galactic Conquest] [HKCU\Software\GameSpy] [HKCU\Software\Google] [HKCU\Software\HP Guide] [HKCU\Software\Hewlett-Packard] [HKCU\Software\HookNetwork] [HKCU\Software\IDT] [HKCU\Software\IGA] [HKCU\Software\IM Providers] [HKCU\Software\InstallShield] [HKCU\Software\JEDI-VCL] [HKCU\Software\JRMX9X1GML] [HKCU\Software\JavaSoft] [HKCU\Software\LightScribe] [HKCU\Software\Lightrock Entertainment] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\LucasArts] [HKCU\Software\MWSetup] [HKCU\Software\MW] [HKCU\Software\Macromedia] [HKCU\Software\Macrovision] [HKCU\Software\MainConcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Massive Entertainment AB] [HKCU\Software\MimarSinan] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\NASA] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\NecroSystems] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\Paint.NET] [HKCU\Software\Patchou] [HKCU\Software\Petroglyph Games] [HKCU\Software\Petroglyph] [HKCU\Software\Piriform] [HKCU\Software\Playlogic] [HKCU\Software\Policies] [HKCU\Software\PySoft] [HKCU\Software\ROUA3O12PW] [HKCU\Software\SecuROM] [HKCU\Software\Skype] [HKCU\Software\Softthinks] [HKCU\Software\Software] [HKCU\Software\Speed-Downloading] [HKCU\Software\Super Computer International] [HKCU\Software\Synaptics] [HKCU\Software\TOY5KNQ8OC] [HKCU\Software\TraumaStudios] [HKCU\Software\Trolltech] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\Valve] [HKCU\Software\Vision Thing] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\WoGInstaller] [HKCU\Software\X Dimension] [HKCU\Software\Xfire] [HKCU\Software\ZE18MW23GY] [HKCU\Software\Zone Labs] [HKCU\Software\c4a97bc26d537dcdbe917656c1817fc6] [HKCU\Software\eMule] [HKCU\Software\ej-technologies] [HKCU\Software\epsxe] [HKCU\Software\etoro] [HKCU\Software\keyhole.com] [HKCU\Software\roxio] [HKLM\Software\ACE Compression Software] [HKLM\Software\AGEIA Technologies] [HKLM\Software\AOL] [HKLM\Software\Act-3D] [HKLM\Software\Activision] [HKLM\Software\Adobe] [HKLM\Software\America Online] [HKLM\Software\AviSynth] [HKLM\Software\Avira] [HKLM\Software\BitTorrent] [HKLM\Software\BlenderFoundation] [HKLM\Software\BrowserChoice] [HKLM\Software\C07ft5Y] [HKLM\Software\CXT] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Conexant] [HKLM\Software\CyberLink] [HKLM\Software\Cygnus Solutions] [HKLM\Software\DC_Final_Client] [HKLM\Software\DT Soft] [HKLM\Software\Data Fellows] [HKLM\Software\Debug] [HKLM\Software\EA GAMES] [HKLM\Software\EasyBits] [HKLM\Software\Eidos] [HKLM\Software\Electronic Arts] [HKLM\Software\F-Secure] [HKLM\Software\Google] [HKLM\Software\HPQ] [HKLM\Software\HP] [HKLM\Software\Hewlett-Packard] [HKLM\Software\IDT] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JMicron Technology Corp.] [HKLM\Software\JavaSoft] [HKLM\Software\LightScribe] [HKLM\Software\LucasArts] [HKLM\Software\MC2] [HKLM\Software\MCCI] [HKLM\Software\Macromedia] [HKLM\Software\Massive Entertainment AB] [HKLM\Software\MetaStream] [HKLM\Software\MimarSinan] [HKLM\Software\Mithis] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\OPTENET] [HKLM\Software\OldTimer Tools] [HKLM\Software\Paint.NET] [HKLM\Software\Patchou] [HKLM\Software\Pendulo Studios] [HKLM\Software\PocketSoft] [HKLM\Software\Policies] [HKLM\Software\RTLSetup] [HKLM\Software\Realtek] [HKLM\Software\Rebellion] [HKLM\Software\Red Storm Entertainment] [HKLM\Software\RegisteredApplications] [HKLM\Software\Rockstar Games] [HKLM\Software\SAMI] [HKLM\Software\Samsung Electronics Co., Ltd.] [HKLM\Software\Skype] [HKLM\Software\Sonic] [HKLM\Software\Speed-Downloading] [HKLM\Software\Stargate BFM] [HKLM\Software\Symantec] [HKLM\Software\Synaptics] [HKLM\Software\TML-Studios] [HKLM\Software\Techland] [HKLM\Software\TrendMicro] [HKLM\Software\Trymedia Systems] [HKLM\Software\Ubi Soft] [HKLM\Software\Ubisoft] [HKLM\Software\Valve] [HKLM\Software\VideoLAN] [HKLM\Software\Viewpoint] [HKLM\Software\Volatile] [HKLM\Software\WOW6432Node] [HKLM\Software\WildTangent] [HKLM\Software\WinRAR] [HKLM\Software\X-AVCSD] [HKLM\Software\Xfire] [HKLM\Software\Zone Labs] [HKLM\Software\ej-technologies] [HKLM\Software\mozilla.org] [HKLM\Software\muvee Technologies] ---\\ Contenu des dossiers ProgramFiles/ProgramData (O43) O43 - CFD:Common File Directory ----D- C:\Program Files\Activision O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\AGEIA Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\Algodoo Phun Edition O43 - CFD:Common File Directory ----D- C:\Program Files\Avira O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5 O43 - CFD:Common File Directory ----D- C:\Program Files\BitTorrent O43 - CFD:Common File Directory ----D- C:\Program Files\BSPKMBeta0.2 Installer O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner O43 - CFD:Common File Directory ----D- C:\Program Files\Common File O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink O43 - CFD:Common File Directory ----D- C:\Program Files\DDS Converter 2 O43 - CFD:Common File Directory ----D- C:\Program Files\DNA O43 - CFD:Common File Directory ----D- C:\Program Files\Electronic Arts O43 - CFD:Common File Directory ----D- C:\Program Files\eToro O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs O43 - CFD:Common File Directory ----D- C:\Program Files\Google O43 - CFD:Common File Directory ----D- C:\Program Files\Hewlett-Packard O43 - CFD:Common File Directory ----D- C:\Program Files\HP O43 - CFD:Common File Directory ----D- C:\Program Files\HP Games O43 - CFD:Common File Directory ----D- C:\Program Files\IDT O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallJammer Registry O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD:Common File Directory ----D- C:\Program Files\Intel O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer O43 - CFD:Common File Directory ----D- C:\Program Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games for Windows - LIVE O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office Outlook Connector O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Sync Framework O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild O43 - CFD:Common File Directory ----D- C:\Program Files\muvee Technologies O43 - CFD:Common File Directory R---D- C:\Program Files\Online Services O43 - CFD:Common File Directory ----D- C:\Program Files\Paint.NET O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies O43 - CFD:Common File Directory ----D- C:\Program Files\Samsung O43 - CFD:Common File Directory R---D- C:\Program Files\Skype O43 - CFD:Common File Directory ----D- C:\Program Files\Synaptics O43 - CFD:Common File Directory ----D- C:\Program Files\SystemRequirementsLab O43 - CFD:Common File Directory ----D- C:\Program Files\TML-Studios O43 - CFD:Common File Directory ----D- C:\Program Files\trend micro O43 - CFD:Common File Directory ----D- C:\Program Files\Ubi Soft O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN O43 - CFD:Common File Directory ----D- C:\Program Files\Western Digital O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Collaboration O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live Safety Center O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR O43 - CFD:Common File Directory ----D- C:\Program Files\WorldOfGoo O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag O43 - CFD:Common File Directory ----D- C:\Program Files\Zone Labs O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\AOL O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LightScribe O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\muvee Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PocketSoft O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Symantec Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live O43 - CFD:Common File Directory -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Wise Installation Wizard O43 - CFD:Common File Directory ----D- C:\ProgramData\2DBoy O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe O43 - CFD:Common File Directory ----D- C:\ProgramData\Age of Empires 3 O43 - CFD:Common File Directory ----D- C:\ProgramData\AOL O43 - CFD:Common File Directory ----D- C:\ProgramData\AOL OCP O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Application Data O43 - CFD:Common File Directory ----D- C:\ProgramData\Avira O43 - CFD:Common File Directory ----D- C:\ProgramData\Azureus O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Bureau O43 - CFD:Common File Directory ----D- C:\ProgramData\CheckPoint O43 - CFD:Common File Directory ----D- C:\ProgramData\CyberLink O43 - CFD:Common File Directory ----D- C:\ProgramData\DAEMON Tools Lite O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Desktop O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Documents O43 - CFD:Common File Directory ----D- C:\ProgramData\eMule O43 - CFD:Common File Directory ----D- C:\ProgramData\F-Secure O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favoris O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favorites O43 - CFD:Common File Directory ----D- C:\ProgramData\FRA O43 - CFD:Common File Directory ----D- C:\ProgramData\fssg O43 - CFD:Common File Directory ----D- C:\ProgramData\Google O43 - CFD:Common File Directory ----D- C:\ProgramData\Hewlett-Packard O43 - CFD:Common File Directory ----D- C:\ProgramData\InstallShield O43 - CFD:Common File Directory ----D- C:\ProgramData\Malwarebytes O43 - CFD:Common File Directory ----D- C:\ProgramData\McAfee O43 - CFD:Common File Directory ----D- C:\ProgramData\Media Center Programs O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD:Common File Directory ----D- C:\ProgramData\Messenger Plus! O43 - CFD:Common File Directory ----D- C:\ProgramData\Microsoft O43 - CFD:Common File Directory ----D- C:\ProgramData\Microsoft Help O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Modèles O43 - CFD:Common File Directory ----D- C:\ProgramData\MsvThumbs O43 - CFD:Common File Directory ----D- C:\ProgramData\muvee Technologies O43 - CFD:Common File Directory ----D- C:\ProgramData\NVIDIA O43 - CFD:Common File Directory ----D- C:\ProgramData\Office Genuine Advantage O43 - CFD:Common File Directory ----D- C:\ProgramData\Pendulo Studios O43 - CFD:Common File Directory ----D- C:\ProgramData\Skype O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Start Menu O43 - CFD:Common File Directory ----D- C:\ProgramData\Symantec O43 - CFD:Common File Directory ----D- C:\ProgramData\TEMP O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Templates O43 - CFD:Common File Directory ----D- C:\ProgramData\Trymedia O43 - CFD:Common File Directory ----D- C:\ProgramData\Viewpoint O43 - CFD:Common File Directory ----D- C:\ProgramData\WildTangent O43 - CFD:Common File Directory ----D- C:\ProgramData\WindowsSearch O43 - CFD:Common File Directory ----D- C:\ProgramData\WLInstaller O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\AOL O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LightScribe O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\muvee Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PocketSoft O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Symantec Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live O43 - CFD:Common File Directory -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Wise Installation Wizard ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.00000000000000000000000000000000] - 22/08/2010 - 09:11:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1676794] O44 - LFC:[MD5.D33433723BB5E31665170E0D5877403E] - 22/08/2010 - 09:03:34 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\vsconfig.xml [352615] O44 - LFC:[MD5.F83DF5CB05F664BEA08140F4EE6D1A9C] - 22/08/2010 - 09:03:15 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/08/2010 - 19:06:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/08/2010 - 19:06:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setuperr.log [0] O44 - LFC:[MD5.26B0F12F9A4C267AF5B2DA35F87A6EFA] - 20/08/2010 - 16:24:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\DOErrors.log [52] O44 - LFC:[MD5.36FA40613B510A8AF1FED7AA5D315772] - 20/08/2010 - 09:06:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\rkill.log [485] O44 - LFC:[MD5.0C7FB4C343B60470D8FB451DE68C03AA] - 18/08/2010 - 18:48:03 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\error.log [10250] O44 - LFC:[MD5.D3B4329A88E39E0779E75D003C8C7393] - 16/08/2010 - 00:07:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\MEMORY.DMP [403352045] O44 - LFC:[MD5.C95CD48CBF75B46C43CFB76E3AD13B5A] - 16/08/2010 - 00:07:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [1260] O44 - LFC:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 15/08/2010 - 11:55:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [38224] O44 - LFC:[MD5.67B48A903430C6D4FB58CBACA1866601] - 15/08/2010 - 11:55:34 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [20952] O44 - LFC:[MD5.44CD3BB2588C463E494CE9B3ACE4FB2F] - 13/08/2010 - 18:55:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI [1507110] O44 - LFC:[MD5.45B26C1F9A859EE10DC72E70E91F5BC2] - 13/08/2010 - 18:55:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc009.dat [106490] O44 - LFC:[MD5.E2576CE8E55937124044913E6622A885] - 13/08/2010 - 18:55:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc00C.dat [129632] O44 - LFC:[MD5.2F069E7A9F6089D047A8D8821086DC64] - 13/08/2010 - 18:55:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh009.dat [598562] O44 - LFC:[MD5.84CCDBFFD82487A927225C87CDC54983] - 13/08/2010 - 18:55:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh00C.dat [682034] O44 - LFC:[MD5.F1339931E3F10B4016540A6FA73A9F6E] - 12/08/2010 - 08:07:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\FNTCACHE.DAT [360400] O44 - LFC:[MD5.FBB3FB8272B66E4233BE2453F3A56325] - 11/08/2010 - 22:58:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\win.ini [240] O44 - LFC:[MD5.3F337DD54339BEAF26917D3A0A32C1DE] - 11/08/2010 - 19:17:29 ---A- . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll [81920] ---\\ Export de clé d'application autorisée (ECAA) (O47) O47 - AAKE:Key Export SP - "C:\Program Files\BitTorrent\bittorrent.exe" [Enabled] .(.BitTorrent, Inc. - BitTorrent.) -- C:\Program Files\BitTorrent\bittorrent.exe ---\\ MountPoints2 Shell Key (MPSK) (O51) O51 - MPSK:{0fcb3be1-2855-11df-bbf1-001eec7e69cf}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- H:\rg9g9bgq.exe (.not file.) O51 - MPSK:{2d5a0f7c-a571-11df-bac4-001eec7e69cf}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\Autorun.exe (.not file.) O51 - MPSK:{def4af2d-209f-11df-8a04-001eec7e69cf}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- H:\LaunchU3.exe -a (.not file.) ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"vidc.i420"="i420vfw.dll" . (.www.helixcommunity.org - Helix I420 YUV Codec.) -- C:\Windows\System32\i420vfw.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \Drivers32\"msacm.l3codecp"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm O52 - TDSD: \Drivers32\"vidc.yv12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\Windows\System32\yv12vfw.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"l3codecp.acm"="" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm ---\\ ShareTools MSconfig StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe O53 - SMSR:HKLM\...\startupreg\BitTorrent DNA [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Users\thomas\Program Files\DNA\btdna.exe O53 - SMSR:HKLM\...\startupreg\ccApp [Key] . (.Pas de propriétaire - Pas de description.) -- c:\Program Files\Common Files\Symantec Shared\ccApp.exe O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\DAEMON Tools Lite\daemon.exe O53 - SMSR:HKLM\...\startupreg\F-Secure Manager [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.exe O53 - SMSR:HKLM\...\startupreg\F-Secure TNB [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe O53 - SMSR:HKLM\...\startupreg\HP Health Check Scheduler [Key] . (.Hewlett-Packard - HP Health Check Scheduler.) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O53 - SMSR:HKLM\...\startupreg\HP Software Update [Key] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O53 - SMSR:HKLM\...\startupreg\hpWirelessAssistant [Key] . (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O53 - SMSR:HKLM\...\startupreg\isCfgWiz [Key] . (.Pas de propriétaire - Pas de description.) -- c:\Program Files\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe O53 - SMSR:HKLM\...\startupreg\LightScribe Control Panel [Key] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe O53 - SMSR:HKLM\...\startupreg\NvCplDaemon [Key] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll O53 - SMSR:HKLM\...\startupreg\NvMediaCenter [Key] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll O53 - SMSR:HKLM\...\startupreg\OnScreenDisplay [Key] . (. Hewlett-Packard Development Company, L.P. - HP QuickTouch On Screen Display.) -- C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe O53 - SMSR:HKLM\...\startupreg\OPTENET_GUI [Key] . (.Orange - Contrôle Parental.) -- C:\PROGRA~1\CONTRO~1\bin\optgui.exe O53 - SMSR:HKLM\...\startupreg\QlbCtrl.exe [Key] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe O53 - SMSR:HKLM\...\startupreg\QPService [Key] . (.CyberLink Corp. - HP QuickPlay Resident Program.) -- C:\Program Files\HP\QuickPlay\QPService.exe O53 - SMSR:HKLM\...\startupreg\Sidebar [Key] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe O53 - SMSR:HKLM\...\startupreg\SynTPEnh [Key] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O53 - SMSR:HKLM\...\startupreg\SysTrayApp [Key] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe O53 - SMSR:HKLM\...\startupreg\UCam_Menu [Key] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe O53 - SMSR:HKLM\...\startupreg\Windows Defender [Key] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKCU\...\Policies\System] - "LogonHoursAction"=2 O55 - MWPS:[HKCU\...\Policies\System] - "DontDisplayLogonHoursWarnings"=1 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:[MD5.AEF9EE4451D5C46370142CB06D0F3591] - 07/08/2008 - 14:31:52 ---A- . (.Hewlett-Packard Corporation - HP Accelerometer.) -- C:\Windows\system32\drivers\Accelerometer.sys O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys O58 - SDL:[MD5.E54E27976E2C5A6465D44C10B1D87AC0] - 17/07/2002 - 16:20:32 ---A- . (.Adaptec - ASPI for WIN32 Kernel Driver.) -- C:\Windows\system32\drivers\ASPI32.SYS O58 - SDL:[MD5.76C10D80E46CB79570479CB7CF205D39] - 24/03/2009 - 15:07:58 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys O58 - SDL:[MD5.AD9BD66A862116E79CB45BB6BE46055F] - 30/03/2009 - 09:32:47 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\Windows\system32\drivers\avipbb.sys O58 - SDL:[MD5.CF6A67C90951E3E763D2135DEDE44B85] - 02/11/2006 - 08:30:53 ---A- . (.Broadcom Corporation - BCM 802.11g Network Adapter wireless driver.) -- C:\Windows\system32\drivers\BCMWL6.SYS O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel® PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys O58 - SDL:[MD5.4CD6B056C5FD9E97C06FE74C81479517] - 24/01/2008 - 14:23:12 ---A- . (.ENE TECHNOLOGY INC. - ENE CIR Driver for eHome.) -- C:\Windows\system32\drivers\enecir.sys O58 - SDL:[MD5.C25C70FD4D49391091D9EB8C747F19E6] - 28/08/2006 - 22:54:56 ---A- . (.Applied Networking Inc. - Hamachi Virtual Network Interface Driver, OEM.) -- C:\Windows\system32\drivers\gan_adapter.sys O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys O58 - SDL:[MD5.64637B65C90DF48C94BB9346AFB3AC61] - 07/08/2008 - 14:42:12 ---A- . (.Hewlett-Packard Corporation - HP Disk Filter - SATA/RAID.) -- C:\Windows\system32\drivers\hpdskflt.sys O58 - SDL:[MD5.35956140E686D53BF676CF0C778880FC] - 18/06/2007 - 16:12:04 ---A- . (.Hewlett-Packard Development Company, L.P. - HpqKbFiltr Keyboard Filter Driver.) -- C:\Windows\system32\drivers\HpqKbFiltr.sys O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys O58 - SDL:[MD5.DA971CFC625D13636E04C405948E9D62] - 08/07/2008 - 11:16:26 ---A- . (.JMicron Technology Corporation - JMicron JMB38X Flash Media Controller Driver.) -- C:\Windows\system32\drivers\jmcr.sys O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys O58 - SDL:[MD5.8DE67BD902095A13329FD82C85A1FA09] - 