Aller au contenu

rapetou83

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    9

  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    francais

rapetou83's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. rapetou83
    encore merci pour ton aide :maitre: :serviteur:
  2. rapetou83
    voici le rapport Cijoint.fr - Service gratuit de dépôt de fichiers
  3. rapetou83
    je n arrive pas a désinstaller combofix comme tu m'as dit ca me dit qu'il ne trouve pas plop.exe
  4. rapetou83
    voici pour l'un Cijoint.fr - Service gratuit de dépôt de fichiers et voici pour l'autre http://www.cijoint.fr/cjlink.php?file=cj201011/cij9zShgKb.txt
  5. rapetou83
    merci seigneur apollo apparemment je n'ai plus de virus. merci infiniment de prendre de ton temps pour t'occuper de personne comme moi
  6. rapetou83
    bonsoir apollo voici le fichier demandé ComboFix 10-11-05.01 - mo 05/11/2010 17:48:28.1.4 - x86 Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1033.18.3063.1718 [GMT 1:00] Lancé depuis: c:\users\mo\Desktop\plop.exe . ADS - Windows: deleted 48 bytes in 1 streams. (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\programdata\hpe255C.dll c:\programdata\hpeB0E7.dll c:\users\mo\AppData\Roaming\.# c:\users\mo\AppData\Roaming\.#\MBX@5F0@1ED1F58.### c:\users\mo\AppData\Roaming\.#\MBX@5F0@1ED1F68.### c:\users\mo\AppData\Roaming\.#\MBX@5F0@1ED1F78.### c:\users\mo\AppData\Roaming\.#\MBX@968@1F01F58.### c:\users\mo\AppData\Roaming\.#\MBX@968@1F01F68.### c:\users\mo\AppData\Roaming\.#\MBX@968@1F01F78.### c:\users\mo\AppData\Roaming\.#\MBX@F30@1FE1F58.### c:\users\mo\AppData\Roaming\.#\MBX@F30@1FE1F68.### c:\users\mo\AppData\Roaming\.#\MBX@F30@1FE1F78.### c:\windows\system32\sqlite3.dll Une copie infectée de c:\windows\explorer.exe a été trouvée et désinfectée Copie restaurée à partir de - c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe Une copie infectée de c:\windows\System32\wininit.exe a été trouvée et désinfectée Copie restaurée à partir de - c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe Une copie infectée de c:\windows\explorer.exe a été trouvée et désinfectée Copie restaurée à partir de - c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2010-10-05 au 2010-11-05 )))))))))))))))))))))))))))))))))))) . 2010-11-05 16:52 . 2010-11-05 16:52 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-11-03 21:38 . 2010-11-03 21:38 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-11-03 21:21 . 2010-11-04 06:00 -------- d-----w- c:\programdata\moosoft 2010-11-03 20:53 . 2009-09-23 12:55 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys 2010-11-03 19:24 . 2010-11-03 21:57 -------- d-----w- c:\program files\The Cleaner 2010-11-03 19:24 . 2010-11-03 21:05 -------- d-----w- c:\users\mo\AppData\Roaming\thecleaner 2010-11-03 19:00 . 2010-11-03 19:00 -------- dc-h--w- c:\programdata\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6} 2010-11-03 18:59 . 2010-11-03 20:53 -------- d-----w- c:\programdata\Lavasoft 2010-11-03 18:59 . 2010-11-03 18:59 -------- d-----w- c:\program files\Lavasoft 2010-10-30 16:39 . 2009-07-14 01:15 315904 ----a-w- c:\windows\system32\Difx9199.rra 2010-10-29 15:12 . 2010-10-30 17:38 -------- d-----w- c:\users\mo\AppData\Roaming\383023B6067A2A20D66DC58422C29201 2010-10-27 05:19 . 2010-08-04 06:18 641536 ----a-w- c:\windows\system32\CPFilters.dll 2010-10-27 05:19 . 2010-08-04 06:17 417792 ----a-w- c:\windows\system32\msdri.dll 2010-10-27 05:19 . 2010-08-04 06:15 204288 ----a-w- c:\windows\system32\MSNP.ax 2010-10-27 05:19 . 2010-08-04 06:15 199680 ----a-w- c:\windows\system32\mpg2splt.ax 2010-10-27 05:18 . 2010-07-13 05:22 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2010-10-26 18:49 . 2010-10-26 18:49 -------- d-----w- c:\program files\Winamax Poker 2010-10-23 16:38 . 2010-10-23 16:38 -------- d-----w- c:\windows\fr 2010-10-23 16:37 . 2010-09-22 22:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2010-10-23 16:31 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\system32\UIRibbon.dll 2010-10-23 16:31 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll 2010-10-23 16:07 . 2010-10-23 18:45 -------- d-----w- c:\users\mo\AppData\Roaming\Windows Live Writer 2010-10-23 16:07 . 2010-10-23 16:07 -------- d-----w- c:\users\mo\AppData\Local\Windows Live Writer 2010-10-22 14:30 . 2010-10-22 14:30 -------- d-----w- c:\program files\Microsoft IntelliType Pro 2010-10-21 05:27 . 2010-10-21 05:27 -------- d-----w- c:\program files\Microsoft IntelliPoint 2010-10-21 05:19 . 2010-10-21 05:19 469256 ----a-w- c:\program files\Common Files\Windows Live\.cache\9907f17e1cb70df10\InstallManager_WLE_WLE.exe 2010-10-21 05:19 . 2010-10-21 05:19 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\9831b5a51cb70df0f\MeshBetaRemover.exe 2010-10-21 05:19 . 2010-10-21 05:19 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\970cec641cb70df0e\DSETUP.dll 2010-10-21 05:19 . 2010-10-21 05:19 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\970cec641cb70df0e\DXSETUP.exe 2010-10-21 05:19 . 2010-10-21 05:19 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\970cec641cb70df0e\dsetup32.dll 2010-10-21 05:19 . 2010-10-21 05:19 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\96109a871cb70df0d\DSETUP.dll 2010-10-21 05:19 . 2010-10-21 05:19 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\96109a871cb70df0d\DXSETUP.exe 2010-10-21 05:19 . 2010-10-21 05:19 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\96109a871cb70df0d\dsetup32.dll 2010-10-21 05:19 . 2010-09-01 05:51 -------- d-----w- c:\users\mo\AppData\Local\Windows Live 2010-10-21 05:19 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL 2010-10-21 05:19 . 2010-05-23 10:11 196608 ----a-w- c:\windows\system32\mfreadwrite.dll 2010-10-21 05:19 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\system32\mf.dll 2010-10-20 05:07 . 2010-10-23 16:37 -------- d-----w- c:\program files\Windows Live 2010-10-16 17:01 . 2010-01-26 08:24 471040 ----a-w- c:\windows\system32\RegisterLSP.exe 2010-10-16 17:01 . 2010-01-26 08:23 258048 ----a-w- c:\windows\system32\PrivacyProvider.dll 2010-10-16 17:01 . 2010-01-26 08:22 2740224 ----a-w- c:\windows\system32\PrivacyProvider.exe 2010-10-16 12:08 . 2010-10-16 12:08 8704 ----a-w- c:\windows\system32\SpOrder.dll 2010-10-16 12:08 . 2010-10-16 12:08 73728 ----a-w- c:\windows\system32\VistaInfo32.dll 2010-10-16 12:08 . 2010-10-16 17:01 -------- d-----w- c:\program files\IP Hider 2010-10-15 18:05 . 2010-10-15 18:05 73216 ----a-w- c:\windows\ST6UNST.EXE 2010-10-15 18:05 . 2010-10-15 18:05 253952 ------w- c:\windows\Setup1.exe 2010-10-13 05:12 . 2010-05-05 06:46 363520 ----a-w- c:\windows\system32\StructuredQuery.dll 2010-10-07 17:17 . 2010-10-07 17:17 -------- d-----w- c:\programdata\ASUS OC Profiles 2010-10-07 17:15 . 2010-10-07 17:15 -------- d-----w- C:\temp 2010-10-07 17:15 . 2010-10-07 17:15 -------- d-----w- C:\dvmexp 2010-10-07 17:14 . 2010-10-09 07:43 -------- d-----w- C:\ASUS.000 2010-10-07 17:14 . 2010-10-07 17:14 -------- d-----w- C:\ASUS.SYS 2010-10-07 17:13 . 2010-10-07 17:13 -------- d-----w- c:\program files\Downloaded Installations 2010-10-07 17:11 . 2007-12-17 09:14 12400 ----a-r- c:\windows\system32\drivers\AsIO.sys 2010-10-07 17:11 . 2006-01-10 08:50 24576 ----a-r- c:\windows\system32\AsIO.dll 2010-10-07 17:11 . 2010-10-07 17:12 -------- d-----w- c:\program files\ASUS 2010-10-07 17:11 . 2008-01-04 11:34 11832 ----a-w- c:\windows\system32\drivers\AsInsHelp64.sys 2010-10-07 17:11 . 2008-01-04 11:34 10216 ----a-w- c:\windows\system32\drivers\AsInsHelp32.sys 2010-10-07 17:11 . 2001-09-05 02:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll 2010-10-07 17:11 . 2001-09-05 02:18 225280 ----a-w- c:\program files\Common Files\InstallShield\IScript\iscript.dll 2010-10-07 17:11 . 2001-09-05 02:14 176128 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll 2010-10-07 17:11 . 2001-09-05 02:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll 2010-10-07 17:11 . 2009-07-14 01:15 315904 ----a-w- c:\windows\system32\Difx8fdf.rra 2010-10-07 17:03 . 2010-10-07 17:04 -------- d-----w- c:\windows\AsusInstAll 2010-10-07 17:03 . 2009-07-10 05:48 856064 ----a-w- c:\windows\system32\VIAPropPageExt.dll 2010-10-07 17:03 . 2009-07-10 03:04 1067008 ----a-w- c:\windows\system32\drivers\viahduaa.sys 2010-10-07 17:03 . 2009-07-06 01:58 491008 ----a-w- c:\windows\system32\VIASysFx.dll 2010-10-07 17:03 . 2009-06-01 02:10 211456 ----a-w- c:\windows\system32\Dts2APO.dll 2010-10-07 17:03 . 2009-03-04 08:42 75776 ----a-w- c:\windows\system32\Dts2PropPageExt.dll 2010-10-07 17:03 . 2009-01-19 13:30 68608 ----a-w- c:\windows\system32\ViaMicArrayPropPageExt.dll 2010-10-07 17:03 . 2009-01-19 13:29 181248 ----a-w- c:\windows\system32\ViaMicArrayAPO.dll 2010-10-07 17:03 . 2007-12-04 03:28 76288 ----a-w- c:\windows\system32\nQPropPageExt.dll 2010-10-07 17:03 . 2007-12-04 03:28 71680 ----a-w- c:\windows\system32\nQAPO.dll 2010-10-07 17:03 . 2010-10-07 17:03 -------- d-----w- c:\program files\VIA . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-11-03 20:52 . 2010-09-01 05:09 15880 ----a-w- c:\windows\system32\lsdelete.exe 2010-10-19 09:41 . 2009-11-29 12:22 222080 ------w- c:\windows\system32\MpSigStub.exe 2010-10-07 23:21 . 2010-09-02 05:05 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6A1D2DDB-1ABF-41FB-B88A-449C36DEAC41}\mpengine.dll 2010-09-22 22:47 . 2010-09-22 22:47 49016 ----a-w- c:\windows\system32\sirenacm.dll 2010-09-22 22:32 . 2010-09-22 22:32 301936 ----a-w- c:\windows\WLXPGSS.SCR 2010-09-21 12:03 . 2010-09-21 12:03 208768 ----a-w- c:\windows\system32\LIVESSP.DLL 2010-08-21 05:32 . 2010-09-15 07:02 316928 ----a-w- c:\windows\system32\spoolsv.exe 2010-08-10 03:15 . 2010-08-10 03:15 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-08-10 03:15 . 2010-08-10 03:15 69632 ----a-w- c:\windows\system32\QuickTime.qts . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "FreeMi UPnP Media Server"="c:\program files\FreeMi UPnP Media Server\FreeMi UPnP Media Server.exe" [2010-09-17 89088] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-22 39408] "Google Update"="c:\users\mo\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-12-26 135664] "tcactive"="c:\program files\The Cleaner\tcap.exe" [2010-03-29 2951680] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-11-16 2054360] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-08-10 421888] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584] "HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-24 1474560] "TurboV"="c:\program files\ASUS\TurboV\TurboV.exe" [2009-05-25 5391872] "Turbo Key"="c:\program files\ASUS\Turbo Key\TurboKey.exe" [2009-05-25 1768960] "IPHider"="c:\program files\IP Hider\IP Hider.exe" [2010-02-26 1560576] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 1797008] "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2010-07-21 1778064] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Mise … jour des licences ESET.lnk - c:\program files\ESET\MiNODLogin\MiNODLogin.exe [2010-10-18 125952] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk] backup=c:\windows\pss\Bluetooth Manager.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk] backup=c:\windows\pss\BTTray.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Acrobat.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Acrobat.lnk backup=c:\windows\pss\Lancement rapide d'Adobe Acrobat.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk] backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Mise à jour des licences ESET.lnk] backup=c:\windows\pss\Mise à jour des licences ESET.lnk.CommonStartup backupExtension=.CommonStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0] 2004-12-14 01:12 483328 ----a-w- c:\program files\Adobe\Acrobat 7.0\Distillr\acrotray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2010-09-01 06:39 1164584 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint] 2010-07-21 14:53 1797008 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype] 2010-07-21 15:08 1778064 ----a-w- c:\program files\Microsoft IntelliType Pro\itype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)] 2010-04-29 13:39 1090952 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] 2010-04-29 13:39 437584 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-08-10 03:15 421888 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2009-12-22 23:44 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr] 2004-11-22 07:18 307200 ----a-r- c:\program files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "Google Update"="c:\users\mo\AppData\Local\Google\Update\GoogleUpdate.exe" /c "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "LightScribe Control Panel"=c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden "updateMgr"=c:\program files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe AcPro7_0_0 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" "PWRISOVM.EXE"=c:\program files\PowerISO\PWRISOVM.EXE "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-24 135664] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464] R2 moohelp;The Cleaner 2011 Helper Service;c:\program files\The Cleaner\mhelper.exe [2010-03-16 813056] R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2008-12-07 30088] R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2010-07-11 13224] R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2008-07-02 26248] R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-11-03 1181328] R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2010-09-12 251248] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952] R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 86824] R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016] R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600] R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328] R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 26024] R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 104616] R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 109736] R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824] R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016] R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728] R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208] S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2009-01-07 20744] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-09-23 64288] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-03 176128] S2 AsSysCtrlService;ASUS System Control Service;c:\program files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-04-02 90112] S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-07-17 319488] S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-11-16 735960] S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-12-18 95896] S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-08-04 6096384] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-08-03 214016] S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2010-07-07 44432] S3 PrivacyProvider;PrivacyProvider;c:\windows\system32\PrivacyProvider.exe [2010-01-26 2740224] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-04-19 189784] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048] S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2010-07-11 27632] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2009-11-20 13:28 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Contenu du dossier 'Tâches planifiées' 2010-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-24 18:53] 2010-11-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-24 18:53] 2010-11-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-363704617-1961234646-957867529-1000Core.job - c:\users\mo\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-26 13:14] 2010-11-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-363704617-1961234646-957867529-1000UA.job - c:\users\mo\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-26 13:14] . . ------- Examen supplémentaire ------- . IE: &Envoyer à OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Convertir en Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir la cible du lien en Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir la sélection en Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la sélection en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir les liens sélectionnés en Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convertir les liens sélectionnés en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Download Link Using Mega Manager... - c:\program files\Megaupload\Mega Manager\mm_file.htm IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html LSP: c:\windows\system32\PrivacyProvider.dll Trusted Zone: secuser.com FF - ProfilePath - c:\users\mo\AppData\Roaming\Mozilla\Firefox\Profiles\jfan4znq.default\ FF - prefs.js: browser.startup.homepage - google.fr FF - prefs.js: keyword.URL - hxxp://search.speedbit.com/searchresults.asp?src=default&q= FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: c:\users\mo\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\users\mo\AppData\Roaming\Mozilla\Firefox\Profiles\jfan4znq.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll ---- PARAMETRES FIREFOX ---- FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . - - - - ORPHELINS SUPPRIMES - - - - MSConfigStartUp-ITSecMng - c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe MSConfigStartUp-Kernel and Hardware Abstraction Layer - KHALMNPR.EXE MSConfigStartUp-PC Suite Tray - c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe AddRemove-Scooby-Doo, Le Secret du Sphinx - c:\program files\Mindscape\Scooby-Doo . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'Explorer.exe'(116) c:\windows\system32\btncopy.dll c:\program files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx c:\program files\Megaupload\Mega Manager\MegaIEMn.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\AUDIODG.EXE c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\windows\system32\atieclxx.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\CDBurnerXP\NMSAccessU.exe c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\windows\system32\taskhost.exe c:\program files\ASUS\Six Engine\SixEngine.exe c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\conhost.exe c:\windows\system32\sppsvc.exe . ************************************************************************** . Heure de fin: 2010-11-05 17:56:47 - La machine a redémarré ComboFix-quarantined-files.txt 2010-11-05 16:56 Avant-CF: 427 299 778 560 octets libres Après-CF: 427 288 875 008 octets libres - - End Of File - - 2C1F2D3E94DD7236AE2444F13AF4EF0C merci de ton aide
  7. rapetou83
    re-bonsoir apollo, j'ai fais ce que tu m'as dit mais il me dit que je n'ai pas l'autorisation d'accès pour les deux donc je peux pas les analyser
  8. rapetou83
    bonsoir et merci apollo de ton aide voici déjà le premier rapport ======= REPORT FROM AD-REMOVER 2.0.0.2,B | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 25/10/10 at 11:40 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: TEAM X SCRIPT : UsbFix - AD-Remover - FindyKill C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Launched at 16:52:17 on 01/09/2010, Normal boot Microsoft Windows 7 Édition Intégrale (X86) mo@PC (System manufacturer System Product Name) ============== SEARCH ============== File found: C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar Folder found: C:\Users\mo\AppData\Roaming\Mozilla\FireFox\Profiles\jfan4znq.default\extensions\toolbar@ask.com Folder found: C:\Program Files\Ask.com Folder found: C:\Users\mo\AppData\LocalLow\AskToolbar -- File opened: C:\Users\mo\AppData\Roaming\Mozilla\FireFox\Profiles\jfan4znq.default\Prefs.js -- Line found: user_pref("extensions.asktb.cbid", "QC"); Line found: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}... Line found: user_pref("extensions.asktb.first-launch-url", "hxxp://g.msn.com/5mefr_fr/11"); Line found: user_pref("extensions.asktb.fresh-install", false); Line found: user_pref("extensions.asktb.l", "dis"); Line found: user_pref("extensions.asktb.last-config-req", "1288811956305"); Line found: user_pref("extensions.asktb.locale", "fr_FR"); Line found: user_pref("extensions.asktb.o", "102408"); Line found: user_pref("extensions.asktb.options-lang", "fr"); Line found: user_pref("extensions.asktb.options-locale", "UK"); Line found: user_pref("extensions.asktb.overlay-reloaded-using-restart", true); Line found: user_pref("extensions.asktb.qsrc", "2871"); Line found: user_pref("extensions.asktb.r", "2"); Line found: user_pref("extensions.asktb.search-suggestions-enabled", true); Line found: user_pref("extensions.enabledItems", "DeviceDetection@logitech.com:1.20.0.66,{d10d0bf8-f5b5-c8b4-a8b... -- File closed -- Key found: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Key found: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key found: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key found: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key found: HKLM\Software\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E} Key found: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1 Key found: HKLM\Software\Classes\SuggestMeYes.SuggestMeYesBHO Key found: HKLM\Software\Classes\SuggestMeYes.SuggestMeYesBHO.1 Key found: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL Key found: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Key found: HKCU\Software\Ask.com Key found: HKCU\Software\AppDataLow\AskToolbarInfo Key found: HKCU\Software\AppDataLow\Software\AskToolbar Key found: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Key found: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key found: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} ============== ADDITIONNAL SCAN ============== ** Mozilla Firefox Version [3.6.12 (fr)] ** -- C:\Users\mo\AppData\Roaming\Mozilla\FireFox\Profiles\jfan4znq.default\Prefs.js -- browser.download.dir, C:\\Users\\mo\\Documents\\Downloads browser.download.lastDir, C:\\Users\\mo\\Desktop browser.startup.homepage, google.fr browser.startup.homepage_override.mstone, rv:1.9.2.12 keyword.URL, hxxp://search.speedbit.com/searchresults.asp?src=default&q= ======================================== ** Internet Explorer Version [8.0.7600.16385] ** [HKCU\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Do404Search: 0x01000000 Enable Browser Extensions: YES Local Page: C:\Windows\system32\blank.htm Show_ToolBar: yes Start Page: hxxp://www.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157 Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Delete_Temp_Files_On_Exit: yes Local Page: C:\Windows\System32\blank.htm Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157 [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: hxxp://search.speedbit.com/tab/ Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 File(s) C:\Program Files\Ad-Remover\Backup: 1 File(s) C:\Ad-Report-SCAN[1].txt - 01/09/2010 (5230 Byte(s)) End at: 16:52:49, 01/09/2010 ============== E.O.F ============== ET VOICI LE SECOND RAPPORT ======= REPORT FROM AD-REMOVER 2.0.0.2,B | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 25/10/10 at 11:40 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 18:12:31 on 01/09/2010, Normal boot Microsoft Windows 7 Édition Intégrale (X86) mo@PC (System manufacturer System Product Name) ============== ACTION(S) ============== File deleted: C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar Folder deleted: C:\Users\mo\AppData\Roaming\Mozilla\FireFox\Profiles\jfan4znq.default\extensions\toolbar@ask.com Folder deleted: C:\Program Files\Ask.com Folder deleted: C:\Users\mo\AppData\LocalLow\AskToolbar (!) -- Temporary files deleted. -- File opened: C:\Users\mo\AppData\Roaming\Mozilla\FireFox\Profiles\jfan4znq.default\Prefs.js -- Line deleted: Line deleted: Line deleted: user_pref("extensions.asktb.cbid", "QC"); Line deleted: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}... Line deleted: user_pref("extensions.asktb.first-launch-url", "hxxp://g.msn.com/5mefr_fr/11"); Line deleted: user_pref("extensions.asktb.fresh-install", false); Line deleted: user_pref("extensions.asktb.l", "dis"); Line deleted: user_pref("extensions.asktb.last-config-req", "1288811956305"); Line deleted: user_pref("extensions.asktb.locale", "fr_FR"); Line deleted: user_pref("extensions.asktb.o", "102408"); Line deleted: user_pref("extensions.asktb.options-lang", "fr"); Line deleted: user_pref("extensions.asktb.options-locale", "UK"); Line deleted: user_pref("extensions.asktb.overlay-reloaded-using-restart", true); Line deleted: user_pref("extensions.asktb.qsrc", "2871"); Line deleted: user_pref("extensions.asktb.r", "2"); Line deleted: user_pref("extensions.asktb.search-suggestions-enabled", true); Line deleted: user_pref("extensions.enabledItems", "DeviceDetection@logitech.com:1.20.0.66,{d10d0bf8-f5b5-c8b4-a8b... -- File closed -- Key deleted: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Key deleted: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key deleted: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key deleted: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key deleted: HKLM\Software\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E} Key deleted: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1 Key deleted: HKLM\Software\Classes\SuggestMeYes.SuggestMeYesBHO Key deleted: HKLM\Software\Classes\SuggestMeYes.SuggestMeYesBHO.1 Key deleted: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL Key deleted: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Key deleted: HKCU\Software\Ask.com Key deleted: HKCU\Software\AppDataLow\AskToolbarInfo Key deleted: HKCU\Software\AppDataLow\Software\AskToolbar Key deleted: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key deleting error: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} ============== ADDITIONNAL SCAN ============== ** Mozilla Firefox Version [3.6.12 (fr)] ** -- C:\Users\mo\AppData\Roaming\Mozilla\FireFox\Profiles\jfan4znq.default\Prefs.js -- browser.download.dir, C:\\Users\\mo\\Documents\\Downloads browser.download.lastDir, C:\\Users\\mo\\Desktop browser.startup.homepage, google.fr browser.startup.homepage_override.mstone, rv:1.9.2.12 keyword.URL, hxxp://search.speedbit.com/searchresults.asp?src=default&q= ======================================== ** Internet Explorer Version [8.0.7600.16385] ** [HKCU\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: YES Local Page: C:\Windows\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: C:\Windows\System32\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 165 File(s) C:\Program Files\Ad-Remover\Backup: 16 File(s) C:\Ad-Report-CLEAN[1].txt - 01/09/2010 (5673 Byte(s)) C:\Ad-Report-SCAN[1].txt - 01/09/2010 (5359 Byte(s)) End at: 18:13:20, 01/09/2010 ============== E.O.F ==============