17/11/2008 - 15:40:22 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\system32\drivers\NETw5v32.sys O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys O58 - SDL:[MD5.F972DC046C374A9E02F2DFBE74EBB203] - 14/05/2008 - 03:09:00 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\system32\drivers\nvhda32v.sys O58 - SDL:[MD5.24000B817CC84AC1555F41929879AF5A] - 03/10/2009 - 05:02:06 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 187.66.) -- C:\Windows\system32\drivers\nvlddmkm.sys O58 - SDL:[MD5.1657F3FBD9061526C14FF37E79306F98] - 02/11/2006 - 08:30:56 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\system32\drivers\nvm60x32.sys O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys O58 - SDL:[MD5.6D2DBE236CF5EF94E4BE1969D1B6D304] - 19/02/2010 - 14:33:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\PnkBstrK.sys O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys O58 - SDL:[MD5.2FC33077F85D7DC0D03678C06D43898C] - 02/05/2008 - 14:59:40 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys O58 - SDL:[MD5.9E7DEE11FD5A4355941A45F13C0ED59A] - 26/03/2006 - 13:22:14 ---A- . (.Protection Technology (StarForce) - FrontLine Environment Driver.) -- C:\Windows\system32\drivers\sfdrv01.sys O58 - SDL:[MD5.4D0CE0FADCA29E7DA68CE597AC9010BD] - 05/07/2006 - 13:46:06 ---A- . (.Protection Technology (StarForce) - FrontLine Environment Driver.) -- C:\Windows\system32\drivers\sfdrv01a.sys O58 - SDL:[MD5.DAAD4C099EBF5094D32C373AC1AC0F3C] - 14/06/2006 - 15:56:56 ---A- . (.Protection Technology (StarForce) - FrontLine Helper Driver.) -- C:\Windows\system32\drivers\sfhlp02.sys O58 - SDL:[MD5.C526AD307FF1900BC4C864F74553F762] - 11/08/2006 - 14:47:13 ---A- . (.Protection Technology (StarForce) - FrontLine Synchronization Driver.) -- C:\Windows\system32\drivers\sfsync04.sys O58 - SDL:[MD5.5DC0D3978B2C98F370BD8A5C9FD86092] - 14/06/2006 - 18:12:13 ---A- . (.Protection Technology (StarForce) - FrontLine VFS Driver.) -- C:\Windows\system32\drivers\sfvfs02.sys O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys O58 - SDL:[MD5.00000000000000000000000000000000] - 22/07/2010 - 02:50:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\sptd.sys O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 13/07/2009 - 10:54:33 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys O58 - SDL:[MD5.14622AE81C72B08691EEDAABC1D4A129] - 02/05/2007 - 10:12:34 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Device II 1.0 Driver.) -- C:\Windows\system32\drivers\ssm_bus.sys O58 - SDL:[MD5.79B3761947FFDA77F2EF2225C1A1DFB1] - 02/05/2007 - 10:12:34 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ssm_cm.sys O58 - SDL:[MD5.79B3761947FFDA77F2EF2225C1A1DFB1] - 02/05/2007 - 10:12:34 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ssm_cmnt.sys O58 - SDL:[MD5.43EE5E9FDA61A5E0EAC4C1DE699E6E4D] - 02/05/2007 - 10:12:36 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Modem II 1.0 Filter Driver.) -- C:\Windows\system32\drivers\ssm_mdfl.sys O58 - SDL:[MD5.918CFD32C7FEB174F356A0A6FAD11F4B] - 02/05/2007 - 10:12:36 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Modem II 1.0 Driver.) -- C:\Windows\system32\drivers\ssm_mdm.sys O58 - SDL:[MD5.029711A9A56D300E1DC60EC65121403E] - 02/05/2007 - 10:12:36 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ssm_wh.sys O58 - SDL:[MD5.029711A9A56D300E1DC60EC65121403E] - 02/05/2007 - 10:12:36 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ssm_whnt.sys O58 - SDL:[MD5.21CC262AB5F42F7A6B91DC7304C2F267] - 27/06/2008 - 16:44:18 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\system32\drivers\stwrt.sys O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys O58 - SDL:[MD5.F5D926807BD9BC0AF68F9376144DE425] - 28/03/2008 - 02:06:00 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys O58 - SDL:[MD5.46D67209550973257601A533E2AC5785] - 21/01/2008 - 03:23:22 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\VSTAZL3.SYS O58 - SDL:[MD5.5C7BDCF5864DB00323FE2D90FA26A8A2] - 21/01/2008 - 03:23:23 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\VSTCNXT3.SYS O58 - SDL:[MD5.EC36F1D542ED4252390D446BF6D4DFD0] - 21/01/2008 - 03:23:22 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\VSTDPV3.SYS O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\ANSI.SYS O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\country.sys O58 - SDL:[MD5.C25C70FD4D49391091D9EB8C747F19E6] - 28/08/2006 - 22:54:56 ---A- . (.Applied Networking Inc. - Hamachi Virtual Network Interface Driver, OEM.) -- C:\Windows\system32\gan_adapter.sys O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\HIMEM.SYS O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEY01.SYS O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEYBOARD.SYS O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS.SYS O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS404.SYS O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS411.SYS O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS412.SYS O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS804.SYS O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO.SYS O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO404.SYS O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO411.SYS O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO412.SYS O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO804.SYS ---\\ Liste des outils de nettoyage (LATC) (O63) O63 - Logiciel: ZHPDiag 1.26 - (.Nicolas Coolman.) O63 - Logiciel: RSIT - (.random/random.) ---\\ Liste des services Legacy (LALS) (O64) O64 - Services: CurCS - C:\Windows\system32\drivers\adp94xx.sys - adp94xx (adp94xx) .(.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) - LEGACY_ADP94XX O64 - Services: CurCS - C:\Windows\system32\drivers\adpahci.sys - adpahci (adpahci) .(.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) - LEGACY_ADPAHCI O64 - Services: CurCS - C:\Windows\system32\drivers\adpu160m.sys - adpu160m (adpu160m) .(.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) - LEGACY_ADPU160M O64 - Services: CurCS - C:\Windows\system32\drivers\adpu320.sys - adpu320 (adpu320) .(.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) - LEGACY_ADPU320 O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys - Ancilliary Function Driver for Winsock (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - C:\Windows\system32\drivers\djsvs.sys - aic78xx (aic78xx) .(.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) - LEGACY_AIC78XX O64 - Services: CurCS - C:\Windows\system32\drivers\aliide.sys - aliide (aliide) .(.Acer Laboratories Inc. - ALi mini IDE Driver.) - LEGACY_ALIIDE O64 - Services: CurCS - C:\Windows\system32\drivers\amdide.sys - amdide (amdide) .(.Microsoft Corporation - Pilote IDE AMD.) - LEGACY_AMDIDE O64 - Services: CurCS - C:\Windows\system32\drivers\arc.sys - arc (arc) .(.Adaptec, Inc. - Adaptec RAID Storport Driver.) - LEGACY_ARC O64 - Services: CurCS - C:\Windows\system32\drivers\arcsas.sys - arcsas (arcsas) .(.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) - LEGACY_ARCSAS O64 - Services: CurCS - C:\Windows\system32\drivers\atapi.sys - IDE Channel (atapi) .(.Microsoft Corporation - ATAPI IDE Miniport Driver.) - LEGACY_ATAPI O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB O64 - Services: CurCS - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP O64 - Services: CurCS - C:\Windows\system32\DRIVERS\bowser.sys - Bowser (bowser) .(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) - LEGACY_BOWSER O64 - Services: CurCS - C:\Windows\system32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS O64 - Services: CurCS - C:\Windows\system32\CLFS.sys - Common Log (CLFS) (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS O64 - Services: CurCS - C:\Windows\system32\drivers\cmdide.sys - cmdide (cmdide) .(.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) - LEGACY_CMDIDE O64 - Services: CurCS - (.not file.) - CO_Mon (CO_Mon) .(.Pas de propriétaire - Pas de description.) - LEGACY_CO_MON O64 - Services: CurCS - C:\Windows\system32\drivers\crcdisk.sys - Crcdisk Filter Driver (crcdisk) .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK O64 - Services: CurCS - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL O64 - Services: CurCS - C:\Windows\system32\drivers\EagleNT.sys (.not file.) - EagleNT (EagleNT) .(.Pas de propriétaire - Pas de description.) - LEGACY_EAGLENT O64 - Services: CurCS - C:\Windows\system32\drivers\elxstor.sys - elxstor (elxstor) .(.Emulex - Storport Miniport Driver for LightPulse HBA.) - LEGACY_ELXSTOR O64 - Services: CurCS - (.not file.) - F-Secure HIPS (F-Secure HIPS) .(.Pas de propriétaire - Pas de description.) - LEGACY_F-SECURE_HIPS O64 - Services: CurCS - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT O64 - Services: CurCS - C:\Windows\system32\drivers\fileinfo.sys - File Information FS MiniFilter (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO O64 - Services: CurCS - C:\Windows\system32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR O64 - Services: CurCS - (.not file.) - F-Secure Email Scanning Driver (FSES) .(.Pas de propriétaire - Pas de description.) - LEGACY_FSES O64 - Services: CurCS - (.not file.) - F-Secure Firewall Driver (FSFW) .(.Pas de propriétaire - Pas de description.) - LEGACY_FSFW O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC O64 - Services: CurCS - C:\Windows\system32\drivers\hpcisss.sys - HpCISSs (HpCISSs) .(.Hewlett-Packard Company - Smart Array Storport Driver.) - LEGACY_HPCISSS O64 - Services: CurCS - C:\Windows\system32\drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP O64 - Services: CurCS - C:\Windows\system32\drivers\i2omp.sys - i2omp (i2omp) .(.Microsoft Corporation - I2O Miniport Driver.) - LEGACY_I2OMP O64 - Services: CurCS - C:\Windows\system32\drivers\iastorv.sys - Intel RAID Controller Vista (iaStorV) .(.Intel Corporation - Intel Matrix Storage Manager driver (base).) - LEGACY_IASTORV O64 - Services: CurCS - C:\Windows\system32\drivers\iirsp.sys - iirsp (iirsp) .(.