  9. rapetou83
    <RESOLU> bonjour a tous je suis tout nouveau dans ce forum et merci de m'accueillir, voila j'ai un problème avec un cheval de Troie voici le rapport de zhpdiag merci de votre aide Rapport de ZHPDiag v1.27.09 par Nicolas Coolman, Update du 04/11/2010 Run by mo at 01/09/2010 07:35:40 Web site : ZHPDiag Outil de diagnostic Contact : nicolascoolman@yahoo.fr ---\\ Web Browser MSIE: Internet Explorer v8.0.7600.16385 MFIE: Mozilla Firefox (3.6.12) ---\\ System Information Windows 7 Ultimate Edition, 32-bit (Build 7600) Processor: x86 Family 6 Model 30 Stepping 5, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3063 MB (50% free) System drive C: has 402 GB (86%) free of 466 GB ---\\ Logged in mode Computer Name: PC User Name: mo All Users Names: mo, Guest, Administrator, Unselected Option: O1,O45,O61,O62,O65,O82 Logged in as Administrator ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 402 Go of 466 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 564 Go of 931 Go) E:\ CD-ROM drive (Free 0 Go of 4 Go) G:\ CD-ROM drive (Not Inserted) H:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go) I:\ Hard drive, Flash drive, Thumb drive (Free 170 Go of 466 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK ---\\ Recherche particulière de fichiers génériques [MD5.00000000000000000000000000000000] - (.Pas de propriétaire - Pas de description.) (.31/10/2009 23:00:00.) -- C:\Windows\Explorer.exe [2614272] [MD5.00000000000000000000000000000000] - (.Pas de propriétaire - Pas de description.) (.14/07/2009 23:00:00.) -- C:\Windows\System32\Wininit.exe [96256] [MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.28/10/2009 07:17:59.) -- C:\Windows\System32\Winlogon.exe [285696] [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 02:26:15.) -- C:\Windows\System32\drivers\atapi.sys [21584] ---\\ Processus lancés [MD5.0D06000000000000000000000CEF1200] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\Explorer.EXE [2614272] [MD5.9CA037D9931896ABDDC41A214012314E] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\ASUS\Six Engine\SixEngine.exe [6038016] [MD5.3D1D1D1BBE3D60DBDA44C1441A372173] - (.TuneUp Software - TuneUp Utilities.) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe [719688] [MD5.D73B38AE415ED63BD89946D71D14B482] - (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2054360] [MD5.8BF167D30A11F4F06FB14BC6874192B2] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1164584] [MD5.1A759052B9DB9DC7AFA2FE279279F49E] - (.VIA - VIA HD Audio CPL.) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1474560] [MD5.B4BF928DBA5E42E3329ADA9B5DBB8065] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\ASUS\TurboV\TurboV.exe [5391872] [MD5.C25FA7C105FF151783CCEFE4215E7CEE] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\ASUS\Turbo Key\TurboKey.exe [1768960] [MD5.53A0E3AF3637C41C5F0352391D7B1145] - (.AllAnonymity - IP Hider.) -- C:\Program Files\IP Hider\IP Hider.exe [1560576] [MD5.697E07302EC965393ABC85AD5C2C8D53] - (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1797008] [MD5.251F10B000F0A032D00399D706DF3BBA] - (.Microsoft Corporation - IType.exe.) -- C:\Program Files\Microsoft IntelliType Pro\itype.exe [1778064] [MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [MD5.17B7EE982055EE0660A3C512D07E5111] - (.Lavasoft - Ad-Aware Tray Application.) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [788880] [MD5.E1AB298BAFC8ECCA8C322A29C5FDC68C] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [912344] [MD5.6F7ECB12B6782A2122DEBE9EC9DF2C5D] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [MD5.03ECCA8FADBB71694A49B7D505636A9C] - (.Pas de propriétaire - FreeMi UPnP Media Server.) -- C:\Program Files\FreeMi UPnP Media Server\FreeMi UPnP Media Server.exe [89088] [MD5.F8500F11D9BAAF31A93EBCBDB93A3F96] - (.Megaupload Limited - Mega Manager.) -- C:\Program Files\Megaupload\Mega Manager\MegaManager.exe [2052608] [MD5.6FB2760F706B4D918EF3B401F4A71242] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [616960] ---\\ Page de démarrage de Mozilla Firefox (M0) M0 - MFSP: prefs.js [mo - jfan4znq.default] google.fr ---\\ Programmes d'extension pour Mozilla Firefox (M2) M2 - MFEP: prefs.js [mo - jfan4znq.default\DeviceDetection@logitech.com] [] ????????? ????????? Logitech 1.20.0.66 (.Logitech, Inc..) M2 - MFEP: prefs.js [mo - jfan4znq.default\pbreak.br@gmail.com] [] Megaupload SX.3.2 3.2 (.PBreak.) M2 - MFEP: prefs.js [mo - jfan4znq.default\toolbar@ask.com] [] Ask Toolbar 3.9.1.14019 (.Ask.com.) M2 - MFEP: prefs.js [mo - jfan4znq.default\{40a1f5d7-afc2-498f-b264-02668d616ff6}] [] Mega Manager Integration 1.1 (.Megaupload Limited.) M2 - MFEP: prefs.js [mo - jfan4znq.default\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] [adblockplus] Adblock Plus 1.2.2 (.Wladimir Palant.) ---\\ Plugins de navigateurs Opera/Firefox(P1/P2) P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 2.0.3.4.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Google\Picasa3\npPicasa3.dll P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50917.0.) -- C:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.450] - (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.448] - (.RealNetworks, Inc. - 6.0.12.448.) -- C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.4] - (.the VideoLAN Team - Version 1.1.4, copyright 1996-2010 The VideoLAN Team<br><a href="http:.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Users\mo\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe ---\\ Pages de démarrage d'Internet Explorer (R0) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport ---\\ Pages de recherche d'Internet Explorer (R1) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 ---\\ Internet Explorer URLSearchHook (R3) R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Pas de propriétaire - AcroIEHelper Module.) -- C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} . (.Megaupload Limited - Mega Manager IE Click Catcher.) -- C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [egui] . (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe O4 - HKLM\..\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe O4 - HKLM\..\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe O4 - HKLM\..\Run: [TurboV] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\ASUS\TurboV\TurboV.exe O4 - HKLM\..\Run: [Turbo Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\ASUS\Turbo Key\TurboKey.exe O4 - HKLM\..\Run: [iPHider] . (.AllAnonymity - IP Hider.) -- C:\Program Files\IP Hider\IP Hider.exe O4 - HKLM\..\Run: [intelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe O4 - HKLM\..\Run: [itype] . (.Microsoft Corporation - IType.exe.) -- C:\Program Files\Microsoft IntelliType Pro\itype.exe O4 - HKCU\..\Run: [FreeMi UPnP Media Server] . (.Pas de propriétaire - FreeMi UPnP Media Server.) -- C:\Program Files\FreeMi UPnP Media Server\FreeMi UPnP Media Server.exe O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\mo\AppData\Local\Google\Update\GoogleUpdate.exe O4 - HKCU\..\Run: [tcactive] . (.MooSoft Development Inc - TCActive! GUI.) -- C:\Program Files\The Cleaner\tcap.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-363704617-1961234646-957867529-1000\..\Run: [FreeMi UPnP Media Server] . (.Pas de propriétaire - FreeMi UPnP Media Server.) -- C:\Program Files\FreeMi UPnP Media Server\FreeMi UPnP Media Server.exe O4 - HKUS\S-1-5-21-363704617-1961234646-957867529-1000\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKUS\S-1-5-21-363704617-1961234646-957867529-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-21-363704617-1961234646-957867529-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\mo\AppData\Local\Google\Update\GoogleUpdate.exe O4 - HKUS\S-1-5-21-363704617-1961234646-957867529-1000\..\Run: [tcactive] . (.MooSoft Development Inc - TCActive! GUI.) -- C:\Program Files\The Cleaner\tcap.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mise à jour des licences ESET.lnk . (.GuillerSoft.) -- C:\Program Files\ESET\MiNODLogin\MiNODLogin.exe ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\mo\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe O4 - Global Startup: C:\Documents And Settings\mo\Desktop\emule.lnk . (.Pas de propriétaire.) -- C:\Program Files\eMule\Incoming O4 - Global Startup: C:\Documents And Settings\mo\Desktop\IP Hider.lnk . (.AllAnonymity.) -- C:\Program Files\IP Hider\IP Hider.exe O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\mo\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe O4 - Global Startup: C:\Users\mo\Desktop\emule.lnk . (.Pas de propriétaire.) -- C:\Program Files\eMule\Incoming O4 - Global Startup: C:\Users\mo\Desktop\IP Hider.lnk . (.AllAnonymity.) -- C:\Program Files\IP Hider\IP Hider.exe O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk . (.Lavasoft.) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IP Hider.lnk . (.AllAnonymity.) -- C:\Program Files\IP Hider\IP Hider.exe O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IsoBuster.lnk . (.Smart Projects.) -- C:\Program Files\Smart Projects\IsoBuster\IsoBuster.exe O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: &Envoyer à OneNote - (.not file.) - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\Windows\system32\GPhotos.scr O8 - Extra context menu item: Convertir en Adobe PDF . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O8 - Extra context menu item: Convertir en un fichier PDF existant . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O8 - Extra context menu item: Convertir la sélection en Adobe PDF . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O8 - Extra context menu item: Convertir les liens sélectionnés en Adobe PDF . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O8 - Extra context menu item: Download Link Using Mega Manager... . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Megaupload\Mega Manager\mm_file.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{11FAA008-C052-4382-9CA7-8A8FEBBC2C63}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CS1\Services\Tcpip\..\{11FAA008-C052-4382-9CA7-8A8FEBBC2C63}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CS2\Services\Tcpip\..\{11FAA008-C052-4382-9CA7-8A8FEBBC2C63}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241 ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe O23 - Service: ASUS System Control Service (AsSysCtrlService) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe O23 - Service: BlueSoleil Hid Service (BlueSoleil Hid Service) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (.not file.) O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: The Cleaner 2011 Helper Service (moohelp) . (.MooSoft Development LLC - MooSoft Helper Service.) - C:\Program Files\The Cleaner\mhelper.exe O23 - Service: NMSAccessU (NMSAccessU) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: Sony Ericsson OMSI download service (OMSI download service) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe O23 - Service: StarWind AE Service (StarWindServiceAE) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (.not file.) O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.) ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-363704617-1961234646-957867529-1000Core.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-363704617-1961234646-957867529-1000UA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\MemOptimizer-02BB2F56CB964deb8996194DE7EB5275.job ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll O40 - ASIC: LightScribe Control Panel - {10880D85-AAD9-4558-ABDC-2AB1552D831F} . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSRunOnce.exe O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.1 r85.) -- C:\Windows\system32\Macromed\Flash\Flash10k.ocx ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: AsIO (AsIO) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\drivers\AsIO.sys O41 - Driver: ehdrv (ehdrv) . (.ESET - ESET Helper driver.) - C:\Windows\system32\DRIVERS\ehdrv.sys O41 - Driver: ElbyCDIO Driver (ElbyCDIO) . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) - C:\Windows\system32\Drivers\ElbyCDIO.sys O41 - Driver: ISO DVD\CD-ROM Device Driver (ISODrive) . (.EZB Systems, Inc. - ISO DVD/CD-ROM Device Driver.) - C:\Program Files\UltraISO\drivers\ISODrive.sys ---\\ Logiciels installés (O42) O42 - Logiciel: AMD DnD V1.0.19 - (.AMD.) [HKLM] -- {87BB78C4-F36D-4D93-A7C7-F80F18219848} O42 - Logiciel: ATI AVIVO Codecs - (.ATI Technologies Inc..) [HKLM] -- {DD6E44E7-0319-2868-F1D9-07ECD2A1A94C} O42 - Logiciel: Ad-Aware - (.Lavasoft.) [HKLM] -- Ad-Aware O42 - Logiciel: Ad-Aware - (.Lavasoft.) [HKLM] -- {DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {B194272D-1F92-46DF-99EB-8D5CE91CB4EC} O42 - Logiciel: Adobe Acrobat 5.0 - (.Pas de propriétaire.) [HKLM] -- Adobe Acrobat 5.0 O42 - Logiciel: Adobe Acrobat 7.0 Professional - English, Français, Deutsch - (.Adobe Systems.) [HKLM] -- Adobe Acrobat 7.0 Professional - EFG O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {A93944F2-D2D4-4750-BFE7-9A288FEAF2CF} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033} O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE} O42 - Logiciel: CCleaner (remove only) - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1 O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {8D7133DE-27D2-47E5-B248-4180278D32AA} O42 - Logiciel: CloneDVD2 - (.Elaborate Bytes.) [HKLM] -- CloneDVD2 O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6} O42 - Logiciel: Configuration DivX - (.DivX, Inc. .) [HKLM] -- DivX Setup.divx.com O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3} O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: DeskSpace 1.5.6.3 - (.Otaku Software Pty Ltd.) [HKCU] -- DeskSpace O42 - Logiciel: EPU-6 Engine - (.Pas de propriétaire.) [HKLM] -- {56B83336-FBC1-4C46-8613-90A9E3B440D6} O42 - Logiciel: ESET Antivirus License Finder (MiNODLogin) - (.GuillerSoft.) [HKLM] -- MiNODLogin O42 - Logiciel: Express Gate - (.DeviceVM, Inc..) [HKLM] -- {99AD9D6D-A456-49EE-8360-F22EE7AA1272} O42 - Logiciel: FileZilla Client 3.3.2.1 - (.Pas de propriétaire.) [HKLM] -- FileZilla Client O42 - Logiciel: FreeMi UPnP Media Server - (.Stéphane Mitermite.) [HKLM] -- FreeMi UPnP Media Server O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710} O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: HydraVision - (.ATI Technologies Inc..) [HKLM] -- {CA7D1914-153C-6FD9-4B80-9F5BF3B760E1} O42 - Logiciel: IP Hider 4.9 - (.AllAnonymity.) [HKLM] -- IP Hider 4.9_is1 O42 - Logiciel: ImgBurn 2.3.2.0 Fr - (.Pas de propriétaire.) [HKLM] -- {75ADEFA2-D4FF-4B37-9E93-4306E6AC176B}_is1 O42 - Logiciel: IsoBuster 1.4 - (.Smart Projects.) [HKLM] -- IsoBuster_is1 O42 - Logiciel: Java 6 Update 17 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216017FF} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} O42 - Logiciel: K-Lite Mega Codec Pack 5.5.1 - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1 O42 - Logiciel: L'Encyclopédie pratique du Bricolage - (.Pas de propriétaire.) [HKLM] -- {9F58CF55-92CD-48DC-AA26-EAAF9BF1A500} O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM] -- {7EACD74C-147F-478C-9389-F9F52EE3C88A} O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6} O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {96EB95A2-5245-4EA2-B6EA-B8BA2FBF64C4} O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Mega Manager - (.Megaupload Limited.) [HKLM] -- {3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2} O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Live Add-in 1.5 - (.Microsoft Corporation.) [HKLM] -- {F40BBEC7-C2A4-4A00-9B24-7A055A2C5262} O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95140000-007A-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95140000-007A-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9} O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c} O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Mozilla Firefox (3.6.12) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.12) O42 - Logiciel: Nero Installer - (.Nero AG.) [HKLM] -- {E8A80433-302B-4FF1-815D-FCC8EAC482FF} O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3 O42 - Logiciel: PowerISO - (.PowerISO Computing, Inc..) [HKLM] -- PowerISO O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {EB900AF8-CC61-4E15-871B-98D1EA3E8025} O42 - Logiciel: Quicksys RegDefrag 2.8 - (.Pas de propriétaire.) [HKLM] -- {5D26BF7B-BEF6-477D-8FC1-0C1C159B6364}_is1 O42 - Logiciel: R-Studio Emergency Startup Media Creator 5.1 - (.R-Tools Technology Inc..) [HKLM] -- R-Studio Emergency Startup Media Creator 5.1NSIS O42 - Logiciel: Realtek Ethernet Controller Driver For Windows 7 - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} O42 - Logiciel: Scooby-Doo, Affaire n°1 - Le monstre du musée - (.Pas de propriétaire.) [HKLM] -- Scooby-Doo, Affaire n°1 - Le monstre du musée O42 - Logiciel: Scooby-Doo, Le Secret du Sphinx - (.Pas de propriétaire.) [HKLM] -- Scooby-Doo, Le Secret du Sphinx O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982312) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B0EC5722-241F-4CDA-83B4-AA5846B6F9F4} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B23002DD-34EC-4988-B810-A5E2A0BF04F1} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office Outlook 2007 (KB2288953) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8B772E1C-7C05-42D2-839D-3EC2D39EFF22} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46} O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB982124) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{289FA8BC-6A8E-4341-B194-EB26B49E9F5D} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: Sony Ericsson Media Manager 1.2 - (.Sony Ericsson.) [HKLM] -- {8CD0B297-122D-4718-9CE1-B72E796F7B21} O42 - Logiciel: Sony Ericsson PC Suite - (.Sony Ericsson.) [HKLM] -- {2FFE93F0-BB72-4E52-8761-354D1AAA9387} O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: TeraCopy 1.22 - (.Code Sector Inc..) [HKLM] -- TeraCopy_is1 O42 - Logiciel: The Cleaner 2011 - (.MooSoft Development LLC.) [HKLM] -- The Cleaner_is1 O42 - Logiciel: Turbo Key - (.Pas de propriétaire.) [HKLM] -- {B83F7FA5-3191-4E39-A1F2-8A9038BD0B04} O42 - Logiciel: TurboV - (.Pas de propriétaire.) [HKLM] -- {A31951C5-DCD8-4DFE-A525-CFC701F54792} O42 - Logiciel: UltraISO Premium V9.3 - (.Pas de propriétaire.) [HKLM] -- UltraISO_is1 O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb2410711) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BB5A2EB0-4515-4C6B-A618-A6F6B0AB7BAA} O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053 - (.DivX, Inc.) [HKLM] -- {5EE7D259-D137-4438-9A5F-42F432EC0421} O42 - Logiciel: VIA Gestionnaire de périphériques de plate-forme - (.VIA Technologies, Inc..) [HKLM] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169} O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: WinUtilities 9.81 Professional Edition - (.YL Computing, Inc.) [HKLM] -- {FC274982-5AAD-4C20-848D-4424A5043009}_is1 O42 - Logiciel: Winamax Poker - (.Table 14.) [HKLM] -- wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1 O42 - Logiciel: Winamax Poker - (.Table 14.) [HKLM] -- {F3D70E4A-6F7E-8806-790E-7887E8242B20} O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066} O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {F53D678E-238F-4A71-9742-08BB6774E9DC} O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {FCFBA290-CB48-4AF1-A241-2685AEDEDD66} O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C} O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {61AD15B2-50DB-4686-A739-14FE180D4429} O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917} O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C} O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5} O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48} O42 - Logiciel: Windows Live Mesh ActiveX Control for Remote Connections - (.Microsoft Corporation.) [HKLM] -- {2902F983-B4C1-44BA-B85D-5C6D52E2C441} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90} O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38} O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70} O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1} O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {19A4A990-5343-4FF7-B3B5-6F046C091EDF} O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C} O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0} O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {AB93C51F-71F9-4A28-8134-FE1B5B9373E9} O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4} O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F} O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {09F56A49-A7B1-4AAB-95B9-D13094254AD1} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF} O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194} O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule O42 - Logiciel: eReg - (.Logitech, Inc..) [HKLM] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C} O42 - Logiciel: erLT - (.Logitech, Inc..) [HKLM] -- {A498D9EB-927B-459B-85D6-DD6EF8C2C564} O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent ---\\ HKCU & HKLM Software Keys [HKCU\Software\AMD] [HKCU\Software\ASProtect] [HKCU\Software\ASUS] [HKCU\Software\ATI] [HKCU\Software\Adobe] [HKCU\Software\AllAnonymity] [HKCU\Software\AppDataLow\AskToolbarInfo] [HKCU\Software\AppDataLow\Software\Adobe] [HKCU\Software\AppDataLow\Software\AskToolbar] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Ask.com] [HKCU\Software\AutocompletePro] [HKCU\Software\BitTorrent] [HKCU\Software\CBS Software] [HKCU\Software\CDDB] [HKCU\Software\Calculador 10] [HKCU\Software\Canneverbe Limited] [HKCU\Software\Classes.crx] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Code Sector] [HKCU\Software\Cookie Crumble] [HKCU\Software\CoreVorbis] [HKCU\Software\Cygnus Solutions] [HKCU\Software\DivXNetworks] [HKCU\Software\DivX] [HKCU\Software\ESET] [HKCU\Software\EasyBoot Systems] [HKCU\Software\Elaborate Bytes] [HKCU\Software\Enigma Protector] [HKCU\Software\Flock] [HKCU\Software\GNU] [HKCU\Software\GSpot Appliance Corp] [HKCU\Software\Gabest] [HKCU\Software\Google] [HKCU\Software\Haali] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IM Providers] [HKCU\Software\ImgBurn] [HKCU\Software\JavaSoft] [HKCU\Software\Lavasoft] [HKCU\Software\Leadertech] [HKCU\Software\LightScribe] [HKCU\Software\Logitech] [HKCU\Software\MONOGRAM] [HKCU\Software\Macromedia] [HKCU\Software\MainConcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MediaInfo] [HKCU\Software\Megaupload] [HKCU\Software\MooSoft Development] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\Nokia] [HKCU\Software\ODBC] [HKCU\Software\Otaku Software] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\PowerISO] [HKCU\Software\R-TT] [HKCU\Software\RealNetworks] [HKCU\Software\Safer Networking Limited] [HKCU\Software\SenBit] [HKCU\Software\SlySoft] [HKCU\Software\Smart Projects] [HKCU\Software\Sony Creative Software] [HKCU\Software\Sony Ericsson] [HKCU\Software\Sysinternals] [HKCU\Software\Toshiba] [HKCU\Software\Trolltech] [HKCU\Software\TuneUp] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\Virtual Plastic Surgery Software - VPSS] [HKCU\Software\Widcomm] [HKCU\Software\WideStream] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\cybelsoft] [HKCU\Software\eMule] [HKCU\Software\madFlac] [HKCU\Software\yahoo] [HKLM\Software\AMD] [HKLM\Software\ASUS] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Adobe Systems] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\Alcohol Soft] [HKLM\Software\Alienware] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Audible] [HKLM\Software\BSProductManage] [HKLM\Software\CDDB] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Codec Tweak Tool] [HKLM\Software\Cygnus Solutions] [HKLM\Software\DeviceVM] [HKLM\Software\DivXNetworks] [HKLM\Software\DivX] [HKLM\Software\ESET] [HKLM\Software\EasyBoot Systems] [HKLM\Software\Elaborate Bytes] [HKLM\Software\FileZilla 3] [HKLM\Software\GNU] [HKLM\Software\Google] [HKLM\Software\HaaliMkx] [HKLM\Software\Hewlett-Packard] [HKLM\Software\HighCriteria] [HKLM\Software\IPHider] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KLCodecPack] [HKLM\Software\Lavasoft] [HKLM\Software\Licenses] [HKLM\Software\LightScribe] [HKLM\Software\MAXSOFT-OCRON] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\Megaupload Limited] [HKLM\Software\Megaupload] [HKLM\Software\Micro