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) - LEGACY_IIRSP O64 - Services: CurCS - C:\Windows\system32\drivers\intelide.sys - intelide (intelide) .(.Microsoft Corporation - Intel PCI IDE Driver.) - LEGACY_INTELIDE O64 - Services: CurCS - C:\Windows\system32\drivers\isapnp.sys - PnP ISA/EISA Bus Driver (isapnp) .(.Microsoft Corporation - Pilote de bus PNP ISA.) - LEGACY_ISAPNP O64 - Services: CurCS - C:\Windows\system32\drivers\iteatapi.sys - ITEATAPI_Service_Install (iteatapi) .(.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) - LEGACY_ITEATAPI O64 - Services: CurCS - C:\Windows\system32\drivers\iteraid.sys - ITERAID_Service_Install (iteraid) .(.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) - LEGACY_ITERAID O64 - Services: CurCS - C:\Windows\system32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD O64 - Services: CurCS - C:\Windows\system32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO O64 - Services: CurCS - C:\Windows\system32\drivers\lsi_fc.sys - LSI_FC (LSI_FC) .(.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) - LEGACY_LSI_FC O64 - Services: CurCS - C:\Windows\system32\drivers\lsi_sas.sys - LSI_SAS (LSI_SAS) .(.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) - LEGACY_LSI_SAS O64 - Services: CurCS - C:\Windows\system32\drivers\lsi_scsi.sys - LSI_SCSI (LSI_SCSI) .(.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) - LEGACY_LSI_SCSI O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys - UAC File Virtualization (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV O64 - Services: CurCS - C:\Windows\system32\drivers\megasas.sys - megasas (megasas) .(.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) - LEGACY_MEGASAS O64 - Services: CurCS - C:\Windows\system32\drivers\megasr.sys - MegaSR (MegaSR) .(.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) - LEGACY_MEGASR O64 - Services: CurCS - C:\Windows\system32\drivers\mountmgr.sys - Mount Point Manager (MountMgr) .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV O64 - Services: CurCS - C:\Windows\system32\drivers\mraid35x.sys - Mraid35x (Mraid35x) .(.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows.) - LEGACY_MRAID35X O64 - Services: CurCS - C:\Windows\system32\drivers\mrxdav.sys - WebDav Client Redirector Driver (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb.sys - SMB MiniRedirector Wrapper and Engine (mrxsmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb10.sys - SMB 1.x MiniRedirector (mrxsmb10) .(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10 O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb20.sys - SMB 2.0 MiniRedirector (mrxsmb20) .(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20 O64 - Services: CurCS - C:\Windows\system32\drivers\msdsm.sys - Microsoft Multi-Path Device Specific Module (msdsm) .(.Microsoft Corporation - Microsoft Device Specific Module.) - LEGACY_MSDSM O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS O64 - Services: CurCS - C:\Windows\system32\drivers\msisadrv.sys - ISA/EISA Class Driver (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV O64 - Services: CurCS - C:\Windows\system32\Drivers\mup.sys - Mup (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP O64 - Services: CurCS - C:\Windows\system32\DRIVERS\nwifi.sys - NativeWiFi Filter (NativeWifiP) .(.Microsoft Corporation - NativeWiFi Miniport Driver.) - LEGACY_NATIVEWIFIP O64 - Services: CurCS - C:\Windows\system32\drivers\ndis.sys - NDIS System Driver (NDIS) .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ndisuio.sys - NDIS Usermode I/O Protocol (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O driver.) - LEGACY_NDISUIO O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbt.sys - NETBT (netbt) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - C:\Windows\system32\drivers\nfrd960.sys - nfrd960 (nfrd960) .(.IBM Corporation - IBM ServeRAID Controller Driver.) - LEGACY_NFRD960 O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS O64 - Services: CurCS - C:\Windows\system32\drivers\nsiproxy.sys - NSI proxy service (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL O64 - Services: CurCS - C:\Windows\system32\drivers\nvraid.sys - NVIDIA nForce RAID Driver (nvraid) .(.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) - LEGACY_NVRAID O64 - Services: CurCS - C:\Windows\system32\drivers\nvstor.sys - nvstor (nvstor) .(.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) - LEGACY_NVSTOR O64 - Services: CurCS - C:\Windows\system32\drivers\pciide.sys - pciide (pciide) .(.Microsoft Corporation - Generic PCI IDE Bus Driver.) - LEGACY_PCIIDE O64 - Services: CurCS - C:\Windows\system32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (PSched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED O64 - Services: CurCS - C:\Windows\system32\drivers\ql2300.sys - QLogic Fibre Channel Miniport Driver (ql2300) .(.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) - LEGACY_QL2300 O64 - Services: CurCS - C:\Windows\system32\drivers\ql40xx.sys - QLogic iSCSI Miniport Driver (ql40xx) .(.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) - LEGACY_QL40XX O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rasacd.sys - Remote Access Auto Connection Driver (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rdbss.sys - Redirected Buffering Sub Sysytem (rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - C:\Windows\system32\drivers\rdpencdd.sys - RDP Encoder Mirror Driver (RDPENCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPENCDD O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR O64 - Services: CurCS - C:\Windows\system32\drivers\sbp2port.sys - SBP-2 Transport/Protocol Bus Driver (sbp2port) .(.Microsoft Corporation - SBP-2 Protocol Driver.) - LEGACY_SBP2PORT O64 - Services: CurCS - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV O64 - Services: CurCS - C:\Windows\system32\drivers\sfdrv01a.sys - StarForce Protection Environment Driver (version 1.x.a) (sfdrv01a) .(.Protection Technology (StarForce) - FrontLine Environment Driver.) - LEGACY_SFDRV01A O64 - Services: CurCS - C:\Windows\system32\drivers\sfhlp02.sys - StarForce Protection Helper Driver (version 2.x) (sfhlp02) .(.Protection Technology (StarForce) - FrontLine Helper Driver.) - LEGACY_SFHLP02 O64 - Services: CurCS - C:\Windows\system32\drivers\sfsync04.sys - StarForce Protection Synchronization Driver (version 4.x) (sfsync04) .(.Protection Technology (StarForce) - FrontLine Synchronization Driver.) - LEGACY_SFSYNC04 O64 - Services: CurCS - C:\Windows\system32\drivers\sfvfs02.sys - StarForce Protection VFS Driver (version 2.x) (sfvfs02) .(.Protection Technology (StarForce) - FrontLine VFS Driver.) - LEGACY_SFVFS02 O64 - Services: CurCS - C:\Windows\system32\drivers\sisraid2.sys - SiSRaid2 (SiSRaid2) .(.Microsoft Corporation - SiS RAID Stor Miniport Driver.) - LEGACY_SISRAID2 O64 - Services: CurCS - C:\Windows\system32\drivers\sisraid4.sys - SiSRaid4 (SiSRaid4) .(.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) - LEGACY_SISRAID4 O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Smb) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_SMB O64 - Services: CurCS - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR O64 - Services: CurCS - C:\Windows\system32\Drivers\sptd.sys - sptd (sptd) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPTD O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv.sys - srv (srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv2.sys - srv2 (srv2) .(.Microsoft Corporation - Smb 2.0 Server driver.) - LEGACY_SRV2 O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - C:\Windows\system32\drivers\symc8xx.sys - Symc8xx (Symc8xx) .(.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) - LEGACY_SYMC8XX O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMTDI O64 - Services: CurCS - C:\Windows\system32\drivers\sym_hi.sys - Sym_hi (Sym_hi) .(.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) - LEGACY_SYM_HI O64 - Services: CurCS - C:\Windows\system32\drivers\sym_u3.sys - Sym_u3 (Sym_u3) .(.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) - LEGACY_SYM_U3 O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP O64 - Services: CurCS - C:\Windows\system32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX O64 - Services: CurCS - C:\Windows\system32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS O64 - Services: CurCS - C:\Windows\system32\drivers\uliahci.sys - uliahci (uliahci) .(.ULi Electronics Inc. - ULi SATA Controller Driver.) - LEGACY_ULIAHCI O64 - Services: CurCS - C:\Windows\system32\drivers\ulsata.sys - UlSata (UlSata) .(.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win200.) - LEGACY_ULSATA O64 - Services: CurCS - C:\Windows\system32\drivers\ulsata2.sys - ulsata2 (ulsata2) .(.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) - LEGACY_ULSATA2 O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - C:\Windows\system32\drivers\viaide.sys - viaide (viaide) .(.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) - LEGACY_VIAIDE O64 - Services: CurCS - C:\Windows\system32\drivers\volmgrx.sys - Dynamic Volume Manager (volmgrx) .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX O64 - Services: CurCS - C:\Windows\system32\drivers\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP O64 - Services: CurCS - C:\Windows\system32\DRIVERS\vsdatant.sys - Zone Alarm Firewall Driver (Vsdatant) .(.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - LEGACY_VSDATANT O64 - Services: CurCS - C:\Windows\system32\drivers\vsmraid.sys - vsmraid (vsmraid) .(.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) - LEGACY_VSMRAID O64 - Services: CurCS - C:\Windows\system32\DRIVERS\wanarp.sys - Remote Access IPv6 ARP Driver (Wanarpv6) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARPV6 O64 - Services: CurCS - C:\Windows\system32\drivers\wd.sys - Microsoft Watchdog Timer Driver (Wd) .(.Microsoft Corporation - Microsoft Watchdog Timer Driver.) - LEGACY_WD O64 - Services: CurCS - C:\Windows\system32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - WDF dynamique.) - LEGACY_WDF01000 O64 - Services: CurCS - C:\Windows\system32\drivers\ws2ifsl.sys - Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) .