Application] [HKLM\Software\MimarSinan] [HKLM\Software\Mindscape] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\Policies] [HKLM\Software\QSound Labs, Inc.] [HKLM\Software\Quicksys] [HKLM\Software\R-TT] [HKLM\Software\RTLSetup] [HKLM\Software\RealNetworks] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\S3R521] [HKLM\Software\Safer Networking Limited] [HKLM\Software\SlySoft] [HKLM\Software\Sonic] [HKLM\Software\Sony Creative Software] [HKLM\Software\Sony Media Software] [HKLM\Software\The Learning Company] [HKLM\Software\Toshiba] [HKLM\Software\Trad-FR] [HKLM\Software\TrendMicro] [HKLM\Software\TuneUp] [HKLM\Software\VIA Technologies, Inc] [HKLM\Software\VideoLAN] [HKLM\Software\Volatile] [HKLM\Software\WIDCOMM] [HKLM\Software\WidCommUpdate] [HKLM\Software\cybelsoft] [HKLM\Software\mozilla.org] ---\\ Contenu des dossiers ProgramFiles/ProgramData (O43) O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Alcohol Soft O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update O43 - CFD:Common File Directory ----D- C:\Program Files\Ask.com O43 - CFD:Common File Directory ----D- C:\Program Files\ASUS O43 - CFD:Common File Directory ----D- C:\Program Files\ATI O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner O43 - CFD:Common File Directory ----D- C:\Program Files\CDBurnerXP O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files O43 - CFD:Common File Directory ----D- C:\Program Files\DAP O43 - CFD:Common File Directory ----D- C:\Program Files\DeskSpace O43 - CFD:Common File Directory ----D- C:\Program Files\DIFX O43 - CFD:Common File Directory ----D- C:\Program Files\DivX O43 - CFD:Common File Directory ----D- C:\Program Files\Download Direct O43 - CFD:Common File Directory ----D- C:\Program Files\Downloaded Installations O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Maker O43 - CFD:Common File Directory ----D- C:\Program Files\Elaborate Bytes O43 - CFD:Common File Directory ----D- C:\Program Files\eMule O43 - CFD:Common File Directory ----D- C:\Program Files\ESET O43 - CFD:Common File Directory ----D- C:\Program Files\FileZilla FTP Client O43 - CFD:Common File Directory ----D- C:\Program Files\FreeMi UPnP Media Server O43 - CFD:Common File Directory ----D- C:\Program Files\Google O43 - CFD:Common File Directory ----D- C:\Program Files\ImgBurn O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD:Common File Directory ----D- C:\Program Files\Intel O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer O43 - CFD:Common File Directory ----D- C:\Program Files\IP Hider O43 - CFD:Common File Directory ----D- C:\Program Files\IVT Corporation O43 - CFD:Common File Directory ----D- C:\Program Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\K-Lite Codec Pack O43 - CFD:Common File Directory ----D- C:\Program Files\Lavasoft O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD:Common File Directory ----D- C:\Program Files\Megaupload O43 - CFD:Common File Directory ----D- C:\Program Files\Micro Application O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft IntelliPoint O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft IntelliType Pro O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio 8 O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET O43 - CFD:Common File Directory ----D- C:\Program Files\Mindscape O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0 O43 - CFD:Common File Directory ----D- C:\Program Files\Nokia O43 - CFD:Common File Directory ----D- C:\Program Files\PowerISO O43 - CFD:Common File Directory ----D- C:\Program Files\Quicksys O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime O43 - CFD:Common File Directory ----D- C:\Program Files\R-Studio Emergency O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek O43 - CFD:Common File Directory ----D- C:\Program Files\Recuva O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies O43 - CFD:Common File Directory ----D- C:\Program Files\SlySoft O43 - CFD:Common File Directory ----D- C:\Program Files\Smart Projects O43 - CFD:Common File Directory ----D- C:\Program Files\Sony O43 - CFD:Common File Directory ----D- C:\Program Files\Sony Ericsson O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy O43 - CFD:Common File Directory ----D- C:\Program Files\TeraCopy O43 - CFD:Common File Directory ----D- C:\Program Files\The Cleaner O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro O43 - CFD:Common File Directory ----D- C:\Program Files\TuneUp Utilities 2010 O43 - CFD:Common File Directory ----D- C:\Program Files\UltraISO O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information O43 - CFD:Common File Directory ----D- C:\Program Files\uTorrent O43 - CFD:Common File Directory ----D- C:\Program Files\VIA O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN O43 - CFD:Common File Directory ----D- C:\Program Files\WBFS O43 - CFD:Common File Directory ----D- C:\Program Files\WIDCOMM O43 - CFD:Common File Directory ----D- C:\Program Files\Winamax Poker O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Viewer O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR O43 - CFD:Common File Directory ----D- C:\Program Files\WinUtilities O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe AIR O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe Systems Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\ATI Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DivX Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\EZB Systems O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LightScribe O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Logishrd O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Nero O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Nokia O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Sony Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe Systems O43 - CFD:Common File Directory ----D- C:\ProgramData\Apple O43 - CFD:Common File Directory ----D- C:\ProgramData\Apple Computer O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Application Data O43 - CFD:Common File Directory ----D- C:\ProgramData\ASUS OC Profiles O43 - CFD:Common File Directory ----D- C:\ProgramData\ATI O43 - CFD:Common File Directory ----D- C:\ProgramData\Avira O43 - CFD:Common File Directory ----D- C:\ProgramData\Bluetooth O43 - CFD:Common File Directory ----D- C:\ProgramData\BVRP Software O43 - CFD:Common File Directory ----D- C:\ProgramData\Canneverbe Limited O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Desktop O43 - CFD:Common File Directory ----D- C:\ProgramData\DivX O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Documents O43 - CFD:Common File Directory ----D- C:\ProgramData\ESET O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favorites O43 - CFD:Common File Directory ----D- C:\ProgramData\Google O43 - CFD:Common File Directory ----D- C:\ProgramData\Installations O43 - CFD:Common File Directory ----D- C:\ProgramData\Lavasoft O43 - CFD:Common File Directory ----D- C:\ProgramData\LightScribe O43 - CFD:Common File Directory ----D- C:\ProgramData\Logishrd O43 - CFD:Common File Directory ----D- C:\ProgramData\ma-config.com O43 - CFD:Common File Directory ----D- C:\ProgramData\Malwarebytes O43 - CFD:Common File Directory -S--D- C:\ProgramData\Microsoft O43 - CFD:Common File Directory ----D- C:\ProgramData\Microsoft Help O43 - CFD:Common File Directory ----D- C:\ProgramData\moosoft O43 - CFD:Common File Directory ----D- C:\ProgramData\Nero O43 - CFD:Common File Directory ----D- C:\ProgramData\Nokia O43 - CFD:Common File Directory ----D- C:\ProgramData\NokiaMusic O43 - CFD:Common File Directory ----D- C:\ProgramData\OviInstallerCache O43 - CFD:Common File Directory ----D- C:\ProgramData\PC Suite O43 - CFD:Common File Directory ----D- C:\ProgramData\SlySoft O43 - CFD:Common File Directory ----D- C:\ProgramData\Sony O43 - CFD:Common File Directory ----D- C:\ProgramData\Sony Ericsson O43 - CFD:Common File Directory ----D- C:\ProgramData\Spybot - Search & Destroy O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Start Menu O43 - CFD:Common File Directory ---AD- C:\ProgramData\TEMP O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Templates O43 - CFD:Common File Directory ----D- C:\ProgramData\TOSHIBA O43 - CFD:Common File Directory ----D- C:\ProgramData\TuneUp Software O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe AIR O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe Systems Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\ATI Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DivX Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\EZB Systems O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LightScribe O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Logishrd O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Nero O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Nokia O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Sony Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.7300000000000000000000000CEF1200] - 14/02/2705 - 08:13:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\explorer.exe [2614272] O44 - LFC:[MD5.72AECF54AAC22B20956D08610972B5A1] - 03/11/2010 - 22:38:38 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\Windows\System32\drivers\SBREDrv.sys [93360] O44 - LFC:[MD5.713CD5267ABFB86FE90A72E384E82A38] - 03/11/2010 - 21:53:51 ---A- . (.Lavasoft AB - Boot Driver.) -- C:\Windows\System32\drivers\Lbd.sys [64288] O44 - LFC:[MD5.1DA93C4B323B34E38F5E7F43D9C65788] - 03/11/2010 - 21:52:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\lsdelete.exe [15880] O44 - LFC:[MD5.03FB7D95E32F9975615840F4B7516765] - 03/11/2010 - 18:40:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\ntbtlog.txt [188446] O44 - LFC:[MD5.6BF6EA91B1FE4DA6BFF7771D6C165A5A] - 31/10/2010 - 22:47:09 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\msnfix.txt [189] O44 - LFC:[MD5.D1E75542EC8D1B4851765A57AC63618E] - 31/10/2010 - 15:14:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\diagerr.xml [1908] O44 - LFC:[MD5.D1E75542EC8D1B4851765A57AC63618E] - 31/10/2010 - 15:14:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\diagwrn.xml [1908] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/11/2010 - 09:14:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setuperr.log [0] O44 - LFC:[MD5.01015964991C16E31F869ECBCFAAAFEE] - 28/10/2010 - 19:52:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\_WKERNEL.SYL [101] O44 - LFC:[MD5.F9F4905664C5B42B49E78EFA12D1A6B6] - 23/10/2010 - 17:35:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\pùÊ [20] O44 - LFC:[MD5.F9F4905664C5B42B49E78EFA12D1A6B6] - 23/10/2010 - 17:18:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\¸ù’ [20] O44 - LFC:[MD5.9FFE5D1BB29E37D74897DABFCD087530] - 23/10/2010 - 06:49:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\FNTCACHE.DAT [410040] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/10/2010 - 06:27:32 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\Msft_Kernel_point32_01009.Wdf [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/10/2010 - 06:26:03 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\Msft_Kernel_dc3d_01009.Wdf [0] O44 - LFC:[MD5.F9F4905664C5B42B49E78EFA12D1A6B6] - 20/10/2010 - 06:01:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\(ô‡ [20] O44 - LFC:[MD5.4CC27406C0045974AE6D805475B5DA1B] - 16/10/2010 - 18:01:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PrivacyProvider.dll [258048] O44 - LFC:[MD5.B79D3D6A4E9E2CD739660E2AD9734D58] - 16/10/2010 - 18:01:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PrivacyProvider.exe [2740224] O44 - LFC:[MD5.D2C0FC5DD6EA00505A8846A1675F2EC9] - 16/10/2010 - 18:01:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\RegisterLSP.exe [471040] O44 - LFC:[MD5.2A41794807AC53FCE19AF0EF2900525A] - 16/10/2010 - 13:08:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\VistaInfo32.dll [73728] O44 - LFC:[MD5.2C5977F4FCC7F67E51954F292E909369] - 09/10/2010 - 18:41:52 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\tmp_docprotector.ini [524] O44 - LFC:[MD5.B3C51A5995751A48AA8DE4B82BE9C83E] - 07/10/2010 - 18:15:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\Ascd_log.ini [33994] O44 - LFC:[MD5.70509087597627A322EA5882512958EC] - 07/10/2010 - 18:12:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setup.iss [670] O44 - LFC:[MD5.212F87EE837B4E35E43A93BBFC44E7A7] - 07/10/2010 - 18:11:57 R--A- . (.Pas de propriétaire - AsIO DLL.) -- C:\Windows\System32\AsIO.dll [24576] O44 - LFC:[MD5.2B4E66FAC6503494A2C6F32BB6AB3826] - 07/10/2010 - 18:11:57 R--A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\AsIO.sys [12400] O44 - LFC:[MD5.ADAA34740E9F6AFF94CC75D5CF8ED7E2] - 07/10/2010 - 18:11:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\AsInsHelp32.sys [10216] O44 - LFC:[MD5.EDAA17CE771C696655B6585F7CAD2100] - 07/10/2010 - 18:11:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\AsInsHelp64.sys [11832] O44 - LFC:[MD5.802B396DA15FA19B9E61A79FE72AFA7A] - 07/10/2010 - 18:03:29 ---A- . (.QSound Labs, Inc. - Pas de description.) -- C:\Windows\System32\nQPropPageExt.dll [76288] O44 - LFC:[MD5.2D22147613929641BDB2A35A4CB36C2D] - 07/10/2010 - 18:03:29 ---A- . (.QSound Labs, Inc. - nQ APO.) -- C:\Windows\System32\nQAPO.dll [71680] O44 - LFC:[MD5.C7C2A6B64608FF71B87CAB42375D6F1B] - 07/10/2010 - 18:03:29 ---A- . (.VIA Technologies, Inc. - DTS Surround Sensation Control Page.) -- C:\Windows\System32\Dts2PropPageExt.dll [75776] O44 - LFC:[MD5.A6CAB31A6CFCD41E5213A924B2413EF1] - 07/10/2010 - 18:03:29 ---A- . (.VIA Technologies, Inc. - VIA High Definition Audio Function Driver.) -- C:\Windows\System32\drivers\viahduaa.sys [1067008] O44 - LFC:[MD5.BA9CD6445E1A0A4535D7E49333FB674E] - 07/10/2010 - 18:03:29 ---A- . (.VIA Technologies, Inc. - VIA LFX/GFX DSP Component.) -- C:\Windows\System32\VIASysFx.dll [491008] O44 - LFC:[MD5.0F2279ED94156039E6F947F8D408555B] - 07/10/2010 - 18:03:29 ---A- . (.VIA Technologies, Inc. - VIA LFX/GFX DSP UI component.) -- C:\Windows\System32\VIAPropPageExt.dll [856064] O44 - LFC:[MD5.09A3B9A29F8239ACEB3526238735E97A] - 07/10/2010 - 18:03:29 ---A- . (.VIA Technologies,Inc. - VIA APO for MicArray Applications..) -- C:\Windows\System32\ViaMicArrayPropPageExt.dll [68608] O44 - LFC:[MD5.5E25D0897393859D30EB86F63CAC9C30] - 07/10/2010 - 18:03:29 ---A- . (.Windows ® Codename Longhorn DDK provider - DTS2 APO.) -- C:\Windows\System32\Dts2APO.dll [211456] O44 - LFC:[MD5.663E670F8E335FAE30F462546F278B32] - 07/10/2010 - 18:03:29 ---A- . (.Windows ® Codename Longhorn DDK provider - ViaMicArray APO.) -- C:\Windows\System32\ViaMicArrayAPO.dll [181248] O44 - LFC:[MD5.4F1B4CCA1572C6B67311FD86476375CD] - 07/10/2010 - 18:01:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\Ascd_tmp.ini [22682] O44 - LFC:[MD5.718FECF22BF4BD4FC05B79AA4BEC75D0] - 07/10/2010 - 18:01:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\Language_trs.ini [1769] O44 - LFC:[MD5.93723774872D9FB903266A46ED1E0BC2] - 21/09/2010 - 13:03:14 ---A- . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\LIVESSP.DLL [208768] O44 - LFC:[MD5.D7EF348243211296F0A7E38AC96EAB2A] - 01/09/2010 - 06:23:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PCProxyOff.ini [16] O44 - LFC:[MD5.BE8BA33597CE967BF07E268CA115CE19] - 01/09/2010 - 06:23:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PrivacyProvider.ini [1952] O44 - LFC:[MD5.AADFD9E4C32C9EFF933A64A5FE9D7F78] - 01/09/2010 - 06:17:03 --H-- . (.Pas de propriétaire - Pas de description.) -- C:\dvmexp.idx [177] O44 - LFC:[MD5.44B6E7FF5850BB9688168266FD203585] - 01/09/2010 - 06:14:21 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [20768] O44 - LFC:[MD5.44B6E7FF5850BB9688168266FD203585] - 01/09/2010 - 06:14:21 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [20768] O44 - LFC:[MD5.C756130463679FD9DAA95AB5CB7CC481] - 01/09/2010 - 06:06:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [560] O44 - LFC:[MD5.BEED3ACBB68180DE52D95C78A3454898] - 01/09/2010 - 06:06:55 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.2900000000000000000000000CEF1200] - 01/09/2010 - 06:05:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1326343] O44 - LFC:[MD5.0AF7946AD9B2E82058C6421EEC960FCF] - 11/08/2010 - 16:18:17 ---A- . (.Intel® Corporation - Pas de description.) -- C:\Windows\System32\ir32_32.dll [197632] O44 - LFC:[MD5.17A4BE67FB6B9219A802F39C263AC8AC] - 11/08/2010 - 16:18:17 ---A- . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll [82944] O44 - LFC:[MD5.2B2D0010FE955BAA4726B5086313D1A1] - 10/08/2010 - 04:15:58 ---A- . (.Apple Inc. - QuickTime Client DLL.) -- C:\Windows\System32\QuickTime.qts [69632] O44 - LFC:[MD5.36948F7FEFB02B8817E7F81633AB4121] - 10/08/2010 - 04:15:58 ---A- . (.Apple Inc. - QuickTimeVR DLL.) -- C:\Windows\System32\QuickTimeVR.qtx [94208] O44 - LFC:[MD5.B9C2EB1291BACAF8D979D7DF06D1E4EE] - 07/08/2010 - 15:38:20 ---A- . (.Neil Banfield - Animation Core.) -- C:\Windows\System32\anim.dll [33968] O44 - LFC:[MD5.CF295F9A323B1EC8B196E598636E78E4] - 07/08/2010 - 15:38:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\shfolder.inf [439] O44 - LFC:[MD5.4BAF561A4819F0EDF96C6FD903A5694F] - 07/08/2010 - 15:38:20 ---A- . (.Stardock Corporation - WindowBlinds : DirectSkin.) -- C:\Windows\System32\wbocx.ocx [544768] O44 - LFC:[MD5.7BDB3B1F1303F0370D7E4CE82AD73D37] - 07/08/2010 - 15:38:20 ---A- . (.Stardock.Net, Inc - WindowBlinds Helper DLL.) -- C:\Windows\System32\wbhelp2.dll [56496] O44 - LFC:[MD5.8E6BF8E8B78BA958B30B0C0E83C86C87] - 04/08/2010 - 01:21:44 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [6096384] O44 - LFC:[MD5.C20B3F98C05A85590645377135C8AC6F] - 04/08/2010 - 00:55:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\atiapfxx.blb [71096] O44 - LFC:[MD5.B4CAEDA66D83498CB5876BD02CF07D52] - 04/08/2010 - 00:55:02 ---A- . (.Advanced Micro Devices, Inc. - atiapfxx Application.) -- C:\Windows\System32\atiapfxx.exe [143360] O44 - LFC:[MD5.84759F7436CCF37552621B2846FE1744] - 04/08/2010 - 00:54:52 ---A- . (.ATI Technologies Inc. - aticfx32.dll.) -- C:\Windows\System32\aticfx32.dll [519680] O44 - LFC:[MD5.9E3019AF0CD29367B6CFCEE074672F4A] - 04/08/2010 - 00:52:06 ---A- . (.Advanced Micro Devices, Inc. - Graphics DEM.) -- C:\Windows\System32\ATIDEMGX.dll [450560] O44 - LFC:[MD5.89A79E165D6BB2E9848882B2C03AB2F5] - 04/08/2010 - 00:51:38 ---A- . (.AMD - AMD External Events Client Module.) -- C:\Windows\System32\atieclxx.exe [380928] O44 - LFC:[MD5.2A6C17DCF9138DE28CE141794484B128] - 04/08/2010 - 00:51:12 ---A- . (.AMD - AMD External Events Service Module.) -- C:\Windows\System32\atiesrxx.exe [176128] O44 - LFC:[MD5.B06E97F66D49682685858041F26C0E84] - 04/08/2010 - 00:50:08 ---A- . (.AMD - TMM Clone Control Module.) -- C:\Windows\System32\atitmmxx.dll [159744] O44 - LFC:[MD5.4BE7F9FDBCFC375FC8CC02CABC4ADCA8] - 04/08/2010 - 00:49:52 ---A- . (.ATI Technologies, Inc. - ATI Desktop CWDDEDI DLL.) -- C:\Windows\System32\atipdlxx.dll [356352] O44 - LFC:[MD5.41285186D6647DBD57A04BC603FE2891] - 04/08/2010 - 00:49:50 ---A- . (.Advanced Micro Devices, Inc. - ATI OpenGL driver.) -- C:\Windows\System32\atioglxx.dll [15845888] O44 - LFC:[MD5.1CF0F811EF5AEB46F9239BF249B3654A] - 04/08/2010 - 00:49:42 ---A- . (.ATI Technologies, Inc. - ATI Driver Interface DLL.) -- C:\Windows\System32\Oemdspif.dll [278528] O44 - LFC:[MD5.D9227881A32415B36E152EBCA3BCBCE6] - 04/08/2010 - 00:49:36 ---A- . (.AMD - Multi-language DPPE DLL.) -- C:\Windows\System32\atimuixx.dll [11776] O44 - LFC:[MD5.FAE6C8E11AF14655E40BB171BB677D63] - 04/08/2010 - 00:49:28 ---A- . (.ATI Technologies, Inc. - ati2edxx.) -- C:\Windows\System32\ati2edxx.dll [43520] O44 - LFC:[MD5.22F8EFCA8E4CACD3FA90CDB323992F50] - 04/08/2010 - 00:46:34 ---A- . (.ATI Technologies Inc. - atidxx32.dll.) -- C:\Windows\System32\atidxx32.dll [3899392] O44 - LFC:[MD5.DC5B876E02BCEEDCC4F0667C5A2BA583] - 04/08/2010 - 00:28:28 ---A- . (.ATI Technologies Inc. - atiumdag.dll.) -- C:\Windows\System32\atiumdag.dll [4021760] O44 - LFC:[MD5.B3B1E8C978EF8BBCBAA8B8D523B37A09] - 04/08/2010 - 00:26:02 ---A- . (.Advanced Micro Devices Inc. - ATI CAL runtime.) -- C:\Windows\System32\aticalrt.dll [46080] O44 - LFC:[MD5.6B4B88F6BDF5664FB1B65F35CB922194] - 04/08/2010 - 00:25:52 ---A- . (.Advanced Micro Devices Inc. - ATI CAL compiler runtime.) -- C:\Windows\System32\aticalcl.dll [44032] O44 - LFC:[MD5.ED9DACC7A4B3CA1EFB9DAC71BAAB902E] - 04/08/2010 - 00:24:36 ---A- . (.Advanced Micro Devices Inc. - ATI CAL DD.) -- C:\Windows\System32\aticaldd.dll [4341248] O44 - LFC:[MD5.EDDDD74EE748FA00C666A77314B51B8D] - 04/08/2010 - 00:23:44 ---A- . (.AMD - CoInstaller DLL.) -- C:\Windows\System32\coinst.dll [65536] O44 - LFC:[MD5.3E7E840BF361ECE88662E8C7A5E529C5] - 04/08/2010 - 00:21:40 ---A- . (.Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) -- C:\Windows\System32\atiumdva.dll [3324416] O44 - LFC:[MD5.FD929ADE0294D068D0263FD2958DFAA2] - 04/08/2010 - 00:21:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\atiumdva.cap [523968] O44 - LFC:[MD5.AE76C0223C0BAFBADAED79969C08CCE4] - 04/08/2010 - 00:16:08 ---A- . (.Advanced Micro Devices, Inc. - ADL.) -- C:\Windows\System32\atiadlxx.dll [241664] O44 - LFC:[MD5.90BA86D735B42505DB5E5001BC0C927C] - 04/08/2010 - 00:15:56 ---A- . (.Advanced Micro Devices, Inc. - atiglpxx.dll.) -- C:\Windows\System32\atiglpxx.dll [12800] O44 - LFC:[MD5.D13DE37DEBE2DAF982AFBBEDA4EB8CEF] - 04/08/2010 - 00:15:50 ---A- . (.Advanced Micro Devices, Inc. - atigktxx.dll.) -- C:\Windows\System32\atigktxx.dll [16896] O44 - LFC:[MD5.31DE9B1CEAA9E25B141232F7F1443239] - 04/08/2010 - 00:15:30 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys [214016] O44 - LFC:[MD5.71BFF0E03957F59A50A87C0CD40F3E1A] - 04/08/2010 - 00:15:04 ---A- . (.Advanced Micro Devices, Inc. - atiuxpag.dll.) -- C:\Windows\System32\atiuxpag.dll [30208] O44 - LFC:[MD5.0AE1AE9D94540F2201C841835A94A9BB] - 04/08/2010 - 00:14:50 ---A- . (.Advanced Micro Devices, Inc. - atiu9pag.dll.) -- C:\Windows\System32\atiu9pag.dll [27648] O44 - LFC:[MD5.4517B8DD31854C85E18E6AE9402C5574] - 04/08/2010 - 00:14:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\atitmpxx.dll [23040] O44 - LFC:[MD5.3C6565BF11A6DF8069E067AB14C04CC7] - 04/08/2010 - 00:14:14 ---A- . (.ATI Technologies Inc. - eRecord Message Resource File.) -- C:\Windows\System32\drivers\ati2erec.dll [53248] O44 - LFC:[MD5.57026A11BE27683B7C4D11DB25F5A18F] - 04/08/2010 - 00:09:24 ---A- . (.Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) -- C:\Windows\System32\amdpcom32.dll [52736] O44 - LFC:[MD5.57026A11BE27683B7C4D11DB25F5A18F] - 04/08/2010 - 00:09:24 ---A- . (.Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) -- C:\Windows\System32\atimpc32.dll [52736] ---\\ Déni du service (Local Security Authority) (LSA) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll ---\\ MountPoints2 Shell Key (MPSK) (O51) O51 - MPSK:{9c913428-268a-11df-9683-002618f2e45c}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\LaunchU3.exe ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\xvidvfw.dll O52 - TDSD: \Drivers32\"VIDC.YV12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\System32\ac3acm.acm O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\Windows\System32\lameACM.acm O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ff_vfw.dll O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec 1.2.2" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.98.2" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\System32\ac3acm.acm O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ff_vfw.dll O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.9.2 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.) ---\\ ShareTools MSconfig StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\Acrobat Assistant 7.0 [Key] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe O53 - SMSR:HKLM\...\startupreg\DivXUpdate [Key] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe O53 - SMSR:HKLM\...\startupreg\IntelliPoint [Key] . (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe O53 - SMSR:HKLM\...\startupreg\ITSecMng [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe O53 - SMSR:HKLM\...\startupreg\itype [Key] . (.Microsoft Corporation - IType.exe.) -- C:\Program Files\Microsoft IntelliType Pro\itype.exe O53 - SMSR:HKLM\...\startupreg\Malwarebytes Anti-Malware (reboot) [Key] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe O53 - SMSR:HKLM\...\startupreg\Malwarebytes' Anti-Malware [Key] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe O53 - SMSR:HKLM\...\startupreg\PC Suite Tray [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O53 - SMSR:HKLM\...\startupreg\updateMgr [Key] . (.Adobe Systems Incorporated - Adobe Update Manager.