(.Microsoft Corporation - Winsock2 IFS Layer.) - LEGACY_WS2IFSL ---\\ Observateur d'évènement d'application (OEA) (O66) O66 - EventLog: ID=4118 (Avira AntiVir) - (.Pas de propriétaire - Pas de description.) -- ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <htmlfile>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (SBI) (O69) O69 - SBI: prefs.js [thomas - n9036dap.default] user_pref("extensions.snipit.askTbInstalled", true); O69 - SBI: SearchScopes [HKCU] {230C22EE-865B-4F83-92C2-08CF69DA6578} - (AOL Recherche) - http://slirsredirect.search.aol.com O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} [DefaultScope] - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} - (DAEMON Search) - DAEMON-Search.com :: EXPLORE O69 - SBI: SearchScopes [HKCU] {B3D1C463-0C12-4F24-BCB2-7943255E8DC0} - (Kelkoo) - Voitures Et Motos | Comparer Prix & Acheter Voiture Et Moto - Kelkoo France O69 - SBI: SearchScopes [HKCU] {CF739809-1C6C-47C0-85B9-569DBB141420} - (Ask Search) - Ask Toolbar ---\\ Search Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover Run by thomas at 22/08/2010 12:42:56 device: opened successfully user: MBR read successfully called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll >>UNKNOWN [0x867380E8]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\atapi -> 0x867380e8 Warning: possible MBR rootkit infection ! user & kernel MBR OK Use "Recovery Console" command "fixmbr" to clear infection ! Use "ZHPFix" command "MBRFix" to clear infection ! Message: Certains émulateurs de CD/DVD peuvent hooker le pilote atapi de façon légitime. Voici quelques émulateurs : Message: Alcohol xx%, CDSpace, Circle Virtual CD, CloneCD, Daemon Tools, Virtual CloneDrive, Virtual CD, VirtualDrive, WinCDEmu,... ---\\ Recherche des services démarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [24576] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [62976] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\system32\shsvcs.dll [247296] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [122880] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [576512] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [438784] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [315392] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [262144] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [68608] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [47104] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [288256] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [242688] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [449024] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [1929952] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [758784] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247296] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [200704] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [19968] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [33280] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [111616] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [45056] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [153088] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [57344] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [162304] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [595456] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\system32\sessenv.dll [84992] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [81920] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [68096] O83 - Search Svchost Services: ezSharedSvc (ezSharedSvc) . (.EasyBits Sofware AS - Shared EasyBits services for Windows.) -- C:\Windows\System32\ezsvc7.dll [129992] ---\\ Infection BT - BHO/Toolbar (Possible) O69 - SBI: SearchScopes [HKCU] {CF739809-1C6C-47C0-85B9-569DBB141420} - (Ask Search) - Ask Toolbar End of the scan (1163 lines in 04mn 25s)(0)
  2. anubis03
    Bon ba j'ai l'impression que mon ordi doit pas être fait comme les autres parce que MBAM veut toujours pas se lancer...curieux...
  3. anubis03
    ba c est vraiment bizarre parce que je le trouve pas.
  4. anubis03
    je ne trouve pas ce dossier, moi j ai C:\_OTM\Moved files\08172010_120736\C_users\Users\App Data\
  5. anubis03
    J ai fait tout ce que tu m as dis et ca a l air de bien fonctionner.
  6. anubis03
    Logfile of random's system information tool 1.08 (written by random/random) Run by thomas at 2010-08-16 09:49:20 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 System drive C: has 36 GB (16%) free of 229 GB Total RAM: 3068 MB (53% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 09:49:39, on 16/08/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18943) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\Controle Parental\bin\splash.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe I:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe I:\Program Files\eMule\emule.exe C:\Windows\system32\conime.exe C:\Windows\explorer.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\thomas\Downloads\RSIT.exe C:\Program Files\trend micro\thomas.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Notebook | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Notebook | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP Notebook | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F3 - REG:win.ini: load=C:\Users\thomas\AppData\Roaming\mstinit.exe O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [{6FDEE9C3-8E03-53A7-4F22-77D5BB6F4951}] C:\Users\thomas\AppData\Roaming\system.exe O4 - HKCU\..\Run: [system] C:\Users\thomas\AppData\Roaming\system.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "I:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Metropolis] rundll32.exe C:\Users\thomas\AppData\Local\Temp\sshnas21.dll,GetHandle O4 - HKCU\..\Run: [bywuursys] rundll32.exe "c:\users\thomas\appdata\local\temp\tuspmk.dll",s O4 - HKCU\..\Run: [userinit] C:\Users\thomas\AppData\Roaming\sdra64.exe O4 - HKCU\..\Run: [secureapp70702.exe] C:\Users\thomas\AppData\Roaming\B176A8F2608AA83F0F58A45808AF0F11\secureapp70702.exe O4 - HKCU\..\Run: [xxywtraudio] rundll32.exe "c:\users\thomas\appdata\local\temp\cbbxww.dll",s O4 - HKCU\..\Run: [eMuleAutoStart] I:\Program Files\eMule\emule.exe -AutoStart O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: Xfire.lnk = I:\Program Files\Xfire\Xfire.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (BthServ) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Easybits Shared Services for Windows (ezSharedSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Google Update (gupdate1cab16e97677860) (gupdate1cab16e97677860) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Orange Contrôle Parental (OPTENET_FILTER) - Orange - C:\Program Files\Controle Parental\bin\optproxy.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 23775 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\User_Feed_Synchronization-{594DB747-C41A-4E50-8412-995363E234E7}.job C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-03-03 959976] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-06-27 442467] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-10-03 13826664] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2010-05-13 26192168] "{6FDEE9C3-8E03-53A7-4F22-77D5BB6F4951}"=C:\Users\thomas\AppData\Roaming\system.exe [2009-11-23 267264] "system"=C:\Users\thomas\AppData\Roaming\system.exe [2009-11-23 267264] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] "DAEMON Tools Lite"=I:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240] "Metropolis"=C:\Users\thomas\AppData\Local\Temp\sshnas21.dll [2010-08-15 241664] "bywuursys"=c:\users\thomas\appdata\local\temp\tuspmk.dll [2010-08-15 69120] "userinit"=C:\Users\thomas\AppData\Roaming\sdra64.exe [2009-04-11 340480] "secureapp70702.exe"=C:\Users\thomas\AppData\Roaming\B176A8F2608AA83F0F58A45808AF0F11\secureapp70702.exe [2010-08-15 1051136] "xxywtraudio"=c:\users\thomas\appdata\local\temp\cbbxww.dll [2010-08-15 78336] "eMuleAutoStart"=I:\Program Files\eMule\emule.exe [2008-08-01 5480448] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA] C:\Users\thomas\Program Files\DNA\btdna.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe -autorun [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F-Secure Manager] C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE /splash [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F-Secure TNB] C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe /CHECKALL /WAITFORSW [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-04-15 70912] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\isCfgWiz] c:\Program Files\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe -G:{77CCBE0B-A541-49a9-883E-14F8337EC861} -T:Config -REBOOT [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-02-26 2289664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] C:\Windows\system32\NvCpl.dll [2009-10-03 13826664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] C:\Windows\system32\NvMcTray.dll [2009-10-03 92776] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-11-01 554288] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe [2008-05-06 424608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService] C:\Program Files\HP\QuickPlay\QPService.exe [2008-06-25 468264] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe [2008-06-27 442467] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter] oobefldr.dll,ShowWelcomeCenter [] C:\Users\thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Xfire.lnk - I:\Program Files\Xfire\Xfire.