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoActiveDesktop"=0 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys O58 - SDL:[MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - 14/07/2009 - 02:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys O58 - SDL:[MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys O58 - SDL:[MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - 14/07/2009 - 02:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys O58 - SDL:[MD5.2101A86C25C154F8314B24EF49D7FBC2] - 14/07/2009 - 02:26:15 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys O58 - SDL:[MD5.EA43AF0C423FF267355F74E7A53BDABA] - 14/07/2009 - 02:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\system32\drivers\amdsbs.sys O58 - SDL:[MD5.B81C2B5616F6420A9941EA093A92B150] - 14/07/2009 - 02:26:15 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys O58 - SDL:[MD5.F0B673589B3D371008A1539F9AE13EF4] - 08/12/2009 - 16:06:09 ---A- . (.SlySoft, Inc. - AnyDVD Filter Driver.) -- C:\Windows\system32\drivers\AnyDVD.sys O58 - SDL:[MD5.2932004F49677BD84DBC72EDB754FFB3] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys O58 - SDL:[MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys O58 - SDL:[MD5.CBE71C122434805CB73FFB6619F60598] - 16/07/2009 - 04:36:30 ---A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\system32\drivers\ASACPI.sys O58 - SDL:[MD5.ADAA34740E9F6AFF94CC75D5CF8ED7E2] - 04/01/2008 - 12:34:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\AsInsHelp32.sys O58 - SDL:[MD5.EDAA17CE771C696655B6585F7CAD2100] - 04/01/2008 - 12:34:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\AsInsHelp64.sys O58 - SDL:[MD5.2B4E66FAC6503494A2C6F32BB6AB3826] - 17/12/2007 - 10:14:06 R--A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\AsIO.sys O58 - SDL:[MD5.19166026A93206F9C6A8CD3A1F010AE4] - 02/04/2009 - 13:30:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\ASUSHWIO.SYS O58 - SDL:[MD5.40A07E6916AC098E31A9E39AC202B8A1] - 30/09/2009 - 15:33:56 ---A- . (.ATI Technologies, Inc. - ATI High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\AtiHdmi.sys O58 - SDL:[MD5.8E6BF8E8B78BA958B30B0C0E83C86C87] - 04/08/2010 - 01:21:44 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys O58 - SDL:[MD5.31DE9B1CEAA9E25B141232F7F1443239] - 04/08/2010 - 00:15:30 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\system32\drivers\atikmpag.sys O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 05/03/2010 - 19:40:01 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys O58 - SDL:[MD5.BD8869EB9CDE6BBE4508D869929869EE] - 14/07/2009 - 23:02:49 ---A- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\Windows\system32\drivers\b57nd60x.sys O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 14/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 14/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys O58 - SDL:[MD5.845B8CE732E67F3B4133164868C666EA] - 14/07/2009 - 01:57:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 14/07/2009 - 23:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 14/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 14/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys O58 - SDL:[MD5.0F249BE872F618AABA8D641E81AA3D21] - 07/08/2009 - 04:29:16 ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\Windows\system32\drivers\btaudio.sys O58 - SDL:[MD5.CE441CCD98C5ECB10CB12FCAF97322EC] - 08/01/2009 - 23:39:36 ---A- . (.IVT Corporation. - Bluetooth HID BUS Driver.) -- C:\Windows\system32\drivers\BtHidBus.sys O58 - SDL:[MD5.D84166D41A05F66D9084039427E5025B] - 07/08/2009 - 04:29:16 ---A- . (.Broadcom Corporation. - Bluetooth Bus Enumerator.) -- C:\Windows\system32\drivers\btkrnl.sys O58 - SDL:[MD5.D3C277A51EF9E2EC972D6221F99C0B6D] - 07/12/2008 - 12:44:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\btnetBus.sys O58 - SDL:[MD5.07F0A66CFA550B13AD0674AE09E3CBA0] - 07/08/2009 - 04:29:16 ---A- . (.Broadcom Corporation. - Bluetooth BTPORT Driver for Windows 2000.) -- C:\Windows\system32\drivers\btport.sys O58 - SDL:[MD5.B1D350F3F13CF340FCE93912D2BA1EBF] - 07/08/2009 - 04:29:16 ---A- . (.Broadcom Corporation. - Bluetooth LAN Access Server Driver.) -- C:\Windows\system32\drivers\btwdndis.sys O58 - SDL:[MD5.1BCC81071C25C34DE0621FFD8C4F925E] - 07/08/2009 - 04:29:16 ---A- . (.Broadcom Corporation. - Bluetooth Virtual HID Minidriver.) -- C:\Windows\system32\drivers\btwhid.sys O58 - SDL:[MD5.A01FD9851406DE0870C23759E2F7B6EA] - 07/08/2009 - 04:29:16 ---A- . (.Broadcom Corporation. - Driver for Bluetooth USB Devices.) -- C:\Windows\system32\drivers\btwusb.sys O58 - SDL:[MD5.1A231ABEC60FD316EC54C66715543CEC] - 14/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbdx.sys O58 - SDL:[MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - 14/07/2009 - 02:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys O58 - SDL:[MD5.8B30250D573A8F6B4BD23195160D8707] - 14/07/2009 - 02:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys O58 - SDL:[MD5.AF82DC664E3D8E2CBA3B95E68F6448A7] - 16/11/2009 - 08:56:12 ---A- . (.ESET - Amon monitor.) -- C:\Windows\system32\drivers\eamon.sys O58 - SDL:[MD5.686A799C1BF1B18941994DAF9F45DB06] - 16/11/2009 - 09:03:36 ---A- . (.ESET - ESET Helper driver.) -- C:\Windows\system32\drivers\ehdrv.sys O58 - SDL:[MD5.76CAD4F1291990FC47824B845032E997] - 26/09/2009 - 18:57:34 ---A- . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) -- C:\Windows\system32\drivers\ElbyCDIO.sys O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys O58 - SDL:[MD5.8700EADC8BDFA27D948FCC43EE0AE434] - 18/12/2009 - 15:02:26 ---A- . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\system32\drivers\epfwwfpr.sys O58 - SDL:[MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - 14/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbdx.sys O58 - SDL:[MD5.007AEA2E06E7CEF7372E40C277163959] - 11/07/2010 - 16:07:24 ---A- . (.Sony Ericsson Mobile Communications - SEMC USB Flash Driver Filter.) -- C:\Windows\system32\drivers\ggflt.sys O58 - SDL:[MD5.C73DE35960CA75C5AB4AE636B127C64E] - 11/07/2010 - 16:07:24 ---A- . (.Sony Ericsson Mobile Communications - SEMC USB Flash Driver.) -- C:\Windows\system32\drivers\ggsemc.sys O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 14/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys O58 - SDL:[MD5.295FDC419039090EB8B49FFDBB374549] - 14/07/2009 - 02:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys O58 - SDL:[MD5.934AF4D7C5F457B9F0743F4299B77B67] - 14/07/2009 - 02:20:36 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStorV.sys O58 - SDL:[MD5.4173FF5708F3236CF25195FECD742915] - 14/07/2009 - 02:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys O58 - SDL:[MD5.71E1FC547CC488D5CD7BF0860C96F5AF] - 02/07/2008 - 14:58:48 ---A- . (.IVT Corporation. - IVT Bluetooth Bus Device Driver.) -- C:\Windows\system32\drivers\IvtBtBus.sys O58 - SDL:[MD5.151D8C22A57025D0619D9ED452A4F1FF] - 18/03/2010 - 10:00:56 ---A- . (.Logitech, Inc. - Logitech PS2 Keyboard Filter Driver..) -- C:\Windows\system32\drivers\L8042Kbd.sys O58 - SDL:[MD5.732AFC2D2643916CFA135130D2ADBC20] - 18/03/2010 - 10:01:04 ---A- . (.Logitech, Inc. - Logitech PS/2 Mouse Filter Driver..) -- C:\Windows\system32\drivers\L8042mou.Sys O58 - SDL:[MD5.713CD5267ABFB86FE90A72E384E82A38] - 23/09/2009 - 13:55:23 ---A- . (.Lavasoft AB - Boot Driver.) -- C:\Windows\system32\drivers\Lbd.sys O58 - SDL:[MD5.B68309F25C5787385DA842EB5B496958] - 18/03/2010 - 10:01:52 ---A- . (.Logitech, Inc. - Logitech HID Filter Driver..) -- C:\Windows\system32\drivers\LHidFilt.Sys O58 - SDL:[MD5.63D3B1D3CD267FCC186A0146B80D453B] - 18/03/2010 - 10:02:08 ---A- . (.Logitech, Inc. - Logitech Mouse Filter Driver..) -- C:\Windows\system32\drivers\LMouFilt.Sys O58 - SDL:[MD5.46F0396649101C27968089D127395980] - 18/03/2010 - 10:02:24 ---A- . (.Logitech, Inc. - Logitech Filter Driver for Mouse Class..) -- C:\Windows\system32\drivers\LMouKE.Sys O58 - SDL:[MD5.C0382C12B784394BF16C2D8F0F1F17DC] - 12/07/2010 - 16:44:30 ---A- . (.Logitech, Inc. - Logitech Non-Plug and Play Driver..) -- C:\Windows\system32\drivers\LNonPnP.sys O58 - SDL:[MD5.EB119A53CCF2ACC000AC71B065B78FEF] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys O58 - SDL:[MD5.8ADE1C877256A22E49B75D1CC9161F9C] - 14/07/2009 - 02:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys O58 - SDL:[MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys O58 - SDL:[MD5.0A036C7D7CAB643A7F07135AC47E0524] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys O58 - SDL:[MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\system32\drivers\megasas.sys O58 - SDL:[MD5.DCBAB2920C75F390CAF1D29F675D03D6] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys O58 - SDL:[MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - 14/07/2009 - 02:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys O58 - SDL:[MD5.3F3D04B1D08D43C16EA7963954EC768D] - 14/07/2009 - 02:20:44 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys O58 - SDL:[MD5.C99F251A5DE63C6F129CF71933ACED0F] - 14/07/2009 - 02:20:44 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys O58 - SDL:[MD5.AB95ECF1F6659A60DDC166D8315B0751] - 14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys O58 - SDL:[MD5.B4DD51DD25182244B86737DC51AF2270] - 14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys O58 - SDL:[MD5.E205C313417DA6FA7AFE85912A310A65] - 16/02/2007 - 01:56:49 ---A- . (.Elaborate Bytes AG - Elby Delay Lower Filter Driver.) -- C:\Windows\system32\drivers\RegKill.sys O58 - SDL:[MD5.D5EDE44CA85899E0478208C8413C1C31] - 23/06/2010 - 08:10:54 ---A- . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver.) -- C:\Windows\system32\drivers\Rt86win7.sys O58 - SDL:[MD5.7B7A157D6CC1EB77BC43E2AA23DAE600] - 19/04/2010 - 15:55:40 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\Windows\system32\drivers\RtsUStor.sys O58 - SDL:[MD5.594FF5620661D1386475406E78CB6F2F] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 Driver.) -- C:\Windows\system32\drivers\s0017bus.sys O58 - SDL:[MD5.3FA76516F21FC7CF04689834B2B7325E] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s0017cm.sys O58 - SDL:[MD5.3FA76516F21FC7CF04689834B2B7325E] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s0017cmnt.sys O58 - SDL:[MD5.5B1078D9E27DF63656C39449492AE3E9] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 USB Ethernet Emulation (WDM class reg.) -- C:\Windows\system32\drivers\s0017cr.sys O58 - SDL:[MD5.7258F550419D543BC5C8E80C578A5D54] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 USB WMC Modem Filter Driver.) -- C:\Windows\system32\drivers\s0017mdfl.sys O58 - SDL:[MD5.1DE4F6607FEB17A15DBD4F1B139E6D2F] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 USB WMC Modem WDM Driver.) -- C:\Windows\system32\drivers\s0017mdm.sys O58 - SDL:[MD5.9814E6BACC06D2526CD52981C7EEEDF0] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 USB WMC Device Management Driver.) -- C:\Windows\system32\drivers\s0017mgmt.sys O58 - SDL:[MD5.2C62CD58225973F26682CD4F783DDEDE] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 USB Ethernet Emulation (NDIS 5 Minipo.) -- C:\Windows\system32\drivers\s0017nd5.sys O58 - SDL:[MD5.F87C3422E84B2FB1B43E0A26247AD5A5] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 USB WMC OBEX Interface Device Driver.) -- C:\Windows\system32\drivers\s0017obex.sys O58 - SDL:[MD5.DF5E7360A0AFA5956BF75DA683D0679F] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 USB Ethernet Emulation.) -- C:\Windows\system32\drivers\s0017unic.sys O58 - SDL:[MD5.985E0A43CF844A573FF254C847AD0BA9] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s0017wh.sys O58 - SDL:[MD5.985E0A43CF844A573FF254C847AD0BA9] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s0017whnt.sys O58 - SDL:[MD5.1C5C2CB892553D2CF3F45A4BB323FCD6] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Sony Ericsson Device 1018 Driver.) -- C:\Windows\system32\drivers\s1018bus.sys O58 - SDL:[MD5.2AB45CEDAA214125501A0C7F91E105A4] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s1018cm.sys O58 - SDL:[MD5.2AB45CEDAA214125501A0C7F91E105A4] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s1018cmnt.sys O58 - SDL:[MD5.38F5EA219593F19B6B3A1B9C169E3B61] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Sony Ericsson Device 1018 USB WMC Modem Filter Driver.) -- C:\Windows\system32\drivers\s1018mdfl.sys O58 - SDL:[MD5.666AF6B64FC7DF92D3CA4819EA91631D] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Sony Ericsson Device 1018 USB WMC Modem WDM Driver.) -- C:\Windows\system32\drivers\s1018mdm.sys O58 - SDL:[MD5.F4CEDA6E2DDFF2AF8BD745615A7CA9C0] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Sony Ericsson Device 1018 USB WMC Device Management Driver.) -- C:\Windows\system32\drivers\s1018mgmt.sys O58 - SDL:[MD5.5DD0D936FD9E503C96B9D41A284F815E] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s1018wh.sys O58 - SDL:[MD5.5DD0D936FD9E503C96B9D41A284F815E] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s1018whnt.sys O58 - SDL:[MD5.72AECF54AAC22B20956D08610972B5A1] - 03/11/2010 - 22:38:38 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\Windows\system32\drivers\SBREDrv.sys O58 - SDL:[MD5.16B1ABE7F3E35F21DAC57592B6C5D464] - 09/11/2009 - 04:21:18 ---A- . (.PowerISO Computing, Inc. - PowerISO Virtual Drive.) -- C:\Windows\system32\drivers\scdemu.sys O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/07/2009 - 21:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys O58 - SDL:[MD5.E5B56569A9F79B70314FEDE6C953641E] - 11/07/2010 - 16:08:28 ---A- . (.Sony Ericsson Mobile Communications - seehcri Driver.) -- C:\Windows\system32\drivers\seehcri.sys O58 - SDL:[MD5.A9F0486851BECB6DDA1D89D381E71055] - 14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys O58 - SDL:[MD5.3727097B55738E2F554972C3BE5BC1AA] - 14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys O58 - SDL:[MD5.F92254B0BCFCD10CAAC7BCCC7CB7F467] - 12/11/2009 - 12:48:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\StarOpen.sys O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys O58 - SDL:[MD5.2C15B4856F929AC7DD144044D8334B54] - 25/03/2008 - 12:54:02 ---A- . (.TOSHIBA Corporation - TOSHIBA Bluetooth Port Emulation Driver.) -- C:\Windows\system32\drivers\tosporte.sys O58 - SDL:[MD5.6750328AB04AE5FAF01403A575D66978] - 06/10/2008 - 16:56:38 ---A- . (.TOSHIBA CORPORATION - Bluetooth RF Bus Driver.) -- C:\Windows\system32\drivers\tosrfbd.sys O58 - SDL:[MD5.45A0FD8D566E7C44B2FC340CBD6672D0] - 03/03/2009 - 14:42:56 ---A- . (.TOSHIBA Corporation - Bluetooth RFBNEP Driver.) -- C:\Windows\system32\drivers\tosrfbnp.sys O58 - SDL:[MD5.C281D231BA7BC7955D39EA9E21374EFF] - 19/02/2009 - 15:20:10 ---A- . (.TOSHIBA Corporation - Bluetooth RFCOMM Driver.) -- C:\Windows\system32\drivers\tosrfcom.sys O58 - SDL:[MD5.592CD9C8AB08EF02EA53905D30FB157E] - 05/03/2009 - 10:03:16 ---A- . (.TOSHIBA Corporation. - Bluetooth HID Driver from TOSHIBA.) -- C:\Windows\system32\drivers\Tosrfhid.sys O58 - SDL:[MD5.0F3FD4F55175CAEDDCE9EFD6C5CA45D3] - 12/03/2009 - 10:33:08 ---A- . (.TOSHIBA Corporation. - Bluetooth BNEP Driver.) -- C:\Windows\system32\drivers\tosrfnds.sys O58 - SDL:[MD5.5C4DDC4C3596DDB742E5BADEEE914EA0] - 03/03/2009 - 14:43:58 ---A- . (.TOSHIBA Corporation - Bluetooth Audio Driver (WDM).) -- C:\Windows\system32\drivers\TosRfSnd.sys O58 - SDL:[MD5.8688938B6D2A7EC8037A8B3AE1ADCE2B] - 10/03/2009 - 15:31:52 ---A- . (.TOSHIBA CORPORATION - Bluetooth USB Miniport Driver.) -- C:\Windows\system32\drivers\tosrfusb.sys O58 - SDL:[MD5.A6CAB31A6CFCD41E5213A924B2413EF1] - 10/07/2009 - 04:04:42 ---A- . (.VIA Technologies, Inc. - VIA High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\viahduaa.sys O58 - SDL:[MD5.E43574F6A56A0EE11809B48C09E4FD3C] - 14/07/2009 - 02:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys O58 - SDL:[MD5.9DFA0CC2F8855A04816729651175B631] - 14/07/2009 - 02:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\ANSI.SYS O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 22:40:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\country.sys O58 - SDL:[MD5.77EBF3E9386DAA51551AF429052D88D0] - 03/04/1996 - 20:33:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\giveio.sys O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 22:40:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\HIMEM.SYS O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 22:40:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEY01.SYS O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 22:40:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEYBOARD.SYS O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 22:40:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS.SYS O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 22:40:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS404.SYS O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 22:40:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS411.SYS O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 22:40:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS412.SYS O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 22:40:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS804.SYS O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 22:40:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO.SYS O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 22:40:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO404.SYS O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 22:40:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO411.SYS O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 22:40:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO412.SYS O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 22:40:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO804.SYS O58 - SDL:[MD5.5D6401DB90EC81B71F8E2C5C8F0FEF23] - 24/09/2006 - 14:28:46 ---A- . (.Windows ® 2000 DDK provider - SpeedFan Device Driver.) -- C:\Windows\system32\speedfan.sys O58 - SDL:[MD5.58997182304759F46902A62128D44D5C] - 16/12/2009 - 22:29:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\WinVd32.sys ---\\ Liste des outils de nettoyage (LATC) (O63) O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ---\\ Observateur d'évènement d'application (OEA) (O66) O66 - EventLog: ID=1000 (Application Error) - (.Megaupload Limited - Mega Manager.) -- C:\Program Files\Megaupload\Mega Manager\MegaManager.exe O66 - EventLog: ID=1000 (Application Error) - (.Pas de propriétaire - Pas de description.) -- C:\Windows\Explorer.EXE O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Windows Live Communications Platform.) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe O66 - EventLog: ID=1000 (Application Error) - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\VideoLAN\VLC\vlc.exe O66 - EventLog: ID=1000 (Application Error) - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\system32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKLM\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\system32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\mo\AppData\Local\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (SBI) (O69) O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.cbid", "QC"); O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.default-channel-url-mask", "http://fr.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}"'>http://fr.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}"); O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.first-launch-url", "http://g.msn.com/5mefr_fr/11"); O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.fresh-install", false); O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.l", "dis"); O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.last-config-req", "1288811956305"); O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.locale", "fr_FR"); O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.o", "102408"); O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.options-lang", "fr"); O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.options-locale", "UK"); O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.overlay-reloaded-using-restart", true); O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.qsrc", "2871"); O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.r", "2"); O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.search-suggestions-enabled", true); O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {AE7F6473-3AA7-4289-8D63-8BF32144F511} [DefaultScope] - (Google) - Google O69 - SBI: SearchScopes [HKCU] {E9ED43AD-DA41-4cdc-8FE9-D8C5B8443976} - (SpeedBit Search) - SpeedBit Search ---\\ Recherche des services démarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [62464] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [168448] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [591360] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [667136] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [473088] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [285184] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [75264] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [49664] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [300544] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [241664] O83 - Search Svchost Services: UxTuneUp (UxTuneUp) . (.TuneUp Software - TuneUp Theme Extension.) -- C:\Windows\System32\uxtuneup.dll [30024] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [543232] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [1912832] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [589312] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [328192] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [497152] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [21504] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [46592] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [114688] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [49664] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [61440] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [98304] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [162816] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [743424] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [71168] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\system32\sessenv.dll [99328] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [168960] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [102400] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [37376] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [76800] O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [149504] ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 29/11/2009 69632 | C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe SR - | Auto 04/08/2010 176128 | C:\Windows\system32\atiesrxx.exe (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe SR - | Auto 02/04/2009 90112 | C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (AsSysCtrlService) . (.Pas de propriétaire.) - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe SS - | Auto 02/04/2009 0 | C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (BlueSoleil Hid Service) . (.Pas de propriétaire.) - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe SR - | Auto 11/11/2006 266295 | C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe SS - | Demand 16/11/2009 20680 | C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (EhttpSrv) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe SR - | Auto 16/11/2009 735960 | C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe SS - | Auto 24/02/2010 135664 | C:\Program Files\Google\Update\GoogleUpdate.exe (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 23/12/2009 182768 | C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Demand 03/11/2010 1181328 | C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Ad-Aware Service) . (.Lavasoft.) - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe SR - | Auto 20/11/2009 73728 | C:\Program Files\Common Files\LightScribe\LSSrvc.exe (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe SS - | Demand 12/09/2010 251248 | C:\Program Files\ma-config.com\maconfservice.exe (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe SR - | Auto 29/04/2010 304464 | C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe SS - | Auto 16/03/2010 813056 | C:\Program Files\The Cleaner\mhelper.exe (moohelp) . (.MooSoft Development LLC.) - C:\Program Files\The Cleaner\mhelper.exe SS - | Disabled 23/09/2009 935208 | C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe SR - | Auto 06/09/2009 71096 | C:\Program Files\CDBurnerXP\NMSAccessU.exe (NMSAccessU) . (.Pas de propriétaire.) - C:\Program Files\CDBurnerXP\NMSAccessU.exe SR - | Auto 30/04/2009 90112 | C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe (OMSI download service) . (.Pas de propriétaire.) - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe SR - | Demand 26/01/2010 2740224 | C:\Windows\system32\PrivacyProvider.exe (PrivacyProvider) . (.Pas de propriétaire.) - C:\Windows\system32\PrivacyProvider.exe SS - | Auto 26/01/2010 0 | C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWindServiceAE) . (.Pas de propriétaire.) - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe SS - | Demand 26/01/2010 0 | C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp.Defrag) . (.Pas de propriétaire.) - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe SR - | Auto 20/04/2010 1050440 | C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe SR - | Auto 14/07/2009 20992 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) - C:\Windows\System32\svchost.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover Run by mo at 01/09/2010 07:36:50 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys 1 ntkrnlpa!IofCallDriver[0x83075458] -> \Device\Harddisk0\DR0[0x86634030] 3 CLASSPNP[0x8B77F59E] -> ntkrnlpa!IofCallDriver[0x83075458] -> [0x864E2918] 5 ACPI[0x8B2BB3B2] -> ntkrnlpa!IofCallDriver[0x83075458] -> \Device\Ide\IdeDeviceP2T0L0-2[0x864D5030] kernel: MBR read successfully user & kernel MBR OK ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) MBRCheck, version 1.2.3 by ad13, http://ad13.geekstog Run by mo at 01/09/2010 07:36:54 Dump file Name : C:\Program Files\ZHPDiag\MBRDump_09-01-10_07-36-54_PhysicalDrive0.bin ---\\ Infection BT - BHO/Toolbar (Possible) O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE} [HKCU\Software\Ask.com] O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.default-channel-url-mask", "http://fr.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}"); End of the scan (1254 lines in 01mn 13s)(0)
×
×
  • Créer...