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "LogonHoursAction"=2 "DontDisplayLogonHoursWarnings"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-08-16 09:49:21 ----D---- C:\Program Files\trend micro 2010-08-16 09:49:20 ----D---- C:\rsit 2010-08-15 17:27:28 ----D---- C:\Users\thomas\AppData\Roaming\Malwarebytes 2010-08-15 12:55:40 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys 2010-08-15 12:55:35 ----D---- C:\ProgramData\Malwarebytes 2010-08-15 12:55:34 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-08-15 12:55:34 ----A---- C:\Windows\system32\drivers\mbam.sys 2010-08-15 11:18:17 ----SHD---- C:\Users\thomas\AppData\Roaming\lowsec 2010-08-15 11:05:00 ----D---- C:\Users\thomas\AppData\Roaming\B176A8F2608AA83F0F58A45808AF0F11 2010-08-13 20:50:10 ----D---- C:\Users\thomas\AppData\Roaming\Red Alert 3 2010-08-11 20:20:50 ----D---- C:\ProgramData\TEMP 2010-08-11 20:17:30 ----A---- C:\Windows\system32\schannel.dll 2010-08-11 20:17:29 ----A---- C:\Windows\system32\iccvid.dll 2010-08-11 20:17:26 ----A---- C:\Windows\system32\iertutil.dll 2010-08-11 20:17:25 ----A---- C:\Windows\system32\mshtml.dll 2010-08-11 20:17:24 ----A---- C:\Windows\system32\ieframe.dll 2010-08-11 20:17:23 ----A---- C:\Windows\system32\urlmon.dll 2010-08-11 20:17:22 ----A---- C:\Windows\system32\wininet.dll 2010-08-11 20:17:22 ----A---- C:\Windows\system32\occache.dll 2010-08-11 20:17:22 ----A---- C:\Windows\system32\mstime.dll 2010-08-11 20:17:22 ----A---- C:\Windows\system32\msfeeds.dll 2010-08-11 20:17:22 ----A---- C:\Windows\system32\ieui.dll 2010-08-11 20:17:22 ----A---- C:\Windows\system32\iedkcs32.dll 2010-08-11 20:17:22 ----A---- C:\Windows\system32\ie4uinit.exe 2010-08-11 20:17:21 ----A---- C:\Windows\system32\msfeedssync.exe 2010-08-11 20:17:21 ----A---- C:\Windows\system32\msfeedsbs.dll 2010-08-11 20:17:21 ----A---- C:\Windows\system32\jsproxy.dll 2010-08-11 20:17:21 ----A---- C:\Windows\system32\ieUnatt.exe 2010-08-11 20:17:21 ----A---- C:\Windows\system32\iesysprep.dll 2010-08-11 20:17:21 ----A---- C:\Windows\system32\iesetup.dll 2010-08-11 20:17:21 ----A---- C:\Windows\system32\iernonce.dll 2010-08-11 20:17:21 ----A---- C:\Windows\system32\iepeers.dll 2010-08-11 20:17:12 ----A---- C:\Windows\system32\win32k.sys 2010-08-11 20:17:10 ----A---- C:\Windows\system32\rtutils.dll 2010-08-11 20:16:35 ----A---- C:\Windows\system32\ntkrnlpa.exe 2010-08-11 20:16:34 ----A---- C:\Windows\system32\ntoskrnl.exe 2010-08-11 20:16:27 ----A---- C:\Windows\system32\msxml3.dll 2010-08-11 20:16:19 ----A---- C:\Windows\system32\drivers\srv2.sys 2010-08-11 20:16:19 ----A---- C:\Windows\system32\drivers\srv.sys 2010-08-11 20:16:10 ----A---- C:\Windows\system32\drivers\tcpip.sys 2010-08-11 20:05:13 ----D---- C:\Program Files\TML-Studios 2010-08-10 13:27:18 ----D---- C:\Users\thomas\AppData\Roaming\Google 2010-08-10 13:26:39 ----D---- C:\ProgramData\Google 2010-08-04 11:45:16 ----D---- C:\Program Files\Common Files\Skype 2010-08-03 08:52:03 ----A---- C:\Windows\system32\shell32.dll 2010-07-23 13:34:44 ----D---- C:\tmp ======List of files/folders modified in the last 1 months====== 2010-08-16 09:49:37 ----D---- C:\Windows\Prefetch 2010-08-16 09:49:28 ----D---- C:\Windows\Temp 2010-08-16 09:49:21 ----D---- C:\Program Files 2010-08-16 09:48:38 ----D---- C:\Windows\Internet Logs 2010-08-16 01:44:53 ----SHD---- C:\System Volume Information 2010-08-16 01:07:47 ----D---- C:\Windows\Minidump 2010-08-16 01:07:21 ----D---- C:\Windows 2010-08-15 12:55:40 ----D---- C:\Windows\system32\drivers 2010-08-15 12:55:35 ----D---- C:\ProgramData 2010-08-15 12:11:17 ----D---- C:\Windows\System32 2010-08-15 12:10:34 ----D---- C:\Windows\Tasks 2010-08-15 12:09:41 ----HD---- C:\Program Files\InstallShield Installation Information 2010-08-15 11:50:51 ----D---- C:\Windows\Debug 2010-08-15 11:00:09 ----D---- C:\Windows\system32\Tasks 2010-08-13 20:24:42 ----SHD---- C:\Windows\Installer 2010-08-13 20:24:42 ----HD---- C:\Config.Msi 2010-08-13 19:55:21 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-08-13 19:55:20 ----D---- C:\Windows\inf 2010-08-12 20:50:42 ----D---- C:\Windows\Microsoft.NET 2010-08-12 20:50:02 ----RSD---- C:\Windows\assembly 2010-08-12 09:04:15 ----D---- C:\Program Files\Internet Explorer 2010-08-12 09:04:14 ----D---- C:\Windows\system32\migration 2010-08-12 09:04:13 ----D---- C:\Program Files\Movie Maker 2010-08-12 00:01:19 ----D---- C:\Windows\winsxs 2010-08-12 00:00:15 ----D---- C:\Program Files\Microsoft Works 2010-08-11 23:58:30 ----A---- C:\Windows\win.ini 2010-08-11 20:15:24 ----D---- C:\Windows\system32\catroot2 2010-08-11 20:15:24 ----D---- C:\Windows\system32\catroot 2010-08-11 20:03:08 ----D---- C:\Users\thomas\AppData\Roaming\DAEMON Tools Lite 2010-08-04 20:51:07 ----D---- C:\Users\thomas\AppData\Roaming\Skype 2010-08-04 16:05:41 ----D---- C:\Users\thomas\AppData\Roaming\skypePM 2010-08-04 11:45:16 ----D---- C:\Program Files\Common Files 2010-08-03 20:09:32 ----A---- C:\Windows\system32\mrt.exe 2010-08-02 23:23:38 ----SD---- C:\Users\thomas\AppData\Roaming\Microsoft 2010-08-02 22:10:36 ----D---- C:\Users\thomas\AppData\Roaming\Template 2010-07-28 13:11:55 ----D---- C:\Program Files\Mozilla Firefox 2010-07-22 19:14:25 ----D---- C:\ProgramData\DAEMON Tools Lite ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2008-08-07 25392] R0 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\Windows\System32\drivers\sfdrv01a.sys [2006-07-05 63352] R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 13680] R0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); C:\Windows\System32\drivers\sfsync04.sys [2006-08-11 59776] R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2006-06-14 78184] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-22 691696] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-07-13 28520] R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2008-03-03 279440] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-03-24 55640] R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-08-07 34608] R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-01-24 52736] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768] R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-07-08 96856] R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-05-14 43552] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-10-03 9905096] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-05-02 122368] R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-06-27 380928] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472] R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016] S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2006-03-26 51200] S3 aa5p53ug;aa5p53ug; C:\Windows\system32\drivers\aa5p53ug.sys [] S3 ASPI;Advanced SCSI Programming Interface Driver; \??\C:\Windows\System32\DRIVERS\ASPI32.sys [2002-07-17 84832] S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384] S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456] S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160] S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-01-21 219648] S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-01-21 29184] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [] S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632] S3 hamachi_oem;PlayLinc Adapter; C:\Windows\system32\DRIVERS\gan_adapter.sys [2006-08-28 10664] S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056] S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-21 49664] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576] S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2007-05-02 83592] S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2007-05-02 15112] S3 ssm_mdm;SAMSUNG Mobile USB Port II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2007-05-02 109704] S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe [2008-06-27 77824] R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-13 185089] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208] R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-08-07 24880] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-02-26 73728] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-10-03 219752] R2 OPTENET_FILTER;Orange Contrôle Parental; C:\Program Files\Controle Parental\bin\optproxy.exe [2008-12-24 649224] R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2008-06-25 292216] R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2008-06-25 116080] R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-04-26 361808] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe [2008-06-27 221273] R2 vsmon;TrueVector Internet Monitor; C:\Windows\System32\ZoneLabs\vsmon.exe [2008-03-03 79400] S2 gupdate1cab16e97677860;Service Google Update (gupdate1cab16e97677860); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-19 133104] S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048] S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-02-07 193840] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2007-07-24 181800] S3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-09 148832] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] -----------------EOF----------------- info.txt logfile of random's system information tool 1.08 2010-08-16 09:49:44 ======Uninstall list====== -->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe" -->"C:\Program Files\HP Games\Blasterball 3\Uninstall.exe" -->"C:\Program Files\HP Games\Bricks of Egypt\Uninstall.exe" -->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe" -->"C:\Program Files\HP Games\Crystal Maze\Uninstall.exe" -->"C:\Program Files\HP Games\Digby's Donuts\Uninstall.exe" -->"C:\Program Files\HP Games\Diner Dash 2 Restaurant Rescue\Uninstall.exe" -->"C:\Program Files\HP Games\Diner Dash\Uninstall.exe" -->"C:\Program Files\HP Games\FATE\Uninstall.exe" -->"C:\Program Files\HP Games\Fish Tycoon\Uninstall.exe" -->"C:\Program Files\HP Games\Gem Shop\Uninstall.exe" -->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe" -->"C:\Program Files\HP Games\Magic Academy\Uninstall.exe" -->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe" -->"C:\Program Files\HP Games\My HP Game Console\Uninstall.exe" -->"C:\Program Files\HP Games\Ocean Express\Uninstall.exe" -->"C:\Program Files\HP Games\Peggle\Uninstall.exe" -->"C:\Program Files\HP Games\Penguins!\Uninstall.exe" -->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe" -->"C:\Program Files\HP Games\Polar Golfer Pineapple Cup\Uninstall.exe" -->"C:\Program Files\HP Games\Polar Golfer\Uninstall.exe" -->"C:\Program Files\HP Games\Puzzle Express\Uninstall.exe" -->"C:\Program Files\HP Games\Ricochet Lost Worlds\Uninstall.exe" -->"C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe" -->"C:\Program Files\HP Games\Sudoku Quest\Uninstall.exe" -->"C:\Program Files\HP Games\Super Granny\Uninstall.exe" -->"C:\Program Files\HP Games\Tradewinds\Uninstall.exe" -->"C:\Program Files\HP Games\Treasure Island\Uninstall.exe" -->"C:\Program Files\HP Games\Virtual Villagers - A New Home\Uninstall.exe" -->"C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe" -->MsiExec /X{B83FC356-B7C0-441F-8A4D-D71E088E7974} ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E} Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003} Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe" Adobe Shockwave Player-->MsiExec.exe /X{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A} Algodoo Phun edition v5.28-->"C:\Program Files\Algodoo Phun Edition\unins000.exe" Analyseur et SDK MSXML 4.0 SP2-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC} Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE Battlefield 1942-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}\setup.exe" -l0x40c Battlestations: Pacific-->MsiExec.exe /I{BBAB6D5D-1DD4-4D46-B5D9-121DCAB17DEC} Blender (remove only)-->"I:\Program Files\Blender Foundation\Blender\uninstall.exe" Call of Duty Modern Warfare 2-->"I:\Program Files\Call of Duty-Modern Warfare 2\unins000.exe" Call of Duty® - World at War-->C:\Program Files\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe -runfromtemp -l0x040c Call of Juarez - Bound in Blood-->C:\Program Files\InstallShield Installation Information\{FEFAF112-4DA8-479C-89E2-7DE25091711A}\Setup.exe -runfromtemp -l0x040c CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Command & Conquer 3-->MsiExec.exe /I{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32} Command & Conquer™ Red Alert™ 3-->MsiExec.exe /X{296D8550-CB06-48E4-9A8B-E5034FB64715} DDS Converter 2.1-->C:\Program Files\DDS Converter 2\Uninstal.exe DesertCombat 0.7-->C:\Windows\iun6002.exe "C:\Program Files\EA GAMES\Battlefield 1942\DesertCombat.ini" eMule-->"I:\Program Files\eMule\Uninstall.exe" ESU for Microsoft Vista-->MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43} eToro-->C:\PROGRA~1\eToro\UNWISE.EXE C:\PROGRA~1\eToro\INSTALL.LOG Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1} gamedata-->c:\programme\petroglyph\empire at war\uninstall.exe Google SketchUp 7-->MsiExec.exe /X{5AD045DF-11AA-473D-B4AA-2A4F0E213047} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Google Earth-->MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466} Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}\setup.exe -runfromtemp -l0x0409 HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}\setup.exe" -l0x9 -removeonly HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F} HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}\setup.exe" -l0x9 -removeonly HP Help and Support-->MsiExec.exe /X{E333CA5F-00ED-4EEF-90E5-6A33A8FE969F} HP Quick Launch Buttons 6.40 D1-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x040c uninst HP QuickPlay 3.7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall HP QuickTouch 1.00 D2-->MsiExec.exe /I{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F} HP Total Care Advisor-->MsiExec.exe /X{f32502b5-5b64-4882-bf61-77f23edcac4f} HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F} HP User Guides 0103-->MsiExec.exe /I{B8169E45-8E23-430B-91D1-EC64540C8ED0} HP Wireless Assistant-->MsiExec.exe /I{340F521E-3576-4E1A-B75C-EB0ACF751379} HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367} HPNetworkAssistant-->MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4} IDT Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -l0x40c -remove -removeonly Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} Java 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060} JMicron JMB38X Flash Media Controller-->"C:\Program Files\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\setup.exe" delpkg Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" -uninstall LightScribe System Software 1.12.33.2-->MsiExec.exe /X{582287DA-0806-4AC0-BF19-C15E3A466034} Logiciel d'archivage WinRAR-->C:\Program Files\WinRAR\uninstall.exe Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669} Microsoft Games for Windows - LIVE-->MsiExec.exe /X{A1C962E2-2426-49C6-A38B-9A07E40D607C} Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-0000000FF1CE} Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9} Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710} Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE} Mozilla Firefox (3.6.-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} muvee autoProducer 6.1-->C:\Program Files\InstallShield Installation Information\{35F83303-C0C0-46B7-B8A8-ADA7C2AC5645}\muveesetup.exe -removeonly -runfromtemp My HP Games-->"C:\Program Files\HP Games\Uninstall.exe" NASA World Wind 1.4-->"I:\Program Files\NASA\World Wind 1.4\Uninstall_World_Wind_1.4.exe" Nexus: The Jupiter Incident - Multiplayer Demo-->MsiExec.exe /X{54316F1C-4E8F-43B8-AB51-DFA69FE800AC} Nexus: The Jupiter Incident-->MsiExec.exe /X{63BB4E50-0CC2-47AB-AC01-CBCD657B1FF4} NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI NVIDIA PhysX-->MsiExec.exe /X{B83FC356-B7C0-441F-8A4D-D71E088E7974} OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Paint.NET v3.5.5-->MsiExec.exe /X{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0} PlayLinc-->MsiExec.exe /I{2158685C-E2B3-4026-B0A1-0FFE31837AFD} Power2Go-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall ProtectSmart Hard Drive Protection-->MsiExec.exe /X{9D615069-AA8F-4E89-AE9D-77AAE90F529F} Prototype-->C:\Program Files\InstallShield Installation Information\{9322A850-9091-4D0E-B252-3E82EDA3D94A}\setup.exe -runfromtemp -l0x040c PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A} QuickPlay SlingPlayer 0.4.6-->"C:\Program Files\HP\QuickPlay\unins001.exe" Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x040c -removeonly Rigs of Rods 0.36.2-->G:\Program Files\Rigs of Rods 0.36.2\uninst.exe RollerCoaster Tycoon 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\Setup.exe" -l0x40c RUNAWAY: A TWIST OF FATE (Français)-->G:\Program Files\RUNAWAY - A TWIST OF FATE\uninst.exe SAMSUNG Mobile Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe Samsung Mobile phone USB driver Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe Samsung PC Studio 3 USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x040c -removeonly Skype Toolbars-->MsiExec.exe /I{981029E0-7FC9-4CF3-AB39-6F133621921A} Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36} Sniper Elite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A979B2D8-E3EE-4523-A26C-4AF0A6809280}\setup.exe" Star Wars Empire at War Forces of Corruption-->C:\Program Files\InstallShield Installation Information\{6592FDEC-2C1A-413A-9985-25FEC2F0848D}\setup.exe -runfromtemp -l0x040c -removeonly Star Wars Empire at War-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}\Setup.exe" -l0x40c -removeonly Steiners Advanced Units Mod 3.2.5 -->C:\Windows\uninstall\Steiners Advanced Units Mod\setup.exe Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe Tom Clancy's Rainbow Six 3: Raven Shield-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AF131494-F5D8-45C5-938C-D5F020CF1B0D}\setup.exe" -l0x40c Tom Clancy's Rainbow Six Vegas-->C:\Program Files\InstallShield Installation Information\{5731C0A8-B266-451A-8D3F-8066AA21836F}\setup.exe -runfromtemp -l0x040c -removeonly Uninstall MEC2-->"C:\Users\thomas\Command & Conquer 3 Tiberium Wars\mods\MEC2\unins000.exe" Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956} Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC} Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA} Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BBFE303C354} Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe" Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA} World in Conflict-->C:\Program Files\InstallShield Installation Information\{F11ADC64-C89E-47F4-A0B3-3665FF859397}\setup.exe -runfromtemp -l0x040c -removeonly ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe ======Security center information====== FW: ZoneAlarm Firewall AS: Windows Defender ======System event log====== Computer Name: PC-de-thomas Event Code: 134 Message: NtpClient n'a pas pu définir d'homologue manuel à utiliser comme source de temps en raison d'une erreur de résolution DNS sur " time.windows.com,0x9 ". NtpClient réessaiera dans 15 minutes, et à nouveau une fois le double de l'intervalle de nouvelle tentative écoulé. L'erreur était : Hôte inconnu. (0x80072AF9) Record Number: 298 Source Name: Microsoft-Windows-Time-Service Time Written: 20081225092931.000000-000 Event Type: Avertissement User: Computer Name: PC-de-thomas Event Code: 134 Message: NtpClient n'a pas pu définir d'homologue manuel à utiliser comme source de temps en raison d'une erreur de résolution DNS sur " time.windows.com,0x9 ". NtpClient réessaiera dans 15 minutes, et à nouveau une fois le double de l'intervalle de nouvelle tentative écoulé. L'erreur était : Hôte inconnu. (0x80072AF9) Record Number: 296 Source Name: Microsoft-Windows-Time-Service Time Written: 20081225092930.000000-000 Event Type: Avertissement User: Computer Name: PC-de-thomas Event Code: 15016 Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur. Record Number: 295 Source Name: Microsoft-Windows-HttpEvent Time Written: 20081225092849.737386-000 Event Type: Erreur User: Computer Name: PC-de-thomas Event Code: 4001 Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement. Record Number: 286 Source Name: Microsoft-Windows-WLAN-AutoConfig Time Written: 20081225005314.477800-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-thomas Event Code: 134 Message: NtpClient n'a pas pu définir d'homologue manuel à utiliser comme source de temps en raison d'une erreur de résolution DNS sur " time.windows.com,0x9 ". NtpClient réessaiera dans 15 minutes, et à nouveau une fois le double de l'intervalle de nouvelle tentative écoulé. L'erreur était : Hôte inconnu. (0x80072AF9) Record Number: 270 Source Name: Microsoft-Windows-Time-Service Time Written: 20081225005253.000000-000 Event Type: Avertissement User: =====Application event log===== Computer Name: PC-de-thomas Event Code: 1530 Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela. DÉTAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-1799347306-592565796-315375610-1000_Classes: Process 964 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1799347306-592565796-315375610-1000_CLASSES Record Number: 186 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20081225111008.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-thomas Event Code: 1530 Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela. DÉTAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-1799347306-592565796-315375610-1000: Process 964 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1799347306-592565796-315375610-1000 Record Number: 185 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20081225111007.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-thomas Event Code: 8194 Message: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005. Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur. Opération : Données du rédacteur en cours de collecte Contexte : ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220} Nom du rédacteur: System Writer ID d’instance du rédacteur: {9ce03259-cff2-4b45-b658-b91d9d7693b0} Record Number: 171 Source Name: VSS Time Written: 20081225110552.000000-000 Event Type: Erreur User: Computer Name: PC-de-thomas Event Code: 10 Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. Record Number: 152 Source Name: Microsoft-Windows-WMI Time Written: 20081225094701.000000-000 Event Type: Erreur User: Computer Name: PC-de-thomas Event Code: 10 Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. Record Number: 102 Source Name: Microsoft-Windows-WMI Time Written: 20081225092932.000000-000 Event Type: Erreur User: =====Security event log===== Computer Name: PC-de-thomas Event Code: 4624 Message: L’ouverture de session d’un compte s’est correctement déroulée. Sujet : ID de sécurité : S-1-5-18 Nom du compte : PC-DE-THOMAS$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 Type d’ouverture de session : 5 Nouvelle ouverture de session : ID de sécurité : S-1-5-18 Nom du compte : SYSTEM Domaine du compte : AUTORITE NT ID d’ouverture de session : 0x3e7 GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Informations sur le processus : ID du processus : 0x254 Nom du processus : C:\Windows\System32\services.exe Informations sur le réseau : Nom de la station de travail : Adresse du réseau source : - Port source : - Informations détaillées sur l’authentification : Processus d’ouverture de session : Advapi Package d’authentification : Negotiate Services en transit : - Nom du package (NTLM uniquement) : - Longueur de la clé : 0 Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée. Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe. Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau). Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté. Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas. Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique. - Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC . - Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session. - Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM. - La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée. Record Number: 32267 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091225162158.268000-000 Event Type: Succès de l'audit User: Computer Name: PC-de-thomas Event Code: 4648 Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites. Sujet : ID de sécurité : S-1-5-18 Nom du compte : PC-DE-THOMAS$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Compte dont les informations d’identification ont été utilisées : Nom du compte : SYSTEM Domaine du compte : AUTORITE NT GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Serveur cible : Nom du serveur cible : localhost Informations supplémentaires : localhost Informations sur le processus : ID du processus : 0x254 Nom du processus : C:\Windows\System32\services.exe Informations sur le réseau : Adresse du réseau : - Port : - Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS. Record Number: 32266 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091225162158.268000-000 Event Type: Succès de l'audit User: Computer Name: PC-de-thomas Event Code: 4672 Message: Privilèges spéciaux attribués à la nouvelle ouverture de session. Sujet : ID de sécurité : S-1-5-18 Nom du compte : SYSTEM Domaine du compte : AUTORITE NT ID d’ouverture de session : 0x3e7 Privilèges : SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 32265 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091225162156.059000-000 Event Type: Succès de l'audit User: Computer Name: PC-de-thomas Event Code: 4624 Message: L’ouverture de session d’un compte s’est correctement déroulée. Sujet : ID de sécurité : S-1-5-18 Nom du compte : PC-DE-THOMAS$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 Type d’ouverture de session : 5 Nouvelle ouverture de session : ID de sécurité : S-1-5-18 Nom du compte : SYSTEM Domaine du compte : AUTORITE NT ID d’ouverture de session : 0x3e7 GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Informations sur le processus : ID du processus : 0x254 Nom du processus : C:\Windows\System32\services.exe Informations sur le réseau : Nom de la station de travail : Adresse du réseau source : - Port source : - Informations détaillées sur l’authentification : Processus d’ouverture de session : Advapi Package d’authentification : Negotiate Services en transit : - Nom du package (NTLM uniquement) : - Longueur de la clé : 0 Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée. Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe. Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau). Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté. Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas. Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique. - Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC . - Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session. - Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM. - La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée. Record Number: 32264 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091225162156.059000-000 Event Type: Succès de l'audit User: Computer Name: PC-de-thomas Event Code: 4648 Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites. Sujet : ID de sécurité : S-1-5-18 Nom du compte : PC-DE-THOMAS$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Compte dont les informations d’identification ont été utilisées : Nom du compte : SYSTEM Domaine du compte : AUTORITE NT GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Serveur cible : Nom du serveur cible : localhost Informations supplémentaires : localhost Informations sur le processus : ID du processus : 0x254 Nom du processus : C:\Windows\System32\services.exe Informations sur le réseau : Adresse du réseau : - Port : - Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS. Record Number: 32263 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091225162156.059000-000 Event Type: Succès de l'audit User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\CyberLink\Power2Go "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel "PROCESSOR_REVISION"=1706 "NUMBER_OF_PROCESSORS"=2 "TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat "DFSTRACINGON"=FALSE "OnlineServices"=Online Services "Platform"=MCD "PCBRAND"=Pavilion "tvdumpflags"=8 -----------------EOF-----------------
  7. anubis03
    OK, pour le moment ca fonctionne
  8. anubis03
    j ai lancé rkill et juste après mbam mais ca n a rien changé, mbam ne s est pas lancé
  9. anubis03
    d accord
  10. anubis03
    Par contre je n arrive pas a lancer mbam, (je suis sous vista donc je l execute en tant qu admin) mais il ne réagit pas, l icone de chargement est présent pendant quelque seconde mais rien ne se passe (je dois vraiment etre malchanceux aujourd hui...) ah et tant que j y penses est ce que je peux suprimer les clés de registre avec CCleaner?
  11. anubis03
    ah ok (je m appercois que j ai encore du chemin a faire dans l informatique).
  12. anubis03
    Cela peut peut etre paraitre curieux, mais il semblerait que le virus ce soit "désactivé" grace a rkill (j'ai donc suprimé tt les fichiers su virus). En tout cas merci beaucoup pour ton aide.
  13. anubis03
    voici le rapport This log file is located at C:\rkill.log. Please post this only if requested to by the person helping you. Otherwise you can close this log when you wish. Ran as thomas on 15/08/2010 at 12:53:25. Processes terminated by Rkill or while it was running: C:\Users\thomas\AppData\Local\Temp\Br0.exe C:\Users\thomas\AppData\Roaming\B176A8F2608AA83F0F58A45808AF0F11\secureapp70702.exe C:\Users\thomas\AppData\Local\Temp\svchosty.exe C:\Users\thomas\AppData\Local\Temp\svchosty.exe C:\Users\thomas\AppData\Local\Temp\svchosty.exe C:\Users\thomas\AppData\Local\Temp\svchosty.exe C:\Users\thomas\AppData\Local\Temp\svchosty.exe C:\Users\thomas\AppData\Local\Temp\svchosty.exe C:\Users\thomas\AppData\Local\Temp\svchosty.exe C:\Users\thomas\AppData\Local\Temp\svchosty.exe C:\Users\thomas\AppData\Local\Temp\svchosty.exe C:\Users\thomas\AppData\Local\Temp\Br1.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\thomas\Downloads\rkill.exe Rkill completed on 15/08/2010 at 12:53:36.
  14. anubis03
    bonjour, j'ai été infécté par un virus svchosty (ainsi que avto?) et je n arrive pas a m en débarrasser, il a installé tout seul Antimalware Doctor Protection Center et m affiche plein de message d erreur (svchosty code 5 error), n étant pas du tout un pro en informatique je ne sais pas quoi faire alors si quelqu'un veut bien m aider, ce serait sympa.
×
×
  • Créer...